Stopping Vishing Attacks
Anyone have procedures for shutting down vishing attacks they would like to share? Phishing isn't a problem but I can't find anything out there on how to shut down vishing attacks.
Comments
-
RTmarc
Member Posts: 1,082 ■■■□□□□□□□
That's not the problem. The issue is text messages that are being sent to our customers from cell-based or land lines. -
dynamik
Banned Posts: 12,312 ■■■■■■■■■□
Don't these types of things typically come down to education and awareness? -
RTmarc
Member Posts: 1,082 ■■■□□□□□□□
Yes, they do but steps need to be taken to actually remove the number making the calls or sending the messages.
-
tiersten
Member Posts: 4,505
Not much you can do about it. It will be hard enough to track down where the message originates from. If you have enough access to a telecom provider's system then you can make it appear to come from any number you want.
There may be a number that your cell or landline provider wants you to forward messages to. -
RTmarc
Member Posts: 1,082 ■■■□□□□□□□
That's what I'm looking for. I'm wondering if someone out there has information on the take down process for these type situations. Phishing isn't really a problem but I haven't been able to find anything out there on vishing.
-
tiersten
Member Posts: 4,505
Unless there is a specific one for your country, you have to rely on your provider to set something up. Vodafone in the UK setup a service to report SMS spam to a few years ago but it is only for their own customers.
-
darkerosxx
Banned Posts: 1,343
That's not the problem. The issue is text messages that are being sent to our customers from cell-based or land lines.
If I understand you correctly, aren't you talking about SMiShing?
http://en.wikipedia.org/wiki/Smishing -
tiersten
Member Posts: 4,505
I had to go look it up but Vishing seems to be where you use a phone as part of the scam. Not quite sure how this is different to the ye olde phishing and social engineering scams of before though. I guess people like to make up new terms for things that already exist...
-
RTmarc
Member Posts: 1,082 ■■■□□□□□□□
I guess "SMiShing" is another term for it; never heard of that one before. Vishing always involves a phone of some description but can include text messages and call-back numbers.
Obviously it is handled by security awareness and training. I'm looking for specific take down procedures if anyone has any. -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
darkerosxx
Banned Posts: 1,343
I've also been told by an AT&T rep that if you know the specific number it's coming from that you can, for a fee, block the number for your entire account for calls and/or texts.
-
RTmarc
Member Posts: 1,082 ■■■□□□□□□□
I'm not looking for ways to block the number from calling us. I'm looking for ideas on how to get these numbers taken out of commission by the carriers. Our members report the text messages / calls to us (the company) and we need ways to take them down. Similar to how we take down phishing websites once they are reported to us.
-
darkerosxx
Banned Posts: 1,343
Sounds like it should be the same process...report it, unless you do something extra.
-
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
I don't think there is really anything you can do. Kinda of like saying I want to stop phishing, good luck because a lot of people would like to do it. Telecoms aren't going to do a whole lot because at worst their making money on the people who don't pay for texting. Now they got an extra nickle...WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff
