Spyware, Viruses, & Security forum

General discussion

Have you ever been the victim of a phishing or vishing scam?

by Lee Koo (ADMIN) CNET staff/forum admin / April 25, 2008 4:55 AM PDT
Poll: Have you ever been the victim of a phishing (e-mail) or vishing (phone) scam?

- Yes, once (Tell us about it.)
- Yes, more than once (Tell us about it.)
- No (Any tips you care to share?)
- I'm not sure what phishing or vishing is
- I don't know

If you?ve ever been phished or vished, please share your experience with us and let us know how it happened to you. Please include the process you had to go through to go get it all resolved. This will tremendously help other victims who are in the process of dealing with this headache.

Post a reply
Discussion is locked
You are posting a reply to: Have you ever been the victim of a phishing or vishing scam?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Have you ever been the victim of a phishing or vishing scam?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
by BECCASWEB / April 25, 2008 9:29 AM PDT


Collapse -
Cell phone e-mails that indicate they are from AT&T
by milkmaid / April 25, 2008 1:32 PM PDT
In reply to: PHISHING

I had my e-mail blocked on my cell phone because third party venders were causing me to be charged to access my pay per e-mail AT&T Service. The e-mail indicated it was from AT&T e-mail - which is supposed to be free to AT&T Customers.

Collapse -
Phishing via the phone or email
by Joe Campbell / April 25, 2008 9:37 AM PDT

In Canada, at least in the Vancouver area, email phishing is commonplace: emails appear to come from one of the large banks (Royal Bank, Scotia Bank, Toront-Dominion Bank, etc.), "warning" the recipient that his banking information may have been compromised. He's then asked for personal information "for clarification purposes". I've reported these to my bank and have been told there's virtually nothing they can do about it. Super.

Collapse -
Every day garbage
by Zgringo / April 25, 2008 10:19 AM PDT

I have over 3,000 Phishing, Spam what-not email I've saved over the last few months. I've won billions of dollars, been giving free computers, TV's, cars you name it plus my bank account or paypay account has been breeched and all I need to do is send my name, SS number, user name, password, date of birth and everything will be corrected. I've even got a refund back from IRS and all I need to do is verify who I am with name, SS #, date of birth, ect. ect. ect. Will let me tell you something, if the IRS, my bank or paypal they know my name and don't need to ask for it, and how can I be picked randomly from 500 million internet users and they don't even know my name.. Think about it, even "Readers Diagest Sweepstakes" knows my name, but not my benefactors who want to give me 30 kazillion south bummphuck gold coins. I haven't entered anything or joined and buying clubs so how could I have won?
YOU DON'T GET SOMETHING FOR NOTHING. IF IT'S SOUNDS TOO GOOD TO BE TRUE, GUESS WHAT? IT ISN'T TRUE. Until laws are passed to put these scumbaggs in jail for a long time and people still think you get something for nothing, it will continue to go on.

Collapse -
Phishing by Phone
by donrosenzweig / April 25, 2008 11:12 AM PDT

I've received numerous calls (about one a week for several weeks) with the "Your new car warranty is about to expire" scam message. I have caller ID and have noticed that either it's blocked by the sender or they use what looks like either a legal long distance or toll-free number. If I try to reach the number after the call is terminated, it turns out to be a non-working one. Therefore, whoever is working this scam knows how to "spoof" phone numbers. The last time I received a call from them I asked them if they knew it was illegal to spoof phone numbers and then told them I was interested in learning about the warranty extension and they hung up and never called back.

Collapse -
I have been getting the same calls
by ajrap / January 14, 2009 12:50 AM PST
In reply to: Phishing by Phone

I have been experiencing the same phishing by phone scam on and off for months. Tried calling back several times and have tried to play along until I finally got to speak to a supervisor asked for them to tak me off the call list. They said they would but still keep calling. Happened again today and when I got the supervisor I asked him ('Doby') to tell me more about their company he said sure then I heard click. I hope they stop calling like with you but don't think that will happen. My bet is once your # is in their system they will keep calling periodically. FYI...this started not long after a used car purchase from a dealership.

