NEWS
In a new twist on phishing, fraudsters are sending out emails that attempt to trick people into sharing personal information over the phone.
Cloudmark, a San Francisco-based email security company, said it has seen two separate attacks this week. In both cases, the spammed message warns of a problem with a bank account and instructs the recipient to dial a phone number to resolve it, the company said in a statement published on Tuesday.
The caller is connected to a voice response system that is made to sound exactly like the bank's own system, Cloudmark said.
It added: "The phone system identifies itself to the target as the financial institution and prompts them to enter account number and PIN."
Adam O'Donnell, the senior research scientist at Cloudmark, said in the statement: "The result can be personally financially devastating."
Phishing scams are prevalent and continue to proliferate. In traditional scams, miscreants try to pilfer personal information by sending spam email with links to a malicious website, crafted to look like a site belonging to a trusted service provider. The phone scams are a new twist, made possible by cheap internet-based telephone services, Cloudmark said.
Anti-spam technology can block the email scams, Cloudmark said. The company urged people who do receive the messages to notify their service providers immediately. As a precaution, people should not dial phone numbers received in an email message and should double-check and dial the numbers printed on ATM and credit cards instead, it advised.
Joris Evers writes for CNET News.com
Comments
There are 2 comments. Join the discussion
1. x
what does this have to do with VOIP?
2. John Jameson
"made possible by cheap internet-based telephone services" - but if you are calling the 'bank' what does it matter? Non-geographic numbers with no traceability have been available online for years and have nothing to do with VoIP. In fact VoIP provides far more traceability than an NGN routed to a pay-as-you-go mobile.