Santa Barbara Trust (Voice Phishing)

Date:06.23.2006

Threat Type: Phishing Alert

Websense® Security Labs™ has received reports of a new phishing attack that targets customers of  Santa Barbara Bank & Trust. Users receive an email message that is spoofed and has the subject "Message 156984 Client's Details Confirmation (Santa Barbara Bank & Trust)."

Unlike the most popular form of phishing where users are lured to click on a URL and are directed to a fraudulent site, this lure uses a telephone number. The phone number is in the Southern California area code and was answering at the time of this alert.

When victims dial the phone number, the recording requests that they enter their account number.

The phone response does not mention the bank name, which could be a potential indicator that this number is being used for fraud against other entities.

Recording link:

http://www.websense.com/securitylabs/images/alerts/june_vishing.wav

Email Message:

Dear Customer,

We've noticed that you experienced trouble logging into Santa Barbara Bank & Trust Online Banking.

After three unsuccessful attempts to access your account, your Santa Barbara Bank & Trust Online Profile has been locked. This has been done to secure your accounts and to protect your private information. Santa Barbara Bank & Trust is committed to make sure that your online transactions are secure.

Call this phone number (1-805-XXX-XXXX) to verify your account and your identity.

Sincerely,
Santa Barbara Bank & Trust Inc.
Online Customer Service

Special thanks for research collaboration by the volunteers at Phishing Incident Reporting Termination (PIRT):
A PIRT Handler (link: http://wiki.castlecops.com/PIRT/) reported a new "telephone only" phish today.