Risk: Low
Customers of the Santa Barbara Bank & Trust in America, along with PayPal customers throughout the world, have recently been targeted by phishers who email them prompting them to call a number to verify their account details.
The email to Santa Barbara Bank & Trust customers reads as follows:
Dear Customer,
We've noticed that you experienced trouble logging into Santa Barbara Bank & Trust Online Banking.
After three unsuccessful attempts to access your account, your Santa Barbara Bank & Trust Online Profile has been locked. This has been done to secure your accounts and to protect your private information. Santa Barbara Bank & Trust is committed to make sure that your online transactions are secure.
Call this phone number (1-805-XXX-XXXX) to verify your account and your identity.
Sincerely,
Santa Barbara Bank & Trust Inc.
Online Customer Service
Interestingly, the voicemail does not mention the bank's name, which may indicate that it is being used for multiple cases of fraud.
PayPal users have fallen victim to a slightly more sophisticated email scam, which asks them to call a number to verify their account details, stating that PayPal believes that their account may have been compromised. If incorrect card details are entered, a request for re-entry is made, further enhancing the legitimacy of the fraudulent telephone number.
You can see a screenshot of the PayPal phishing email at http://www.sophos.com/pressoffice/news/articles/2006/07/paypalvox.html, where you can also listen to a WAV recording of the phone message.
Voice phishing, being termed as 'vishing', is an emerging scamming method and unfortunately, news of new attacks seem to be surfacing more frequently. Many people do not suspect that they may be scammed via a phone call, which may be one explanation for scams' success to date.