Phone phishing outbreak targets over a dozen institutions

In the past two weeks, over a dozen banks and credit unions have been targeted by phone-to-phone phishing.  For several of those institutions, it was the first time they have been victimized by phishing.  

In the attacks, the criminals used automated dialing to call consumers with a recorded message that claimed to be from the targeted institution and conveyed an "urgent" reason for the consumer to call a specific telephone number.  When the consumers called the number given, they were greeted with a recording that requested their personal information.  Almost all the numbers used by the phishers have started with the 515 area code (central Iowa).  Several victims who disclosed their information reported immediate fraudulent transaction activity in Spain and Romania, with significant monetary losses.

Several Internet Identity clients have been among the victims of these attacks.  Fortunately, the phone providers being exploited have responded fairly quickly to our requests to shut down the phone numbers involved.  We are continuing to work with those providers to help them improve their front-end fraud detection and respond more quickly once attacks are identified.  One provider has gone so far as to stop accepting new account signups "due to fraud".

For our clients, phone phishing is up 63% over the past three months.  Since May 1, Internet Identity has shut down 80 phone phishing attacks against our clients.  In the three months prior to May, we shut down 49 attacks.

The criminals were found to be cashing out accounts In an interesting coincidence, we have noticed that the incidence of institutions being targeted for the first time by e-mail based phishing has gone down considerably during this phone phishing outbreak.  It could be that one or more phishing gangs have changed the focus of their modus operandi to phone phishing.