Phishing scammers are adding voice over IP (VoIP) technology to their mix and ensnaring victims over the phone. In phishing schemes, scammers send an email impersonating from Paypal or a high profile bank. They usually mention that your account is about to expire or they detected fraudulant activity and ask you to log into a site to correct the info. The site you are referred to looks just like Paypal’s or the bank’s website, but it’s not affiliated with the company. When you log in, you effectively hand over your username, password, and any other sensitive data you input directly to the scammer.

In vishing schemes, scammers call up random numbers, provide a fake 1-800 number, and ask you to call to confirm your credit card information and other account details. They set up these numbers through Skype, Vonage, and other VoIP providers. They can even spoof the caller id to make it look like they’re really from the institution they report to be from.

The CIO Blog warns

customers should be highly suspicious of any phone or e-mail contact that does not use their first and surnames, and should never dial a call-return number or reply to an e-mail regarding any financial matter.

I’ve always been cautious to give out my credit card number over the phone. These latest reports of “vishing” are just scary. It seems there’s nothing you can do to protect yourself other than be extremely cautious. At least with the internet, you can run a whois search on sites that seem sketchy. With the phone, how can you double check?