Friday, April 28, 2006

Using VoIP to Phish for Victims


The world of Internet fraud is a constantly mutating animal. Phishing in particular is a rapidly growing problem and the latest mutation is the use of VoIP (Voice over IP) technology.

Using VoIP technology, the phishermen are luring the innocent into giving up sensitive personal and financial information by impersonating call centers.

Robert McMillan of IDG News Service reports:

Typically phishers email their victims, trying to lure them into revealing sensitive information on bogus websites. But instead of telling victims to click on a Web link, this attack asks users to verity account information on a phony customer support number.

"Part of the danger here is just the fact that it is novel," senior research scientist with Cloudmark, Adam O'Donnell, said. "Most people are pretty comfortable calling to a phone number that they think is their bank's."

Link to story from IDG News, here.

If you happen to see one of these Phishy e-mails, you can report it to the PIRT Phishing Incident Reporting and Termination Squad. This is a new service (volunteer driven) that actively goes after and takes down phishing sites.

Here is a previous post, I did on PIRT.

No comments: