"Smishing"

Social engineering is the art of manipulating people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most cases the attacker never comes face-to-face with the victim.

"Smishing"

Post by limdis on Wed Oct 19, 2011 3:00 pm
([msg=62440]see "Smishing"[/msg])

I'm not a fan of the coined term. But if you don't know what this is, you should for your own protection.

USA Today article from today.
http://www.usatoday.com/tech/news/story ... 50817688/1

I first got one of these calls back in 2006. It is fairly common. But most of the time they are not specific to the bank, they are broad to get you to input your information for them to narrow it down. For example, I received a call onetime that told me that some accounts at "my bank" had been compromised due to a scam and some debit/credit card numbers with their pins had been copied. For immediate protection a phone notification system had been put in place to call all account holders to reset their pins over the phone. All we needed do was "verify" we were the card holders by putting in our card number, pin, 3 digit card security code and our SSN.... Just like the guy in the article I freaked a little at first but hung up to call my bank directly, at which point they told me it was most likely a scam because none of that was true.

If you feel you are being targeting, here are some red flags for this sort of attack:
Unknown or strange number (ex: 000-000-1234).
If they call every day (even after you hang up on them) or several times a day.
If they never mention YOU or your bank by name. If it was real they would have that information.
If you are speaking to a machine.
If you are speaking to an individual and they cannot pull up your account right away due to the computer freezing.

If you are in doubt and receive a call of this nature, simply hang up and call your bank (or credit card provider) directly.
"The quieter you become, the more you are able to hear..."
"Drink all the booze, hack all the things."
User avatar
limdis
Moderator
Moderator
 
Posts: 1358
Joined: Mon Jun 28, 2010 5:45 pm
Blog: View Blog (0)


Re: "Smishing"

Post by Veos on Wed Oct 19, 2011 3:20 pm
([msg=62443]see Re: "Smishing"[/msg])

Good info :)
Veos
New User
New User
 
Posts: 26
Joined: Mon Oct 17, 2011 2:04 pm
Blog: View Blog (0)


Re: "Smishing"

Post by hellow533 on Wed Oct 19, 2011 3:20 pm
([msg=62444]see Re: "Smishing"[/msg])

Lol I actually received a call something like this today.

It started as: "You have failed to pay your credit card (my age: 16, no credit card anyways) payments. We have sent multiple courtesy notifications to your address but none have been answered." *They didn't* Then it went on as: "This is your last chance to receive up to 6% on your car payments and mortgage. *bullshit* If you are over $3,000 in dept, you may qualify for" *I hung up at this point*

They act like it's something important to get you listening, then throw their bullshit at you like you would still believe this is because you didn't pay your bills.
“Teach me how to hack!”
"What, like, with an axe?"
User avatar
hellow533
Contributor
Contributor
 
Posts: 506
Joined: Thu Jan 29, 2009 3:27 pm
Blog: View Blog (0)


Re: "Smishing"

Post by VPR3 on Wed Oct 19, 2011 7:32 pm
([msg=62454]see Re: "Smishing"[/msg])

Heres what I do:

If a name or number is strange, I won't talk to you.
If called again I promise to blow your f#@kn head off. Or retaliate.
If you are speaking to a machine? You need therapy......

Oh yeah, be selective about who you do business with.
VPR3
Poster
Poster
 
Posts: 161
Joined: Fri Apr 22, 2011 11:35 am
Blog: View Blog (0)


Re: "Smishing"

Post by mShred on Wed Oct 19, 2011 8:19 pm
([msg=62462]see Re: "Smishing"[/msg])

Its weird that you say that.. Something similar to the scam you described limdis has actually happened in the city I live in. People have gotten ahold of credit card numbers and sold card copies to people around the world. At first, I immediately assumed it was a scam. But when I went to my bank, they informed me of the incident, and I changed everything directy through them.
Image

For those about to rock.
User avatar
mShred
Administrator
Administrator
 
Posts: 1720
Joined: Tue Jun 22, 2010 4:22 pm
Blog: View Blog (2)



Return to Social Engineering

Who is online

Users browsing this forum: No registered users and 0 guests