Vishing scams are making a return

Sunday, October 11, 2009

Sean Inman

C7159a557369b66632c4b54bf746b69e

On Friday 10/09/2009 it was reported in a ISC Diary update a new Vishing scheme is making its way across AT&T, Sprint and T-Mobiles networks.  Vishing is the cousin of Phishing, but this latest attempt indicates that its still a practical method of attack.  The recent attack starts with a text message that reports a problem with the victims account. They’re instructed to dial a toll-free number ending in 7649, which will prompt them for a credit card number, expiration date, and PIN.

Vishing is no different than Phishing when it comes to the overall goal. The object is to get you to part with information or money, sometimes both, by calling a number. The main difference is execution. Phishing attacks, like Vishing attacks, can start with email, but one will end on a fraudulent website while the other with a toll-free call. Vishing attacks will also use text messages, and target specific carriers and regions.

Vishing has been around since 2006, and like Phishing there are kits that help criminals construct and automate attacks.  Like all scams, Vishing is just an attempt to violate trust in something. If you get a email or text message from your cell provider or bank reporting issues, do not call the number in the message. Instead call the number on the back of the card, or the local bank branch directly. Most times the best bet is to just delete the message and forget it ever appeared.

Possibly Related Articles:
5152
General
Phishing Vishing
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.