Phishing Takes New Tactic
According to SANS, phishers are forgoing step two of the attack, which is to create a fake webserver to collect personal data from unsuspecting users. Now they seem to be sending out emails with instructions to call 800 numbers.
From SANS here:
A reader reported a Chase bank phishing e-mail with only a 888 phone number to dial. My first guess was that this would be a number that charged a very high fee upon connect, so I didn’t dial it. But he reported that when you dial the number, a system prompts you for a 16-digit card number and seems to have a validation process. Perhaps this is the next wave in phishing attacks? He reported it to Chase bank and antiphishing.org.
This would be an interesting new tactic. Most phishing web servers that work as the collectors of personal info have a short shelf life if they are hosted with any reputable hosting provider. They are usually shut down in a matter of hours now. Even communist China has a zero tolerance policy for hosted phishing sites. But 800 numbers may take a little longer to crack, and phone companies may not be prepared at this time to respond quickly to phishing scams.
Sneaky bastids. Man… Guess it’s time to update my class about phishing scams and keeping your data safe.
Perhaps. You know, it occurs to me that by providing an 800 number instead of a website url, this type of attack makes it almost impossible to notice that the email is fraudulent. Usually you notice its fake because the url provided to update your private information is a russian host, or the name of the bank is misspelled.
This way, unless you verify that the email headers actually originate from the bank, or if there is gross misspellings, it will be very difficult for novice users to detect.