Voice Phishing Hits PayPal

Chai Vanilla writes "The latest social engineering phishing attack is now using phones instead of fake web sites. Identity thieves have spammed fake PayPal account compromise warnings to lure users into dialing a phone number and giving up credit card information. Unlike normal phishing e-mails, there is no URL or response address. Instead, the e-mail urges the recipient to call a phone number and verify account details."

Tracability?

[celardore]

Isn't this more traceable than just clicking on some IP in Russia? If I got an email asking me to phone any company, I'd be first looking for a landline. If it was a scam why couldn't I just call the phone company, give them the number and then they'd be able to trace it to an address or person?

Re:Tracability?

[vux984]

You think the phone company would just tell you who a line belonged to if you called them up?

You've got to admit it *seems* reasonable. After all they handed over the information on every call made in the country to the government without even blinking. Why not tell a customer about one little number? ;)

Latest phishing method???

wasn't phone phishing one of the first methods used?

In school, not when signing up...

[SanityInAnarchy]

I live in Iowa. In the state of Iowa, to get a driver's license, you must pass driver's education.

I would dearly love to have a high-school level course in computer usage, which would be required for anyone to connect to the Internet. Not going to happen, I know...

Maybe just make it a part of the general education requirements?

Most people think I'm a snobbish bastard, like every other Linux user. Which is true, to some extent. But I do believe we have a right to call people stupid when they do things like fall for a PayPal scam, buy from spam, send important (highly confidential!) information over email, refuse to apply patches (or not know how), and so on, and so on.

I mean, we have Sex education, we have Driver's education, I don't think it's unreasonable that we know the computer equivalent of wearing a condom, stopping at red lights, buckling your seatbelt... I don't like driving much, I avoid it, but when I have to drive, I consider it my responsibility to know enough to not be a danger to myself and others, and to not get tickets (which cost money and are a hassle, rough equivalent of getting scammed even if you're not held liable)...

This is the argument I use to explain to my mother why we are so snobbish. She gives the example of my uncle, a chemistry prof at MIT -- even his own wife doesn't need to know what he's doing. And I say, at least she knows what atoms are. At least she has a rough idea of what chemistry is, and what a chemical reaction is. Or take a car, at least you know to put gas in the thing, and you know it runs on an internal combustion engine. Take math, at least you know enough basic math to know whether you're getting ripped off; most people still remember a little algebra, even. These basic concepts do have equivalents in computer science.

I may not ever have the opportunity to use a wrench, or take a wrench to my car. But I know what a wrench is and what it does, and so do most people. Most people don't know what a compiler is, and are offended that they should have to know if they'll never use it.

Do you see the parallel?

This is not just about phishing, this is about life skills. It is as profoundly stupid to fall for a phishing attack as to fire a Roman Candle or a bottle rocket at your face. I'm no chemistry or pyrotechnics expert, but even I know it's a bad idea.

Oh, and the Chinese education system has us beat in so many ways it isn't funny -- they're learninng their second foreign language in 7th grade. All we have left is creativity. If they ever find a way to teach creativity, we're through. If we want to preserve our ideals and our way of life, it's imperitive that we improve our education system.

Re:In school, not when signing up...

[stonecypher]

But I do believe we have a right to call people stupid when they do things like fall for a PayPal scam, buy from spam, send important (highly confidential!) information over email, refuse to apply patches (or not know how), and so on, and so on.

Did you know that 85% of dead televisions just have a blown fuse? Did you know the $120 transmission fluid replacement at Jiffy Lube is a twelve dollar bottle of green grease, and the opening and closing of one valve? Did you know that almost everything a plumber ever actually does is run a drain snake and a plunger?

I mean, we have Sex education, we have Driver's education, I don't think it's unreasonable that we know the computer equivalent of wearing a condom, stopping at red lights, buckling your seatbelt...

Here's the difference: one costs people their lives, the other costs them an hour at the local computer shop. I don't think it's unreasonable that we know how to maintain appliances; nonetheless, nobody requires it, because that's batshit retarded.

Most people think I'm a snobbish bastard, like every other Linux user.

It's got nothing to do with your being a Linux user. It's because you're condescending and because you can't fathom that some people don't have the time or the desire to learn to maintain their computers. Believe it or not, some people have better things to do with their lives.

Next time you pull into a jiffy lube, call a repair person, go to a barber shop, buy art tools, purchase clothes or engage in any service activity whatsoever, please remember that that's something you could learn to do and then spend your life doing, just like a seventy year old woman could spend a year reading tech sites and manuals and getting up to speed on jargon.

Guess what? You don't want to either. You're just too dense to tell the difference.