Phishers on the phone

Phishers are moving from email to the phone to try to steal banking and other personal information. A new batch of emails purporting to come from Paypal give out a telephone number for members to call to verify their data. Other scammers have even missed out the email altogether: victims receive a telephone call out of the blue from someone who knows their credit card number, and wants them to confirm the security code on the back: clearly a way to get around this new security feature in the system.

"Hackers are moving away from the Web and using something victims are more comfortable with: making a call," said Paul Henry, vice president of technology evangelism at Secure Computing. [I *want* his job title!] "Consumers are programmed to enter in information on the phone. It's a natural evolution of phishing."

Callees and email recipients should beware: the phishers are getting more sophisticated. Many phishing emails now contain the recipient's real name rather than being addressed to "Dear valued customer" or similar. And, ironically, in an attempt to appear genuine, some phishing emails now contain warnings against giving your personal information to unverified parties: that, at least, is something the scammers have got right.