Tuesday, May 20, 2008

Telephone phish

An interesting new form of phishing attack combines elements of email phishing and telephone phishing. This "hybrid phish" informs users that their bank accounts have been suspended after a fraud alert was triggered. It instructs the recipient to call a telephone number to unlock their accounts.

The phishing message looks like this:


Dear Customer,



CORNELL FINGERLAKES C.U
temporarily suspended your account.



Reason: Fraud attempts

To reactivate your account call the total free number: 518-832-6923



Never access the Credit Union Web site by clicking on a link provided in an e-mail. Your
Credit Union will never solicit you to provide or update personal or financial information.
And, will never send an e-mail containing links to Credit Union's Web sites.


Local: 518-832-6923

Toll Free: 1-518-832-6923





Copyright © CORNELL FINGERLAKES C.U, All Rights Reserved


When I called the number, I got a busy signal. That either means the phishers closed shop and ran, the provider of the number pulled the plug, or someone else was actually using the system and they did not have enough lines to handle the call volume.

Of course, the standard advice applies: do not respond to the message, never leave any personal information, and in case of doubt, please contact your bank via a telephone number that you know is correct.

If you did leave personal information, please contact your bank and the credit bureaus to have a fraud alert put on your accounts.

No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.