New Phishing Attacks Target Institutions in Four States

CA., NY, PA and WI Customers Victimized by Text, Phone Messages

October 13, 2009 - Linda McGlasson, Managing Editor

A fresh string of phishing attacks have struck financial institutions nationwide over the past two weeks, with customers of 10 banks and credit unions in California, New York, Pennsylvania and Wisconsin receiving fraudulent text messages or automated phone calls.

These incidents are concurrent with a new report from the Anti-Phishing Working Group, which says such attacks are up nearly 600 percent this year.

Text Messaging Scams

Members 1st Federal Credit Union of central Pennsylvania reported on Sept. 28 that it received calls from customers about text messages claiming that their cards were blocked. The calls were purportedly from Members 1st, and the customer phones that were targeted were reportedly AT&T mobile phones.....

.....Similar attacks happened on Oct. 2 in Nebraska to Greater Omaha Credit Union customers. Omaha police say the phishers sent text messages to mobile phones in the Omaha area, claiming their bank card had been deactivated and instructing them to call an 877 number to reactivate it. At least one customer fell victim, losing several hundred dollars to phishers located in Huntington Beach, CA. "Once he changed his PIN, somebody went in and withdrew the money," said Richard Patterson, president of Greater Omaha Federal Credit Union....

...How the scam works: Fraudsters learn the first three digits for certain cell phone providers in an area and just dial in remaining digits for mass texting, hoping to catch customers...

California Bank Hit in Automated Attack

The phishing scam that hit Liberty Bank, Boulder Creek, CA on Oct. 2, is still happening. The bank reports that an automated phone call phishing scam references Liberty Bank by name, making the scam more believable to unsuspecting bank customers.

Listen to the automated vishing call:
The Santa Cruz Sheriff's office initially handled the investigation, but the case has been turned over to the FBI, says Jill Hitchman, first vice president of the bank. "We've been told that Bank of America, Wells Fargo Bank, Citibank and some credit unions as far away as Humboldt County have been targeted," Hitchman says.

Residents of San Lorenzo Valley and parts of Santa Cruz reported receiving automated phone calls, purportedly from Liberty Bank, saying, "Your card has been suspended because we believe it was accessed by a third party. Please press 1 now to be transferred to our security department."

Customers who pressed "1" were asked to enter their credit/debit card number and personal identification number. Once usernames and passwords to a web-based e-mail account are captured from a customer, criminals can access the login information and transfer money out, Hitchman says.

Hitchman explains that the phishers used phone systems that were hijacked in small companies to make the calls. "They used voice over IP technology to get into the back door of these companies," she says. This recording is the actual message that customers heard from the phishers. (full text at www.bankinfosecurity.com)

NOTE: In April while in Michigan, I answered two calls at my sister's home that were of this nature and "Caller id spoofing" was used as well. Read the article on caller id spoofing here.

This article is from a week ago. Sorry, I missed it the first time.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com

Caller ID Spoofing

Most people screen their telephone calls with Caller ID. We answer the calls from the people we want to speak with and avoid others based on the caller id. Don't You?

What if you saw that your bank or credit union was calling you? You would answer the call (unless you weren't paying on a loan). Then the person on the phone from the bank tells you that there was unusual activity on your credit or debit card and needs to verify your number or some other information. Most people wouldn't think twice because they were talking to someone at their bank.

Well start being more cautious about trusting that Caller ID. Why? Because of Caller ID spoofing. There are web sites that charge about $10/hr and offer the ability to change what someone sees on their caller ID display when they receive a phone call. Simply dial the toll free number and then your PIN. You'll then be prompted to enter the destination number followed by the phone number to appear on caller ID

Any 10 digit number can be used. Not only will the number show up but also the Name registered for that number would automatically appear. And whatever number you enter as the spoof number will show up on the bill of the person you called. They won't ever see your actual phone number!

You also have the ability to change your voice to a Male or Female. If you do choose to change your voice, the person whom you call will hear your transformed voice in real-time. This spoofing service also offers the option to record your conversation, which can later be retrieved by logging-in to the control panel or calling the toll-free access number from any phone.

Is it legal? Yes, because there are some legitimate uses. For example, business professionals such as doctors can return calls using their personal telephones without disclosing phone numbers they prefer to keep private.

However, I believe most are being used in the field of Identity Theft to trick individuals into giving up private information. I received 2 calls this week regarding a credit card being suspended. When I called back the number on the caller id, it was an insurance company in Utah and they had been getting a few calls from other folks as well.

So now we never really know if mom is calling or not. Beware!

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com