Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Voice Phishers Dialing for PayPal Dollars



 By: Ryan Naraine
2006-07-07
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Identity thieves have spammed fake PayPal account compromise warnings to lure users into dialing a phone number and giving up credit card information.

Internet security experts have discovered a new phishing scam that uses voice recordings to pilfer money from PayPal accounts.

In the newest social engineering attack, identity thieves have spammed fake PayPal account compromise warnings to lure users into dialing a phone number and giving up credit card information.

Unlike normal phishing e-mails, there is no URL or response address. Instead, the e-mail urges the recipient to call a phone number and verify account details.

eWEEK has confirmed that the phone number embedded in the e-mail was active and accepting credit card entries at midday on July 7.

Resource Library:

It is a Southern California area code (805) that greets callers with the following automated voice recording: "Welcome to account verification. Please type your 16-digit card number."

The automated message simply urges users to enter credit card numbers. If incorrect card details are entered, a request for re-entry is made, further enhancing the appearance of legitimacy of the fraudulent telephone number.

"Users that type in their card information may think theyre verifying their PayPal account, but in actual fact, theyre handing their details over to cyber-criminals on a plate," said Graham Cluley, senior technology consultant at Sophos, in Lynnfield, Mass.

"Although its an American telephone number, the fact that PayPal is used globally means that anyone could potentially be tricked into making the call," Cluley added.

PayPal recently updated coding on its Web site to block a vulnerability that phishers had been exploiting in an effort to rip off its members. Click here to read more.

The PayPal scam is the second major voice phishing attack detected in recent weeks. On June 23, malware researchers at Websense Security Labs warned that customers of Santa Barbara Bank & Trust were being targeted by spam mail with an embedded 805 phone number.

In both attacks, the phone response does not mention PayPal or the banks name, suggesting that the same number is being used for fraud against other entities.

The Santa Barbara Bank & Trust spam attack warned the target that the bank account had been locked as a security measure and asked that the recipient call the phone number to verify the account and users identity.

According to Cluley, the voice phishing scam "underlines a real problem" for online companies in how they communicate with their customers. "Many users are beginning to learn to not click on links in unsolicited e-mails and only visit the legitimate Web site," he said. "But how many would know whether a phone number for their Web site is genuine or not?

"As hackers get smarter we are likely to see them increasingly not only set up fake Web sites, but harvest messages from corporate switchboard systems to appear even more like the legitimate company," Cluley said.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.





  Reader Comments: Voice Phishers Dialing for PayPal Dollars
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Ryan Naraine
 


