Feeds

FBI rings warnings over VoIP phishing cons

'Alarming' rise in vishing

Security for virtualized datacentres

Fraudsters are turning to VoIP systems to craft more convincing phishing attacks. The FBI's Internet Crime Complaint Centre (IC3) warned last week of an "alarming" rise in the volume of so-called vishing attacks targeting US financial institutions and consumers.

Phishing attacks commonly take the form of forged emails that attempt to trick consumers into disclosing their online banking login credentials to fraudulent sites in response to bogus warnings that prospective marks need to respond to a "security check".

Vishing (voice phishing) attacks involve variations on the theme. In both cases, prospective marks are warned that their accounts will be suspended or cancelled unless they respond.

Vishing messages, unlike traditional email phishing attacks, can arrive as a text message or phone calls in addition to email. Also, vishing attacks are designed to con concerned users into handing over credit or debit card details to fraudsters in calls routed through a cheap VoIP-based answering system.

"Recipients are directed to contact their bank via telephone number provided in the email or by an automated recording. Upon calling the telephone number, the recipient is greeted with 'Welcome to the bank of...' and then requested to enter their card number in order to resolve a pending security issue," the FBI's cybercrime clearing house reports.

One recent variant of the attack involved a text message that claimed the recipient's online bank account had expired. Prospective marks were encouraged to "renew their online bank account" by using the link provided, which directed the credulous to a mobile phone-friendly fraudulent website.

IC3 advises that since criminal methodologies are evolving, the only safe response is to be wary of all emails, telephone calls, or text messages requesting personal finance data.

Consumers with security concerns would do better to contact their banks directly using phone numbers included in statements or telephone books. Recipients of vishing attacks, or other similar hoaxes, are invited to file a complaint with IC3 via its website. ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
FCC, Google cast eye over millimetre wireless
The smaller the wave, the bigger 5G's chances of success
It's even GRIMMER up North after MEGA SKY BROADBAND OUTAGE
By 'eck! Eccles cake production thrown into jeopardy
Mobile coverage on trains really is pants
You thought it was just *insert your provider here*, but now we have numbers
Don't mess with Texas ('cos it's getting Google Fiber and you're not)
A bit late, but company says 1Gbps Austin network almost ready to compete with AT&T
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.