Fraudsters are exploiting the rise of Voice over IP services to run phone scams, security experts have warned.
Criminal gangs have created a phone version of the “phishing” technique – sending out fake bank e-mails in an attempt to gain confidential information - experts from Secure Computing warned.
The new scam – dubbed “vishing” – uses low-cost VoIP networks to extract personal data from victims. Fraudsters can use a stolen identity to set up a digital voice-response system through an internet phone company.
Secure Computing said criminals used mass-dialling systems and automated recordings to convince victims that they should call a specific telephone number because of fraudulent activity on their credit card.
People who call the number are answered by a computer generated voice telling them they have reached “account verification” and asking them to enter their credit card number using the keypad.
Fraudsters can also use the calls to harvest extra information, such as PIN numbers, card expiry dates or dates of birth.
Paul Henry, vice-president of strategic accounts for Secure Computing, said, “Like most other social engineering exploits, vishing relies upon the ‘hacking’ of a common procedure that fits within the victim's comfort zone.
“It is a normal procedure when calling a credit card provider to be asked to enter your 16-digit credit card number before given the opportunity to speak to a credit card representative.”
Vote for your IT greats
Who have been the most influential people in IT in the past 40 years? The greatest organisations? The best hardware and software technologies? As part of Computer Weekly’s 40th anniversary celebrations, we are asking our readers who and what has really made a difference?
Vote now at: www.computerweekly.com/ITgreats