Watch out! Vishing is around

Published 11/23/2021 by Ingenuity & Solutions in Cybersecurity - Last updated on February 13, 2022

Watch out! Vishing is around

Vishing is a dangerously effective type of attack that relies on social engineering techniques. The attacker communicates by telephone or via voice message posing as a trustworthy company or entity to deceive the victims and convince them to take action against their interests. Like phishing and smishing, these are frauds committed by criminals taking advantage of new technologies. The only thing that changes is how they do it.

The word vishing is a mix between the union of voice and phishing. It combines phishing attacks that involve voice, whether robotic or human. Attackers can reach the victim through massive phone calls, such as a corporate call center, or leave voicemails. In addition, among the favorite topics chosen by scammers for these communications, we find references to financial or security problems of our computer or mobile device.

How does Vishing work?

Vishing is a type of computer scam in which the cybercriminal, using a mobile phone or email, pretends to be a reliable source. In an effective Vishing, the cybercriminal seeks to deceive the target and obtain their confidential data. The purpose of Vishing is to steal the identity or money of users and companies.

Despite the increasing awareness of citizens of the danger of providing confidential information over the phone or through the Internet, Vishing is a crime that affects thousands of people every day around the world.

The most skilled vishing scammers manage factors that make them sound legitimate such as the following

  • Correct information

  • Urgency

  • Phone Skills

  • Business atmosphere

Common vishing attacks

These scam calls can try to impersonate different people or find other ways to get your bank details. These are some of the most common:

Call from someone who identifies himself as a bank employee

Normally to inform the customer that a fraudulent operation is being carried out with their card or another serious incident. To solve the problem, they ask you for the card details or a unique password that you receive by SMS, and with this data, they can make purchases or a transfer. Sometimes they may even give you specific data from your accounts so that you trust them, but you should never give that unique password, as it is data that the bank will never ask you in a real call.

Computer technician

With the excuse of cleaning the computer of viruses, it requests the payment of an amount of money through a platform in which the bank details are registered. They can also take control of the infected computer to obtain your data, access electronic banking, and operate on your behalf or install malware. This trick is known as the fake tech support scam.

Commercial for a telephone company

In this method, they call to communicate an error in the invoice and ask for the bank details to make the return. They can also ask for your financial information with the excuse that your company has an agreement with the bank to make discounts. Remember, you should never give the data requested in the call because your company already has the data required to make that hypothetical return.

People interested in something you sell online: If you sell products online, scammers can pose as buyers interested in what you are selling. In this case, they try to obtain your complete bank details with the excuse to speed up the payment.

Tips to avoid Vishing

For citizens not to be victims of this type of social engineering attack, the Spanish Internet User Safety Office (OSI) and the Spanish National Cybersecurity Institute (INCIBE) recommend considering the following tips:

  • Avoid sharing personal information.

  • Be wary of calls from unknown numbers or with suspicious numbering.

  • Check the authenticity of the call.

  • Use call tracking apps.

  • Always contact the official phone numbers of the entities.

  • Avoid remote access tools.

Finally, it is logical that cybercriminals investigate us and know our name, address, telephone number, and email address. Therefore, it is essential to be cautious when sharing, facilitating, or publishing sensitive data on the Internet that may be useful to you.

We hope that this article helps you to avoid suffering Vishing. If you require advice with cybersecurity, contact us and if you are interested in more content, do not forget to visit our blog.

  • Payment software

    Know about payment softwares

    Payment automation is a financial technology that allows sales and collections through digital means. In general, automation uses artificial intelligence platforms, and they learn specific patterns.

    READ MORE
  • Black hat, White hat, and Gray hat hackers Ingenuity and Solutions LLC Connecticut

    Black, white, and gray hat hackers

    Maybe you do not know that not all hackers are the same. They are usually divided into three groups: those with black hats, white hats, and gray hats. This article explains to you how it works.

    READ MORE
  • Tips to improve cybersecurity Ingenuity and Solutions LLC Connecticut

    Tips to improve cybersecurity

    Cybersecurity must be one of the company's highest priorities since SMEs manage a large amount of data. This must be protected adequately so that everything goes well.

    READ MORE

ABOUT THE AUTHOR

Ingenuity & Solutions

Ingenuity & Solutions

We help you enhancing your digital presence.

MORE ABOUT THE AUTHOR

NEW COMMENTS

Comment Guidelines:
All comments are moderated before publication and must meet our guidelines. Comments must be substantive, professional, and avoid self promotion. Moderators use discretion when approving comments.
For example, comments may not:
• Contain personal information like phone numbers or email addresses
• Be self-promotional or link to other websites • Contain hateful or disparaging language
• Use fake names or spam content

Your privacy is important to us. Check out our Privacy Policy.