• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Nippon Steel Solutions suffered a data breach following a zero-day attack

 | 

Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

 | 

Hackers weaponize Shellter red teaming tool to spread infostealers

 | 

Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

 | 

Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

 | 

U.S. CISA adds MRLG, PHPMailer, Rails Ruby on Rails, and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

 | 

IT Worker arrested for selling access in $100M PIX cyber heist

 | 

New Batavia spyware targets Russian industrial enterprises

 | 

Taiwan flags security risks in popular Chinese apps after official probe

 | 

U.S. CISA adds Google Chromium V8 flaw to its Known Exploited Vulnerabilities catalog

 | 

Hunters International ransomware gang shuts down and offers free decryption keys to all victims

 | 

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 52

 | 

Security Affairs newsletter Round 531 by Pierluigi Paganini – INTERNATIONAL EDITION

 | 

North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates

 | 

Critical Sudo bugs expose major Linux distros to local Root exploits

 | 

Google fined $314M for misusing idle Android users' data

 | 

A flaw in Catwatchful spyware exposed logins of +62,000 users

 | 

China-linked group Houken hit French organizations using zero-days

 | 

Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

 | 

Europol shuts down Archetyp Market, longest-running dark web drug marketplace

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Cyber Crime
  • Hacking
  • Security
  • Vishing is still alive and a malicious campaign is scaring banking

Vishing is still alive and a malicious campaign is scaring banking

Pierluigi Paganini May 02, 2014

Security Experts at PhishLabs revealed that a vishing campaign targeted banking industry to harvest credit/debit card data from customers.

The security firm PhishLabs revealed that numerous US banks are victims of a recent Vishing (VoIP-based phishing) campaign that is targeting the payment card information of up to 250 Americans per day. Assuming that the withdrawal limits on ATM cards are around $300 per day, the overall amount of money stolen each day is about $75,000.

As remarked by experts at PhishLabs in addition to financial losses and the costs of replacing cards for the victims, vishing attacks can have a serious impact on the banking operations due to the surge of inbound calls into their customer support operations.

“Small and midsize banks that do not have overflow support capacity typically see their phone lines quickly become saturated. “

Vishing (Voice over IP phishing) is the practice to trick bank users into giving up their sensitive information after receiving phone or SMS messages purporting to come from legitimate entities, in the case of the above attacks the attackers requested to the victims the payment card information.

“Multiple recent vishing attacks (Voice over IP phishing) have been stealing payment card data from the customers of U.S. banks. In an attack last week, customers of a midsize bank received SMS text messages claiming their debit card was deactivated and requesting they provide the card and PIN numbers to reactivate it. “

Despite Vishing is not as prevalent as online phishing, it is usually run by professional criminal organizations, experts at PhishLabs speculates that the current campaign is managed by an Eastern European gang. The purpose of the vishing campaign is to harvest card data, which the criminals sell on the underground black market, more than 50 medium-sized banks have been targeted over the last several years.

“The operation uses email-to-SMS gateways to spam out text messages that instruct recipients to call a phone number to reactivate their card. When called, an IVR (Interactive Voice Response) system requests that the caller enter in their card number and PIN. This data is captured by the IVR system and stored for retrieval by the vishing crew.” report the blog post.

The harvest card data are used by criminal organizations for card-not-present transactions (e.g. Shopping online) or are sold to a group that clones the legitimate card using the stolen card information.

Data on this specific vishing attack is slim, but PhishLabs researchers claim that one of the phone numbers used in the campaign has been in use for more than six months and dates back to October 2013.

Vishing Process 1

Vishing Process 2

Vishing attacks aren’t a prerogative of banking offensives, Skype was victims of a similar campaign a few years ago, in that case, the victims were informed by an unsolicited call that their machine was infected than the attackers provided a link to a bogus website used to sanitize them, but these websites were used to serve malware.

Below the suggestions provided to the Financial institutions in the blog post:

  • Make sure CVV1/CVC1 is encoded on cards and validated by your card processor.
  • When calling customers, use a caller ID telephone number that matches the number on the back of the card. Using different numbers can result in customers being more likely to trust vishing messages.
  • Proactively engage with telecoms to understand their procedures and connect with the appropriate technical and anti-fraud resources.
  • Have a response plan in place that includes customer notification via your primary communications sources.
  • Ensure front-line customer support personnel are trained to handle vishing reports. This includes collecting the vishing call-back number from customers reporting suspicious calls/messages.
  • Consider working with specialized security partners (like PhishLabs) that have significant experience mitigating vishing attacks.
[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Vishing)

[adrotate banner=”5″]

[adrotate banner=”13″]


facebook linkedin twitter

card data Cybercrime Hacking phishing stolen card data Vishing

you might also like

Pierluigi Paganini July 09, 2025
Nippon Steel Solutions suffered a data breach following a zero-day attack
Read more
Pierluigi Paganini July 09, 2025
Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Nippon Steel Solutions suffered a data breach following a zero-day attack

    Data Breach / July 09, 2025

    Iranian group Pay2Key.I2P ramps Up ransomware attacks against Israel and US with incentives for affiliates

    Malware / July 09, 2025

    Hackers weaponize Shellter red teaming tool to spread infostealers

    Malware / July 09, 2025

    Microsoft Patch Tuesday security updates for July 2025 fixed a zero-day

    Security / July 08, 2025

    Italian police arrested a Chinese national suspected of cyberespionage on a U.S. warrant

    Intelligence / July 08, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT