Vishing is the abbreviation for "Voice Phishing". The attackers call their victim under a specific pretext and try to obtain information such as passwords or credit card data. The victim is often pressured to take certain actions (for example, making a transfer). Well-prepared vishers use spoofed phone numbers, voice-changing software, or deep fakes to appear as authentic as possible.
How does Vishing differ from other phishing methods?
While classic phishing mainly uses emails and smishing relies on SMS messages, vishing uses voice calls as the primary means of attack. Therefore, it's important that users are particularly careful with unexpected calls asking for sensitive data. Vishers often use computer-generated voices or mask their accents to appear trustworthy.
Typical Vishing Methods
Vishing attacks often begin with a text message containing a phone number. The fraudsters rely on intimidation or lure with supposed winnings. A popular scenario is posing as the tax office and threatening fines if action isn't taken immediately.
The ability to additionally generate deep fakes of familiar voices makes vishing even more dangerous. Artificial intelligence and machine learning are used to imitate voices and thus increase the credibility of the calls. In reality, it can happen that your own daughter calls asking for money or needs help. In such cases, it's incredibly difficult for victims to recognize that it's a scam.
The most famous example of vishing will be the grandchild scam. Here, the attacker calls the mostly elderly victim and poses as a grandchild. Of course, the beloved angel has huge money problems and needs the money immediately. The attacker hopes that the target person is willing to help without asking questions. Usually, another person then collects the money from the victim to allegedly bring it to the grandchild in great need.
How can you protect yourself from Vishing?
The best protection against vishing is to ignore suspicious messages and calls. This should start with unknown numbers. Therefore, it's important to never disclose sensitive information over the phone, no matter how convincing the caller may sound.
Concrete Protection Measures
-
Raise awareness:
Cybersecurity training helps identify and report vishing attacks. -
Resist pressure:
Vishers often push for immediate payments. Stay calm and verify demands. -
Caution with unknowns:
Let calls from unknown numbers go to voicemail. -
Don't disclose data:
Never share sensitive information with unknown callers.
Generally, there are often warning signs in vishing attacks. Frequently, you see callers posing as experts or professionals. Here, one should become suspicious when there's excessive urgency or refusal to confirm their own identity. Therefore, it's important to end suspicious calls and research the official contact details of the alleged company.
How common is Vishing?
Vishing has developed into a widespread fraud scheme. In 2015 alone, the damage caused by vishing worldwide amounted to about 1 billion US dollars. The low costs of internet telephony enable fraudsters to make mass automated calls. Therefore, it's important that both private individuals and companies remain vigilant and train their employees accordingly.
Thank you for your feedback! We will review it and optimize this content.
