Phishing Scam Uses Hacked Hotel Phone Lines
As banks have taken to texting their customers when suspicious activity is found in their accounts, scammers have begun adapting the service into their techniques.
SMiShing, an amalgam of SMS (texting) and phishing, and vishing, using voice messages for phishing, have been used to contact bank customers to call a phone number where they are instructed to verify information using their credit card number and expiration date.
In the past few weeks, hundred of thousands of people in the Houston, Texas area have received text messages about a problem with their bank account with instructions to call a phone number. The phone number, normally that of a local Holiday Inn, would answer claiming to be Bank of America, Fifth Third Bank, Key Bank, Susquehanna Bank or Wells Fargo. It would go on to inform the caller that their credit or debit card had been limited due to a security issue, after which they were prompted to enter their card number, expiration date and the last four digits of their Social Security number in order to reactivate it. The scam usually takes place during weekend hours when the banks are closed.
The Holiday Inns whose phone numbers had been hijacked have since recovered their phone lines.
One suggestion banks have received is to stop using text messages to alert their customers of problems and to use their apps instead, as banking apps are among the most popular among smartphone users.