Call the number from the payphone and see who or what answers. But, do not give away any information about yourself. Don't reveal your name, phone number or anything else. Don't even provide them any numbers that were left in the voicemail that you received, unless you want to take your experiment to the next level.
Now, if you do want to go to the next level, you may want to type in a number that they have likely left for you in your voice mail, a reference number that the phishers have no doubt associated with your telephone number as they dialed it. That way, they can track who calls back. But, if you do type that number in, you are identifying your own phone number as someone who will respond to such solicitation. Typing in these reference numbers may help you get more juicy tidbits about what their goal is, but you also may start getting even more of these voice messages as a result. It's up to you to determine if you want to take the chance.
As for stopping the calls… good luck. That can be very difficult if you don't know what organization is making the calls. You can report the activity to the Federal Trade Commission as a possible violation of their Do Not Call list. If you haven't already, you may want to register for the federal Do Not Call list. The commission may even investigate your complaint. Without the name of the organization that is calling you, however, the FTC won't have much to go on.
Dig Deeper on Email and Messaging Threats-Information Security Threats
Related Q&A from Ed Skoudis
Learn how social networking sites compound the insider threat risk, and explore how to mitigate the threat with policy, training and technology. Continue Reading
At Black Hat 2006, researcher Joanna Rutkowska unveiled a piece of machine-based malware called the Blue Pill. But is it a serious threat to your ... Continue Reading
Wi-Fi on airplanes seems like it will be unavoidable in the future, but what security risks does it pose? In this security threats expert response, ... Continue Reading