We’ve Covered Phishing…. but what is Vishing?

By Jennifer Adams

According to the Norton Security website, 75% of fraud complaints reported to the Federal Trade Commission involve scammers contacting their victims by telephone to steal financial, Medicare or tax information. This can happen to individuals and businesses. Once this information is stolen, the hacker can easily impersonate you. This is what you need to know about vishing so you can make sure it doesn’t happen to you.  

What is Vishing?

          Vishing picks up where phishing leaves off. Vishing, or voice phishing, is a tactic used by scam artists to convince someone verbally to do something that is not in their best interest. For example, you receive a call from a representative allegedly from the phone company insisting you have not paid your bill and that you must pay a fee to keep your phone service active. Later, you look on your credit card statement, and there is a charge for a completely different thing for a different amount. Criminals looking to execute a vishing attack may pose as tech support or a government agency, however, these organizations will never call you out-of-the-blue demanding money.

Should a company be the target of a vishing scam, more is at stake than just money. A data breach can cost a company its reputation.

How Common is Vishing?

          Unfortunately, vishing is a profitable activity for criminals. In 2018, scam calls added up to nearly 30% of all incoming mobile calls, and more disturbingly, 75% of those who received an incoming call reported the caller already had some of their personal information. Although only 6% lost money to the scams, the median lost was around $960.

How do I respond to Vishing?

          It can be tough to tell when you are being vished. Cybercriminals structure the conditions to fool unsuspecting victims into easily providing personal details such as their full legal name, credit card numbers, bank account information, social security number and address. If you receive an unexpected phone call and you are in doubt, ask for the representative’s name, hang up, look for the correct phone number and call the company back. If the call is legitimate, the representative should have no problem giving you their information, if they hang up suddenly or persist with threats, then the call likely isn’t genuine.        

What do I do if I’ve been Vished?

          Should you have reason to believe you have been the victim of a vishing scam, there are steps you can take to halt the scam. Call your bank or credit card company to make them aware so they can cancel fraudulent charges, as well as change your compromised credit card or bank account numbers to prevent future transactions. If the attack is directed at your company, make your supervisor aware so necessary actions can be taken and others can be educated on the dangers of vishing.        

To Sum it up -  

          Both businesses and individuals are a target for vishing and other scams which is why it is necessary for companies to educate employees on best cybersecurity practices so they will know how to properly respond when this happens. This prevents financial, data, and reputation loss for both parties.  Not sure where to start? Give us a call and to set up an appointment with an IT professional to help you and your staff best navigate the cyber world.

 

 

Sources:

https://www.zdnet.com/article/fraudsters-employ-amazon-vishing-attacks-in-fake-order-scams/

 

https://us.norton.com/internetsecurity-online-scams-vishing.html

 

https://www.kaspersky.com/resource-center/definitions/vishing

 

https://www.csoonline.com/article/3543771/vishing-explained-how-voice-phishing-attacks-scam-victims.html

Tags: