We've all dialed a wrong number before. It happens and usually it's harmless. But bad guys have figured out a way to make money off our misdials. This scam has been around as long as toll-free numbers, but it's seeing a resurgence.
HOW THIS PHONE SCAM WORKS
In the toll-free hijacking or misdial scam, a bad guy gets a phone number that is similar to a popular toll-free one - perhaps the number to a customer support line. This copycat phone number will have one or two digits changed from the official number. Or it may start with a different toll-free prefix, like 888 rather than 800. When a customer accidentally types in the wrong number, the call goes to the bad guy - and the act begins.
The caller hears a message that sounds like the legitimate company, but it's the bad guy impersonating the company. The scam may offer a prize or discount, if the caller pays a small fee up front with a credit card, such as for shipping.
It’s easy to fall for this, because it can sound very convincing and you thought you called the real company.
What To Do
- Be careful when you dial phone numbers. Make sure you have the number right and enter it accurately when you call. Common dialing errors include:
- Dialing the wrong toll-free prefix
- Accidentally hitting a number twice
- Hitting an adjacent number
- Transposing numbers, such as 87 instead of 78
- Confusing zero or one with letters O or L
- Think before sharing personal information, like passwords, credit card numbers, or bank account information, over the phone, in an email or a text. And do not send money to someone you do not really know.
- Hang up if the call seems strange and check to make sure you dialed the right number.
More Information
There is not much legitimate companies can do to prevent the misdial or toll-free hijack scam. Other providers who own and assign toll-free numbers may not be aware of a scam or a user's bad intent. Many companies, like AT&T, work with number providers to protect legitimate toll-free numbers.
You can learn more to help identify scams in these Cyber Aware blogs: