What is Vishing?
Vishing is an electronic fraud tactic using voice or voice over IP (VoIP) phishing to trick individuals into revealing critical financial or personal information to unauthorized entities. Vishing is the phone’s version of email phishing and uses automated voice messages to steal confidential information. Vishing attacks use a spoofed caller ID, or a toll free number which can make an attacker appear to come from a known number that entices an individual to pick up the phone.
Common vishing scams
Compromised bank or credit card account
Whether it’s a person or a prerecorded message on the other end, you’ll be told there’s an issue with your account or a payment you made. You may be asked for your login credentials to fix the problem or asked to make a new payment. Instead of giving out your information, hang up and call your financial institution on their publicly available number.
Medicare or Social Security scam
Phone calls are the No. 1 method scammers use to reach older adults, according to the Federal Trade Commission. Thieves pose as Medicare reps and often during Medicare open enrollment season and try to extract financial information from the victim, such as their Medicare number or bank account details. Then the scammer will either fraudulently use the victim’s Medicare benefits or steal their money. Scammers may also claim to be from the Social Security Administration and threaten to suspend or cancel the victim’s Social Security number.
What can you do to protect yourself against Vishing?
Attackers use Vishing because their targets do not have time to think a situation through prior to providing information. A victim can easily be confused by alarming claims and disclose valuable information. Vishing attacks can be focused on all employees, or against employees that mainly deal with people outside the organization. Departments like Marketing, Sales, the help desk and HR are good to include in vishing security tests.
Block Robocalls
A robocall is an automated phone call that usually delivers a recorded message. Scammers will also use auto-dialers to make a large number of calls in a matter of minutes, so they have a better chance of reaching a real person. There are several applications you can install from the play store and app store to help stop the unwanted calls. Some of the mobile apps you can install are Robocall Blocker, RoboKiller: Spam Call Blocker, Hiya, Nomorbo, Truecaller and many others.
Don’t answer unfamiliar numbers
Sometimes even blocking phone numbers won’t stop vishing attempts because scammers use software to scramble their real phone number. For example, scammers often mimic the area code and the first three digits of your phone number to trick you into thinking it’s a local call. If you block one number, scammers will simply call you from another.
If you answer the phone and then hang up immediately, the scammer will know that your line is active. However, if you do not pick up the phone, scammers will eventually consider your number to be dead. Resist the urge to answer the call, and you should see the frequency with which you receive robocalls begin to fall.