Topic: Spam phone calls / e-mails addressing our conference participants asking for credit card data  (Read 29074 times)

A company called / sent e-mails to some of our participants/speakers, claiming they are working for the organizers of the event. They asked (for instance) for credit card details to finalize hotel bookings or to send them a refund.

We don’t know how the fraudsters have obtained access to the contact details of these persons. They definitely do not work for us. Is it possible that the ConfTool installation has been hacked? Do you think we should inform all users? Should all users change their passwords immediately?

We hear about such cases about once a year and up to now we could always rule out ConfTool as the source of the data. Usually, the information of the corresponding persons (speakers) could be found quite easily on the web by browsing the conference website and by using a search engine like Google to locate the personal homepages of these persons. Still, we recommend that you check if there is a public accessible list of your speakers with their contact details available on the web, for instance by using a search engine.

If you hear from your participants/speakers about such calls/e-mails, we strongly recommend sending them all a warning bulk e-mail to tell them that there are fraud attempts by third parties and that they must not to give away any payment data on the phone or by e-mail. Please also provide your contact details, so they can ask for more information or inform you if they have been contacted, too.

However, we do not think that it makes much sense to ask your participants to change their ConfTool passwords, as passwords are stored encrypted in ConfTool. Even if other people get access to your ConfTool installation, they would not be able to retrieve the passwords of other users.

The most likely scenario of a security breach is currently a "Trojan" on one of the organizer’s / assistant’s PC that forwards all keystrokes and locally stored information of this person to the criminals. This could give them access to the personal account of this organizer and therefore also to the data of all participants. To avoid such an infection, we strongly recommend browsing the web carefully, refraining from downloading files from unofficial sources, and using Browser plug-ins such as "Noscript", "Ghostery", and "WOT" as a security measure. Furthermore, do not open attachments of unsolicited e-mails. Every PDF, Word and ZIP file can be dangerous. We also suggest applying tools like Secunia PSI to check regularly if all programs on your computer are up to date.

If you are concerned that someone accessed your ConfTool installation, you can always check the user actions in the ConfTool system log. Please go to:

Overview => Browse System Log

… to access this data. Please note that you have various filtering options on that page (see image). If you see anything that you find suspicious, please contact us.

NB: One company that was reported to us because of unsolicited cold calls in which the phone agents asked for credit card details identified itself as EHS (Exhibitors Housing Services). We were not able to verify this information, but you can find more hints on the web:
Warning: Cold Calls from Exhibition Housing Management (EHM) and Exhibitors Housing Services (EHS)