Last month, my wife was contacted by a phisher, mascaraing as someone from social security. This threat actor made an attempt to obtain her social security number using the threat of fraud investigation to verify her social security number. Because of my background in security, I was able to act quickly to prevent her from compliance and educated her on the phish attack. For many people, this ends in far less positive outcomes because there is not enough education and prevention out there. The majority of organizations will never request or disclose personal identifiable information (PII) and will only communicate via secure encrypted email or over traditional mail services. They will request an in person visit. For more information on securing your private information, visit: How to protect your personal information Caller ID is less reliable due to caller ID spoofing. This in part can be avoided by maintaining an address book in conjunction with a good call blocking service.
The majority of telecom providers offer programmable call blocking services, most of these operate with a programmable blacklist/whitelist. There are also third-party options on the device App Store. This function acts in many ways similar to malware detection and prevention. These features are also available as an add-on for a landline that blocks on a hardware level at the home or business demarcation point. This is slowly phasing out as more and more people are migrating to VoIP solutions or cellular based services. For more information on Caller ID spoofing, visit: howtogeek Dont trust caller id More information on call blocking at FCC Call blocking More information on call blocking for landlines at FCC Do not call list Opinion The best approach to handling telemarketers is a zero-trust approach, sellers you wish to do business with should be in your address book for ease of verification. Automated calling can potentially be used to gather recorded voice prompts as a potential persistent attack to gather voice commands to use on voice prompt services. These calls may also be used to verify the contact number is active and accepting calls. If you can avoid not answering a call or push it to voicemail, do it. Make sure you monitor your voicemail in the event a trusted contact is contacting you from a different contact source. Stay safe out there! ~Neumiller
Vishing attacks spoof Amazon to try to steal your credit card information
