First there was phishing (Email). Then came smishing (Phishing through SMS). Now, there’s a new highly effective and targeted form of cybercrime that is stealing people’s personal information and wreaking havoc on the corporate world.
The shift to remote working, led by the Covid-19 pandemic, has created a conducive environment for scammers to target victims as they take advantage of technical vulnerabilities and security gaps.
What is vishing?
So, what exactly entails a vishing scam and how does this type of cybercrime actually work? A combination of the words “voice” and “phishing”, vishing – also known as “phone spear phishing” - is a type of phone scam that attempts to trick victims into giving out personal or sensitive information. The end goal of a vishing scammer is to steal a victim’s identity or money.
One of the main reasons why vishing has been so effective lies in the social engineering tactics that it uses. People naturally tend to trust a human voice more than an email or text message and by doing so, they often let their guard down. It’s important to note that consumers are not the only ones targeted by vishing scams. In fact, many vishers, or vishing scammers, target businesses with the aim of gaining access to not only private user information but valuable data and large sums of money.
Common vishing tactics
Some of the most common vishing scams involve fraudsters posing as telemarketers, bank employees, government officials, tech support, industry expert or authority. Often the case, the caller will create a sense of urgency or emergency and put pressure on the victim to divulge sensitive information right away.
It’s a common scenario. Your phone rings and the number that appears has a familiar area code or company name next to it. When you answer, you may either hear someone on the other end or a robotic voice tell you that your bank account has been compromised. They will likely urge you to take quick action to secure your account by calling another phone number and providing all of your sensitive information in order for them to block fraudulent transactions.