We stand with Ukraine to help keep people safe. Join us

Tags Digital Wellness

What Is Vishing?

Vishing means “voice phishing,” and it’s a type of phone scam. In a vishing attack, you’ll receive a call from someone pretending to be from an organization you know and trust. They’ll use this to get you to hand over your sensitive information. Below, we’ll explain the most common voice phishing attacks, how to spot them, and what to do if you’ve been scammed.

Table of contents

5 most common vishing examples

Fraudsters are always coming up with new ways to scam their victims. And unfortunately, with new technology, vishing scams are becoming more sophisticated and harder to spot every year.

 

Here are some of the most common vishing strategies:

  1. Robocalls. Scammers use robocalls and AI-powered technology so that they can call thousands of numbers every day. In these, the robot will usually claim to be from a trusted organization. They’ll either ask for you to pass on some personal details or hand you over to a human scammer if you respond.
  2. Voicemail scams and texts with a number to call. In voicemail scams, you’ll receive a message saying you missed an important call. You’ll be asked to call a number back to resolve some problem with your account or order. But when you call that number, it’s a scammer that answers the phone.
  3. Deepfake calls. Nowadays, it’s possible for scammers to use deepfake technology to pretend to be someone you know or trust (also known as “spear phishing”). For example, they might pretend to be a local politician. The technology is very convincing, and it can be hard to tell whether it’s real or not.
  4. Fake tech support calls. One of the most common types of scams is fake tech support. In these calls, the scammer will usually tell you that to fix your tech problem, they’ll have to take remote control of your PC or device. When they do, they steal your personal information or try to trick you into sending them money.
  5. Caller ID spoofing. Scammers can use a technology known as Voice over Internet Protocol (VoIP) to spoof their caller ID so that it looks like the call is coming from a trusted source. For example, you might receive a call from “IRS,” but it’s actually a scammer on the other end.

How to spot a voice phishing attack?

To prevent vishing, you need to know what common vishing scams look like. Luckily, there are a few warning signs to keep your eye out for.

 

Here’s how to spot a voice phishing attack:

  1. The phone call comes completely out of the blue. It’s very rare that a company or government agency will call you directly. Instead, they’re more likely to contact you by letter or email, asking you to call them.
  2. They ask for your personal information. If the caller asks for your Social Security number, credit card number, or bank account, it’s a scammer.
  3. They need money upfront. Often, vishing scammers will claim they need a cash transfer upfront in order to fix whatever problem is at hand. If they ask for this, they’re trying to scam you.
  4. The caller builds a sense of urgency. Scammers will try to scare you into acting without thinking by making the situation seem urgent. Always take your time to think clearly before handing over any information.
  5. They get aggressive. No professional caller will be aggressive with you over the phone. However, scammers often become short-tempered if they feel like you’re wasting their time.

Be careful

If you notice any of these red flags, refuse to hand over your personal information. Instead, hang up and call the company or agency directly, then ask them to confirm whether it’s true or not. This way, you’ll be able to determine whether it was a scam or a legitimate call.

How to prevent a vishing attack

The easiest way to avoid vishing attacks is to know the warning signs and steer clear. Here are some ways to avoid being scammed by vishing cybercrime:

  • Never answer calls from unknown numbers. If it’s an important call, the caller will contact you another way.
  • Don’t interact with suspicious phone calls. If you answer a call and get an automated response, it might ask you to press buttons or respond to questions. If you do, the scammer will identify you as a potential target and might record your voice. Instead, hang up immediately.
  • Don’t reply to suspicious texts. If you receive a text message that you’re pretty sure is a scam, don’t reply. If you do, you’re letting the scammer know that your number is active, and they might decide to target you with further vishing and smishing scams.
  • Never share 2FA codes or passwords. If a caller asks you to disclose a two-factor authentication (2FA) code, they’re trying to scam you. Hang up the phone immediately.
  • Be wary of fake caller IDs. Using a fake caller ID is easy, so you should never trust them. Always search the company and check that the number matches that which is listed on their website.
  • Never click on links or call numbers in suspicious texts. If you receive an unsolicited text with a link or phone number in it, ignore it. The link might lead to an unsafe website that tries to steal your data or install malware on your device. Likewise, the phone number will be the scammer’s personal number. Calling it lets them know that your number is active, opening you up to further attempts.
  • Sign up on the National Do Not Call Registry. It’s free to add your number to the Do Not Call Registry. While this won’t stop every scammer, it will prevent you from receiving spam calls from legitimate telemarketing companies.

