Call Forwarding Phishing AttackBy: Don Jackson
- Date: April 25, 2007
- Author: Don Jackson
SecureWorks discovered a new Phishing scheme this week which uses a "Call Forwarding" component. The victim receives an email from the phisher telling them that their bank needs to verify their phone number immediately. If they do not confirm their phone number their account will be suspended. The instructions are as follows:________________________________________________________________
Step 1- Go to your phone and Dial *72________________________________________________________________
Step 2- Dial 7075314910 (XYZ Bank Secure Line)
Step 3- Your phone is confirmed.
You will receive a call from us in 1 h for final verification!
If you have confirmed your phone, you can continue the update process:
By calling these phone numbers, the bank customer is actually forwarding their calls to the phisher's number. The calls will continue to be forwarded until the victim notices they are not getting any calls.
After the victim confirms their phone number, they are asked to update their personal info, social security number, bank account number, credit card number, etc.
If the bank customer cooperates, then the phisher has all of the banking and personal information needed to begin making fraudulent transactions on the victim's bank account. If the customer's bank calls them to query an odd transaction during the period that their calls are being forwarded, the phisher will receive the calls and confirm that the fraudulent transaction is legitimate.
This particular phishing scam, shown below, has already been taken down by the hosted ISP. However, SecureWorks does feel that other phishing schemes using similar "Call Forwarding" components will be seen on the Internet. To protect against this phishing scam and others, never provide your financial or personal information to an unknown source via email or the phone.