You could also be asked for more identifying details, such as Social Security number and account number.
Fortunately, banks have put some countermeasures into place to fight phishing.
The difference is, the evil twin is provided by a hacker, who uses specialized software to eavesdrop on information you're sending out — like your bank password or Social Security number — or to direct you to a malicious website like those described above.
The evil twin Wi-Fi hotspot really connects you to the Internet, just like a legit connection.Most people have already been victims of the most basic forms of identity theft — having fraudulent charges on your credit card.Those even less lucky have been victimized in more aggressive ways, with criminals obtaining medical care, working, and flying in our names.Fishing for information via the phone is also known as "vishing," as in, "voice phishing." If they're taking the refund tactic, they'll probably ask for your bank account number or other personal info, supposedly in order to send you your refund.If they say you owe, they may ask for a credit or debit card number, or worse, try to get a payment in a way that's not traceable or refundable, like through a prepaid debit card.This could also be a tactic for getting someone's phone password before physically stealing the phone.This nefarious technique involves stealing credit or debit card information with a card reader that may look just like a legitimate card reader.Another old-fashioned crime that has thrived in the era of high-tech data theft, pickpocketing nowadays commonly leads directly to identity theft.In fact, a major ID theft ring busted 10 years ago targeted crowded events to steal wallets and convert the information inside to valuable dossiers of information, which they would later resell.Another way they try to get you is for you to unknowingly download information-stealing software onto your computer. These criminals manipulate Google and other search engines' algorithms to get their phony sites ranked high in search listings, leading users to believe they must be legit.Fortunately, Google has made progress in preventing this in recent years, but it still happens.