Phone Scam Calls and Impersonation Tactics

Examples of Scam Calls

Scammers often use a pretext to gain trust and extract sensitive information. Here are real scam call examples:

Fake Tech Support

"Hello, sir. My name is Wendy, and I’m from Microsoft Windows. This is an urgent checkup call for your computer as we have found several problems with it."

Reality: Wendy is not from Microsoft Windows. This is a scam designed to trick you into providing remote access or paying for fake support.

Fake Government Action

"This is an enforcement action executed by the US Treasury intending your serious attention."

Reality: The US Treasury does not leave such messages. Poor grammar is a common sign of fraud.

Fake Credit Card Offer

"Congratulations on your excellent payment history. You now qualify for 0% interest rates on all of your credit card accounts."

Reality: This is an impersonation scam. No real credit card company cold-calls with such an offer.

Understanding Impersonation in Scams

Impersonation is when an attacker pretends to be someone they are not to gain trust and extract information.

Common Impersonation Tactics:

• Pretending to be from a trusted company: Example: A scammer claims to be from your company’s help desk to gain access to your system.
• Using authority to pressure you: Example: They claim to be a high-ranking executive (e.g., VP of Finance) to manipulate employees into providing information.
• Using technical jargon or complex language: Example: Overwhelming the victim with technical details to make them focus on the content rather than questioning the legitimacy of the call.

Common Goals of Impersonation Scams:

• Eliciting Sensitive Information: Attackers use “voice phishing” (vishing) to trick individuals into revealing personal or financial details.
• Identity Fraud: Scammers use stolen personal details to:
  • Open credit card accounts and make fraudulent purchases.
  • Create fake bank accounts in the victim’s name.
  • Take out loans under the victim’s identity.
  • Commit tax fraud by filing false returns to steal refunds.

How to Protect Against Impersonation Scams

• Do Not Volunteer Information: Legitimate organizations do not request passwords or sensitive data over the phone.
• Avoid Sharing Personal Information: Do not disclose your Social Security number, address, or banking details unless you have verified the recipient.
• Verify Callers Before Sharing Information: If someone claims to be from a company, call back using a publicly listed number.
• Establish Verification Processes in Organizations: Employees should confirm identities before sharing financial or sensitive data.