Manual Vishing

This Hebrew post in linmagazine describes what first sounds like a typical Vishing attack. The author’s mother receives a phone call telling her there’s been a terrible accident and she needs to call the hospital for the details. They give her the ER’s number but tell her to use only her land line. The number is *7200526671955. Strange, but not unusual in Israel where dialing *pizza connects you to Dominos and *mortgage to your local sub prime pusher.
So she calls and calls but there’s no answer, and she rings her son to tell him to try and call.

He rings, and gets a voicemail. Getting suspicious he dial his phone company’s information directory and finds they were conned: *720 is the code for call forwarding, and 052-667-1955 is a local cell number. It’s a clever scheme, actually. All the for-pay phone numbers (sex hotlines, etc) are opt-in which means they are blocked by default (to prevent scams like this, among other things).
However, calls to cellular phones are more expensive (in Israel the caller pays the charge and not the receiver) and so it is possible to cut a deal with the cellular company for revenue sharing and open your own ‘recipe tips’ hotline which should bring in many incoming cellular calls and make everybody (especially the mobile operator) happy. If instead of recipes you make people call because their friend’s phone lines are automatically forwarded to your number, well that doubles the fun.

So these guys figured call forwarding to international numbers won’t work, and chose the mobile option. Although it’s a bit risky (you need to be able to collect the money from the cellular operator before the cookie jar slams shut) but sounds lucrative. Now comes the final step in a Vishing scam like this; you need to convince a lot of people to do the call forwarding, and for that you usually use a Voice-over-IP line with a pre-recorded message. But not these guys: the post’s author confirmed to me that his mother spoke to a flesh-and-blood voice who actually answered her questions, had a perfect Hebrew accent (it wasn’t a Nigerian who went to Jewish Sunday school) and told her the number to call twice (and even waited until she grabbed a pen).

Calling manually is risky: people can trace back the call and find out where you were. Hiring telemarketing is typically out of the question (lets just try to imagine the brief to the telemarketing team) and manually calling hundreds of people is really not cost effective.

So why the manual call? The only thing that comes to mind is they were beta testing or watching to see the response from the cellular company or law agencies. Maybe they are even using Israel as a beta site for an international Vishing attack? When the FBI or secret Service (or Israeli Police) catch them, I hope they ask. With a bit of luck they’ll post a hint here in the comments.

Share