Phishers target VoIP

Phishers target VoIP

A San Francisco-based email security company has said that phishers have now shifted their focus to voice over Internet protocol (VoIP). Fraudsters are now sending emails aimed at ferreting out sensitive information from innocent computer users.

Cloudmark, the company, which first reported such instances, said that it had come across two such attacks in the last week. In both the cases, fraudsters send emails warning about a problem with a bank account. Users are instructed to dial a phone number to rectify this problem. "The phone system identifies itself to the target as the financial institution and prompts them to enter account number and PIN," the company said in a statement.

Adam O'Donnell, senior research scientist at the company said it was a worrying trend, "We have seen two separate VoIP attacks hit our network this week, the first we've been able to analyze in detail," he said. "In a VoIP phishing attack, the phone system identifies itself to the target as the financial institution and prompts them to enter account number and Pin. The result can be financially devastating."

Cloudmark said that anti-spam technology could play an important role in preventing email scams. The company said that users who received such messages must immediately contact their service providers. And instead of dialing the phone numbers as advised in the emails users are better off double checking their ATM and credit card numbers instead, the company said. "Part of the danger here is just the fact that it is novel," said Adam O'Donnell. "Most people are pretty comfortable calling to a phone number that they think is their bank's."