Showing posts with label phone. Show all posts
Showing posts with label phone. Show all posts

Thursday, May 6, 2021

Vishing — Phone Call Attacks and Scams

via Jen Fox, SANS OUCH Newsletter...
While some of today’s cyber criminals do use advanced technologies, many simply use the phone to trick their victims...

The greatest defense you have against a phone call attack is yourself. Keep these things in mind:

  • Anytime anyone calls you and creates a tremendous sense of urgency or pressure, be extremely suspicious. They are attempting to rush you into making a mistake. Even if the phone call seems OK at first, if it starts to feel strange, you can stop and say “no” at any time.

  • Be especially wary of callers who insist that you purchase gift cards or prepaid debit cards.

  • Never trust Caller ID. Bad guys will often spoof the number, so it looks like it is coming from a legitimate organization or has the same area code as your phone number.

  • Never allow a caller to take temporary control of your computer or trick you into downloading software. This is how they can infect your computer.

  • Unless you placed the call, never give the other party information that they should already have. For example, if the bank called you, they shouldn’t be asking for your account number.

  • If you believe a phone call is an attack, simply hang up. If you want to confirm that the phone call was legitimate, go to the organization’s website (such as your bank) and call the customer support phone number directly yourself. That way, you really know you are talking to the real organization.

  • If a phone call is coming from someone you do not personally know, let the call go directly to voicemail. This way you can review unknown calls on your own time. Even better, on many phones you can enable this by default with the “Do Not Disturb” feature. more

Thursday, January 7, 2021

Leaked Phone Call Cautionary Tale: Trump’s Phone Call With Georgia Election Officials

The president pressured Secretary of State Brad Raffensperger to overturn the results of the election in an hour-long phone conversation. Here is a transcript of the audio recording.

Chilling.

Covert recording of your phone calls is easy. There are smartphone apps, push-button recording features on business desk phones, and cheap add-on gadgets (1) (2) (3) which do the job very well. Everyone with an inclination to record your call, can. Instantly. And post it to social media, news media, or twist your arm with it, just as quickly. Also chilling.

You can mitigate the possibility of your call being leaked (by the party to whom you are speaking). Just think before you speak. 

Thwarting someone spying on your call requires some technical assistance. Contact a Technical Surveillance Countermeasures (TSCM) consultant. Their specialty is inspecting workplaces, residences, vehicles, and off-site meeting locations for wiretap, bugs, and covert video surveillance devices.

UPDATE
The fact that the Jan. 2 call was recorded and leaked to the news media also spurred a claim that Raffensperger "faces espionage charges."

The claim was made in a widely shared Facebook post that was flagged as part of Facebook’s efforts to combat false news and misinformation on its News Feed.

Legal experts told us it would not be illegal for anyone on either end of the call to record it, or to disseminate the recording. Furthermore, the conversation did not bear on sensitive national security matters covered by the federal Espionage Act. more