Collapse -
What the banks can do...
by mwooge / April 25, 2008 3:03 PM PDT

> I've reported these to my bank and have been told there's virtually nothing they can do about it.

Unfortunatly, there's not much can be done. Just as the bank can't block -your- emails, they also can't block the spammer's.

Collapse -
Possible Phishers
by maldelus / April 25, 2008 9:43 AM PDT

If I don't know the sender or there are a number of problems such as spelling or the subject line says 'You won' or 'Important account information,' I delete it. If a legit business concern wants to reach me, they'll send me a letter with a phone number or two with which to confirm the issue. The letter will also have their mailing address. If I recognize the address, I'll pay a little more attention after I place a phone call.

Collapse -
Not a new game but definately a growing game...
by madogdr / April 25, 2008 10:08 AM PDT

Here in Phoenix, the phish game is rampant via tele periferals like cell phones and home phones. The pc game has been around for ages and is just growing like wildfire. We even have our postal maiboxes stuffed daily with an unbelievable amout of "paper spam", to the extent that if you don't empty your mailbox daily, you will not recieve you postal mail, as the box is too full for any more content. The solution to that, it seems, is to throw all the paper spam on the ground and let the wind take it where it chooses, which means you also have to pick up paper spam from your property grounds on daily basis. As long as we choose to live in "Bush World" and refuse to change the way things are, we just have to accept these insanities as life in corruption and capitolism.
As far as the tele adventures, I generally just use the double click approach, which in this case means; On/Off.
On a rare occasion, I will play with these fools and tell them to hold on while I go get my credit card, and then just wait to see how long the fools will hold on (while laughing in the background), but this is only when I'm feeling a bit mischeivious, heh.
What's really interesting lately, is recieving postal spam that has derived from computer information generally found in the registry. Like a ficticious company name I often assign one of the many, many Pcs that I build. Now how does this information get in the hands of these people? Are the ISP's selling our data for extra jingle? It goes far beyond the realm of ridiculous anymore, but what's even more mind boggling is the fact that it's allowed. Yep, that's Bush World...enjoy it or do something about.

Collapse -
by msecour / April 25, 2008 10:53 AM PDT

Phishing has received so much publicity that it is surprising that so many people still get suckered in. There have been many attempts at phishing me by email but I have not been victimized yet. RE phone phishing: we are on the "Do not call" list but still receive about 5 or 6 calls a day from "out of area" (as per our caller ID). We never answer the phone if it doesn't display the number and caller. Only a few leave messages and those that do are suspicious and are not returned.

Collapse -
Something smells Phishy
by The1Lion / April 25, 2008 11:20 AM PDT

Being an Ebay memeber, I have seen countless emails from "eBay" and "Paypal" that are phishing attemps and I always send them to spoof@ebay.com or spoof@paypal.com

I usually just need to mouse over any link in the email to see where it will actually send me (the url usually displays in the bottom left corner of the browser window) and you will see some other web address listed there than where the email is supposedly going to send you.

If you get a call from your credit card company - just call the number on your card for customer support and they should be able to tell you if there is a reason they are trying to contact you.

Collapse -
do not call list seems irrelevant
by pts103 / April 25, 2008 11:21 AM PDT

Boy does this ring a bell! I've registered both my phones on both the Fed and State do-not-call-list for the last 4 years; During this last year I have received at least two calls per week regarding my credit cards including finding these same messages on my answering machine. They are the exac type of calls others have described here and the volume of calls seem to be getting greater in number. I always hang up and never listened to the pitch. I'm getting to wonder what good the do-not-call list is good for? What can be done about it? I know enough never to respond, but I'm sure some unsuspecting people fall for the calls, thinking something is wrong or someone is using their credit cards.

