"Your sense of caution is allayed because the person you are talking to knows an awful lot about you," Olson said.
"There is an increase in sophistication" of the scams, said Dave Jevans, chairman of the Anti-Phishing Work Group and chief executive of IronKey, a company that builds security and authentication systems. A scheme across multiple channels such as e-mail and telephones is just one sign of scammers' evolving cunning, he said.
James Gilden writes the Daily Traveler blog for the Los Angeles Times at latimes.com/thedailytraveler.
(BEGIN TEXT OF INFOBOX)
How to protect yourself:
Be wary of e-mails asking you to provide or confirm sensitive information, such as account numbers or passwords, even if they appear to be from legitimate companies with which you do business.
Watch for misspellings and grammatical errors, which can be used by phishers to foil spam blockers.
Note that phishers often try to convey a sense of urgency, perhaps threatening to close your account or impose fees if you do not respond immediately.
What to do:
If an e-mail has any of these signs, do not respond, click on any of the links or call the phone numbers.
If you conduct business with the company represented, contact it through an e-mail address or phone number that you know to be legitimate.
Report suspected phishing and spoofs to the Federal Trade Commission at spamuce.gov.
— James Gilden