Typically phishers email their victims, trying to lure them into revealing sensitive information on bogus Web sites. But instead of telling victims to click on a Web link, these attackers asks users to verify their account information on a phony customer support number.
To date the phone phishing attacks have not been widespread. Cloudmark first started seeing these attacks in mid-April and they stopped after continuing on a very limited scale for about three days.
Cloudmark intercepted about 1,000 of these phishing messages, a small number considering that Cloudmark's email filtering service is used to filter email for about 100 million mailboxes.
However, the attacks caught Cloudmark's attention because of its use of a telephone number, which was served by a small U.S based VoIP carrier. This made them some of the first to leverage the cost savings of VoIP.
VoIP services are appealing because they allow customers to set up numbers anywhere in the world. And because they can be combined with telephone software like the opensource Asterisk PBX (Private Branch Exchange) product, it can be in-expensive for thieves to set up a professional phone line.
Spammers have already been taking advantage of these low costs, using phone numbers instead of Web sites in their email solicitations, but this was the first time Cloudmark had seen the approach used by phishers.
Send to a friend | Permalink | Del.icio.us | Go To Top
Translate:
