[ news_security_news ]
Fax For Phishing
Chris Crum
Staff Writer
2005-08-12
 Insider Reports RSS Feed
It appears that Phishers are working backwards in the world of technology. The perpetrators claiming to be from PayPal are sending potential victims emails urging them to send personal info via fax machine.
Emails that look like they come from PayPal tell people that someone has attempted to reset their passwords, and requests personal info for part of investigation.
The emails direct the victim to a Microsoft Word document that asks them to provide sensitive information such as PIN numbers and credit card numbers, and asks them to fax the document to a specified number.
Sophos has apparently confirmed that the number goes with an active fax machine, but has not said if it is located in the U.S. or another country.
"It seems like a dumb way for the phishers to operate," said Sophos Senior Technology Consultant Graham Cluley. "The authorities can easily track the phone number. But what isn't clear is whether they will get a [toll-free] number and then quickly dump it, or [whether they've] acquired the number using a false ID, or can have the calls transferred to a satellite phone somewhere outside of America."
Cluley pointed out that the phishers are hoping that people who are wise enough to avoid giving up information via email and the web, may feel that faxing such info is safer.
Cluley said that Sophos has reported the phishers' emails to eBay, and is waiting for a response from the company. The Phishers may have made a stupid move by including the fax number in their plot.
About the Author:
Chris Crum is a staff writer for SecurityProNews and WebProNews.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
