


                                                   JPCERT-AT-2007-0015
                                                             JPCERT/CC
                                                  June 14, 2007 (Original release date)
                                                      June 19, 2007 (Last revised)


                  <<< JPCERT/CC Alert 2007-06-14 >>>

          Fraudulent Phone Calls Attempt to Steal ID and Password

             http://www.jpcert.or.jp/at/2007/at070015.txt

I. Overview

  JPCERT/CC has received reports about fraudulent phone calls
attempting to steal IDs and passwords using a false identity as an
ISP's outsourcer.

  According to the reports, persons identifying themselves as an
ISP's outsourcer attempt to steal IDs and passwords from service
users while pretending to provide information on changes to PC
settings (OP25B* settings). The callers attempt to identify the name
of the user's ISP during the conversation.

  Care should be taken not to give your ID and password to persons
making such phone calls.

  * OP25B (Outbound Port 25 Blocking):
    OP25B is one of the measures against virus and unsolicited emails
      implemented by ISPs.


II. Solution

[Service users]

  This activity uses a social engineering technique called
"spoofing." In the event that you receive a phone call from someone
identifying themselves as a provider of ISP-related services asking
for your ID and password, never answer their questions.

  If you have given your ID and password over the phone to someone
who called you, change your password and contact your ISP immediately.


[ISP]

  ISPs should be prepared to respond to inquiries from customers and
raise the awareness of their customers.


III. Reference Information

    JPCERT/CC REPORT Short Tips
    Password Handling
    http://www.jpcert.or.jp/wr/keyword_c.html#108

    Ministry of Internal Affairs and Communications
    Information Security Measures for all Employees and Staff
    Measures against Social Engineering
    http://www.soumu.go.jp/joho_tsusin/security/business/work05.htm

    Information-technology Promotion Agency, Japan (IPA)
    Survey on the Actual Situation of Social Engineering in Japan (PDF)
    http://www.ipa.go.jp/security/fy11/report/contents/intrusion/socialeng/socialeng.pdf


  If you have any information regarding this matter, please contact us.

__________

Revision History
June 14, 2007  Initial release
June 19, 2007  Corrected typographical errors

======================================================================
JPCERT Coordination Center (JPCERT/CC)
MAIL: info@jpcert.or.jp
TEL: 03-3518-4600  FAX: 03-3518-4602
http://www.jpcert.or.jp/