Tuesday, July 14, 2009

Man-In-The-Phone Attacks -Banking Fraud

Fraudsters innovate with “man-in-the-phone” technique



Actimize this week warned of a new telephone banking fraud where fraudsters impersonate a banking representative.

The anti-money laundering specialist said the “man-in-the-phone” (MitP) fraud is becoming popular as internet banking sites become increasingly difficult to hack.

“We’ve noticed an accelerating trend in Man-in-the-Phone attacks,” said Paul Henninger, fraud specialist at Actimize.


“We hope that by publicising this new trend, we can help reduce its impact on individuals and our banking clients.”

In a typical MitP attack, the fraudster calls up a banking customer telling them their account may have been compromised.

They tell the victim that they need to verify a few details.

The fraudster then connects the call to the customer’s actual bank while secretly recording the phone call - thereby gaining full access to the security details of the victim.

Actimize advised banking customers to avoid giving out their banking details to anyone that initiates a call.

Instead, they should tell callers that they will call back the bank to verify information., Actimize said.

In related news, research firm Javelin has recorded a huge upsurge in fraudsters using telephone banking to commit ID theft.

“Access through mail and telephone transactions grew from 3 percent of ID theft in 2006 to 40 percent in 2007,” said James Van Dyke, Javelin president.

“Fraudsters are getting creative and leveraging new techniques to commit fraud, so consumers need to be as diligent as ever in protecting their personal information.”

Click here to discuss this: Security Forums

Disqus for ePayment News