The FBI has issued a warning to Americans after a spate of telecommunications denial-of-service (TDoS) attacks left fraudsters able to access online bank and brokerage accounts. The TDoS attacks use automated dialing programs and multiple accounts to overwhelm victims' mobile phones and land lines with thousands of calls.
When victims answer the calls they hear dead air, an innocuous recorded message, advertisement, or a telephone sex menu. The attacks are a diversionary tactic, enabling the fraudsters to use personal information about the victim they've acquired through social engineering techniques or malware to pilfer online accounts.
Because the victim's phone lines are tied up, their banks are unable to contact them to verify transfers, enabling the fraudsters to empty accounts.
The FBI says it discovered the new-style attacks through a private industry partner, which found a Florida dentist who lost $400,000 from his retirement account after a denial-of-service attack on his phones.
Since April "there has definitely been a noticeable surge in telephone denial-of-service attacks, with numerous incidents having been reported in several Eastern states" says the agency.
It has now teamed up with the Communication Fraud Control Association - comprised of security professionals from communication providers - to analyze the patterns and trends of telephone denial-of-service attacks, educate the public, and catch the fraudsters.