Voice phishing is making some noise of late.
This technique — more popularly (and creatively) known as “vishing” — uses the all-too-familiar spammed email message format as initial bait. Trend Micro antispam researchers discovered the following messages which again use the IRS in luring users to hand out sensitive information:
This time, however, the striking difference from past phishing emails is that instead of a malicious URL, the message contains a number that users are encouraged to call for information on possible “tax refunds.” An automated voice recording answers queries and asks callers for sensitive information: credit card and social security numbers, for instance.
The timeliness of this attack is evident as deadline for filing taxes is nearing. Users may have learned to not trust unknown links; this time Trend Micro advises users to be extra careful in disclosing information even to “customer service” numbers as well.