Secure Computing Warns of New VoIP Based Phishing Scam; Credit Card and Banking Customers Warned to Be on Guard Against ID Theft By Phone.SAN JOSE San Jose, city, United States San Jose (sănəzā`, săn hōzā`), city (1990 pop. 782,248), seat of Santa Clara co., W central Calif.; founded 1777, inc. 1850. , Calif. -- Secure Computing For the general concept, see . Secure Computing Corporation, or SCC, is a public company (NASDAQ: SCUR) that develops and sells computer security products, such as:
in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on :SCUR), the experts in securing connections between people, applications and networks(TM), today warn that familiar phishing Pronounced "fishing," it is a scam to steal valuable information such as credit card and social security numbers, user IDs and passwords. Also known as "brand spoofing," an official-looking e-mail is sent to potential victims pretending to be from their ISP, bank or retail establishment. attacks have now evolved into phone scams. Secure Computing engineers have been tracking news group sites and open disclosure discussion groups that have been buzzing with talk about a new technique called "vishing." This new method exploits the low cost of VoIP and combines it with the social engineering aspects of phishing to extract financial information from unsuspecting credit card and banking customers. The scam (SCSI Configured AutoMatically) A subset of Plug and Play that allows SCSI IDs to be changed by software rather than by flipping switches or changing jumpers. Both the SCSI host adapter and peripheral must support SCAM. See SCSI. is a telephone based version of phishing, hence the name vishing. This new technique enables cybercriminals to harvest detailed ID information, expiration date Expiration Date The day on which an options or futures contract is no longer valid and, therefore, ceases to exist. Notes: The expiration date for all listed stock options in the U.S. and other essential ID details in addition to the customer's card and account numbers. Paul Laudanski of CastleCops suggests that the visher used a stolen identity to set up a digital voice-response system through an Internet phone (1) See IP phone and softphone. (2) (Internet Phone) The first VoIP telephone service in the U.S., introduced in early 1995 by VocalTec Communications Ltd., Fort Lee, NJ (www.vocaltec.com). Using a Windows softphone, calls could also be made to a regular phone. company. It's also possible that the phone number listed in the vish is routing calls to another number which could be anywhere in the world. "Consumers need to be made aware of this new threat," said Paul Henry People named Paul Henry:
Vishing scams often follow this familiar process: --The cybercriminal See cybercrook. configures a war dialler (sequentially dials regional phone numbers) to call phone numbers in a given region. --When the phone is answered, an automated recording is played to alert the consumer that their credit card has had fraudulent The description of a willful act commenced with the Specific Intent to deceive or cheat, in order to cause some financial detriment to another and to engender personal financial gain. activity and the consumer should call the following phone number immediately (xxx) xxx-xxxx. The phone number could be an 800 number or a regional telephone number often with a spoofed caller ID A telephone company service that sends the caller's telephone number between the first and second ring of the call. If the calling number is not blocked, the calling number is displayed on the handset or base station of the called party. for the financial company they are pretending to represent. --When the consumer calls the number, it is answered by a typical computer generated voice that tells the consumer they have reached account verification and instructs the consumer to enter their 16-digit credit card number on the key pad. --Once the consumer enters their credit card number, the visher has all of the information necessary to place fraudulent charges on the consumer's card: --Telephone number --Full name and address (simple reverse phone number look up) --Credit card number --The call can then be used to harvest additional details such as security PIN, expiration date, date of birth, bank account number, etc "Common sense is the first line of protection," said Henry. "Anyone who is called by a bank should take the appropriate steps to protect their personal information and their bank account." Some things to remember if you are targeted by a vishing scam: --Your credit card company will normally refer by first and last name either in any communication in email or via a phone call. Not being referred by full name should be the first sign that the communication may very well be a vishing call. --It is important never to call a telephone number provided in a phone call or an e-mail regarding possible security issues with any credit card or bank account. Only the phone number on the back of your credit card or on your bank statement should be called to report the matter. If the call was legitimate, your credit card company or bank will have a record and will be able to assist. If the call was in fact a vishing call, the attempt was avoided and the financial institution was alerted to the theft. --If anyone calls purporting to be a credit card provider and requests your card number, immediately hang up and call the phone number on the back of the credit card and report the attempt. Again, if the call was legitimate, the credit card provider will have knowledge of it. --If the attempt has already been successful, it is important that the credit card company be contacted immediately and that the credit card number is reported as possibly stolen. If the credit card company did not make the call, the existing credit card number can be closed out and a new card issued, as well as conduct a check to determine if any fraudulent charges have been made on the card since the time of the call. About Secure Computing: Secure Computing (NASDAQ:SCUR) has been securing the connections between people and information for over 20 years. Specializing in delivering the world's strongest security appliances/firewalls, identity and access management solutions, content management and filtering solutions, Secure Computing is uniquely qualified to be the global security solutions provider to organizations of all sizes. Our more than 17,000 global customers, supported by a worldwide network of partners, include the majority of the Dow Jones Dow Jones the best known of several U.S. indexes of movements in price on Wall Street. [Am. Hist.: Payton, 202] See : Finance Global 50 Titans and the most prominent organizations in banking, financial services The examples and perspective in this article or section may not represent a worldwide view of the subject. Please [ improve this article] or discuss the issue on the talk page. , healthcare, telecommunications Communicating information, including data, text, pictures, voice and video over long distance. See communications. , manufacturing, public utilities, education and national and local governments. The company is headquartered in San Jose, Calif., and has offices worldwide. For more information, see http://www.securecomputing.com. All trademarks, trade names or service marks used or mentioned herein belong to their respective owners. This press release contains forward-looking statements forward-looking statement A projected financial statement based on management expectations. A forward-looking statement involves risks with regard to the accuracy of assumptions underlying the projections. relating to relating to relate prep → concernant relating to relate prep → bezüglich +gen, mit Bezug auf +acc Secure Computing's finding of VoIP vishing scams and such statements involve a number of risks and uncertainties. Among the important factors that could cause actual results to differ materially from those indicated by such forward-looking statements are delays in product development, undetected software errors or bugs, competitive pressures, technical difficulties, changes in customer requirements, general economic conditions and the risk factors detailed from time to time in Secure Computing's periodic reports and registration statements filed with the Securities and Exchange Commission. |
|
||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion