For those who are familiar with what phishing is, vishing is very similar. For those not familiar with phishing, vishing is a type of social engineering when a scammer/fraudster attempts to get the person on the other end of the phone to disclose sensitive or private information (social engineering definition). Examples of this type of information include attempts to make money transfers, disclosing passwords, and social security numbers. Most of us think that we would never fall for such a scam, however, thousands of people fall victim to this crime each year.
For a brief stint in early 2016, “vishing” dominated the headlines after employees at a Burger King in Minnesota were convinced to shatter all the windows of the fast food restaurant. The fraudster who called in persuaded the employees to break the windows by pretending to be from the local fire department. They claimed to be calling because “the building was pressurized” and could have exploded unless the pressure was released through breaking the windows. Although no sensitive data was shared over the phone, this incident shows how easy it is to be tricked over the phone.
Those who attempt to “vish” others are using complicated methods and deep research to ensure that they seem like the real deal. Scammers are reported to have gone as far as to play a CD recording of a busy office in the background of the phone call to make it seem like they were working at a busy call center, when in reality they were hiding away in a remote location. Here are some other methods that fraudsters try to use to fool users on the other end of the phone.
Check this cyber awareness training video out
Phone Spoofing: Isn’t it convenient that we can see the number who is calling us on our cell phones before we even answer? 15 years ago, this luxury was not as available as it is today. Scammers have found a way to make this new technology work towards their advantage. They can “spoof” the number that appears when they call to make it seem as if the phone call were coming from somewhere else, such as your bank or work. This can be tricky to detect so remain cautious of this type of scam and always be looking out for someone trying to use it on you.
Urgency: Scammers will often tell the person on the other end of the phone that something important to them needs to be done immediately or it may not be safe. The con artist uses this tactic to instill fear into the person on the phone, causing them to make irrational decisions (making them more likely to give up their personal information).
Although phishing scams are much more talked about in the news, it is important not to forget that criminals and scammers use all different types of methods to extract sensitive data and personal information from those naive enough to give it to them. This can be done through almost any form of electronic communication including email, phone calls, and even SMS text messaging (see smishing). It is important for organizations to provide employees and network users with cyber awareness training and education to increase cybersecurity awareness and mitigate the risk of a future data breach.
WATCH: Get Safe Online: Vishing