- Verify unexpected phone requests in ways that aren’t connected to the incoming phone call. For example, use an official directory and another phone to call the company’s main office and ask to speak with the caller who is making the request.
- Be very suspicious of any caller who asks you to share login information over the phone.
- If a caller asks you to provide account data or personally identifiable information, refuse to do so — and report the contact to your service desk.
Vcpi will never call you to request that you change logins, passwords, or network settings. Any caller who makes this type of request is probably a scammer. Refuse the request and notify your service desk.
Keep these tips in mind the next time the phone rings.
- Be aware – Knowing how these thieves operate can help you from getting scammed. Always remember that a legitimate business doesn’t make unsolicited requests for personal, sensitive, or financial information. Anyone who does this over the phone is probably trying to scam you.
- Look at the caller ID – Some scammers are using numbers that don’t exist, such as 1-800-123-112234
- Don’t five in to pressure – If someone tries to coerce you into giving them sensitive information, hang up.
- Don’t answer phone calls from unknown numbers – It is tempting to answer calls from unknown numbers. You might think, ‘What if it’s an emergency and someone needs me?’ Be aware that anyone who’s calling you with a real emergency will leave a message.
- Stay calm and don’t panic – Since these criminals frequently play on your emotions keep a cool head, give them zero information, and hang up the phone.
- Call them back – Since it is someone you have a business relationship with, call them back at the number you usually use to verify it is them.
- Be skeptical at all times – Even if your Caller ID gives the name of a bank, charity, or some other company or organization, it could be a trick.
Mark Schafer CISSP, CISM
Chief Information Security Officer