We’ve told you about the danger of phishing scams before. It really does happen—in fact, I just got a message from a customer telling us they’d gotten a call from “TDS” (in quotes because it was NOT us). The call told them there was a “data and security breach” and that they should call in to get a free credit check.
This form of phishing targets the customer, but some criminals will target companies instead. These fraudsters will call and pretend to be a real customer (often armed with some stolen personal information) to try and trick the company into revealing account or even network security details. It’s a way of using social engineering to phish for confidential data. As this article said, “social engineering bypasses firewalls and encryption to attack the most vulnerable component of any security system: humans.”
Of course, it would be awesome if companies (especially large financial institutions!) had a way to know if they’re talking to the real customer, or an identity thief. Up until now, there wasn’t. But, there’s a new company called Pindrop Security that’s developed a cool new technology to “fingerprint” phone calls. The founder discovered that every phone call has a unique acoustic “fingerprint” and the different audio signatures can identify the location of the caller. Pindrop can narrow the origin of a phone call down to an area about the size of France (even if the caller is using VoIP or Skype). So, in a way, this technology acts like a type of Caller ID that can cut through any attempt to hide the call’s origin.
What does this mean for you? If the software gets adopted by big companies, if someone is calling and pretending to be you, they might not get far. For example, if my credit card company gets a call from someone who has a few bits of my personal information and seems to be me…they’ll know it’s not if the call is actually coming from Russia, and not Wisconsin.
As you can imagine, the banking and retail industry would be prime candidates for this kind of technology. Pindrop just got some pretty major funding so we’ll have to see if call “fingerprinting” takes off.