New KnowBe4 Case Study Examines Telephony Denial-of-Service (TDoS) Attack, a Cybercrime Tactic That Floods Victims’ Phone Lines While Cyberheist Is Underway.
According to a new case study published by the Internet Security Awareness Training (ISAT) firm KnowBe4, a telephony denial-of-service (TDoS) attack against a semi-retired St. Augustine dentist served as a smokescreen for a nearly $400,000 cyberheist.
In November 2009, Robert Thousand Jr. began receiving a flood of calls to his business, home and mobile phone lines. The calls consisted of a 30-second recorded message from a sex hotline. What appeared to be a phone service issue turned out to be far more sinister. The following month, Thousand discovered that five transfers totaling $399,000 had been made from his TD Ameritrade retirement account. When the FBI investigated his case, it became apparent that the TDoS attack was intended to prevent Thousand’s broker from reaching him while the criminals committed their cyberheist.
TDoS is a form of denial-of-service (DoS) attack. When the calls come from multiple sources, it is known as a distributed denial-of-service (DDoS) attack. The high volume of automated calls prevents victims from making or receiving legitimate calls, thereby denying them use of their phone service. In Thousand’s case, the cybercriminals set up a number of VoIP accounts and used automated dialing to inundate his phone lines. While that was happening, they initiated the transfers that drained his retirement account.
Thousand was not the only victim to be targeted in such a manner. Others reported similar telephony DoS attacks in the months that followed. In 2010, the Communication Fraud Control Association (CFCA) and the FBI formed a partnership to identify TDoS patterns and trends, prevent DoS attacks, raise Internet security awareness and catch those who conduct cyberheists. Despite these efforts, unsuspecting members of the public can still fall prey to increasingly sophisticated cybercrime tactics.
“The problem is larger than the issue of telephony denial of service alone,” explained KnowBe4 founder and CEO Stu Sjouwerman (pronounced “shower-man”). “Before the cybercriminals launched their TDoS attack, they found a way to obtain Dr. Thousand’s Ameritrade account information and password. Victims in these cases are often targeted through phishing attempts or by clicking an innocuous-looking email link that downloads malware to their system. In this manner, criminals are able to capture account details, passwords and other personal information. Once they have access to an account, they can then change the contact numbers and impersonate the victim when communicating with the bank or broker.”
Sjouwerman advises those on the receiving end of a telephony DoS attack to immediately contact all financial institutions where they hold accounts and request a halt to any transfer requests, and then report the suspected cybercrime to the authorities. The sooner victims act, the better chance they have of preventing or minimizing potential losses. However, Sjouwerman emphasizes that Internet security awareness is critical in order for targets to prevent a cybercriminal from obtaining their account information in the first place.
“As awareness of phishing tactics increases, people are becoming more wary of emails from unknown senders. However, cybercriminals have become much more sophisticated in their practices. They are able to convincingly make it appear as if an email is being sent by a bank, government institution or trusted friend or colleague,” noted Sjouwerman. “All it takes is a single click to unwittingly give intruders access to a computer. They can then view all of the personal information contained within, as well as any transactions conducted online.”
While individuals must take responsibility for their own Internet activity and data security, Sjouwerman stressed that businesses need to implement proactive measures to minimize their employees’ vulnerability to phishing tactics. “In many cases, data security breaches that occur from within a company are not the result of any employee’s malicious intent, but rather an honest mistake made by someone who happened to be susceptible to phishing. That’s why Internet security awareness training is so important. It helps personnel identify and avoid potential phishing attempts that can expose the company to financial loss and intellectual property theft.”
KnowBe4 developed a free phishing security test that enables businesses to determine how Phish-prone™ their employees are. Through KnowBe4’s exclusive First2Know™ Internet Security Awareness Training (ISAT), small and medium enterprises can conduct high-quality, Internet-based training to educate their staff about phishing, viruses, social engineering and other related topics. Upon completion of the training, regularly scheduled phishing security tests identify any lapses and indicate if remedial training is required.
To view the case study about the Florida dentist’s TDoS attack, or for more details on KnowBe4’s Internet Security Awareness Training (ISAT), visit http://www.knowbe4.com/case-studies.
About Stu Sjouwerman and KnowBe4
Stu Sjouwerman is the founder and CEO of KnowBe4, LLC, which provides web-based Internet Security Awareness Training (ISAT) to small and medium enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced Internet security awareness training. He is the author of four books, including Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Financial Meltdown of 2008, available in April 2011. For more information on Sjouwerman and KnowBe4, visithttp://www.knowbe4.com.