x}kw6Dى"rdK5,nG"!1ErHn%;~bVKZ7ǶDTP( ;I"ftcnQ?sOuޛ'6(ɑԫѩe軫F]̉]kokH|Ax  tjOt0.Rs2 s6!esM/cߨ`&`1Zm8lRl j9a?XX$)qD˱h] |( )_XqL-:_;v oT|_9AÙML}!*{>"%%U5ExLԸ#|w?ȀY۽F {\]j4LߵY~4 ^Nૌ=aUh/@^c\ȁyw4ɿT՝ L=iTVC;&U!fȱw8r x08Jej-jfL yf_%z(ww6O) |@AuӱCԣzr$˚79hewynrPSbT9TJC L{ĩq3NoTBAQuu7Y}mm9Cn USK^_UE`Zdz$_S::YgNtkQ2Z[p\(*.c=-bv=ӧ0#ƌ_8rri Z򳹥}5h\tm2h^tg>2fPBP(t?c{Szq{ֺ}\z}rֻ!iٙ{F0pgs Zʿ܌vO]ď_fb M u4}GʇVtMԺxr9%9Io%0dio,Yn_H.)żMaXY|Dͼ94oo 3NE - ujvf5Py۬) rƒ 4%y_ϝ7hr Ce)#8?S̓IhJq䰉c,XSl؅ RMF J@O XR ,}($嗋m|*(If({΀/3 BD4?CC0&pJn.r?uK󁯚yzjNTꊮ2Wr{,%ށؓY9xnuOvQÜ#ͶOCGs>hH2胆6ml-ƅh$ ,70}Hg@zQI47X8x<cOv/|\aPn=W8=H}mP`95$&CMߟ̀=s#08wɽ 5y05ݻ#i`y1&բ !Tg ,Zu= } wA,s6GT[LKx GN RP sZ( ޟ -2(%EE2 EEKy3@ $h5N`z,m0#!b\JZ2'9\v{B#ҙ8C\R.τRZ z)0ٜʬ$5Mu]_*ȉ#m"0%X Z ϴ6jԭeRI9.+5tLބxl&,auu=A-&)# K8Y fsp=7c@Cyw{J`p=EiŬ9g߃)9 xFXvO7M- ݜ6,>%&B~`Z&4$ 7u準I<9`*,q;rdžfXi8oÕ=3q TfҬ||=厬m_ R.MmUPS7˕L4+׬uPM g2)*[hyrt+[f4ݤ|ree* ?{`MLE2a=?%ӇfS/0}ԙQ3BZsOsR| ~2-[K7˦ڏRuc"$l ~eXZ @-*4F@0V+,;7kc:+_iihH*6@\\3,# %.?W0Z&m;D=tl=50_ܰ탡/K-EUVG,-s9V.(j-L=G.4MD83G[/OAU4$qx3??4XQ&<[ ?}uVN0\}MДa˘32|q6q&$KD(OL*'~?DFS}O=ܴ>?CU^f8OZV,֪15ǩQjz\R*oVX&9)R3Kuq'|m1/No>4zxY9[Jσ!m^9Z[09X>: ;212&z@jAbv6qW;(a׹9'?RLg%:<!pwC)UetXݙ `1}j$aꑎ!L`f0%+ #m6qJs8-!uW:+jZSZ+::>jN枏kӥ ,G]}u*ZQe߯yU/^> (L50Ȉ%|=GlPh1۩w]܁c:P{PDK!nΚ6s7}&mnov=Ot[̍<9ygn2%8z.0JL;%9 $ہ3Jnbۤs:n&2006e-0P>O\- [ b&T~\{YRglg^c+o21OwžvXApaNpgDyUm/|m*Mn1}c%[Ŵw)n<0{L3gF= PhnI@)+6Xk<v-H̽~ZÄsqS)+JLP i3FɁ㚺/ksOgny*2yJ3k% =EЋqcꞃSLBԺخOl$oy݊58e3 -S`e3* ~g^`.JMAh|?TPGQ>N<͠1p Fn xob(OU?ңj6jϢ Czb/he~6Kfb;m͕Z57g XsB5xafK'2_vFܖ[J,]Aa halrKz]wټ@8'̕%$IXU\%=QX5 Z_4CdP;T% 5P%,: 7Cwd',-BGI}?\%I'sSss`_aOnη{ܝ9Ԍ!0FIΝJP(v/VJ=H4 : */je!