Tue. Apr. 25, 2006
A security firm on Tuesday reported discovering a phishing scheme in which the scammers used spam disguised as coming from a small bank in a large East Coast city, Cloudmark Inc., a messaging security firm, said. The message asked the recipient to dial a telephone number to talk with a bank representative.
The number went to an automated voice system that asked for an account number and personal identification number, or PIN, in order to access the caller's finances. The number was obtained through a regular provider of voice over Internet protocol services"
I'd say the other shoe just dropped, wouldn't you?
The scheme is the first Cloudmark has seen using Internet telephony. An investigation showed that the scammers used open-source software called Asterisk to convert a computer into aprivate branch exchange, or PBX, running an automated phone information system. The system sounds exactly like the bank's phone tree, directing callers to extensions, according to Adam J. O’Donnell, senior research scientist at Cloudmark.
He believes it's likely the phishers were using virus-infected computers that had been converted into a botnet to take calls over the Internet.
http://www.varbusiness.com/sections/news/breakingnews.jhtml?articleId=186701129
Posts
