VoIP phishing is similar to email phishing schemes, except the email purported to come from your bank or credit card company contains a phone number to call, rather than a link to click on.Having setup a PBX with auto-attendant and advanced call routing features designed to sound like a legitimate enterprise, the phishers prompt for you to enter your password. VoIP and low cost or free PBXs are allowing scam artists to set up phishing threats at little cost - a benefit also provided to the scam artist by email.
Another form of VoIP phising occurs when phishers call you from a number that looks legitimate when it is in fact a spoofed number. VoIP makes it easier to spoof the caller ID feature so it looks like you are speaking to your bank.
To avoid this threat, security experts recommend only calling phone numbers officially published by your financial institutions. For example, phone numbers displayed on ATM or credit cards, or cheque books are safe to call, while phone numbers contained in an email are not.
Source: VoIP News
