Hi-tech fraudsters have begun using recorded telephone messages in a bid to trick users into handing over confidential account information. The tactic has been adopted as a variant of recently detected phishing attacks targeting customers of the Santa Barbara Bank & Trust.

The attack begins with a spoofed email message (commonly with the subject line "Message 156984 Client's Details Confirmation (Santa Barbara Bank & Trust"). Instead of seeking to persuade users to visit a bogus website, these emails direct them towards phoning a number in Southern California.

When potential marks dial the phone number, a recording requests that they enter their account number.

Net security firm Websense notes that the recorded message does not mention the Santa Barbara Bank & Trust, a sign that the same phone line is potentially being lined up for fraudulent attacks targeting the customers of other online banks or ecommerce firms. ®

Related stories

• A third of dodgy emails are phishing attacks (5 September 2006)
• Gmail phishing email offers $500 prize (12 July 2006)
• Phone phishers target PayPal (7 July 2006)
• Two charged with VoIP fraud (8 June 2006)
• MS takes rod to phishers (1 April 2005)
• RSA 2005 Spam gets vocal with VoIP (17 February 2005)
• VoIP security group goes on the defensive (8 February 2005)
• Phreakers will rape and pillage your mobile (22 October 2004)
• Filipino phone phreakers foiled (20 July 2004)