On Tuesday, novelist Andy Weir, author of The Martian, revealed that his email and Twitter accounts had been hacked. How did it happen? Over the phone. Weir writes that attackers simply called his service provider Comcast, and asked to change the password on his account.
This week Rob Lemos of PCWorld reported on the threat of caller ID spoofing. Lemos interviewed David Dewey, director of research at Pindrop. “The best advice I can give on the consumer side is to trust no one,” said Dewey. “It does not matter who the Caller ID says the call is from, you cannot trust it.”
Full Breakdown of This Week’s Phone Fraud News
USA Today: 5 rules to avoid the No.1 scam in America – The largest type of scam actually uses an older technology that you have in your home right now. Yes, it’s the humble phone scam. Phone security company Pindrop Security does an annual “State of Phone Fraud” report and it found some disturbing things.
Huff Post Tech: The Most Dangerous Identity Theft Threat – It is irresponsible to downplay the various serious risks now facing millions of Americans whose most sensitive personal information has been exposed in the breaches. The threat for them is very real, and long-term–perhaps a lifetime.
eWeek: FTC to Use DefCon Event to Strike Back Against Robocalls – Among the many challenges in stopping robocalls is that there isn’t a great mechanism in place to properly report and identify them. By building honeypots and other tools to collect robocall information, it will help law enforcement efforts, she added.
Pindrop Blog: Pindrop at Black Hat and DEF CON – Pindrop will be supporting the conferences in several ways – sponsoring two innovative contests, and co-hosting our 4th annual ALLinPARTY. Of course, we’ll also be meeting researchers, analysts, press, and others at the events.
Ars Technica: The Martian author says Comcast let hacker take over his e-mail – Weir, author of The Martian, ran into a tricky problem when his e-mail and Twitter accounts were hacked. The culprit was a hacker who reset the password for his Comcast.net e-mail account by calling Comcast and pretending to be him.
PC World: Trust no one: How caller ID spoofing has ruined the simple phone call – The first line of defense is a healthy distrust of Caller ID, said David Dewey, director or research at Pindrop Security, which helps call centers and banks determine whether a phone call is fraudulent. About 1 in 3000 calls are fraudulent, according to company’s data.
The Press Enterprise: HACK ATTACK: Redlands travel agency gets a $117,000 phone bill – Hackers took over two of the Discover Cruises & Travel’s five phone lines, featuring call forwarding and international long distance, and turned them into hosts for 5,000 minutes of fee-based calls. The result was a July phone bill for $117,629.71.
Network World: New products of the week – FDS 2.4 combines Pindrop’s patented Phoneprinting technology with advanced machine learning to effectively identify and predict fraud, and a unified Fraud Workspace that accelerates the detection and remediation of phone fraud.
FTC Blog: Too close to call – The FTC warns consumers that it’s a mistake to assume that all toll-free numbers that pop up in a search are legitimate customer service lines. Some are run by scammers out to hijack your credit card number or install malware on your computer.
NJ.com: What are phone companies doing about unwanted and annoying robocalls? – While some are touting the FCC’s recent order as “untying” the hands of telephone companies in terms of blocking technology, it’s not that simple.Verizon has always been cautious about blocking suspicious calls because of potential unintended consequences.
AJC: Clark Howard: A new phone scam is calling – You hear your phone ring and you go to answer it — and the line’s dead. So you think, “Oh, I missed the call,” and you have it re-dial. Big mistake. There are several parts outside the US that use our area code system. So you’re making a call that might cost you $30.