High Crimes Using Low-Tech Attacks
July 7th, 2009. Published under My Recent Reads. No Comments.
pulled from Google Reader (click on title for original post)
Criminals are resurrecting low-tech attacks to siphon tens of thousands of dollars from unsuspecting victims. According to financial fraud experts, so-called “man-in-the-phone” attacks require little more than a telephone and old-fashioned con artistry. The scam works like this: The criminal calls a target, claiming to be the fraud department of the target’s bank calling to alert the mark to potential unauthorized activity. The recipient of the call is then told to please hold while a fraud specialist is brought on the line. The perpetrator then calls the victim’s bank, and bridges the call, while placing his portion of the call on mute. When the bank’s fraud department asks various questions in a bid to authenticate the victim, the criminal records the customer’s answers. Depending on the institution, the answers may include the victim’s Social Security number or national ID number, a PIN or password, and/or the amount of last deposit