Most articles about the 76 million or so names and addresses that were stolen from JP Morgan Chase bank focus on the danger of phishing emails. But email is not the only way bad guys can abuse stolen data.

They may also try to scam victims on the telephone.

I ran across a couple articles on the Chase breach that mentioned telephone abuse, but each omitted an important point – you can’t trust caller ID. Spoofing phone numbers that appear on caller ID has been a thing for a decade or so. If someone claiming to be from Chase calls on the phone, the safest thing to do is call them back at a known Chase phone number; one from a bank statement, credit card statement or chase.com.

To read this article in full or to leave a comment, please click here