‘Vishing’ - Latest Threat to Mobile Subscribers - Your Voice Aids Phishing, Now
(Rate this article)
Loading ...
As the number of Internet users in India is rapidly increasing, the chances of becoming a victim of phishing attacks increases too. It comes as no surprise that India ranks third among countries most affected by phishing.
Phishing attacks are nothing new to the country. Back in 2006, we covered how a fake UTI Bank email was sent out that required the user to enter his log in credentials on a fake website that was an exact replica of the Original UTI Bank (now Axis Bank) website.
Wikipedia defines phishing as:
…the criminally fraudulent process of attempting to acquire sensitive information such as user names, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication.
Even though considerable measures such as the launch of a toll free number and the Government’s initiative to launch a ‘do-not-mail-me’ registry have been taken to tackle these attacks, the losses resulting from cyber crime are mammoth.
However, the attackers now seem to be moving to a newer platform to find some new dough. Say Hello to ‘Vishing’. Vishing is a combination of ‘Voice’ and ‘Phishing’. Again, Wikipedia defines it as:
…the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private personal and financial information from the public for the purpose of financial reward.
India, one of the fastest growing mobile markets in the world with over 277 million mobile subscribers according to TRAI, seems to be the green grass the attackers were looking for. As per this report by afaqs, a certain Rakshita Kolaskar (obviously, name changed) became a victim of Vishing when she received an SMS on her mobile, announcing that she was the winner of a $3 million prize from Shell International Mobile Draw, to claim which she’d need to dial an international number. She soon realized that she had been duped, after a Shell official confirmed that no such award was given out.
The above attack is an excellent example of vishing where both SPAM and vishing were used as tools. First, the victim was sent an SMS announcing the fake prize and then using social-engineering techniques, critical information was retrieved. It seems, now that subscribers are getting immune to sms advertising, the art has been graduated a little farther. With over 8 million subscribers being added every month, experts are of the opinion that India is an easy ground for the attackers.
I am of the opinion that it is awareness that still lacks among a majority of users. Even though a lot of users have embraced technology, a majority is still unaware how technology assists them in identifying the real thing from the fake. A major part of internet users still use Internet Explorer 6.0, the default browser for Windows, that still lacks the anti-phishing features offered by the newer browsers such as FireFox, which recently entered the Guinness Book of World Records for having set a record for the most downloaded software in a 24-hour period.
Loading ...
8 million subscribers monthly!!! Not daily!!!
Punit,
Thanks for noticing the error. It has been corrected now. I appreciate you dropping by to let us know of the same.