Showing posts with label vishing. Show all posts
Showing posts with label vishing. Show all posts

Tuesday, October 20, 2009

New Phishing Attacks Target Institutions in Four States

CA., NY, PA and WI Customers Victimized by Text, Phone Messages
October 13, 2009 - Linda McGlasson, Managing Editor

A fresh string of phishing attacks have struck financial institutions nationwide over the past two weeks, with customers of 10 banks and credit unions in California, New York, Pennsylvania and Wisconsin receiving fraudulent text messages or automated phone calls.

These incidents are concurrent with a new report from the Anti-Phishing Working Group, which says such attacks are up nearly 600 percent this year.

Text Messaging Scams

Members 1st Federal Credit Union of central Pennsylvania reported on Sept. 28 that it received calls from customers about text messages claiming that their cards were blocked. The calls were purportedly from Members 1st, and the customer phones that were targeted were reportedly AT&T mobile phones.....

.....Similar attacks happened on Oct. 2 in Nebraska to Greater Omaha Credit Union customers. Omaha police say the phishers sent text messages to mobile phones in the Omaha area, claiming their bank card had been deactivated and instructing them to call an 877 number to reactivate it. At least one customer fell victim, losing several hundred dollars to phishers located in Huntington Beach, CA. "Once he changed his PIN, somebody went in and withdrew the money," said Richard Patterson, president of Greater Omaha Federal Credit Union....

...How the scam works: Fraudsters learn the first three digits for certain cell phone providers in an area and just dial in remaining digits for mass texting, hoping to catch customers...

California Bank Hit in Automated Attack

The phishing scam that hit Liberty Bank, Boulder Creek, CA on Oct. 2, is still happening. The bank reports that an automated phone call phishing scam references Liberty Bank by name, making the scam more believable to unsuspecting bank customers.

Listen to the automated vishing call:

The Santa Cruz Sheriff's office initially handled the investigation, but the case has been turned over to the FBI, says Jill Hitchman, first vice president of the bank. "We've been told that Bank of America, Wells Fargo Bank, Citibank and some credit unions as far away as Humboldt County have been targeted," Hitchman says.

Residents of San Lorenzo Valley and parts of Santa Cruz reported receiving automated phone calls, purportedly from Liberty Bank, saying, "Your card has been suspended because we believe it was accessed by a third party. Please press 1 now to be transferred to our security department."

Customers who pressed "1" were asked to enter their credit/debit card number and personal identification number. Once usernames and passwords to a web-based e-mail account are captured from a customer, criminals can access the login information and transfer money out, Hitchman says.

Hitchman explains that the phishers used phone systems that were hijacked in small companies to make the calls. "They used voice over IP technology to get into the back door of these companies," she says. This recording is the actual message that customers heard from the phishers. (full text at www.bankinfosecurity.com)

NOTE: In April while in Michigan, I answered two calls at my sister's home that were of this nature and "Caller id spoofing" was used as well. Read the article on caller id spoofing here.

This article is from a week ago. Sorry, I missed it the first time.

To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com
Posted by at No comments:
Labels: , , ,

Monday, June 1, 2009

Classic Fraud: 6 Scams That Don't Go Away

Classic Fraud: 6 Scams That Don't Go Away
From Check Fraud to Phishing, All the Old Tricks are Back with a Vengeance
June 1, 2009 - Linda McGlasson, Managing Editor

Bank fraud has evolved over the last several years (See: Fraud Update: The 13 Hottest Schemes You Need to Prevent), but some classic variations keep financial institutions busy.

Here are six old fraud tricks that are back with new twists to bedevil fraud departments and information security professionals.

#1. Check Fraud

Last week, New York indicted 18 people in a massive check counterfeiting ring that cashed more than $1 million worth of checks at major New York City banks. This case causes even the best fraud departments in financial institutions to check their own programs and safeguards.

Attempted check fraud at U.S. banks totaled $12.2 billion in 2006, according to the latest biennial survey conducted by the American Bankers Association (ABA). Bank prevention systems caught 92 percent or $11.2 billion of check fraud attempts.

Actual bank losses totaled $969 million, compared with $677 million from the previous survey in 2004. ...

#2. Elderly and Immigrant Identity Fraud

Financial institutions' mortgage and loan officers need to pay attention to this kind of fraud. While not new, elderly and immigrant fraud is regaining popularity, especially in the age of identity theft. In this predatory practice, Jennifer Butts, Director of Operations at the Mortgage Asset Research Institute, explains that elderly and non English-speaking consumers are taken advantage of by fraudsters who steal their identities and use them in straw-buying or other property transactions.....

#3. ATM Fraud/Skimming

This type of fraud made it into President Barack Obama's speech announcing his cybersecurity initiative, when he said "thieves used stolen credit card information to steal millions of dollars from 130 ATM machines in 49 cities around the world -- and they did it in just 30 minutes." The big question is: Can it happen at your institution? The answer is seen in the numbers from a Pulse EFT study (Pulse is one of the leading ATM/debit networks in the U.S.) -- the banking industry lost $662 million to debit card fraud in 2005. Of these losses, 60 percent resulted from ATM transactions, 37 percent from signature transactions, 37 percent from signature debit transactions and 3 percent from PIN point-of-sale (POS) transactions.....

#4. Phishing

Phishing continues to change and grow, and crimeware (or malware) is also growing, says noted phishing and crimeware researcher Dr. Markus Jakobsson, Principal Scientist at the Palo Alto Research Center, Palo Alto, CA. "There is a notable tendency for phishing to become more technical -- for example, using advanced obfuscation to combat anti-spam techniques," Jakobsson notes. At the same time, crimeware (what used to be called malware) is becoming increasingly more reliant on social engineering. "Trojan horses commonly use clever social engineering techniques to improve their success rates," he says.....

#5. Vishing

The increased number of "vishing" - or phone-based phishing -- scams hitting regions is cause for alarm. In the last week, there have been five different regions of the country hit by phishers using phone calls to solicit information about the person's credit union or bank account:

  • New England Federal Credit Union in Williston, VT reported that a vishing scam hit residents, and the Heritage Family Credit Union in Rutland, VT also reported a similar scam.

  • Customers of the Forward Financial Credit Union in Niagara, WI and the River Valley Bank in Iron Mountain, MI received calls last week from fraudsters asking for account information.

  • Asheville Savings Bank, Asheville, NC was alerted last week by its customers that a vishing scam targeting area residents was trying to get debit card numbers.

  • The final vishing scam of last week targeted all 22,000 residents of Guilford, CT. The calls started coming on May 24. Guilford Police say they believe by the time they were done every land line telephone in the town of 22,000 residents received a call.....
6. Insider Threat

The threat of a trusted employee or vendor taking sensitive information is not new, but the ways that insiders are getting to the juicy data or dollars is changing, according to Randy Trzeciak, Senior Member of the Technical Staff for the Threat and Incident Management Team in the CERT Program at Carnegie Mellon University's Software Engineering Institute. Collusion is the new way insiders are getting sensitive data. (Full Text at www.bankinfosecurity.com)


To learn more about Identity Theft and what to do if you are a victim, visit www.StopIdTheftCrime.com and subscribe to the newsletter to obtain your free 46 page eBook "Fighting Back Against Identity Theft".

Remember, estimates are that every 2-4 seconds an Identity is compromised. Why take chances? Why not protect yourself and your loved ones with the best suite of services provided (including restoration) by the best NYSE company in the field? Educate yourself and visit the shameless plug below or call me at (909) 208-3728!

Shameless plug
the Best Identity Theft Protection available dot com
Posted by at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)

Child Identity Theft Does Happen

Identity Theft Shield Overview