[IP] more on Vishing (voice/phone phishing) - public incident
Begin forwarded message:
From: Jeremy Epstein <jeremy.epstein@xxxxxxxxxxxxxx>
Date: June 23, 2006 1:48:51 PM EDT
To: dave@xxxxxxxxxx, ip@xxxxxxxxxxxxxx, ge@xxxxxxxxxxxx
Subject: RE: [IP] Vishing (voice/phone phishing) - public incident
The Websense article notes that "the phone response does not mention the
bank name, which could be a potential indicator that this number is
being
used for fraud against other entities." In my experience, most (if
not all)
of the credit card validation lines (which you call to enable the credit
card received in the mail) do not state the name of the entity - largely
because the huge credit card issuers have numerous different brands, but
they all share the same phone number. As an example, I have branded
Visa
cards from United Airlines, Amazon.com, and Micro Center, and they're
all
really Chase Bank. Until you enter your number, they don't know
which type
of account you have.
So the fact that it doesn't mention the bank name could be appealing to
customer expectations that the name is not provided!
--Jeremy
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/