Comments on: Vishing Incidents: A Preview of the Road Ahead http://www.riskbloggers.com/jimreavis/2008/03/vishing-incidents-a-preview-of-the-road-ahead/ Security Wisdom Ahead of the Curve Mon, 12 May 2008 03:39:39 +0000 http://wordpress.org/?v=2.5.1 By: Larry J. Hughes, Jr. http://www.riskbloggers.com/jimreavis/2008/03/vishing-incidents-a-preview-of-the-road-ahead/#comment-3958 Larry J. Hughes, Jr. Sun, 27 Apr 2008 05:44:21 +0000 http://www.riskbloggers.com/jimreavis/2008/03/vishing-incidents-a-preview-of-the-road-ahead/#comment-3958 I was the recipient of a vish in March. It read: "Free VZW msg. UR on track 2 incur charges for Minute, Data or Message usage. Call 888-453-1922 NOW to discuss options! 2 stop txt msgs from VZW, reply X" Knowing it wasn't Verizon I phoned the number anyway (with caller ID blocked) to see what would happen. Visher: Hello? Me: Is this Verizon? I got a text message about using too many minutes. Visher: Uh, yeah. What's your social security number? Me: [click] I phoned Verizon to report it, and the poor woman I spoke with didn't have a clue what to do about it. I just tried the number again and got a recording that Verizon is closed and to try again during business hours. Either Verizon has seized the number and is now using it for real (!), or Visher has pilfered their voice message and was out celebrating on somebody else's credit card. I was the recipient of a vish in March. It read:

“Free VZW msg. UR on track 2 incur charges for Minute, Data or Message usage. Call 888-453-1922 NOW to discuss options! 2 stop txt msgs from VZW, reply X”

Knowing it wasn’t Verizon I phoned the number anyway (with caller ID blocked) to see what would happen.

Visher: Hello?

Me: Is this Verizon? I got a text message about using too many minutes.

Visher: Uh, yeah. What’s your social security number?

Me: [click]

I phoned Verizon to report it, and the poor woman I spoke with didn’t have a clue what to do about it.

I just tried the number again and got a recording that Verizon is closed and to try again during business hours. Either Verizon has seized the number and is now using it for real (!), or Visher has pilfered their voice message and was out celebrating on somebody else’s credit card.

]]> By: admin http://www.riskbloggers.com/jimreavis/2008/03/vishing-incidents-a-preview-of-the-road-ahead/#comment-3905 admin Mon, 17 Mar 2008 16:43:33 +0000 http://www.riskbloggers.com/jimreavis/2008/03/vishing-incidents-a-preview-of-the-road-ahead/#comment-3905 Add to this the fact that most people take Caller ID as the literal truth and something that can always be trusted (when in fact it can trivially be spoofed to read anything you want) and you have a recipe for disaster, people won't even be able to properly screen calls. Add to this the fact that most people take Caller ID as the literal truth and something that can always be trusted (when in fact it can trivially be spoofed to read anything you want) and you have a recipe for disaster, people won’t even be able to properly screen calls.

]]>