Caller ID spoofing scams step up:Posted: March 16, 2012 11:51 am
By: InfoSec News - Information Security
That call you received on your mobile phone might not be from the company that popped up on your Caller ID. Cyberthieves are stepping up phone-calling scams that pilfer the accounts of consumers who bank online. And many such calls are linked to Caller ID spoofing, which causes the recipient’s phone to display a Caller ID number that appears to originate from a trusted party. In the second half of 2011, Pindrop Security detected more than 1 million fraudulent calls, including 189,439 in December, a 52% surge from July, according to a first-of-its-kind report released Thursday. “Mobile is a growth area,” says Stan Stahl, president of the Los Angeles chapter of the Information Systems Security Association (ISSA), which works with financial institutions to stem online banking fraud. Spoofers often lure a cellphone user into divulging account information via an automated call or text message that appears to come from the user’s bank. Next, the crooks call the bank, spoofing the victim’s phone number and correctly answering security questions to trick the bank employee into transferring cash or issuing credit cards for mailing addresses under the scammer’s control. Dell SecureWorks estimates small and midsize businesses in the U.S. and Europe lose as much $1 billion a year from online banking accounts.