Tuesday, July 17, 2007

Beware of automated call from 0800

The virtual crooks are becoming smarter and less visible. This time they have devised a novel way of sending a routine text message much like the one that pops on your mobile phone screen everytime a major transaction happens in your bank account. But beware if you receive an automated 0800 call from your bank because the caller may ‘vish’ away your bank balance to zero.

These new smart alecks are called vishers and are a different species from the phishers (who send fake email to gather information). The fraudster ‘war dials’ hundreds of mobile numbers through VoIP telephony — simply put, internet based telephony . Typically, a war dialling program — available on the web — refers to dialling hundreds of numbers from your computer. You as a customer, may receive an automated call from your ‘bank’ .

The call will tell you that a major transaction has taken place in your account and instruct you to call back if you want further details. On calling back, an automated voice asks you to input credit card number/bank account number for ‘account security reasons’ . Once a visher has your bank account /credit card details, he may withdraw from your account as per his wish.

The phone number is often 0800 number with a spoofed caller ID of the financial company it is pretending to represent. If you happen to ever receive such a call, it’s better to hang up, say experts.

“If anyone calls pretending to be a credit card provider and requests a card’s three-digit Card Verification Value (CVV) number, the card owner should immediately hang up and call the phone number on the back of the credit card to report the attempt,” says Srkiran Raghavan, Regional head, RSA Security, world leader in network security.

Vishing is very hard for legal authorities to monitor or trace as the IP of the call is fake. “Rather than provide any information, the consumer is advised to contact their bank or credit card company directly to verify the validity of the message,” he adds.

A visher can pose as a customer care agent of your mobile phone operator, bank, insurance company, share broking firm or a loan agency. The fraudsters also use social engineering messages like ‘you’ve been selected for a 2% downgrade on home loan rate’ or a ‘free upgrade to a platinum credit card with a gift.’

No comments: