What is “Vishing” and How can you Protect against it?

What is “Vishing” and How can you Protect against it?

Your phone rings. It’s from a number you don’t know, but you can’t help it. Curiosity gets the better of you and you answer it anyway.

You’re greeted by someone calling about the extended warranty on your vehicle or you’ve just won a large cash prize. The caller says they just need to collect your banking details so they can send you the money.

However, you’re really just being scammed by fraudsters looking for a payday.

Vishing, or “voice phishing”, is phone-based fraud that tricks users into giving up personal and private information that can be used for digital theft.

Vishing attacks are at an all-time high, according to John Wilson, Senior Fellow for Threat Research at Fortra. According to a report conducted from PhishLabs and Agari by Fortra, vishing cases rose an extraordinary 550% from early 2021 to early 2022.

Vishing scams are hard to control because it’s hard to determine how a bad actor gets your number to begin with. Your number can be collected on the dark web as a result of a data breach your information was a part of. Peoples’ private information is also listed publicly on various websites that can be accessed through simple search results (which in itself is terrifying).

Vishing can sometimes initially be hard to definitively spot because it’s very easy for attackers to use programs like Google Voice to spoof phone numbers and make them look local.

Through vishing attacks, the end goal is some sort of financial gain, however scammers are also trying to gain as much personal information about you as they can to supplement what they already have including Social Security Numbers, Usernames and Passwords, Debit Card PINs, and more.

Vishing attacks specifically are voice-based attacks, but could also be part of a multi-pronged approach that uses phishing and smishing as malicious techniques as well. No matter how it’s done, attackers are out to rob you of your hard earned money.

There are many ways you could fall victim to a vishing scam. Here are the 8 most common:

Tech Support

You receive a phone call from a tech support representative explaining that something like your computer’s anti-virus protection is about to auto-renew for a specified amount of money. The rep then asks you to provide your credit card number so that they can verify the card on file. Sometimes they’ll even ask for your address and SSN.

Computer Virus

Abruptly, your computer is overtaken by an alert that says you have a virus and that you must call the number on your screen to remedy the situation. Only when you call them, they throw you through a process that ultimately just installs actual spyware on your machine with the intent to steal your personal information.

Voicemail Attachment

You receive an email at work that includes an attachment to a voicemail. By clicking on the attachment, you don’t even realize you may have just unknowingly given the scammer your corporate login credentials.

Advanced Fee Fraud

A representative from a bank calls you to let you know you have an inheritance you haven’t claimed. After providing your payment information to cover the cost of the notary who will release the funds, you’ll be rewarded your inheritance. Except what is really happening is you’ve just paid to receive an inheritance that doesn’t exist.

Gift Cards

Someone acting as your boss leaves you a voicemail asking you to purchase gift cards for the team. You then, proceed to buy the cards where you’re expected to text back the numbers and codes of the cards. The problem? The initial request didn’t come from your boss.

Prize Wins

You receive a phone call out of the blue with information you that you’ve won a prize! All you have to do is confirm your information: bank account number, address, date of birth, Social Security number, etc. If you supply that information, it’s the scammer who’s won the real prize.

IRS Alerts

You receive a call from a representative that says that there is legal action involving your Social Security number and they’ll send agents to your home if you don’t provide payment details to pay up. This type of vishing scan is especially prominent during tax season.

Area Code Based Scams

People are more likely to pick up the phone if it’s from a number in their own area code. An example of this, that is quite disturbing, is that depending on what part of the country you are from voicemails will be left that target first-generation resident of certain ethnicities from people claiming to be immigration officials. If they don’t call back and provide the requested information, they are told they’ll be arrested.

How can you protect yourself from falling victim to a potential vishing attack? Try following these tips:

  • Don’t pick up a call from a number you don’t recognize, even if it’s in the same area code as you

  • Never send money as a result of an unexpected phone call

  • If someone is claiming to be a bank or a representative from a certain organization, verify their legitimacy on your own. Hang up the current call, look up their contact information on your own, and ask them yourself if they are trying to contact you

  • Use your intuition. Most organizations, for security purposes, won’t call you and ask for your personal information. If something feels “off”, it likely is

  • Use spam blocking tools to help block or flag numbers that may spam you

  • File a complaint with the FCC if you receive a call that seems fraudulent. If you are scammed out of money as a results of a vishing scam, alert the FBI’s Internet Crime Complaint Center

 

Story via Forbes Advisor

Largest School District in Arizona hit with Ransomware Attack

Largest School District in Arizona hit with Ransomware Attack

We Ran AI-Generated Text through 7 AI Detectors to see how Accurate they are

We Ran AI-Generated Text through 7 AI Detectors to see how Accurate they are