Application security

Phishing scheme dupes bank customers into forwarding phone calls

A phishing scheme attempted this week to capture both victims' personal information and their phone calls, according to researchers at SecureWorks.

The scam email asked recipients to verify their phone number with their bank, but the number they were asked to dial call forwards calls to a foreign number. The email threatened to suspend the account if the number wasn't verified.

In the scheme captured by SecureWorks, the calls were forwarded to a line in Germany.

If the recipient is duped, the scammer gains access to all incoming phone calls until the victim realizes phone service has been suspended. The scammers can also call victims to say the account information has been "verified."

Don Jackson, SecureWorks researcher, told today that the scam was, so far, unique.

"This is the first time (phishers) actually requested call forwarding. I’ve seen other phone-phishing schemes, but nothing to actually forward phone calls," he said. "The bank that was the victim of this, they said they were going to call people personally to verify accounts. On some of the phishing forums, there was a challenge to see if someone could develop a way to counter that, and I think this is a response to that."

The scam emails also contained a fill-in section where victims were urged to type their personal information, Social Security, bank account and credit card numbers.

If the customer cooperates, the scam artist has all the information he or she needs to carry out fraudulent purchases, according to SecureWorks, as well as to verify them over the phone.

The phishing email also contained security advice and password and username tips for increased security – just like many authentic bank pages, said Jackson.

"The page looks very convincing because it pulls the template from the targeted bank," he said.

Past phishing schemes have urged users to call a compromised phone number and leave account information, but without a call-forwarding technique.

A scam unearthed by Sophos last year found emails urging recipients to call a phone number and type in a 16-digit card number.

Click here to email Online Editor Frank Washkuch Jr.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.