Collapse -
A couple of times -- almost
by indiecds / April 25, 2008 11:22 AM PDT

Twice I fell for phishing emails. Most of them I get are pretending to be PayPal or eBay. Twice I took the bait and responded by signing in with my username and password. Immediately after doing so I realized what had happened so I immediately signed in to both sites and changed my password.

These people are extremely crafty. I had received numerous phishing attempts previously and recognized them for what they were but the keep coming up with more and more clever ways to fool you.

Whenever I receive one of these I click on "full headers" in my yahoo mail and then forward the message to either spoof@ebay.com or spoof@paypal.com. Sometimes I have even reported authenic messages from ebay or paypal as phishing attempts.

Collapse -
banking scam

This is so scary. I am continuously getting emails in the last 2 weeks I have gotten 3. My husband is a bank employee and I almost am afraid not to respond to these infos threatening to cancal our accounts if I don't contact within 48 hours. The part I don't understand is that the name on them is a legitimate Credit Union just not the one he works for.Do you have any advice for blocking these emails or calls? I do shop alot online and am wondering if this is why I keep getting these.

Collapse -
Call your bank directly
by caller1D / May 1, 2008 3:21 PM PDT
In reply to: banking scam

If you get a call or message asking you to verify some purchases, make sure the caller reads you the info. You should never give out your info unless you initiated the call. If a message tells you to call b/c of suspiscious activity on your card, call your bank directly if you think it might be a scam. Your bank can verify whether there really is a problem.

Collapse -
Here are your tips
by Hoppman / April 25, 2008 11:32 AM PDT

Common sense, simple common sense. Nothing is free and if you aren't sure, type the companies url in your browser, don't click on links in email. It just blows my mind that people STILL get tricked by this $#!+.

Collapse -
vishing scams
by Old Coot / April 25, 2008 12:14 PM PDT

Yes I also have been bothered by that type of scam, but NEVER fell for it though, thank God.

Apart from the credit card and bank account scams,there is another one that is quite frequent in some areas. A recorded voice says very happily: "We're glad to advise you that you have won a trip to the Carribeams (or other kind or prize) PLEASE PRESS 9 for more details".

This time, if you press 9 on phone, you release your line to the caller and within a few hours your long distance phone bill will raise to the sky while someone or many, use your line for LD calls all over the world. THIS IS A THING TO REMEMBER. Authorities in Canada have widely posted or eMailed notices to that effect.

That my friends is for your information. Tell your friends

PS: Another one is to phone recorded numbers and when you answer the phone there is no one on the line... This is a scheme to establish the best time to have you answer the telephone and is used by telemarketing people to throw you their sales pitch, (yeah usually at meal time) One way to fool this computerized foolishness is to hit the * key on the phone 10 or 12 times and the puter goes nuts with no valid data to record.

Collapse -
Phishing Scam
by robert7649 / April 25, 2008 12:42 PM PDT

The only one I received that I know of said it was from ebay and that my account information had been compromised and to click on the link to enter my login ID and password. I guess it was IE7 that identified the page as a know phishing page.


Collapse -
Phone phishing
by YayaJanice51 / April 25, 2008 12:45 PM PDT

I get call I need to contact, a 800 as the warenty on my car is about to expire. LOL I drive a 1987 car! called the 800# and asked them to contimnue with my warenty, the guy asked me for this info on my car, I said hell you called me so you know all about it. Hong on them

Collapse -
email scams
by poorprincess / April 25, 2008 1:14 PM PDT

To answer the queston on phishing scams is I just recently had one fro pch, from Britain, saying i won the lottery. I sent that email to pch.com and let them deal with it. Otherwise I do not give out my information on the internet about any of my personal information. I don't do you on the phone either. I am smarter than they think I am.

Collapse -
by btljooz / April 25, 2008 1:19 PM PDT

I do NOT even open spam, no less read it!!! Cool I do NOT download my e-mail to my computer. I use Web-based e-mail portals and services. Happy I even have Outlook blocked by my firewall! Never even set it up to receive or send mail from. Wink

I have my telephone registered with both the US National AND my State's Do Not Call lists. Therefore I don't get many unwanted calls...less than 10 a year. I do what I outlined in response to the question that was asked about this. Read my answer here:


Collapse -
I have never been phished because...
by kstenbch / April 25, 2008 2:33 PM PDT

I began receiving emails some time ago from different banks about my account being compromised. I called each bank in question because I suspected it might be a scam. Why did I suspect a scam? Because the banks and credit card companies whose names were on the emails were for accounts at banks & credit cards that I did not have. I got my 1st such request of 2 years ago from 1st Tennessee here in Memphis, TN. I remember that phish attempt because I was denied an account there. When I finally got a phishing attempt from a bank where I did have an account, I called the telephone number I had for them from when I first opened the account. I repeat, I did not call the number from the email, nor did I click on the link to go to the fake website. My bank assured me, as have all of the other legitimate banks, that if my account were compromised, they would send me a letter in writing (not by telephone, cellular phone, or email), and I would be asked to come into the bank in person . In addition, the word is out on phishing in general; when you sign up for a legitimate account get some of their literature with legitimate names, address, telephone numbers, website URL's, and email addresses. If you receive an email or notice from the bank, the website they give you should match the ones in their literature. Second, if you receive an email or notice by phone of a change of information or merger, you can return to your financial institution to confirm the change and get literature with the new URL, etc. Finally, most web browsers including MS Internet Explorer, Mozilla Firefox, Mozilla, Netscape, and Opera, have "phishing filters" that you should leave on and use. These filters will spot and block, alert, and blacklist most fake websites. Whenever you updated your browser or browsers, these filters will be updated also. In the end you must be a proactive consumer and use common sense; if you don't trust a website or do not think everything is on the up-and-up, leave or don't use the website. Ask the IT guy at work; ask the IT guy at the local electronics store; ask the IT guys at the local repair shop, and even ask the IT guys at Circuit City, Best Buy, or Walmart. People love when you ask about what they do & like sharing what they know. If you don't really know those guys, they can still confirm information. When you do suspect or find a scam, report it.

Collapse -
Maybe I have
by Mr-Opinion / April 25, 2008 3:01 PM PDT

Someone comented on strange cell phone e-mails -- I don't bother with E-mails on my cell phone , but have recieved a couple of od messages, including one "from" a credit union were supposidly something was expiring --- never thought much about them - ignored them - they wern't for me regarding anything that concerned me (identifiable) -- the Net - I keep prety close reighns on my E-maail address - if I go on a limb I use another address - where unless I expect something I just regulaly delete all the garbage

Collapse -
Phishing; The do's and don'ts
by supersoj / April 25, 2008 3:29 PM PDT

It's really simple. Really.
1) The only reason a credit card company will call you, is because you owe them money. They will refer to you by name, and supply you with your' credit card company's name. In addition, you can ask your' credit card company to assign a voice password, which any person from that card company must use for you to know it's them, and you must use, so they know it's you. This is the important part. YOUR CREDIT CARD COMPANY WILL NOT CALL YOU, IF YOU CAN GET A BETTER INTEREST RATE, ETC. They add those memos in with your' bill. In addition, using Caller ID properly is very helpful.
For example, most Credit Card Companies show up as 866, or 888 numbers, and often show up as Unknown Name. However, the phone number is still there. I'm going to give you the hugest tip ever here.
But perhaps the best thing, is to call them, and ask them to call you back. Then, when they do, check your' Caller-ID, and write down the number somewhere close to the phone. That way, when you see that number call again, you know, without question, that it actually IS your' credit card company. If it's any other number, tell them that this isn't the number they normally call from, and that you don't trust them enough to give out any personal information, and hang up IMMEDIATELY.

