One wonders how many ElReg readers ...
... would know how to use the red dial telephone pictured in the "http://www.theregister.co.uk/Week/" page.
Scammers are attempting to fleece a hundred top US financial companies by registering phone numbers close to those in use by the firms, engineer Scott Strong says. Of some 600 top financial institutions across the US, 103 or about 20 percent had scammers register their numbers with only the last few digits altered in a bid to …
I would think that there would be at least as great o potential for mischief using the same numbers with a different area code, especially in areas that have multiple area codes. This is also true for 800 numbers as there are multiple toll free codes from which to choose.
You know the ones-- they ask for a PIN. You enter the PIN, they relay to the real number with a forged callerID (that is, you ID not theirs). They they listen in. Ping in occasionally, get a feeling for the meeting pattern (if it's a regular meeting), crawl up the fat fingered chain till the CEO meetings are penetrated.
Hardly anyone rigorously checks for listeners, few times that it has happened and there were guests who would not ident, restart. But, the PIN isn't changed so what is the point... there should be a unique PIN per caller, and the central calls back a known number to at least slightly resist the wankers. GCHQ would do that for the least secure lines I'd imagine.
Biting the hand that feeds IT © 1998–2019