Thieves use VOIP for new phishing attack

IDG News service

| 2006 április 27. 11:38

Taking advantage of the low cost of VOIP (Voice over Internet Protocol) technology, thieves have now begun luring victims to fake automated call centers via a new kind of phishing attack.

Hirdetés

Typically phishers e-mail their victims, trying to lure them into revealing sensitive information on bogus Web sites. But instead of telling victims to click on a Web link, this attack asks users to verity account information on a phony customer support number.

"Part of the danger here is just the fact that it is novel," said Adam O'Donnell, senior research scientist with Cloudmark Inc., an e-mail filtering company in San Francisco. "Most people are pretty comfortable calling to a phone number that they think is their bank's."

To date the phone phishing attacks have not been widespread. Cloudmark first started seeing these attacks in mid-April and they stopped after continuing on a very limited scale for about three days. "It looks like a single scammer doing a proof of concept," O'Donnell said.

In total, Cloudmark intercepted about 1,000 of these phishing messages, a small number considering that Cloudmark's e-mail filtering service is used to filter mail for about 100 million mailboxes, O'Donnell said.

However, the attacks caught Cloudmark's attention because of its use of a telephone number, which was served by a small U.S.-based VOIP carrier. This made them some of the first to leverage the cost savings of VOIP, O'Donnell said.

VOIP services are appealing because they allow customers to set up numbers anywhere in the globe. And because they can be combined with telephone software like the open-source Asterisk PBX (Private Branch Exchange) product, it can be inexpensive for thieves to set up a professional-sounding line.

"Getting a traditional phone number is high-cost," O'Donnell said. "With VOIP, the barrier to entry is significantly lowered."

Spammers have already been taking advantage of these low costs, using phone numbers instead of Web sites in their e-mail solicitations, but this was the first time Cloudmark had seen the approach used by phishers, he said.

O'Donnell declined to name the regional East Coast financial institution that was targeted in this attack.

A szerverterem lélegeztetője (x)Teljes kontroll, gondtalan üzemeltetés, pontos szabályozás.

Hirdetés

Thieves use VOIP for new phishing attack

Legfrissebb PCW

Céginfó hírek

Üzembe állt a Siemens e-kamion töltője

A Fujitsu MI-stratégiája dedikált platformmal és új Uvance-ajánlatokkal erősíti az adatintegrációt és a generatív MI-képességeket

Új jelölés lesz a fenntarthatóság ismérve

Az EU és a NATO is elítélte a Németország és Csehország elleni orosz kibertámadásokat

A Fujitsu új szuperszámítógépes rendszert szállít a japán meteorológiai intézetnek a tájfunok és özönvízszerű esőzések pontosabb előrejelzéséhez

Informatika válsághelyzetre

Hétféle 'irodai bunkó' létezik – vajon melyikükkel dolgozunk együtt?

Mesterséges intelligencia segítségével bombázza a terroristákat Izrael, ebbe viszont rengeteg ártatlan is belehalhat

Megadóztatná az Oroszországot elhagyni nem hajlandó cégeket az EU-biztos

A katonai hadviselés jövője már nem a Terminator, hanem a Black Mirror forgatókönyve szerint alakul

Az orosz elektronikai hadviselési csapatok több mint 2 millió légi célpontot észleltek

Kövessen Facebookon