Cybercriminals have been stealing debit card information from customers of dozens of financial institutions in a phishing campaign that combines fraudulent text messages with VoIP calls.
Voice phishing, or vishing, was discovered by researchers from cybercrime intelligence firm PhishLabs while investigating a recent attack against customers of a midsize bank. Bank customers received text messages claiming their debit cards had been deactivated and instructing them to call a phone number. An Interactive Voice Response system set up at the provided phone number asked callers to input their debit card and PIN numbers in order to reactivate their cards.
PhishLabs believes that a group of Eastern European cybercriminals launched the campaign of attacks around October 2013.
PhishLabs’ blog post announcing the hacker tactic recommends for consumers, including:
- Make sure a CVV1/CVC1 is encoded on cards and validated by payment processor
- Always call your bank using a phone number that is directly printed on the back of your card
A bank account hack can be a serious headache as it poses a threat to your identity and credit. Stay aware of vishing and protect your sensitive data!
You must be registered in order to write comments. To register as a new user click here.
If you're already registered, please leave a comment here