It Finally has a Name: Vishing - Voice Phishing
A few months ago, I blogged about an article that discusses the use of Voice-over-IP in phishing scams. This NetworkWorld article now gives this kind of phishing a new name. They now call it Voice Phishing or Vishing.
Secure Computing has reported an ingenious new type of phishing scam that uses VoIP telephony to entrap its victims.
Dubbed “vishing”, the fraud involves a randomly dialled user being phoned by an automated system and told that their credit card has been used illegally.
They are then asked to dial a fake 1-800 telephone number, which accesses a system requesting they confirm their account details and credit card number. Armed with this information, criminals then empty the victim’s account by buying products and services on the card.
Nowadays, it is especially difficult to tell the fake from the real. As phishers start to use voice-over-IP and can now spoof caller-id information, it becomes a lot more dangerous. In my old blog, I discussed a few basic tips on how to watch out for these types of attacks. Vigilance is still the best solution.
January 7th, 2007 at 6:40 am
[…] A few months ago, there was coverage about the same issue. The term vishing (Voice Phishing) was coined to describe this new form of phishing exploit. I did provide a few tips on how to watch out for these vishing scams. However, attackers are becoming more and more creative. It goes to show the social solutions are required to resolve these issues such as the one employed by Yahoo. For example, banks and customers alike can employ security questions to validate identity over and above the destination address (such as a telephone number). […]