Asterisk Vishing Attacks "Endemic"

Ian Lamont writes "Remember the report last year that the FBI was concerned about a 'vishing' exploit relating to the Asterisk IP PBX software? Digium played down the report, noting that it was based on a bug that had already been patched, but now the company's open-source community director says that attacks on Asterisk installations are 'endemic.' There have been dozens of reported vishing attacks in recent weeks, says the article: 'The victims typically bank with smaller regional institutions, which typically have fewer resources to detect scams. Scammers hack into phone systems and then call victims, playing prerecorded messages that say there has been a billing error or warn them that the bank account has been suspended because of suspicious activity. If the worried customer enters his account number and ATM password, the bad guys use that information to make fake debit cards and empty their victim's bank accounts.'"

Moral of the story

[Random2]

Don't give sensitive information away unless in person. If you bank says there's something wrong with your account, either call them via their listed phone number or go visit them in person.

Fishing, phishing, vishing, what's next?

[noidentity]

Fast-forward to 2109... ghoting attacks are on the rise, but nobody knows what the hell they are.

Re:I got one of those calls.

[ColdWetDog]

I hung up and immediately called the FBI. I'm glad they are actually doing something about it.

If you're like me (and most of Slashdot), you don't need to call the FBI at all. Just look straight into the webcam and tell them what the problem is.

Don't believe the naysayers that tell you that government is inefficient.