Also, make sure to avoid phishing scams in general. How to avoid phishing scams?

  • Stay away from unknown phone numbers
  • Always check a website URL to see if it is legit
  • Get Clario AntiSpy.

Clario’s AntiSpy extension for Chome and Saafri will help you identify whether a website you’re visiting is fraudulent. Along with anti-tracking software and an ad-blocker, the Clario AntiSpy extension makes a great online safety partner. Here’s how to use it:

  1. Download Clario AntiSpy and get a subscription to create an account
  2. On the dashboard, click Safe browsing
Safe Browsing main screen in Clario Anti Spy

3. Enable the extension for Chrome or Safari

 

4. Enjoy the four pillars of Safe browsing from Clario AntiSpy: Web security, Anti-malware, Ad blocker, and Anti-tracking.

Clario Anti Spy extension for web brpwser

What to do if you get scammed

If you’ve fallen victim to a vishing scam, you need to act immediately. The faster you respond, the more chances you have of preventing the scammer from doing further damage.

 

Here’s what to do:

  • Hang up the phone. As soon as you realize it’s a scammer (or even if you’re suspicious), hang up the phone. This will prevent the potential scammer from convincing you to hand over your personal information. Once they’re off the phone, you can call the organization directly and verify what’s going on.
  • Call your financial institution. If you handed over any personal details at all, call your bank immediately and let them know. They’ll be able to put extra security measures in place to protect your account from any fraudulent activity. They’ll also walk you through what to do next to further secure your accounts and identity.
  • Freeze your credit reports. If you gave the scammer your details, call your credit union and ask them to freeze your credit until the coast is clear. This will prevent the scammer from opening any lines of credit in your name.
  • Change your passwords. The next step is to change all of your passwords, starting with financial accounts. Make sure each password is unique, uses a combination of letters, numbers, and symbols, and is at least 12 characters long.
  • Enable 2FA. With new passwords in place, it’s time to enable 2FA and multi-factor authentication (MFA), if available. These add extra layers of defense to your accounts, meaning that even if the scammer finds your password, they won’t be able to gain access.
  • Secure your devices. If you gave the scammer remote access to your device, make sure to delete the software they installed. Next, back up all of your data (in case they try to ransom it to you), and run your antivirus to check for malware and viruses.
  • Block the scammer’s number. Blocking the scam number will prevent them from calling or texting you in the future.

To block a number on an iPhone, open the Phone app, tap Recents, choose Info, and then tap Block this Caller.

How to block a scammer's phone number on iPhone

On Android, open the Phone app, select Recent history, tap More, and select Block contact.

Go to Recent History, select the scammer's phone number, tap More, then tap Block ccontact.
  • Report the scammer. With your accounts and identity secure, you can report them (and their phone number) to the relevant authorities. We recommend reporting them at ReportFraud.ftc.gov, DoNotCall.gov, and your phone service provider so that they can block the number.

Conclusion

Scammers are using more techniques than ever to steal your money, and it’s getting harder and harder to avoid. This is why cybersecurity matters.

 

Just remember the rules of thumb–never answer unknown numbers, don’t reply to texts, and never click links in unsolicited messages you receive. Finally, keep in mind what you need to do if you do fall victim, so that you can minimize the damage that the scammers can do to your identity and financial accounts.

Keep reading

Stay away from phishing scams with Clario AntiSpy.

Get started