+|Summary|Banks offer the option for end users to receive telephone calls to solve problems, e.g. in case of issues with the bank App, issues with Smartphones, the bank website or any tool providing access to the online bank account management system. How does the fraudster operate? <br>• Through social engineering, the fraudster gathers information about bank end users who are engaged in such a situation, needing the bank to contact them.<br>• Once they identify the service provider and the phone number of an end user, they manage to successfully activate, on the end user's profile, the 'unconditional call forwarding' to a phone number they control.<br>• After successfully setting up 'unconditional call forwarding,' the fraudster then contacts the bank, claiming an inability to access online banking services and requesting a call from a bank representative.<br>• When the bank calls the registered contact number of the end user, the active 'unconditional call forwarding' diverts the call directly to the fraudster, thus completing their scheme.<br> The Bank Application, before contacting the end user's phone number, invokes the Call Forwarding Signal API to verify if a "unconditional call forwarding" option is active on the end user's phone, avoiding such a fraud| M |
0 commit comments