[Dshield] Thoughts on article - 'Phishers try a phone hook'

Neil Richardson neilr at ieee.org
Fri Apr 28 16:46:29 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
Good Friday morning to all.

This morning on /. I saw an article from ZDNet Asia about some
phishers sending out emails with instructions to call a ('ph'ony)
voice-response system that mimics the target company and attempts to
collect personal information
>http://www.zdnetasia.com/news/security/0,39044215,39355262,00.htm<
(uses annoying in-window pop-up).

- From the little I understand about such technologies, I'd assume that
such a system could be set up (on the low-end) using one of the
open-source PBX systems and a couple of phone lines (although couldn't
the phone number be traced back to the owner?) so the story seems
plausible, but before I start alerting my friends/family/co-workers I
wanted to find out what you guys think: is this an urban myth, a
possible-but-unlikely threat, or the something we need to actively
watch from now on?


Have a good day (and a great weekend!)

- -Neil R.--
Supreme Lord High Commander and Keeper of the Holy Potato
- ----------
PGP Fingerprint: A663 1ACB 84E6 F4DE B86E 0AA1 7A36 F817 E098 F32E
- ----------
Veni, vidi, velcro - I came, I saw, I stuck around




-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
 
iD8DBQFEUkbkejb4F+CY8y4RAvZvAJ94+DN3z2INjr1uHTWPqxBwmnmr4QCcD220
Nxi4x0dBCmfaCa/0XZD0PcU=
=qmBP
-----END PGP SIGNATURE-----




More information about the list mailing list