Voice phishing also known as “vishing” is an electronic modern form of theft. This method does not typically occur over the internet, it is carried out by voicemail, VoIP, landline and cellular phones. The primary goal of this attack is to extract victims personal, private and financial information. Many financial institutions are arguing that accountability must be placed on the target as well for not actively protecting their own accounts. Furthermore, banks are declining to refund money to the victims due to “negligence” by not assuring their own bank security.
Most often the target receives a message indicating there has been fraudulent or suspicious activity on their credit cards, bank account, mortgage, or other financial institutions. Victims are told to call back a specific number and they will need to provide information in order to “verify their identity” or to “ensure fraud does not occur”. Caller ID spoofing is another tactic frauds are using to trick their victims into thinking the call is coming from a legitimate source such as a financial institution or government agency. This type of scam is typically difficult to trace, especially when executed through VoIP. Vishing scams, like many other real customer service companies, are outsourced to other countries, making law enforcement powerless.
If an unsolicited message suggests you are a target of illegal activity, no matter the source, don’t call the provided number. The consumer should call the establishment named, using a number that is familiar, to ensure the account has not been tampered with. There are ways to protect yourself, listed below. In many cases, callers may claim to be experts or authorities in a certain field. They may pretend to be computer technicians, bankers, police, or even victims themselves.
If you do answer the phone, the moment you suspect it might be a vishing call, end the call immediately. Do not speak to or otherwise engage the caller. There are vishing schemes in which the sole purpose is to record the victim’s voice for later use in navigating voice-automated phone menus tied to the victim’s accounts. However, if you are unsure, there are ways to tell if the caller is legitimate. It is not difficult to authenticate a caller’s professional affiliation with a phone call. If the caller claims they cannot — or will not — provide the information asked for to verify their identity, they cannot be trusted. If the caller does provide contact information, it is still important to actually verify their legitimacy by using an official phone number available to the public to call the organization in question.
If you follow these tips and stay cautious, you will be safe from vishing scams. Just remember to verify the callers and never give out personal information.
With so many new scams out there, it is critical to raise awareness about these types of attacks and to take the proper steps in addressing the conflict. For questions or concerns give us a call at