From Phishing to Vishing
Two noteworthy types of phishing attacks have recently been reported. The first involves the International Monetary Fund. A July 14 IMF press release warns the public about both phishing and website spoofing attacks using the IMF's name, and indicates that some of the fraudulent solicitations offer that hardy perennial of investment fraud schemes, the "high-yield" or "prime bank" scheme.
The second, reported in a July 11 Internet News article and a July 15 E-Commerce Times article, involves VoIP-based spam/phishing attacks, in which the spam purport to be from a financial institution. In this attack, which the Internet News article labels "vishing," The spam text is intended to persuade recipients to dial a telephone number and enter their bank account and PIN numbers. The E-Commerce Times article cites a senior research scientist with Cloudmark, Adam J. O'Donnell, in explaining that callers are "connected over VoIP to a PBX -- private branch exchange -- running an IVR [i.e., Interactive Voice Response] system that sounds exactly like their own bank's phone tree, directing them to specific extensions." The article adds that "VoIP-based services allow phishers to cheaply add and cancel phone numbers that are harder to trace than conventional numbers."
The second, reported in a July 11 Internet News article and a July 15 E-Commerce Times article, involves VoIP-based spam/phishing attacks, in which the spam purport to be from a financial institution. In this attack, which the Internet News article labels "vishing," The spam text is intended to persuade recipients to dial a telephone number and enter their bank account and PIN numbers. The E-Commerce Times article cites a senior research scientist with Cloudmark, Adam J. O'Donnell, in explaining that callers are "connected over VoIP to a PBX -- private branch exchange -- running an IVR [i.e., Interactive Voice Response] system that sounds exactly like their own bank's phone tree, directing them to specific extensions." The article adds that "VoIP-based services allow phishers to cheaply add and cancel phone numbers that are harder to trace than conventional numbers."
posted by Jon Rusch at 12:28 PM
4 Comments:
I am currently working on an article on the phone phishing problem. At this point it is certainly starting to cross from theory to practice and so must the response. We cannot take tseveral years to get our act together as we did the first time.
One thing we do need to do urgently is to stamp out the use of this neologism. The term phone phishing is musch easier to understand and is self explanatory to someone who knows what phishing is.
The idea is to think like the bad guys, not act like them. Lets leave the jargon to them.
http://xanaxs.blogspot.com/
http://buy-cheap-phentermine.blogspot.com/
http://viagra6.blogspot.com/
http://adipex-lek.blogspot.com/
http://valium-effects.blogspot.com/
http://tramadol-pill.blogspot.com/
http://cell-phone-plan2.blogspot.com/
http://cheap-phentermine6.blogspot.com/
http://order-phentermine6.blogspot.com/
phill,
I agree. If we're just talking about variations on the same basic criminal technique, creating neologisms that confuse the general public (and even business sectors) makes no sense. I should say more on that subject.
HELLO PEOPLE!
Amateur Sex http://groups.google.com/group/amateur-sex-online/
oral sex http://groups.google.com/group/oral-sex-online/
lesbians sex http://groups.google.com/group/lesbians-sex/
sexy babes http://groups.google.com/group/sexy-babes-free/
asian porn http://groups.google.com/group/asian-porn-online/
asian sex http://groups.google.com/group/asian-sex-online/
teen sex http://groups.google.com/group/teen-sex-free/
THANKS !
Post a Comment
<< Home