What is Vishing? Voice Phishing Scams Explained & How to Prevent Them
posted by: FraudWatch International date: Feb 26, 2019 category: All, Brand Abuse, Phishing, Vishing comments: 0
There’s good news and bad news. The good news: advances in technology have changed our lives in many positive ways. The bad news: crooks keep pace with technological innovations and adjust their scams accordingly. One of the many technology-based criminal scams is ‘vishing’.
What is vishing?
The word ‘vishing’ is a combination of ‘voice’ and ‘phishing.’ Phishing is the practice of using deception to get you to reveal personal, sensitive, or confidential information. However, instead of using email, regular phone calls, or fake websites like phishers do, vishers use an internet telephone service (VoIP).
Impersonating a person or legitimate business to scam people isn’t a new thing. Vishing is simply a new twist on an old routine. In fact, vishing has been around almost as long as internet phone service.
Using a combination of scare tactics and emotional manipulation, they try to trick people into giving up their information. These vishers even create fake Caller ID profiles (called ‘Caller ID spoofing’) which make the phone numbers seem legitimate. The goal of vishing is simple: steal your money, your identity, or both.
Common Vishing Techniques
By spoofing a legitimate phone number, voice phishing scammers lead people to believe the call is legitimate. At the same time, since you know that they can do this, you can’t even trust Caller ID. Yet even if you don’t answer the phone, they leave voice messages to provoke a response – you’ll return their call and give up your information.
Vishing can take several forms. One form targets your bank account or credit card account. For example, you might get a call from with a message such as:
Your account has been compromised. Please call this number to reset your password.
The visher hopes you’ll hear the message and panic. Typically, when you dial the number they leave, you hear an automated recording that asks for information like bank account numbers and/or other sensitive information.
Another vishing attack example is a phone call about a free offer or telling you that you’ve won a prize. But in order to redeem the freebie, you must first pay for shipping and handling. A third example is a call saying you’ve won a prize such as a cruise or Disney vacation. To claim your prize, you’re told to first pay a redemption fee. Often, they ask you to give your credit card number over the phone.
Other vishing scams include things like:
- Unsolicited offers for credit and loans
- Exaggerated investment opportunities
- Charitable requests for urgent causes
- Extended car warranty scamsVishing banking scams are a vishing attack that involves a call from someone who says they’re from your bank or some other financial organization. They may tell you that there is a problem with your account or with a payment from your account. They might ask you to transfer money to a different account to correct the problem. However, all they’re doing is taking your money.
What is vishing banking?
Vishing banking scams are a vishing attack that involves a call from someone who says they’re from your bank or some other financial organization. They may tell you that there is a problem with your account or with a payment from your account. They might ask you to transfer money to a different account to correct the problem. However, all they’re doing is taking your money.
What is a phishing phone call?
A phone call from someone pretending to be from a bank, credit card company, debt collector, charitable organization, healthcare provider, or even the IRS. Some phishers may tell you that you’ve won a prize, like a vacation, but you need to pay a small fee to collect it. Their objective is tricking you into giving sensitive information over the phone. If you give them your information, they can access your financial accounts or steal your identity.
What is the difference between phishing and vishing?
Phishing can take many forms, such as a phone call, email, or phony website. In comparison, vishing uses internet phone services (VoIP) to complete the scam. Often, this includes ‘spoofing’ the phone number of a real business or company.
When vishers spoof a legitimate business and customers are affected, the company suffers. Even though the actual business had nothing to do with the vishing scam, the company’s reputation, brand, and image could be negatively impacted.
How do I stop telemarketers from calling my cell phone?
To stop unwanted calls to your cell phone, add your mobile phone number to the national Do Not Call registry. You can do this one of two ways:
- Visit the FTC Website: https://www.donotcall.gov/register/reg.aspx
- Or call the FTC directly: 1-888-382-1222
How do I report a suspicious phone number?
If you are a consumer who answers a phone call that you believe is a scam, report these suspicious phone numbers to the FTC:
- Call 1-877-FTC-HELP
- Or visit www.ftc.gov/complaintHere is a list of other resources outside of the U.S.:
- If your business has been the victim of vishing, you should notify your customers ASAP. Also, in addition to contacting the FTC, report the incident to the FBI. You should also inform your customers of resources like www.IdentityTheft.gov where they can report a potential or real identity theft.
- New Zealand:
Where do I report a robocall?
Report the number to the FTC online, call the FTC 1-888-382-1222, or use any of the links listed above.
Can you get hacked by answering a phone call?
No, answering a phone call does not lead to being hacked. None of your data, passwords, or other sensitive information can be transmitted through a phone call. However, if you’re still not convinced, don’t answer calls from unknown numbers.
Can someone hack my phone calls?
In a way, yes. Hackers, whether they are technicians from the NSA or teenagers in Estonia, can access certain things on your phone. Theoretically, if they have your number, hackers can read your texts, listen to calls, and also track the movement of your phone (and thus track you). To safeguard yourself, be careful what details you give over the phone and never send sensitive information via text message or email.
How to Prevent Vishing Attacks
There is no need to be paranoid about becoming a victim of vishing. At the same time, it pays to be careful. To help you remain vigilant, below are some specific steps to prevent vishing:
- Be aware – Knowing how these thieves operate can help you from getting scammed. Always remember that legitimate a business doesn’t make unsolicited requests for personal, sensitive, or financial information. Anyone who does this over the phone is probably trying to scam you.
- Don’t give in to pressure – If someone tries to coerce you into giving them sensitive information, hang up.
- Don’t answer phone calls from unknown numbers – It is tempting to answer calls from unknown numbers. You might even if think, ‘What if it’s an emergency and someone needs me?’ Be aware that anyone who’s calling you with a real emergency will leave a message.
- Stay calm and don’t panic – Since these criminals frequently play on your emotions, keep a cool head and hang up the phone. If you still feel afraid, wait 10 minutes and then call your bank, credit card company, or whoever the caller claimed to be. Then verify whether there is a real problem.
- Be skeptical at all times – Even if your Caller ID gives the name of a bank, charity, or some other company or organization, it could be a trick.
Stay Safe and Don’t Be a Victim
If you have a phone, you should remain suspicious of phone calls. Whether the call is from an unknown number or from a seemingly legitimate number, be suspicious. However, if you do answer the phone, don’t fall for their pressure tactics or emotional manipulation.
You don’t have to be a victim of vishing. Stay safe and be wary vishers! If you’re a business, be on the alert. Vishers are always planning their next scam. Be vigilant and take precautions to prevent your business from being the next victim. For more information about vishing protection, contact FraudWatch International.
***Information found at https://fraudwatchinternational.com/vishing/what-is-vishing/