Understanding Vishing and How to Protect Yourself
Have you ever heard the term vishing before? Maybe not, but you’ve probably been on the end of a vishing or “voice phishing” scam. We’ve noticed an increase in these particular scams in the past few years and now we’re here to explain what vishing is and tips you can use to stay one step ahead.
What is Vishing or “Voice Phishing”?
Vishing or “voice phishing” is the fraudulent practice of making phone calls or leaving voice messages that impersonate reputable companies in order to tempt individuals to reveal personal information. In fact, vishing and phishing are both similar methods of cybercrime because the goal is to obtain sensitive information that could be used for identity theft or monetary gain. Phishing is done primarily through email-based attacks and vishing is done entirely over-the-phone through automated calls or “robocalls” and telemarketers. With this phone-based fraud, there are several manipulative tactics that can be used for cyber theft.
Vishing Scams That Could Leave You Vulnerable
- One-Time Passcodes – Usually received via email, text, or voice, one-time passcodes are a safe method for gaining access to your accounts. “Be aware that companies will never ask for those codes to help verify your identity. If that happens, it is generally a scam and they are using that one-time passcode to get into your online banking, or to set up illegitimate digital wallets,” says Kitrina Kanaris, Vice President, Information Security Officer.
- Fraudulent Transaction – A fake text or call that says a fraudulent transaction has occurred on your account and the scammer will ask for the one-time passcode that they’ve sent to your phone to “stop” the transaction. By providing the code, the scammer will compromise your online banking access and put you at risk. Scammers usually already have the online banking credentials and just need the code to gain access.
- Digital Wallet Enrollment – The victim receives a text or call that says your device has been enrolled in a digital wallet for your card and the scammer needs the one-time passcode that they’ve sent to your phone to stop or un-enroll the device. Scammers usually already have your debit card details and by providing the code, it will enroll your card into a digital wallet on the scammer’s device.
- Area Code Scams – Scammers know the best chance they have of someone answering the phone is if people receive calls from an area code they know. Be wary of answering calls when you don’t recognize the phone number.
- Computer Virus – If your screen has a pop up window that says a virus is impacting your online banking access, it may tell you to call a number to fix the issue. Scammers may be trying to get you to provide information or gain access to your computer files.
- Gift Cards – Scammers will ask victims to purchase gift cards over-the-phone using their credit card and then they’ll say the gift cards have been mailed. Scammers will sometimes even pretend to be trusted people by seeing who you are connected with on social media platforms.
Protecting Yourself from Vishing Scams
- If you’re unsure of who the caller is, let the call go to voicemail.
- Always be suspicious when anyone is asking for a payment over-the-phone.
- If you think scammers are trying to impersonate an organization, call that organization using their verified phone number and ask if someone is actually trying to get in touch with you.
- You can block numbers that you suspect are spam through your phone’s most recent calls.