What is Vishing?
Vishing, a combination of ‘voice' and ‘phishing,' is the act of making phone calls or leaving voice messages purporting to be from reputable companies that induce individuals to reveal personal information, such as bank details and credit card numbers.
It is a type of scam where someone calls you pretending to be a legitimate company representative. They usually call you at home or office and ask you to provide sensitive information such as credit card numbers, bank account details, passwords, etc.
If you receive a phone call from someone claiming to be from a company you've never heard of, hang up immediately. If you're unsure whether the caller is genuine, contact the company directly using their official number.
In 2021, the FBI's Internet Crime Complaint Center released their Internet Crime Report 2020, in which they state that social engineering crimes, including vishing, had cost victims more than $54 million.
If someone gets access to your banking accounts without permission, they could drain your savings or take out cash advances against your line of credit. If someone steals your Social Security number, they can open new lines of credit with your name attached. If someone takes advantage of your healthcare records, they might find ways to bill insurance companies for services you never received. The results of this type of phone fraud could take months to undo.
The U.S. Federal Trade Commission (FTC) estimates that nearly half of all phishing scams involve financial institutions. Phishers often target people who have recently opened new accounts, so it’s important to be vigilant about any unsolicited emails from your bank or credit card provider.
How to Protect Yourself from Vishing Attacks
Vishing is essentially the phone-based version of phishing. There are a number of ways to prevent falling victim to one of these scams.
Adding your home or mobile phone numbers to the National Do Not Call Registry is free. However, some types of organizations may still be allowed to call you, such as political groups and charities. It won't stop people from making illegal calls to your number.
Don't press buttons or respond to prompts, even when requested by an automated message. For instance, the message might say, "Press 6 to be removed from our list" or, "Say ‘yes' to talk with an operator." Cybercriminals often use these tricks to identify potential targets for more robocalls, and could also record your voice to use later when navigating legitimate voice-automated phone menus tied to your financial accounts.
If you receive a suspicious phone call or suspect that you have been targeted in a vishing scam, you can file a complaint with the FTC online or by calling (866) 654-4357. If you feel that your personal information might have been compromised, it is important to change your passwords, notify your banks and other financial institutions and carefully monitor your financial transactions.
Businesses Use Simulations to Help Prevent Vishing Attacks
Vishing and phishing attack simulations keep your employees alert and less susceptible to clicking on a malicious link or a voice call scam. These training sessions help employees to avoid clicking on malicious text messages, which are twice as likely to elicit a response than email, phone calls, or social media messages.