On 6/23/06, Gadi Evron <[EMAIL PROTECTED]> wrote:
Last year some of us made jokes about Vishing on funsec, today it's a
reality. Here is the incident going public:
http://www.websense.com/securitylabs/alerts/alert.php?AlertID=534
Special thanks to the good guys at Websense and the PIRT guys at
CastleCOPS PIRT.
I guess jokes about Vishing with a heavy Russian accent were good, too bad
this wave file doesn't have that accent. :)
The attacked party is Santa Barbara Bank & Trust. I suppose the IRS will
also take interest in this.
Dang, I was thinking the msg would be "Please call our support hotline
at 1-900...."
Is someone really sitting at the phone waiting for customers to call
up, or is it an automated greeting that walks you through a "password
reset"?
-JP
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
