Caller ID spoofing scams aim for bank accounts

Mar 19, 2012 By Byron Acohido

That call you received on your mobile phone might not be from the company that popped up on your Caller ID.

Cyberthieves are stepping up phone-calling scams that pilfer the accounts of consumers who bank online. And many such calls are linked to spoofing, which causes the recipient's phone to display a Caller ID number that appears to originate from a trusted party.

In the second half of 2011, Pindrop Security detected more than 1 million fraudulent calls, including 189,439 in December, a 52 percent surge from July, according to a first-of-its-kind report released Thursday.

"Mobile is a growth area," says Stan Stahl, president of the Los Angeles chapter of the Information Systems Security Association (ISSA), which works with to stem online banking fraud.

Spoofers often lure a into divulging account information via an automated call or text message that appears to come from the user's bank. Next, the crooks call the bank, spoofing the victim's phone number and correctly answering security questions to trick the bank employee into transferring cash or issuing credit cards for mailing addresses under the scammer's control.

Dell SecureWorks estimates small and midsize businesses in the U.S. and Europe lose as much $1 billion a year from online banking accounts. The financial services industry often does not reimburse such losses. "We'd expect business owners to be a bit more savvy and have more resources at their fingertips," says Carol Kaplan, spokeswoman for the American Bankers Association. "That doesn't mean we're not seriously concerned about the problems small businesses are having, and there continues to be huge gobs of investment into shoring up security."

Results of an ABA survey of 95 financial institutions, released exclusively to USA Today, show the number of commercial account takeovers by cybercrooks rose 260 percent in 2011 vs. 2009. However, the average loss per victimized company decreased 92 percent during the same period.

"Financial institutions are becoming more effective at stopping illicit transactions from being executed," says Doug Johnson, the ABA's vice president of risk management policy.

Consumers are getting hit, too, but if they report thefts promptly, the banks typically bear the loss. Losses from consumer accounts probably exceed "$1 billion a year," estimates SecureWorks' Dale Gonzalez.

Names, phone numbers and e-mail addresses can be purchased inexpensively from hackers who specialize in cracking into databases, such as the gang that swiped 24 million customer records from online shoe retailer Zappos earlier this year.

In the last six months of 2011, bogus calls were placed in connection with scams directed at 30 of the 50 largest financial institutions in the U.S., Pindrop CEO Vijay Balasubramaniyan says. "We are continuing to see this rising trend," he says. "There appears to be a network effect as word of successful scams gets relayed to other fraudsters."

ISSA's Stahl says tech companies and banks need to do more to stem the tide of attacks. Part of the solution: being more transparent to small businesses and consumers about the risks of online banking.

"Online bank fraud is at epidemic levels. There's no question about that," Stahl says. "Right now there is inadequate security against the many kinds of attacks that lead to online banking fraud, and that's only going to get worse."

Explore further: Japan orders air bag maker to conduct probe

not rated yet
add to favorites email to friend print save as pdf

Related Stories

Phishers Use Call Forwarding to Mask Fraud

Apr 28, 2007

A phishing attack uncovered by SecureWorks tries to entice victims into forwarding their telephone calls in order to thwart out-of-band authentication by banks.

Human error puts online banking security at risk

Nov 07, 2007

Using an SMS password as an added security measure for internet banking is no guarantee your money is safe, according to a new Queensland University of Technology study which reveals online customers are not protecting their ...

Businesses fall prey to cyberthieves' cunning

Apr 04, 2011

Among the growing ranks of consumers, business owners and others being lured by the convenience of online banking are legions of cybercrooks who have found the technology a convenient way to steal from unsuspecting victims.

Bogus training offer opens hacker doors to bank accounts

Feb 05, 2012

(PhysOrg.com) -- Mischief-making hackers, always willing to try clever ways to bypass advanced security safeguards, have figured out a way to make off like bandits, literally. According to a BBC report, the exploit first ...

Banks team up for online payment system

May 27, 2011

Online and mobile customers of three major banks will be able to instantly zap funds from their accounts to other depositors at the banks under a program to be rolled out across the country over the coming year.

Recommended for you

Japan orders air bag maker to conduct probe

Nov 21, 2014

Japan's transport ministry said Friday it has ordered air bag maker Takata to conduct an internal investigation after cases of its air bags exploding triggered safety concerns in the United States and other countries.

Senators get no clear answers on air bag safety

Nov 20, 2014

There were apologies and long-winded explanations, but after nearly four hours of testimony about exploding air bags, senators never got a clear answer to the question most people have: whether or not their ...

Winter-like temps can reduce tire pressure

Nov 19, 2014

The polar plunge that has chilled much of the nation does more than bring out ice scrapers and antifreeze. It can trigger vehicles' tire pressure monitoring systems overnight, sending nervous drivers to dealers ...

US: Gov't aircraft regulations apply to drones (Update)

Nov 18, 2014

The U.S. government has the power to hold drone operators accountable when they operate the remote-control aircraft recklessly, a federal safety board ruled Tuesday in a setback to small drone operators chafing ...

Mapping the crisis of displaced peoples

Nov 17, 2014

Population displacement is a global problem, one that historically has been insufficiently quantified and analyzed, especially given its wide-ranging effects. Displacement can result from a number of factors, ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.