Search Amazon.com for VoIPSearch Amazon.com for VoIP
a new type of scam that
uses VoIP telephony to entrap
its victims has surfaced
recently. Dubbed “vishing”,
the fraud sees a randomly
dialled user phoned by an
automated system to be told
that their credit card has been
used illegally. They are then
asked to dial a fake “help line”
telephone number, and confi
rm their account details and
credit card number. Armed
with this information, criminals
then empty the victim’s
account by buying products
and services on the card.
According to Secure Computing,
this is one of the
most advanced telephone
scams because of the
way it uses the features
of VoIP to disarm the
suspicions of contacted
victims. The call return
number is spoofed to
appear as a telephone
number of the fi nancial
institution the criminals
are pretending to represent,
a feint that is much
easier to pull off on VoIP
than it would be on a
conventional PSTN. The real
VoIP number could be anywhere
in the world.
Since the scam is carried out
offl ine, it represents a form of
social engineering that no computer
security system can stop.
Once a credit card customer
has fallen for the story—and it
is quite possible that the average
account holder will be less
suspicious of phone contact
than they would be of the same
message received via email—
they are heading for an
empty account.
“Like most other
social engineering
exploits, vishing relies
upon the hacking of a
common procedure that
fits within the victim’s
comfort zone,” says
Secure Computing’s
Paul Henry. He advises
customers to be highly
suspicious of any phone
or email contact that
does not use their first- and
surnames, and should never
dial a call return number of
reply to an email regarding
any fi nancial matter.
Would love to here from you...