%O*'-U*JxX8YH/s>P9ɷwf_؆ +~W?l)ɑXXD>DiF\{e">ZXa/nLGFDccbh^n{q`zPS'BQ`о(&w,ɪO@T ~5}1μYV̶R~{7 lw5Κ#<dzG{Πӻ:|L.ڝA&`}/{\i\/0C~:WG|L`QMUKtm~t1} }> `i4AnxL(}F̿{%%u\K76|v>2SH"V9 mޜwėtO{~R\vR1AZy0FԼ_(d0 sznބ 6b7 ` xѤȂ@"cxH/ ^@InZ,WZB3ZK“ &oDy4eZﭩO1Ok4~ɮP6=8,rh%縍vR.0?;)}CϗmN9˙LҼ"w "HtSO#25 &r֚Sd[D-{t1aTwJߣd: e~=m2겨v]$L<1GN)tJȓs%E=) ˓$/IYO)eq KBKQ39uޞ-Hy=@İ&{6wg^%mc%yxrŹ*k85(AyNHIJiIg|!EY-V6y;i: a!]9"y0_gHUl3{tl=, OذqD2UT(sXs}=RvӅceЦ'9$st7#gڂLةEMtvzv`蹳=}G-{ `C@'=0]~&YBKFzDE|Fr<8;xh0i>\ 7T]?asaN18!i|?97^&5w?EyWbF-s ^;¢Թ%>FEn*Qy9<;-5ɄYr}8L`(,Oj)"1t3@8'Ob|wI"3# :K2j\΃4pV[& 44 T 'nprc $260 6cCvra}GHsK[ ;NLoퟤBt;*K&|<_<"*aU"%r@{ړ8c_AYh+"^G_Y.n(IB'O}(DSܵ,(@Jm_Ss|˰xmj7Mxm~!`⥝8&)%Ims>0lp|JeҭYGN1f`H # ap!-Nٙ !vźc*)RAݖJ/_טaOSͲ3{<"u5N:󴹑f@!19B7mv@>R:]$2Mř̍DO$ ]J0H[dMO X+ 8$ HgG*Ʈ5vpgK1S;J"%*>Z.̴,?cQ;ցUI<߄ ]Y"*۲B&SO43Ǝ'paO6WkVN?Y;5xiGP?sn##:]#UphUYbN},1I+@_^Қg~)5ntvڱR~.3aa=Tn{=/Jg CAy[& fR_f>"pW܉u|@akU! e0yv,jLh(#A(ص:%Q^e$60 G?Z&SZ2z{ RZ+yb#b ,0}&.Y c UBJƎd|u L {.lGAjܘLg~ in P$`aKHFX%bg4v%^{sfS fJHxtBAg,(E:\ϙauؔ@+޾l%vYA%"ogr l4-Y! h(!Mi4wJ4WNxB$X' ?">y@BÔKr_̥#2(7OÄG0.OhIc@H/ϼCZ&kǂT:<,U7po&J@xPAZ`1<72i"r/eKN|yX  b&h:xp4=[9#, rRD$iog|-- FsjoX`+ C ~9I~4p{T55~aT)V*De%!7^J?w}<{@Q<j~r~^_!Y߷8'" _iY$yW1KD/A1D+bZGj 7.Q5'>8Dg&PCCr{?Gx~SYccT<<^$K(ځ`܀w)ZWqi3,sxs ?59EӐ40!n1ZUC>?C* O2,h60`a.fmo0q_n}yk/>q%{a)oT;s:^kod0G&kcZj1pS/eZ&z[Ŝq'H| w-]'@*|](P6i>z4>(C^PB^%vaI{E6tyy`L2m{c4Vǵ5oĻ3AXnc*Y"'"KIE./> 10xX2@#AEe3)4k0M2ΩTh,vx7Bȥc.MUr\.iU,VzVdq2&/ #zkPWsƌwESj9~IA$TCqM)jD:->~5*6 y^Šx!y<fDZGao=!vcK;7^6]4_q=!o77G'թH<ꗎT$ih /{Kxc9KeŏΡ[+x6_j~hR.gI*EqBJd jwo حR-Jj\C/>Ԃ#7r4]s§3'}ZrYXuvücn?y\(kmͳi8..6K&td`xa&F:<}Q-Dr1&q 'L/(pr|w\ 1w[ w- r;〥Y q7*A"$0޻K{YV^@96Y ln'HΜWD ]%Fr9͜t)6APׯ0OļT^sn?La.