Friday, November 03, 2006

Phishing and Vishing

Spammers and Spitters, Phishing and Vishing. The Internet is developing it’s own dictionary.
And Phishing and Vishing has nothing to do with Fishing.
Well, nothing……….. ok, sort off.


With Phishing swindlers are fishing for e.g. creditcard information by e-mail. Not because they love you but because they love to use your money for their own benefit.

Great example are the fake e-mails from PayPal. I tried it out with ridiculous names like username “PietjePuk”, password “Flabberdewatsky” and Creditcard number 0123456789 . Of course I was able to log on to a fake PayPal webpage and received a reply that my account was updated and active again.
Know that these fake e-mails can be reported to PayPal via
spoof@paypal.com. Those for eBay at spoof@ebay.com.

Vishing is the name given to the use of Voice-Over-Internet Protocol (VoIP) telephone calls to obtain credit card information from unsuspecting consumers.
Using VoIP technology, criminals are now relying on the trust people place in telephone messages to extract the information needed to steal money or buy goods.
One key element to Vishing attacks is the ability of VoIP technology systems to recognize telephone keystrokes.


A Vishing attack might happen like this:
- The person receiving a call is told by a recorded voice that their credit card information has been compromised and to call the identified number immediately.
- When the person calls that number another recorded message would identify the service as the account verification service and request the caller enter their 16-digit account number.
The person has now become a victim of the scam.

We do not only need to get used to a whole new language, but also to a whole new type of Swindlers.
The only way to be safe is never and I repeat NEVER, give out your credit card information.
If the company you bought your products is asking for your credit card or bank information, they often only need the first and last 4 digits, not the whole number.

Read more about
Vishing.

No comments: