Phishers Use Call Forwarding to Mask Fraud

Apr 28, 2007

A phishing attack uncovered by SecureWorks tries to entice victims into forwarding their telephone calls in order to thwart out-of-band authentication by banks.

Researchers at SecureWorks have uncovered a new type of phishing attack that tries to trick victims into forwarding their telephone calls to the attacker to thwart attempts by a bank to detect fraud.

The attack, found by the Atlanta-based security vendor this week, begins with an e-mail sent from the phisher telling the potential victim their bank needs to verify their phone number immediately, and their account will be suspended if they do not confirm the number. The victim is told to confirm their number by dialing *72 and then another number, effectively forwarding their calls to the phisher's telephone.

After going through this process, the victim is asked in the e-mail to update their personal information, such as bank account and Social Security numbers. If the victim's bank calls to question an unusual transaction while the calls are being forwarded, the phisher need only confirm the illegal transaction is legitimate, SecureWorks researcher Don Jackson wrote on the company's Web site.

In an interview with eWeek, Jackson said these types of attacks are currently not widespread, but may become so in the future as more banks use out-of-band authentication - such as telephone calls - to check the validity of suspicious transactions.

He cautioned against trusting e-mails that request the recipient give up personal information.

"If they are asking you to do something, you should call your financial institution," Jackson said.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Local media have positive slant toward local businesses, Rice University expert finds

add to favorites email to friend print save as pdf

Related Stories

Korean tech start-ups offer life beyond Samsung

19 hours ago

As an engineering major at Seoul's Yonsei University, Yoon Ja-Young was perfectly poised to follow the secure, lucrative and socially prized career path long-favoured by South Korea's elite graduates.

NASA satellite sees a warm winter in the Western US

4 hours ago

While people in the eastern two-thirds of the U.S have been dealing with Arctic Air, the bulge in the Jet Stream over the eastern Pacific Ocean has been keeping the western third of the U.S. in warmer than ...

Recommended for you

Barclays to allow payments by using Twitter handles

Feb 27, 2015

The next chapter in banks moving into the digital age is a stretch beyond reminding customers over phone lines that they can also bank online. Barclays has launched Twitter payments through Pingit.

QR codes engineered into cybersecurity protection

Feb 27, 2015

QR, or Quick Response, codes – those commonly black and white boxes that people scan with a smartphone to learn more about something – have been used to convey information about everything from cereals ...

Australian laws on storing phone, Internet records to change

Feb 27, 2015

(AP)—A parliamentary committee on Friday recommended a major rewrite of draft laws that would force Australian telcos and Internet providers to store customers' personal data for the convenience of law enforcement agencies. ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.