The security firm PhishLabs revealed that numerous US banks are victims of a recent Vishing (VoIP-based phishing) campaign that is targeting the payment card information of up to 250 Americans per day. Assuming that the withdrawal limits on ATM cards are around $300 per day, the overall amount of money stolen each day is about $75,000.
As remarked by experts at PhishLabs in addition to financial losses and the costs of replacing cards for the victims, vishing attacks can have a serious impact on the banking operations due to the surge of inbound calls into their customer support operations.
“Small and midsize banks that do not have overflow support capacity typically see their phone lines quickly become saturated. “
Vishing (Voice over IP phishing) is the practice to trick bank users into giving up their sensitive information after receiving phone or SMS messages purporting to come from legitimate entities, in the case of the above attacks the attackers requested to the victims the payment card information.
“Multiple recent vishing attacks (Voice over IP phishing) have been stealing payment card data from the customers of U.S. banks. In an attack last week, customers of a midsize bank received SMS text messages claiming their debit card was deactivated and requesting they provide the card and PIN numbers to reactivate it. “
Despite Vishing is not as prevalent as online phishing, it is usually run by professional criminal organizations, experts at PhishLabs speculates that the current campaign is managed by an Eastern European gang. The purpose of the vishing campaign is to harvest card data, which the criminals sell on the underground black market, more than 50 medium-sized banks have been targeted over the last several years.
“The operation uses email-to-SMS gateways to spam out text messages that instruct recipients to call a phone number to reactivate their card. When called, an IVR (Interactive Voice Response) system requests that the caller enter in their card number and PIN. This data is captured by the IVR system and stored for retrieval by the vishing crew.” report the blog post.
The harvest card data are used by criminal organizations for card-not-present transactions (e.g. Shopping online) or are sold to a group that clones the legitimate card using the stolen card information.
Data on this specific vishing attack is slim, but PhishLabs researchers claim that one of the phone numbers used in the campaign has been in use for more than six months and dates back to October 2013.
Vishing attacks aren’t a prerogative of banking offensives, Skype was victims of a similar campaign a few years ago, in that case, the victims were informed by an unsolicited call that their machine was infected than the attackers provided a link to a bogus website used to sanitize them, but these websites were used to serve malware.
Below the suggestions provided to the Financial institutions in the blog post:
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Vishing)
[adrotate banner=”5″]
[adrotate banner=”13″]
Experts found two vulnerabilities in the vBulletin forum software, one of which is already being…
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…
Qualys warns of two information disclosure flaws in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise…
Meta stopped three covert operations from Iran, China, and Romania using fake accounts to spread…
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major…
This website uses cookies.
