Wednesday, June 28, 2006

New Type of Phishing (uses Voice Response Systems)

PC Magazine reports: "Websense Security Labs has reported a heretofore theoretical attack called "vishing," or voice phishing. The attack involves an actual phone number and a voice-response system (or is that "phoice-response system"?) to collect personal information."

I have to admit hate the new name that they're giving this type of attack (i.e.: 'vishing'), but I didn't create it. I think the new name is only going to confuse people about the subject more then they might be right now.

Its getting harder and harder these days to tell what's e-mail from a real business and what's a new type of phishing attack. As important as email is for some of us, the one thing that you have to remember is that 'e-mail is untrustworthy'.

To protect yourself, you should do the following:
  • Don't download and run attachments in e-mail.
  • Don't trust links or phone numbers provided in e-mails.
    • Go to the site yourself rather then trusting a links in the e-mail, or call the company using a existing phone number that you trust.
  • Don't rely solely on technology (spam filters, firewalls, anti-virus, etc.) because it can't protect you 100% of the time.
Post a Comment