One in six financial institutions victimized by this new scam.

Sara Peters, Senior Editor

November 19, 2014

1 Min Read

Pindrop Security today warned financial institutions and their customers about a telephone scam they've dubbed the "misdial trap."

Fraudsters buy phone numbers similar to legitimate businesses, and pose as that business's customer service line when customers misdial -- not unlike how some fraudsters buy domain names similar to legitimate online businesses and create sites that mimic them, according to Pindrop.

The numbers fraudsters typically choose will have the same first six digits as the legitimate business, with only the final digit changed, or they will have the same seven-digit number but a different area code -- a toll-free number area code, for example.

When they hook a customer, they pretend they are customer service for the company in question and request sensitive data from customers -- sometimes offering a free gift card in exchange.

Some 103 of the 600 financial institutions examined by Pindrop Security were affected by the misdial trap.

"Phone fraud costs banks and financial institutions nearly $2 billion every year and fraudsters continue to develop new attacks to steal from consumers and financial institutions," said Vijay Balasubramaniyan, co-founder and CEO of Pindrop Security. "The misdial trap scam is just the most recent example of how sophisticated fraud rings are exploiting inherent vulnerabilities in the phone channel to collect consumer information and defraud financial institutions."

About the Author(s)

Sara Peters

Senior Editor

Sara Peters is Senior Editor at Dark Reading and formerly the editor-in-chief of Enterprise Efficiency. Prior that she was senior editor for the Computer Security Institute, writing and speaking about virtualization, identity management, cybersecurity law, and a myriad of other topics. She authored the 2009 CSI Computer Crime and Security Survey and founded the CSI Working Group on Web Security Research Law -- a collaborative project that investigated the dichotomy between laws regulating software vulnerability disclosure and those regulating Web vulnerability disclosure.


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights