Archive for February, 2009

Phone Phishing

Friday, February 6th, 2009

This evening I received a strange phone call on my cell.  All of my numbers are on the Do Not Call Registry.  This call was an automated system informing me that my Visa card was just blocked for internet purchases.  It instructed me to call a toll free number or press one to get connected to their security department.  This seemed like a typical phishing email, but I have never seen, heard of, or experienced this in the form of a phone call.  I was amazed.

The phone number calling me was 203-227-5533, which Google says is Weston Capital Management.  What I suspect is that their PBX system was broken into.  Someone could have used it to launch a bunch of automated phone calls while they get stuck with the bill.  There was even a posting at the Internet Storm Center regarding an increase of scans for specific Trixbox PBX systems.  Pretty scary as Weston Capital Management might have a phone bill in the 100s of the thousands of dollars.  The Nerd Vittles blog recently put up a post talking about Asterisk security.  Someone out there is always trying to pull some scam, so best to protect yourself.