By now you’ve probably heard of the term “phishing”—when scammers try to fool you into revealing your personal information or sending money, usually via email—but what about “vishing”? Vishing, or voice phishing, is basically the same practice, but done by phone.
There are a few reasons why it’s important for you to know about vishing. First off, voice phishing scams are prevalent and growing. A common example around tax season is the IRS scam, where fraudsters make threatening calls to taxpayers pretending to be IRS agents and demanding money for back taxes. Another popular example is the phony tech support scam, in which a scammer calls you claiming that they represent a security provider.
The scammers may say they’ve noticed a problem with your computer or device and want money to fix the problem, or even request direct access to your machine. They could also ask you to download software to do a “security scan” just so they can get you to install a piece of malware that steals your personal information. They might even try to sell you a worthless computer warranty, or offer a phony refund.
These kinds of attacks can be very persuasive because the scammers are employing “social engineering.” This is when you are manipulated into doing something for fraudulent purposes. Since the scammers can reach you at any time on your most private of devices, your smartphone, it can feel more direct and personal.
Vishing scams don’t always require a phone call from a real person. Often, the scammers use a generic or targeted recording, claiming to be from your bank or credit union, for instance, asking you to enter your bank account number or other personal details, opening you up to identity theft.
The incoming number could even appear to come from your bank, thanks to a trick called “caller ID spoofing,” which allows the scammers to fake the origin of the call. They can do this by using Voice over Internet Protocol (VoIP) technology, which connects calls over the internet instead of traditional phone circuits, allowing them to easily assign incoming phone numbers.
Don’t risk losing your money or valuable personal information to these scams. Here’s how to avoid vishing attacks:
- If you receive a phone call from either a person or a recording requesting passwords, personal information or money, just hang up
- Be skeptical of the caller ID—even if a call appears to be coming from a legitimate business, it could be a spoofed ID
- If you think your bank may be calling you, but aren’t sure, hang up and call your bank back directly to confirm any potential issue. If you know it was a scam call purportedly coming from your bank, call your bank immediately to make them aware of the problem.
- Keep up-to-date on the latest phishing scams so you know what to look out for. Also, be aware that phishing attacks via text message are also common.
- When it comes to tech support, know that a trustworthy internet security provider like McAfee® will never call you out of the blue, requesting money, information, or access to your devices
- Register your mobile phone number, as well as your home phone, on the “do not call” registry to reduce your exposure