Wednesday, May 2, 2007

New phishing attack method - dial * 72

This simply amazes me. It's not the method (see below) but the fact that people actually fall for this. I guess I should not be surprised -- even after multiple warnings people still open junk email with attachments from unknown senders -- which exposes them to keylogging trojans or worse.

SecureWorks posted the details, partially copied below: (I changed the phone number.)

"The victim receives an email from the phisher telling them that their bank needs to verify their phone number immediately. If they do not confirm their phone number their account will be suspended. The instructions are as follows:

Step 1- Go to your phone and Dial *72
Step 2- Dial 7075551212 (XYZ Bank Secure Line)
Step 3- Your phone is confirmed.

You will receive a call from us in 1 h for final verification!

If you have confirmed your phone, you can continue the update process:

By calling these phone numbers, the bank customer is actually forwarding their calls to the phisher's number. The calls will continue to be forwarded until the victim notices they are not getting any calls.

After the victim confirms their phone number, they are asked to update their personal info, social security number, bank account number, credit card number, etc.

If the bank customer cooperates, then the phisher has all of the banking and personal information needed to begin making fraudulent transactions on the victim's bank account. If the customer's bank calls them to query an odd transaction during the period that their calls are being forwarded, the phisher will receive the calls and confirm that the fraudulent transaction is legitimate."