Here is how it works: the swindlers send out e-mails in which they pose as a victim's bank. The messages claim that there is a problem with the user's bank account and provide a number to call to enter personal information about the account. Targeted victims who call the number included in the e-mail are connected via VoIP to a computer running an automated voice-answering system that sounds just like a bank's phone tree.
This new phishing attack is effective because the phone system identifies itself to the victims as the financial institution and prompts them to enter account numbers and personal identification numbers (PINs). The scammers then have complete access to all the financial records attached to the account. Prior to this scam phishers have relied almost exclusively on attracting unsuspecting consumers to phony versions of financial Web sites. VoIP services can reduce the cost associated with conducting such attacks, providing the perpetrators with less risk of discovery.
The schemes represent an unprecedented alteration in phishing tactics. In fact, this new method may have been in use for some time. The risks posed by the scam are serious because there is no evidence that the VoIP providers are even aware of the scam.
Just be overly cautious when you are giving out your personal financial data.
No comments:
Post a Comment