They resemble phone calls from legitimate companies and organizations, but the messages are part of a scam designed to get you to reveal private information or download malicious software.
The goal, of course, is to steal your personal information or persuade you to take an action, like transferring money to them.
Here are some signs to look for that a phone call might be part of a phishing expedition:
You Get a Call from a Trusted Company or Institution
Someone calls claiming to be your bank or internet service provider, or they may pose as members of the police force, government agencies, credit card companies, and more.
The caller may state they're calling to report a problem (posing as your Internet service provider or bank), or they may say there's an issue with an account, your credit card, or that you owe back taxes, impersonating the IRS.
Why should this raise red flags? These entities will usually contact you through other means first, not by phone.
Rarely will a phone call be their mode of telling you about a problem with your account unless you've contacted the company or institution first.
Companies are aware of how many phishing schemes there are out there and avoid this type of approach for that treason.
Phone Phishing Calls Stating They've Detected Fraud on an Account
This is another common phishing strategy.
You get a call saying they've detected fraud on one of your accounts, like your Apple or Microsoft account, and your account has been compromised.
They'll often try to create a sense of urgency, tell you that you must act fast to prevent loss of your personal information.
Once they've made you feel a sense of urgency, the attacker may ask for your account number, pin, or password to gain access to your data or ask you to pay a fee to restore your account.
Don't fall for it!
Companies, especially big companies like Microsoft, won't ask for your personal information. Hang up immediately and contact the company directly to find out the status of your account.
Some attackers may try to persuade you to download software onto your computer to ‘cancel' the transaction or ‘fix' an issue with your account.
If you've installed this software, then it's likely that you've been targeted by malware.
Phishing Scam Calls that Ask for Log-In Information
Attackers may ask you for the username and password information for your account.
While you should never give out your login credentials to anyone — even if they claim to be members of the company or police force — it's more likely that they are scammers when they ask for your log-in information.
Legitimate companies have a strong policy against doing this.
Callers That Ask Questions about an Account
Some callers, as part of a phishing scheme, may ask you questions about your recent purchases, such as your name or the last four digits of your credit card number.
They may also ask for sensitive information, such as your social security number and other financial details (like account balances).
Some can sound quite convincing and lull you into a sense of complacency by building trust.
Phone scammers might also send you a link to their website or some other ‘official' site where they're trying to get you to enter your information.
Don't answer personal questions about an account no matter how legitimate the caller sounds. Call the company directly, and never go to a website that a caller sends you to.
Phishing Schemes That Tell You That You've Won Something or Offer a Special Deal
One that too many people fall for is calls claiming they've won something, like a vacation, a free trial of a product, or are eligible for a preapproved loan.
All you need to do is give them some personal information to get the “prize” on its way to you.
They might even ask for your credit card number to pay a small shipping fee to deliver your prize.
Never give out your credit card information over the phone to anyone you can't identify. If a deal sounds too good to be true, it likely is.
Charitable Phone Phishing Schemes
Phishing attackers may also pose as charities asking for donations.
This is more common after a disaster or with an upcoming holiday. As the holiday season approaches, it's the season of giving, and many scam artists take advantage of this generosity.
While giving to charitable organizations is a noble thing, some charitable organizations are not legitimate. As such, you should avoid giving them any money.
Most scams exploit popular, legitimate charities, so some charity names may seem familiar to you.
If you receive a donation request from a scam group, you can verify the legitimacy of the organization by visiting a charity watchdog site or talking to a charity representative.
The Bottom Line
Hopefully, you'll never be the victim of a phone phishing scam but be on alert and know the tricks they try to play.
Even better, don't answer phone calls from numbers you don't recognize, especially those from out of state. If it's important, they'll leave a message.