The newest trend in phishing targets is interactive voice response (IVR) systems through man-in-the-middle telephone attacks, warned Kevin Mitnick in his SpeechTEK 2008 keynote address on August 20. Mitnick -- setup a Web site capable of performing man-in-the-middle attacks -- then demonstrated this security threat. Accessing his Web site, Mitnick called Washington Mutual Bank. When the call was diverted to the bank's IVR system, he entered an account number and four digits of a Social Security number, all of which were stolen and transferred immediately to the man-in-the-middle Web site. This is where the attacker does a phishing attack to put himself in the middle.