Internet-inspired fraud tactics that try to use telephone calls to dupe millions of people or to overwhelm switchboards for essential public services
Phone swindles are practically as old as the telephone itself. But new technology has led to an onslaught of Internet-inspired fraud tactics that try to use telephone calls to dupe millions of people or to overwhelm switchboards for essential public services, causing deep concern among law enforcement and other groups.
People, businesses and government agencies across the country are combating the new schemes, in which scammers use the Internet to send huge volumes of calls at the same time. Many of the attacks bombard individuals with automated requests for personal data, in a variation of their email-scam cousins. But others are more vicious, flooding entire phone systems when demands are not met, similar to some attacks against websites.
“You can blast out 100 million calls from the comfort of your keyboard,” said Kati Daffan, a lawyer in the bureau of consumer protection at the Federal Trade Commission.
In October, the Department of Homeland Security advised federal agencies, local governments and other organizations to be prepared for so-called denial of service attacks, which flood phone systems with calls, making them unusable by legitimate callers. The warning came after attacks against a sheriff’s office in the Southern United States and another against a Coast Guard cutter. The department said there had been over 200 such attacks identified against public sector groups.
As they are for most forms of Internet fraud, the latest phone schemes are also difficult to track and investigate because of their frequency, their layers of anonymity and their global nature. Several investigators could not name a successful prosecution of the latest wave of phone swindles, though cybercriminals who committed other forms of fraud have been arrested.
In Tarrant County, Tex., the phone lines of several emergency dispatch centers were disabled in the last year because of a surge of automated calls, said Wanda S. McCarley, director of operations for the Tarrant County 911 District, which includes Fort Worth. The attacks lasted up to an hour and were aimed at 10-digit phone emergency numbers at the centers, which are accessible to callers outside the area, rather than 911 lines, which are not.
Something similar happened to a Texas hospital two years ago, when an intensive care unit’s phone lines were disabled for about six hours, said the chief information officer for the hospital chain that owns the facility, who spoke on the condition that he not be named to avoid unwanted attention for his employer. To defend itself, the hospital started using a service from SecureLogix, a telephone-security company, which the hospital’s chief information officer said had been effective.
In both cases, employees at the facilities were contacted by callers who said they were debt collectors seeking repayment of loans taken out by the workers. If the employees did not pay up, the callers threatened, the lines at the employees’ workplaces would be brought down. The attackers then overwhelmed the lines with repeated calls, causing busy signals for legitimate callers.
It is not clear how or why the specific employees were chosen, though law enforcement officials believe that swindlers in such cases may find names on public staff directories or professional sites like LinkedIn.
Some pay up in such swindles, often out of uncertainty about whether they owe the money or to avoid embarrassment at their workplaces, law enforcement officials said. Ralph A. Gagliardi, agent in charge with the Colorado Bureau of Investigation’s identity theft and mortgage fraud units, said he traced payments from the victim in one such attack in Colorado to Nigeria via an intermediary in Florida.
Michael J. McKeown, supervisory special agent for the Federal Bureau of Investigation in Pittsburgh, said, “If people do pay, that makes their problems stop, but it may make it more lucrative for people to do this.”
The Latest on: Denial of service attacks
via Google News
The Latest on: Denial of service attacks
- Why The Denial-Of-Service Argument Against BOLT 12 Doesn’t Hold Upon May 27, 2022 at 3:00 pm
A successor proposal to BOLT 11, BOLT 12 is a proposed upgrade to Lightning, the most popular Layer 2 Bitcoin protocol. This is an opinion editorial by Shinobi, a self-taught educator in the Bitcoin ...
- Hacktivists Expanding DDoS Attacks as Part of International Cyber Warfare Strategyon May 26, 2022 at 5:37 am
In April 2022 it was reported that pro-Russian hacktivist group, KILLNET, carried out a series of Distributed Denial of Service (DDoS) attacks against a number of websites including the United Nations ...
- Pro-Iran Group ALtahrea Hit Port of London Website by DDoS Attackon May 25, 2022 at 4:48 am
A seemingly ‘politically motivated’ DDoS attack knocked down the Port of London authority’s website. /PLA has become a victim of a cyberattack th ...
- Approov Runtime Secrets Protection Shields Mobile App Secrets, Prevents Theft of API Keys and Credentials, Blocks Mobile App DDoS Attackson May 19, 2022 at 2:59 am
New Osterman Research Findings Reveals Massive, Highly Exploitable Mobile API Attack Surface. Approov New Release Dynamically Manages and Protects all API Credentials for Mobile Apps, Keeping them ...
- The Growing Threat of Ransom DDoS Attacks Requires Effective Prevention and Mitigationon May 18, 2022 at 7:06 am
Essentially, ransom DDoS attacks are just DDoS with a ransom demand but a sudden increase in these attacks is no Bueno and bad for business. The latest edition of the Directors Liability Survey, a ...
- Total Number of DDoS Attacks Fell 13% in 2021 over 2020, but Still Far Above Pre-Pandemic Levels, According to Nexusguardon May 18, 2022 at 6:16 am
The total number of distributed denial-of-service (DDoS) attacks fell 13% in 2021 over 2020, but were still well above pre-pandemic levels, according to Nexusguard researchers in the recently released ...
- Extra-Large Denial Of Service Attack Uses DVRs, Webcamson May 12, 2022 at 5:00 pm
Hype aside, the facts on the ground make it look like an extremely large distributed denial-of-service attack (DDOS) was just carried out using mostly household appliances (145,607 of them!) ...
- Cloudflare just mitigated one of the most powerful DDoS attacks everon May 5, 2022 at 4:49 pm
What just happened? Earlier this week, Cloudflare engineers identified one of the largest distributed denial-of-service (DDOS) attacks ever attempted. The attack, made against an unidentified ...
- 3 Elements of Defense Against (DoS) or (DDoS) Attackson April 29, 2022 at 5:00 pm
Denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks are the insidious enemy of many enterprises. These attacks, which attempt to disrupt legitimate use of an organization’s website ...
- Cloudflare just stopped one of the largest DDoS attacks everon April 28, 2022 at 9:17 am
Cloudflare, a company that specializes in web security and distributed denial of service (DDoS) attack mitigation, just reported that it managed to stop an attack of an unprecedented scale.
via Bing News