I've found this article on my computer from bCentral but have no idea when it was originally posted nor where exactly on the site it came from so I can't post a link to it. However I do have the text which is below.
I've written before about phishing but now a new kind of attack has emerged and SOCA, the new Serious and Organised Crime Agency, worried. Criminals have started to use phones in their scams.
Tele-phishing
I'm sure most readers will have had one of those bogus answer phone messages that claim you've won a holiday. You have to call an expensive
premium-rate number and listen to an expensive, endless waffly message before you realise you're being ripped off.
These new attacks are similar but come in different flavours and blend with other kinds of phishing attacks that use fake websites and fake emails. example:
- You get an email that seems to come from your bank. It asks you to call their customer service number to sort out a security problem on your account. You call and they take all your details - name, account number, sort code, password . wait, PASSWORD! You get the idea. Once they have your details, they can empty your bank account at their leisure.
- You get a text message telling you that you have subscribed to an expensive phone service. It gives you a number to call so you can cancel the service. You call and the meter starts ticking.
You get the idea. At best the consequences are a hefty phone bill and an irritating feeling of being conned. At worst, it's identity theft and all the hassle that entails.
Social engineering
The reason this kind of attack is so sinister is that people are much more willing to hand over personal information to a real person.
out at train stations suggest that nine out of ten commuters are happy to give away their password in return for a cheap pen. This kind of
psychological manipulation is called social engineering and it is what keeps conmen in business.
The remedy is, as ever, to be on your guard. Specifically:
- Use anti-phishing toolbars and software to warn you about bogus emails and websites [Paul - Firefox 2 and Internet Explorer 7 both include anti-phishing software].
- Treat any unsolicited communication - by email, phone, text message or fax - with suspicion.
- Never use the phone number provided in such messages. For credit card companies, use the number on the back of your card. For banks and other organisations use the number on a trustworthy piece of correspondence such as a bank statement.
- Be very wary if you are asked to disclose more information than is necessary in the circumstances. For example, if you normally give two letters of your password, be concerned if someone asks for the whole password.
I hope this helps somebody as this seems to be a relatively new but profitable way to scam money out of us.
Bookmarks