Biggest, and simplest rule of thumb:
1) NEVER give out ANY banking information.
Companies like Paypal, first off, rarely send you e-mails on anything, except for reciepts of purchases, or sales. They also require you to log-in, and then submit an inter-site message, rather then relying on unsafe e-mails, that may end up in the spam folder.
In addition, Paypal addresses you BY NAME OR ACCOUNT NUMBER in any e-mail.
Do not reply to, follow links from, or otherwise do anything but delete any message that begins with the phrase:
"Dear Member"
Here's why:
Paypal, and pretty much any other company like paypal has an automated computer program which generates these e-mails. These automated programs automatically add in names, or account ID's.

2) You've won the lottery in some foreign country!
Just no.
Here's why:
According to EVERY country's laws, rules, and regulations, while you can gamble((ie: slot machines, etc)), you are prohibitted from buying, or playing major lotteries((including State lotteries, or in Canada the 6/49 or BC49 or Super 7 are available only for Canadian Residents. The BC49 is only available to residents of British Columbia.)), and even if you DO win, you can't claim it, because you require to produce ID stating you are a valid member of that country.

3) Hi, this is >Insert Random website you visit regularily<. We're doing >Insert lame-*** excuse<, and need access to your account for >Insert secondary lame-*** excuse<.
Hotmail, Yahoo, or pretty much ANY company worth thier' weight in kilobytes will never e-mail you, asking for your' password. EVER.

4) This is my personal favorite trick:
Have two e-mail addresses.
Use one for registering for forums, facebook, myspace, or any place where your' e-mail address is part of your' user profile. There are 'virus' programs, that scan the entire internet, looking for e-mails to scam. Only give out the secondary e-mail to your' friends, or use it to register for Paypal. This way, if you get any e-mails from paypal to the first account, you know it's bogus, and since paypal is legally required to keep your' e-mail private, they are the only ones who know your' secondary e-mail address.

Just a few tips and tricks to help keep yourself safe. Happy

Collapse -
HANGING UP is not the answer!!!!

I work in a call center...don't hate me already, ok? We all have to earn a living somehow. There are 3 steps to get off of the phone lists.

1. Answer the phone politely! If you are rude they will make sure you are called back repeatedly.

2. Some are legit businesses and have done business with you in the past and are doing a follow-up call, this is a time to listen to what they have to say and you can voice your opinion about that service (+ or -).

3. If you do not want their service again, say no. Then you ask politely to be put on their "DO NOT CALL LIST". DO NOT just say "Don't call me again", or "No, thank you", or hang up, that will not do anything, they will call you again and again and again until you relent or someone else in your household says okay.

By law, in Canada, the company has thirty days in which to comply. You can ask how long will it take to get you out of the system. Most systems take about 5 business days. (unfortunately, you WILL get calls in those 5 days).

If you have never done business with the company you'd be surprised where they get your phone number.

1. Magazine Subscriptions
2. "Points" cards
3. Your local store that has you on their database to send you addressed sales flyers
4. Contest forms from the mall, trade shows and magazines
5. Rebates and mail-in offers
6. Surveys
7. Warranty Registrations
8. Information Requests
9. Any contract you agreed to and sign
10.Open house Registrations
12.Petitions...etc., etc.

In short, anywhere you have put your name and address down with your phone number (or anyone in your household)!!!!!!!!. It does seem rude to refuse give out the info even if you don't want to do further business with them. I fill out the forms, but put false info on it so they CAN NOT contact me and ask for their card in case I do want to contact them in the future.

Do not assume that since you asked them to put you on THEIR "Do not call list" that you won't be on it again! (See above for new sources)

Do not have your children screen your calls for you! They do not even have to say anything, a simple "huh??" will suffice for a "yes" for most telemarketers!! Your example, (See above), will teach them the right way to answer a phone. Telemarketers don't ask if they are speaking to an adult or to someone who has a legal right to answer questions on the phone. The child may be innocently allowing a salesperson or others to your door...and then TRY to get rid of them!!!

