vishing, phishing, spoofing, using social engineering
truespel at HOTMAIL.COM
Fri Dec 10 08:42:51 UTC 2010
Top 5 Vishing Techniques
Posted by Robert Siciliano on December 7, 2010 at 11:00am
Vishing” occurs when criminals call victims on the phone and attempt to lure them into divulging personal information that can be used to commit identity theft. The name comes from “voice,” and “phishing,” which is, of course, the use of spoofed emails designed to trick targets into clicking malicious links. Instead of email, vishing generally relies on automated phone calls, which instruct targets to provide account numbers.
Vishing techniques include:
Wardialing: This is when the visher uses an automated system to call specific area codes with a message involving local or regional banks or credit unions. Once someone answers the phone, a generic or targeted recording begins, requesting that the listener enter bank account, credit, or debit card numbers, along with PIN codes.
VoIP: Voice over Internet Protocol, or VoIP, is an Internet-based phone system that can facilitate vishing by allowing multiple technologies to work in tandem. Vishers are known to use VoIP to make calls, as well as to exploit databases connected to VoIP systems.
Caller ID Spoofing: This is the practice of causing the telephone network to display a false number on the recipient’s caller ID. A number of companies provide tools that facilitate caller ID spoofing. VoIP has known flaws that allow for caller ID spoofing. These tools are typically used to populate the caller ID with a specific bank or credit union, or just with the words “Bank” or “Credit Union.”
Social Engineering: Social engineering is a fancier, more technical form of lying. Social engineering (or social penetration) techniques are used to bypass sophisticated security hardware and software. The automated recordings used by vishers tend to be relatively professional and convincing.
Tom Zurinskas, USA - CT20, TN3, NJ33, FL7+
see truespel.com phonetic spelling
The American Dialect Society - http://www.americandialect.org
More information about the Ads-l