VoIP phishing attacks
Date: May 03, 2006Source: marketwire.com
By combining a global threat detection network leveraging real-time reporting by trust-rated users with a unique fingerprinting methodology, Cloudmark is able to identify and begin blocking new spam, phishing and virus attacks within moments, versus hours or days required with competing solutions. Noted for industry-leading speed in detecting and deterring new threats, Cloudmark is uniquely capable of accurately identifying and blocking these spoofed-number attacks. The company detected two new VoIP-specific attacks this week. As a precaution, Cloudmark advises against dialing phone numbers received in emails from institutions and to double-check and dial the numbers printed on ATM cards instead.
Adam J. O'Donnell, Ph.D., senior research scientist at Cloudmark, says, "We've seen two separate VoIP attacks hit our network this week, the first we've been able to analyze in detail. In these attacks, the target receives an email, ostensibly from their bank, telling them there is an issue with their account and to dial a number to resolve the problem." Callers are then connected over VoIP to a PBX (private branch exchange) running an IVR system that sounds exactly like their own bank's phone tree, directing them to specific extensions. In a VoIP phishing attack, the phone system identifies itself to the target as the financial institution and prompts them to enter account number and PIN. "The result," O'Donnell surmises, "can be personally financially devastating."
Original article
Add comment Email to a Friend