Phishers Use Call Forwarding to Mask Fraud

Apr 28, 2007

A phishing attack uncovered by SecureWorks tries to entice victims into forwarding their telephone calls in order to thwart out-of-band authentication by banks.

Researchers at SecureWorks have uncovered a new type of phishing attack that tries to trick victims into forwarding their telephone calls to the attacker to thwart attempts by a bank to detect fraud.

The attack, found by the Atlanta-based security vendor this week, begins with an e-mail sent from the phisher telling the potential victim their bank needs to verify their phone number immediately, and their account will be suspended if they do not confirm the number. The victim is told to confirm their number by dialing *72 and then another number, effectively forwarding their calls to the phisher's telephone.

After going through this process, the victim is asked in the e-mail to update their personal information, such as bank account and Social Security numbers. If the victim's bank calls to question an unusual transaction while the calls are being forwarded, the phisher need only confirm the illegal transaction is legitimate, SecureWorks researcher Don Jackson wrote on the company's Web site.

In an interview with eWeek, Jackson said these types of attacks are currently not widespread, but may become so in the future as more banks use out-of-band authentication - such as telephone calls - to check the validity of suspicious transactions.

He cautioned against trusting e-mails that request the recipient give up personal information.

"If they are asking you to do something, you should call your financial institution," Jackson said.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: New streaming apps could boost citizen journalism

add to favorites email to friend print save as pdf

Related Stories

Zoo innovations has animals foraging for food

Mar 20, 2015

When red pandas go on exhibit for the first time at Brookfield Zoo in July, they'll be housed around a broad tree that looks like a giant bonsai and has magical qualities.

IBM's 'Jeopardy!' champ ventures to new worlds

Mar 13, 2015

IBM Watson initially won fame as the artificially intelligent computer system that won $1 million for whipping former "Jeopardy!" champs Ken Jennings and Brad Rutter on the televised game show in 2011.

Survey reveals sorry state of European cybersecurity

Feb 27, 2015

The European Commission's annual Eurobarometer Cyber Security Survey, the third edition of which was recently released, is a substantial survey of more than 27,000 respondents from 28 countries. It contains intere ...

Vandalism in Arizona shows the Internet's vulnerability

Feb 26, 2015

(AP)—Computers, cellphones and landlines in Arizona were knocked out of service for hours, ATMs stopped working, 911 systems were disrupted and businesses were unable to process credit card transactions—all ...

Recommended for you

Meerkat vs. Periscope: Live-streaming app battle & buzz

Mar 27, 2015

Download Periscope, Twitter's just-launched live video-streaming app, and you'll find people broadcasting all sorts of mundane stuff: waiting for AT&T to fix their wiring, getting out of bed in Silicon V ...

Twitter chief vows to help Indonesia fight disasters

Mar 26, 2015

Twitter chief Dick Costolo said Thursday the microblogging site planned to work with Indonesian authorities to warn people about natural disasters that regularly hit the archipelago, from earthquakes to volcanic ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.