Cloudmark Blocks New VoIP-Based Phishing Attacks27 April 2006
Cloudmark, Inc., the proven leader inmessaging security solutions for service providers, enterprises andconsumers, has identified and begun blocking phishing attacks carried outover voice over IP (VoIP) systems to spoof an unwitting target's financialinstitution. Scammers posing as banks are emailing people to dial a numberand enter personal information needed to gain access to their finances.Cloudmark warns that VoIP services can reduce the costs associated withconducting such attacks, providing the perpetrators with less risk ofdiscovery, and urges recipients of suspicious messages to notify theirservice providers immediately.
By combining a global threat detection network leveraging real-timereporting by trust-rated users with a unique fingerprinting methodology,Cloudmark is able to identify and begin blocking new spam, phishing andvirus attacks within moments, versus hours or days required with competingsolutions. Noted for industry-leading speed in detecting and deterring newthreats, Cloudmark is uniquely capable of accurately identifying andblocking these spoofed-number attacks. The company detected two newVoIP-specific attacks this week. As a precaution, Cloudmark advises againstdialing phone numbers received in emails from institutions and todouble-check and dial the numbers printed on ATM cards instead.
Adam J. O'Donnell, Ph.D., senior research scientist at Cloudmark, says,"We've seen two separate VoIP attacks hit our network this week, the firstwe've been able to analyze in detail. In these attacks, the target receivesan email, ostensibly from their bank, telling them there is an issue withtheir account and to dial a number to resolve the problem." Callers arethen connected over VoIP to a PBX (private branch exchange) running an IVRsystem that sounds exactly like their own bank's phone tree, directing themto specific extensions. In a VoIP phishing attack, the phone systemidentifies itself to the target as the financial institution and promptsthem to enter account number and PIN. "The result," O'Donnell surmises,"can be personally financially devastating."
Traditional content and identity rules based on volume analysis forcapturing spam do not work for phishing threats: phishers move quickly,using and breaking down multiple sites to launch the same attack.VoIP-based services allow phishers to cheaply add and cancel phone numbersthat are harder to trace than conventional numbers. The CloudmarkCollaborative Security Network's use of unique fingerprinting algorithms isable to identify the phone numbers used in VoIP phishing attacks. The CCSNfirst spotted and began to block these threats last week. It ischaracteristic of the network to automatically stop threats without theresearch team having previously identified them, and thus likely that theCCSN has been stopping VoIP-based attacks for some time.
Dr. Jose Nazario, a senior security engineer within the Arbor SecurityEngineering & Response Team (ASERT) at Arbor Networks Inc., a networksecurity leader for global business networks, notes, "Cloudmark's largecustomer base gives them a unique position to detect and prevent phishingattacks, which are highly sophisticated, targeted, transient and dynamic,thereby making it far more difficult to uncover and capture theperpetrators. Leveraging their unparalleled data helps Arbor by enablingits customers to track and stop phishers mid-attack."
Rapid, Intelligent Detection
Cloudmark offers two distinct services to thwart phishers, including ananti-phishing data service that provides confirmed phishing URLs to itscustomers. The Cloudmark anti-phishing engine fits within the serviceprovider's infrastructure to provide filtering protection at the messaginggateway from fraudulent email. It scans each message and computes a set offingerprints on the message, a process that is automatic, lightweight andhighly scalable for large volumes of email. Cloudmark's approachconsistently proves faster and more accurate than competitive methods ofrelying on fingerprinting algorithms to analyze the structure of messagessent by phishers and block new attacks in advance of receiving URL reports.
About Cloudmark
Founded in 2001, Cloudmark Inc. delivers the industry's fastest and mostaccurate spam, phishing and virus detection solutions. The Cloudmarkmethodology leverages an optimized combination of automation, humanintervention and real-time reporting by millions of trusted and rated usersin more than 160 countries. Used by service providers, enterprises anddesktop users worldwide, Cloudmark's award-winning solutions are marketeddirect and through partners worldwide. A privately held,San Francisco-based company, Cloudmark sits on the steering committee oftheAnti-Phishing Working Group (www.apwg.com). More information aboutCloudmark, is available at: http://www.cloudmark.com.
Media contact:Brenda Ropoulos415-946-3828, office510-414-6772, mobileEmail Contact
SOURCE: Cloudmark, Inc.
Source: marketwire
All trademarks and copyrighted information contained herein are the property of their respective owners.
Related Voip Articles
|
