- Is Microsoft preparing us to move beyond Vista?
- Why Google wanted to lose wireless spectrum auction
- iPhone shortage fuels rumors of imminent 3G phone
- XP for cheap PCs: a second crack in the wall
- Darts into data: Leveraging random action to competitive advantage
- Most iPhone buyers are existing Apple customers
- AT&T's so-called open network principles
- Mono dev tool offered
- ActiveState upgrades IDE
- Serena plans SaaS products
June 23, 2006 | Comments: (0)
YAPPS (Yet Another Phone Phishing Scam)
Looks like customers at Santa Barbara Bank & Trust are the latest the latest victims of "phone phishing," according to an alert posted by Websense. If you're not hip to "phone phishing" yet, it's basically a variation on the traditional Web phishing scam: you get an e-mail from some trusted vendor (Amazon, PayPal, a bank) that asks you to please confirm your account information, lest some dire event occur (account cancelled, password reset, money forfeited, asteroid crashed into house). Instead of a link to a malicious Web page that harvests your information, however, phone phishing scams ask you to call a phone number. Presumably this gives consumers more assurance that they're dealing with an actual company. In reality, of course, they just reach an automated answering machine that asks them to punch in their account number.
Meet the new phish. Same as the old phish.
In the case of the latest scam, SBB&T customers received a phishing e-mail that reads "Message 156984 Client's Details Confirmation (Santa Barbara Bank & Trust)."
"We've noticed that you experienced trouble logging into Santa Barbara Bank & Trust Online Banking.After three unsuccessful attempts to access your account, your Santa Barbara Bank & Trust Online Profile has been locked...Call this phone number (1-805-XXX-XXXX) to verify your account and your identity."
Pretty sneaky, especially if the spam campaign is targeted at email addresses in the Santa Barbara area. You know at least a handful of people will probably fit that description: SBB&T customers who have been locked out of online banking sessions in recent memory. That's plausible enough to call the line. The 805 area code only makes the whole thing more plausible --as funky area codes are one of the key tip-offs that companies like Microsoft advise people to look out for.
Posted by Paul Roberts on June 23, 2006 12:07 PM
RATE THIS ARTICLE:
-
- COMMENTS
TOP STORIES
ADDITIONAL RESOURCES
- Remote Access: Maintain Security and Decrease the Burden on IT
- Beyond AntiVirus: Symantec Endpoint Protection
- What Every Enterprise Needs to Know About VDI
- Disaster Recovery in Minutes
- Protecting Microsoft(R) Applications
- Reduce Recovery Times and Tape Costs