Finally, there is an NEW Across-Canada Registry for the "Do not Call" list at INFO Canada, (it is another "Registry") but, as I understand it, it has not really started yet, and is really underfunded, has no legal strength or bite even so it may not even useful as of yet.

Just remember, be polite on the phone, don't put your name and telephone number on anything, and certainly don't give out the info on the phone or computer unless you are dealing with people you know. Protect yourself!

Collapse -
Been scammed once, figured out the signs
by Interpolnyc / April 25, 2008 5:08 PM PDT

Once apon a time I was horribly scammed, I thought that the person had reasonable evidence to suggest that they could be trusted for the transaction however I was horribly mistaken. After having posted a deal on craigslist (who deserve no blame what so ever) I soon got a hit from a person who seemed to want to purchase said item with no questions what so ever. I was a bit weary of making any deals that would not choose to meet in person but I recieved a relatively ligitimate looking email and sent the item to the location that was given by a label this person provided. After everything was sent and a "secured" payment was ensured I waited for my payment and to this day I still wait for that payment. At any rate, now I know better and I know that when it comes to some things a bird in the hand is worth two in the bush. Just remember to notice the little things, incorrect grammar usage,bland asking for trust, in general if your careful you can avoidbeing scammed.

Collapse -
Keyboard logging software.

A trojan file emailed my Paypal account details. I was only alerted to it when I received an email receipt from Paypal advising me of a transfer of $300 for the purchase of "I dunno". I notified Paypal, contacted my bank advising that the transfer was fraudulent and not to process (it's a bank, of course they processed it!), and it took about three months to get it all sorted out and reversed by which time my credit card was over the limit and a whole bunch of penalty fees had to be reversed as well.

Collapse -
I had a lovely scam played on me!
by henrybarnett / April 25, 2008 6:41 PM PDT

I have a holiday home to let and I got an email from a Dubai travel agent wanting to rent our villa. "OK please send me a deposit." "No we'll send the full amount" ($15,000 for a month) They sent $30,000 with a UK cheque from a well known company. They asked me to send the balance to a car hire company. I was by now suspicious! They pressed me to send the money as soon as possible but I insisted on waiting until the cheque cleared. This is where it is important to know that a cheque will show as "cleared" after four days on your account but can be "bounced" up to ten days later. Of course the cheque was from a stolen cheque book as I discovered when I phoned the company and checked the names of the happy holiday crooks! I gave the names of all concerned to the UK Police. I've had phishing emails as well but thought this scam should be mentioned as well.

Collapse -
Not a Victim - Yet!
by Ana Zor / April 25, 2008 7:23 PM PDT

I get alerts from my credit card companies, but I have learned to check the email address first before opening them, and I never respond to any of them. Several times a month I receive emails from a ?legitimate? credit card company addressed to an email that I do not use for business. The first couple of times I called the cc company who denied generating these emails.

Caller ID stops me from simply picking up the telephone when I am occupied and susceptible to being duped.

The car warranty extension with all the proper information is one I get monthly from various companies via the USPS. The first one nearly got me, but since then I shred them.

Collapse -
phishing (e-mail) or vishing (phone)
by ABaldau / April 25, 2008 7:36 PM PDT

Over the past two weeks I have been getting phone calls (at least one a day) from Various numbers - that all say it is imperative I call about Debt Reduction on my credit car balance (note: no specific card is mentioned). Since I don't have any balances, I have not taken any of these calls - they are either phishing or trying to sell something. I have been reporting them to the DO NOT CALL Registry.


Popular Forums
Computer Help 49,613 discussions
Computer Newbies 10,349 discussions
Laptops 19,436 discussions
Security 30,426 discussions
TVs & Home Theaters 20,308 discussions
Windows 10 360 discussions
Phones 15,802 discussions
Windows 7 7,351 discussions
Networking & Wireless 14,641 discussions

CNET Holiday Gift Guide

Looking for great gifts under $100?

Trendy tech gifts don't require a hefty price tag. Choose from these CNET-recommended useful and high-quality gadgets.