Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Voice Phishing Scams On The Rise

Scammers have begun using the telephone to harvest data for use in identity theft and credit card fraud, and voice-over-IP is making it easier for them to cover their tracks.

Websense Security Labs last month reported a scam that targeted customers of Santa Barbara Bank & Trust with an e-mail alerting them to a supposed problem with their account. Instead of directing customers to click on a link, the e-mail listed a phone number for customers to call to verify their identity. When victims called the number, an automated voice-response system asked them to enter their 16-digit account numbers using the phone keypad.

And in early July, a similar scam involving bogus Paypal account security warnings attempted to trick users into providing credit card information via telephone.

Paul Henry, vice president of strategic accounts at Secure Computing, a San Jose, Calif.-based security solution provider, said voice phishing is dangerous because although most Internet users won't click on a URL in an e-mail, they're quite accustomed to entering credit-card or account numbers via the phone keypad.

"This is really an evolution of phishing and a great example of how social engineering can be used to hack a normal human process," Henry said.

  • 1