Vishing is sometimes also known as voice phishing. It is a criminal activity where one uses social engineering over telephone systems to gain access to personal and financial information of people. Vishing is highly used to gain access to credit card numbers and other personal details of individuals. It is highly used in identity theft schemes. Vishing scams and activities are difficult to handle legally.
Therefore people are always put on caution regarding such activities by banks etc. They are strictly advised that people should not reveal their personal and financial information, such as account number, credit/debit card numbers and details about their identity and assets when they receive any calls or messages, where they are asked for such information.
Through Vishing activity fraudsters can ask for:
- Personal details, such as date of birth, date of expiry of credit/debit cards etc.
- They ask for the credit card number or account number and when people provide the information.
- Sometimes fraudsters say they represent a particular company and ask people to call a particular number immediately, once the person calls they are asked for various details.
- Automated responders and war dialers are generally used for vishing activities, but many times human operators also play an important role in such vishing scams, in persuading and convincing people to reveal their private information.
- Sometimes fraudsters use a different method for vishing. They call a person and ask him to get in touch with his bank or related organization. The persons hang up and dial the bank or organizations number, which has already been tabbed by the fraudster, the fraudster doesn’t hang up from his side, or provides a false dialler tone and then answers the person and pretends to be the concerned person one wants to talk to in the bank or organization. Such type of activity is known as no hang-up scam. To avoid falling victim to such scams people are advised that when they respond to such calls, then they should always use a different number and device to make the calls to the concerned banks or respective organization.
Vishing attackers often pretend to pose as authority figures, employees of a particular organization or technician to obtain valuable personal details from people. Vishers gain access to things like employee ID numbers, home address, social security number, etc to gain further information about the person’s private details. The fraudster can also pose as a customer and answer personal queries about the person; he can gather such information from social networks and other related sites. In this case, the fraudster can invade private information and ask or changes to be made in the accounts or profile, such as resetting of passwords, change of PIN etc., so that he can use it further to access one’s financial and other assets.
Another technique used by fraudsters is the Mumble technique; here the fraudster pretends to be the customer himself or a person on behalf of the customer. Such a technique is generally used by online information brokers who want to access group data or information about a large number of people.
Fraudsters can commit such activities posing as technical support technicians, where they call a person and convince them that they are calling to provide technical help related to the internet, or other network problem. Here the fraudsters try to convince the person that they need to answer certain questions to tackle such problems; and in this way, they can ask for things like Company ID, Company badge number, Job title etc.
Vishing is a major problem worldwide and is difficult to tackle; therefore people worldwide are continuously advised and warned against providing private, personal and financial details to any strangers.