What does Vishing mean?
Combined of the two words “voice” and “phishing”, the term vishing is used when an online attack or scam occurs by using an internet telephone service. It is any form of deception to obtain sensitive information, money or access, initiated over a telephone call. Instead of using fake websites or emails, vishers will call to deceive users to reveal their personal information online.
Whilst the term vishing is fairly new, pretending to be another individual or business to extract confidential information from them is something that has unfortunately been happening for a long time. A common technique being used is the creation of fake caller ID profiles which will make the number they are using look genuine to another caller, allowing them to infiltrate that sensitive information and steal that user’s identity.
Vishing Methods and Examples
When a visher spoofs someone’s real phone number, the incoming calls seem genuine and believable to the person receiving the call meaning that even features such a Caller ID are not always to be relied on. Often, the visher will leave a voicemail on the phone in the hope that they will return the call at a later time and reveal the desired information.
One way that they operate is by targeting your bank accounts, calling you and often asking you to reset your password in a voicemail from them, prompting you to call back and confirm your login information.
Another example often used is the visher calling you to offer you something like a free deal or prize that you have qualified for or won, asking you to pay for shipping by providing your card details over the phone to allow them to “send the prize”. Other common scams can also include calls about credit or loan offers, car warranties and investment opportunities.
Vishing Attack Signs
Being mindful that these kinds of attacks are around is important and there are a few things you can do to stay more alert about vishing. Pay attention to the kind of calls or voicemails you receive, remembering that a genuine call from a business you know would not ask for confidential information for personal unsolicited requests and that you are right to be wary of this.
If you feel worried or pressured on the call, don’t panic and give out the information they are pushing for. Just hang up the phone and either block or report the number so that they can’t contact you again. Equally, if you see an incoming call coming through from a number that you don’t recognise or if it is withheld, do not answer it. If it is from someone you do know or it is urgent, they will likely leave a voicemail with a genuine message or contact you another way.
Remain in Control and Keep Calm
It is important to remember to always be wary of incoming calls from numbers that you do not recognise, remembering the tips we have shared and staying alert. If you are suspicious of any future calls, always remain calm and do not give over any confidential information if you are worried or concerned about anything on the call.
Main pieces of advice to provide when trying to protect yourself from vishing is:
- If someone calls you, never give personal or sensitive information, money or access to your computer over the phone.
- If they do request for any of these things, explain you’ll call them back. Make sure the organisation in question is legitimate and call them back on their main office number.
- Never contact them back using a method they provided you over the phone.
If you think you’ve fallen victim to a vishing attack, it’s important to action or consider the following:
- Change any account passwords e.g. work accounts, personal bank accounts, other sensitive online accounts etc.
- Contact your bank to report you may have been a victim of fraud.
- Contact your IT department so they can perform the necessary anti-malware scans and diagnostics on your computer.
Whether individually or as a business, vishers will be targeting more and more. Take the advice given and contact our team if you would like to find out more information about how you can stay alert about these types of scams by contacting us via phone or email.Published: 18th September 2020