ŐXHYqc[VjBYIc4K":;M[f ٦v l:]N#V_DެF0ƘMZ~o;gc r/o\Ixe\vD!\CVY `Oh$~bH7-SWld""̛FQOm2ٹ$We{0h^ #y|Q_n:}GLڂ. m€ngu9$.zW\Afx(n(Os.}`H{Z؟0nh"ķ |$rM8!i.?O7W}P)b"s~6Lq D"c*41GJ[#}ɹgMVBE< ,i 5mana&) 0鄿aں5g3bwٙoAӃ(`!&(-qE {GLƙ;fQ)Q3$ZڽK4E T&}ӂzĂ|GĔv767p>9[fF \%<7`%>fqPnF{3Af&,yǥ}-AGG71<` ?vL.usx\jHj$Ѕ:y,@#!9ωq{rneG'\虞G(+ݩ2]"(  @Ka1c~PoVr$4k >*E>gD(dUwYUv'Чxz͊G2Vqʜ&JZ!`xzN*Șp~{yCwAf:j,\y}}nHݴۤzӹtzWs<*m[8Z?N9>?u7|S|j5ۼ6ideAή6Sr}=\h2^ûLKvE 3@cqy^ Lً'Q~\>B)v}Y F/:-O!~պiljom9Gxu3K_L:FS<.h4Q똁6zIgos@1@C|o_Ow5BJ6//32_2ofsi8Qރ^F9r`sy hjgB3Y}Ρ?7_trN+2ʡsQd~S?3\~ /3lfOf,@n}@n}7.g7? D(A2ʻP(+ ^~ek on23   ?o.1>ArS~~2w Y{ f wɹN2!(ofYNo\8'\$_Y OY射:(? }VQ<_`ektsg_3̭L_:קVr]!,.5P//deW6o4viAm {}yK֑`˼7bS!tiDLw>? fV7t{r&%݆n ۍS9~#rӚܴO?v<2kSյ/#B5Afп~%+&Z>Y;yУx߇D,r e%Hi_1\-Ff>_}=ч^V+p3Nlc}o~ >W;}sռ^7=Ջ쓥->gA7gn"B8 #7o0 dH= _\0vZ{rfhNo4pޣ97o&3 P3ebIH ZjZVr%7>5 = G1Q JUN--Tr 0X\/s>P`26UJ` (91C=bhǬ[ɖb(7p E?&G'&ާju!gJ +c>>V7/tj^"_v3&mc(2)bb{ˈT`T|Jx /Zp9|L:AÆj/Yb+F;c`\;=1gjn,O~f+gM تGѨs76} OL-7:\A>&jn2$23M{:見|<%(M U՞/cnw:aKƈ Ă*F;V!#ɫErly0%60wH"˹F>r (lui|'ou pfG =@Z/`=ݤq+/,"|6bZ֠}QoN4Xkw_$'1x_'05:%xlӍQfrw^f$jA].,|(|vW@8>cc6H_,mgvl tuu7Lђ_'/TB# l]c̈́$u'1?`⟐GN"M0OqWZf}^$u60H-??c/M{]z9`礿LxŇ ?SπxŶ/G㿄&E;0|F+`a?94Ǟ"0ـħ%NAa2Ş_ =6ᝳ^stD֣iB E 0 霰7RFX` sON+qږc?du6AՋpOaĵBXt$,ᗂY{N6 )4M뚈βR=szn%()%y+L9(م7xgJ*HԶ'x*Dn[~QڗE@1agG;fWҎ_Z$##R.ܐOF{)0XPyw4wԼlQ޺qml.; +C&:bz:SA\W (|x@NlM)[1ue|nHHU֧f2{M:з57b([| ӼE^߇Fu:lY 965O~0qGĶ2C|R0ϜUpvRv ?93_Zmrxgsҍ@NDqDgPv;yDt[=] <=v7s#k_2qN`H؂{!Ү\)Vbʕ.Sܟ=Bbx҇fHP5`+Wei$ցi>n)ZF#,c[z0XjPtP9˓ a0+=:`-hs&Sǂ!0ѕD1F(g,1_\,@<փP=`#hxj<nh1)d'kI'R"la,9r3 +}Ej z.1R04.xqBaʩȩ(v}_|JѬd;賫Q>I*g\`