Friday, November 16, 2012


Got a phishing phone call this morning from somebody with a pronounced Indian accent wanting to fix my security code in my Windows™ operating system. 

I don't run Windows™ I said, and if I did, I wouldn't be giving out any information, nor taking any from some dweeb calling me on the phone, because that's not how security breaches are addressed, and if you don't know what my computer OS is? You are a liar.

He hung up on me. 

How rude ... 

A word to those of you who might not know this: You aren't going to get an email or phone call from your bank, internet service provider, computer company, or software maker asking you to give out personal information because they are trying to protect you. 

Anybody who does that is trying to rob you. Tell them nothing. 

We're not just talking about the guy from Nigeria who wants to send you ten million bucks, nor the one who tells you that you won the Spanish lottery even though you never entered it. Some of the emails look legitimate, there will be the company logo and all, and sometimes, the grammar will actually be mostly correct. 

Sometimes the giveaway is really funny. An official-looking email from Comcast™, telling your that your security has been breached and you need to send in your password so they can check it further: "Please to remit password for additional verifications please ..."

The folks at BoA or Citibank or Wells Fargo don't talk that way.

If your Caller ID says "Private?" Or even if it offers the name of a company? Don't go there. You can legally spoof Caller ID in most places, there are programs you can get to do it, and if there are security breaches of your OS, you can bet there will be notices on the net and in the local news. Reputable companies will never ask you for this stuff this way. Don't click on anything, put it straight into the trash and secure empty it right now. 

1 comment:

Cliff said...

OCCASIONALLY, a bank may call you for a legitimate reason...

If you ever have a question about someone calling you, ask for their name/extension, hang up, and call back AT THE PHONE NUMBER YOU HAVE ON FILE (e.g., in the phone book). DO NOT CALL BACK TO A NUMBER THEY GIVE YOU.

Any bank or security-sensitive company will understand and accommodate you.