The relentless barrage of scam attempts aimed at Commonwealth Bank customers has transcended email, with the sophisticated Eastern European cyber criminals now targeting people via telephone and SMS.
Offices and homes are being called several times a day by an automated system, purporting to be the Commonwealth Bank, telling them they have an error on their account and need to ring an Australian phone number immediately to have the problem rectified.
Calling the number prompts victims to enter their credit card number and security code, which are then harvested and used to make fraudulent purchases.
Paul Hurley, who works for the Sydney-based accounting firm Priestley & Morris, said his office received about 60 calls from the scammers yesterday, with some employees receiving up to five calls on their direct line. If the call wasn't picked up, the scammers even left voicemail messages.
"It looked like it was going through the phone list - our [phone] extensions go one after the other and from the night before last through to 6 or 7 o'clock last night we were still getting calls," he said.
"It's a female voice and ... even though it's an automated, almost robotic voice it's still got an accent to it"
Commonwealth Bank spokesman Steve Batten said the bank had traced the scammers to Russia or somewhere in Eastern Europe.
"The good news is a number of these phone numbers have actually been identified and closed down by the Australian Federal Police," he said.
The new phone and SMS scams complement a sustained email phishing campaign that has been targeting Commonwealth Bank customers - some at a rate of several scam emails a day - since late last month.
St George, NAB and Bank of Queensland customers are now also being targeted.
The emails, which look authentic and include the Commonwealth Bank's logo, try to trick the victim into handing over sensitive information by telling them they need to unlock an account, activate a card, claim a fee refund, update internet banking details, view an important security message or complete a survey in exchange for payment.
They have largely managed to evade spam filters.
Craig McDonald, managing director of email filtering company MailGuard, said this was because the scammers were changing up their tactics faster than the anti-spam software makers could update their software.
"What we're looking for is identifying legitimate mail rather than trying to identify non-legitimate mail," he said.
McDonald was not surprised that the hackers were now moving on from email and targeting people via phone and SMS.
"At the end of the day the criminals will do anything and everything to take advantage of people ... so any way they can get someone to give them any information about their person, whether it's date of birth, account numbers, passwords, whether that's via email or SMS or fax - they'll do anything."
Source: By Asher Moses, The Age, 05.06.09
No comments:
Post a Comment