Slashdot Mirror

← Back to Stories (view on slashdot.org)

Internet Phones & Identity Theft

Posted by ryuzaki0 on from the only-a-matter-of-time dept.

flaws writes "A CNN story details how phishers are using Internet Phones to expand their identity theft endeavors. The article demonstrates the use of caller-id spoofing to companies such as Western Union to thwart their verification system and successfully launder money. Western Union commented on the situation, stating at this time it's the only way they know how to authenticate the call. The anti-phishing working group states that telecommunications abuse is being used to fool home users into revealing their bank information over the phone."

2 of 98 comments (clear)

  1. Secure Method of Verification by Anonymous Coward · · Score: 3, Informative

    If your bank, investment firm, or other institution calls you on the phone to ask you for any information, all you have to do is ask for a number where you may call them back. Sure, it is possible to hack into a trunk and redirect calls, but that takes a huge amount of effort relative to just phishing. It shouldn't be too hard to verify that number x belongs to institution Y. With a callback number, even if you get scammed, it gives the police something to go on.

  2. Re:Poorly designed/implemented standards by Tony+Hoyle · · Score: 3, Informative

    It's not about VOIP specifically.. this kind of vulnerability has existed for years on the public network. Pretty much anyone with an ISDN PRI can specify their own caller ID... the difference it's cheaper to do it now.

    Anyone relying on caller ID for security is naive and stupid.