Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

FBI Warns of Phishing Attacks Targeting Telecom Customers

The Internet Crime Complaint Center (IC3), which is a partnership between the FBI and the National White Collar Crime Center, has issued an advisory pertaining to a spike in Phishing attacks against telecommunications customers.

The Internet Crime Complaint Center (IC3), which is a partnership between the FBI and the National White Collar Crime Center, has issued an advisory pertaining to a spike in Phishing attacks against telecommunications customers.

According to the IC3, they have received numerous reports of Phishing attacks that are targeting customers of various telecommunication firms. According to reports, the attack starts with a phone call, which claims to originate with the victim’s telecom provider.

From there, they are directed to a website in order to receive a billing credit, discount, or alleged prize ranging from $300 to $500. The domains are nearly perfect replicas of the telecom’s actual portal, which lures the customers into a false sense of security.

On the fake domain, the customer is asked for account usernames and passwords, as well as the last four digits of the customer’s Social Security Number. Once the information is entered, the criminals get a copy of the data – in order to make changes to the customer’s account in the future – and the customer is forwarded on to the legit domain. The FBI advises customers who receive such calls to confirm them with their telecom, but calling the customer service number directly.

In related news, Barracuda Labs has been tracking a Phishing campaign that initially targeted ReMax customers last year, but has since changed tactics in order to leverage the Coldwell Banker brand. The Phishing emails seen as examples on the Barracuda blog target investors, but others are geared towards a more general base, including those seeing to purchase a home.

Following the links in the email direct the potential victim to a Phishing page hosted on a compromised domain, which seeks authentication data for Gmail, AOL, Windows Live, or Yahoo accounts.

“This phishing page takes advantage of the trend towards using well-known web properties as authentication providers,” the Barracuda post explains.

The Phishing portal attempts to pass itself off as offering an OpenID type of service, but does so rather poorly.

“Normally when you [use OpenID] you temporarily visit the website, such as Google, that provides the authentication service. This is a process that unsophisticated users may not pay much attention to. That inattention is exactly what the phisher is hoping for in this case.”

Written By

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Nation-State

The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.