Watch out for telephone scams—don’t be a victim of a VISHING attack. A vishing (“voice phishing”) scam is when an attacker contacts you by phone pretending to be from a trusted organization, such as the IT support department or your bank. The caller might say that they need access to your computer in order to fix a problem or to perform routine maintenance.
Recently, a NYCHA employee received a telephone call from someone claiming to be from our IT Department. He said he wanted to fix her computer and asked for her user ID and password.
After the employee provided that information and saw caller take control of her computer and look through her files, she became suspicious. She logged out of the PC, hung up the phone, and reported the incident NYCHA’s Information Security Hotline at 212-306-8006.
- Do not trust unsolicited calls.
- If you believe a call is fraudulent, hang up the phone.
- Do not provide any business or personal information.
- Never share your user ID and password with anyone. (IT staff have their own administrative access and will never ask you for that.)
- If you suspect a scam, call the Service Center at 212- 306-7000 immediately.
Reduce your risk
For email and text messages:
- Do not respond to and do not click on any links or open attachments in suspiciouslooking emails or texts.
- Delete messages that appear to be fraudulent.
For mobile phones:
- Ignore instructions to text “STOP” or “NO.” This is a common trick by scammers to confirm that they have reached an active phone number.
- Use up-to-date security software on your phone and computer, such as anti-virus, anti-spyware, and anti-malware.
Report IT security concerns to NYCHA’s IT Information Security Hotline at 212-306-8006.