Vishing: what it is and how to protect yourself


What is vishing?

Scams are hiding everywhere these days: in emails, text messages, social media, and even voice calls. The vishing, or voice phishingit is a type of scam that is rapidly gaining ground in recent times. This is a fraud attempt, similar to phishing, in which the scammer, a seemingly reputable person or company, contacts the victim by telephone or voice message to trick them into revealing confidential information that can potentially be used to gain access to money or sensitive data.

How does vishing work?

There is a very specific reason why more and more scammers are resorting to vishing. This type of telephone scam exploits the so-called social engineeringthat is, a series of techniques that leverage innate feelings in people, such as trust, fear, greed or altruism. The cybercriminal tries to evoke these feelings, arousing panic or other emotions that could cloud the victim’s judgment, and takes advantage of this to steal liquidity or personal data.
Generate a sense of urgency is another tactic used by scammers. As trusted sources, vishers often emphasize the severity and urgency of the alleged problem to convince victims to act quickly. By doing so, victims will be less inclined to reflect on the situation calmly and rationally, to ask questions or to verify the veracity of the scammer’s statements, more easily falling into the trap.

Cybercriminals often pose as people people tend to trust, such as a bank employee, an IRS official, or an insurance agent. Scammers hope that people will trust those individuals enough to trust them with money or data that gives them access to their finances. They are also very good at tailoring the content of phone calls based on the person answering the phone, providing different information based on the area where the person lives, the time of year, age or other personal circumstances.

Someone approach techniques particularly widespread I am:

  • Bank account or credit card fraud: Bank scams are among the most common examples of vishing. The scammer says to call the institution that issued the credit card or where the current account is subscribed and warns the holder that it has been compromised. He asks for the credentials of the victim to «solve» the problem. Once this information has been obtained, the call is hastily ended and the victim finds himself with the card or account limit exhausted;
  • An unmissable offer: some criminals tend to call and offer a loan, a prize or a tempting investment opportunity. Typically these offers seem extremely advantageous, so the temptation to accept them is strong. But don’t be fooled: if a prize competition you’ve never entered asks for personal data, it’s almost certainly a fictitious offer. If an offer seems too good to be true, remember that all that glitters is not gold;
  • Tax scams: certain scammers pretend to be Revenue Agency officials or debt collectors and scare victims by talking about unpaid taxes, threatening heavy fines. Calls of this kind are particularly unpleasant but the important thing is not to be intimidated. Even if you have unpaid debts, it is important to always check that the payment requests come from an authorized collection body.
  • Medical or social security scams: Cybercriminals pretend to be calling on behalf of a social security, welfare, or government agency or official. The impostor, hoping to get his hands on benefits or pensions, or to steal cash, asks for personal information that should never be disclosed superficially. Vishing scams of this type usually target older people, who tend to be more confident on the phone and less informed about technologies and scams.

How to protect yourself from vishing and how to prevent it

Preventing vishing is actually not particularly complicated. To detect an attack you need to stay on guard for certain warning signs. If you feel like the caller is trying to rush, manipulate, or panic, there’s a good chance it’s a phone scam. However, to avoid becoming a victim of a vishing attack you can follow some basic rules:

  • Never share or confirm personal information over the phone, even if the caller claims to be doing so on behalf of the bank, post office or insurance company. And don’t forget to report the incident to your bank or supplier;
  • Do not provide anyone with the temporary codes (OTP) used to confirm operations;
  • Do not answer calls coming from unknown numbers. Leave the answering machine to go on, listen to the message and evaluate the situation calmly, or, if you think the call could also have legitimate purposes, call that number back from another phone. If it was a scam, no one will probably respond;
  • Don’t respond to emails, texts or social media messages asking for your phone number. This is often how cybercriminals approach unsuspecting people who they will target with a vishing attack later.
  • Always carefully read the contents of notifications and SMS that are used to authorize an operation and verify the veracity of the phone call by searching for the telephone number online, the number and name to which the call is addressed;
  • Never enter your personal codes or data after clicking on suspicious or unexpected SMS and email links;
  • Check whether there is an opposition register in your country. By entering your telephone number in this register you will communicate to companies acting legally that you do not want to receive so-called ‘cold calls’, i.e. unwanted calls for commercial purposes. This way, if you were to receive this type of call, it would most likely be a vishing attempt.

For entrepreneurs and professionals it is important to safeguard their profession and their data from various types of cyber attacks. The adoption of the Cyber ​​Risk policy allows the insured to protect themselves from cyber attacks and the consequent expenses and losses of data and confidential information. Furthermore, this coverage provides expert intervention for the recovery of lost data and decontamination from any malware. All these are services included in the Smart version, which has a maximum limit of up to €25 thousand. Lokky also offers its customers the possibility of taking out a Top version of the policy, which provides for an increase in the limit up to €250 thousand and the inclusion of numerous additional guarantees, including a daily allowance for business interruption and coverage of expenses for restoring the company’s image.

latest posts published

Lokky, the Italian data driven insurtech for professionals and SMEs

Lokky, the Italian data driven insurtech for professionals and SMEs

EconomyUp interviews Paolo Tanfoglio and Sauro Mostarda, Co-founder and CEO of Lokky Awarded as 'Best ...
An ally for cyber security: Load Balancing

An ally for cyber security: Load Balancing

Having a fast, high-performance and reliable website is a non-negligible aspect for those who have ...
Business Trend 2023 for SMEs, professionals and commercial activities

Business Trend 2023 for SMEs, professionals and commercial activities

The main trends of 2023 that you will need to consider in your business Digital ...
Occupational risks for pastry shops

Occupational risks for pastry shops

The pastry chef's activity involves the production of confectionery products, from the preparation of the ...
How to read a pay slip

How to read a pay slip

In collaboration with our partner F2Dwe decided to delve deeper into the elements that make ...
What are the most common cyber risks and how to protect yourself

What are the most common cyber risks and how to protect yourself

“Houston, we have a problem."Who doesn't know the words of Jack Swigert, pilot of the ...
Clinical Risk: What it is and What are the consequences

Clinical Risk: What it is and What are the consequences

In recent years, the responsibility of healthcare facilities has increased significantly and with this also ...
Commercial activities most affected by theft

Commercial activities most affected by theft

Theft, shoplifting and armed robberies are a plague for Italian traders. In Europe, Italy is ...
October is European Cyber ​​Security Month

October is European Cyber ​​Security Month

October is the European month dedicated to cybersecurity, a good opportunity to acquire new awareness ...
Estimating cyber risk: importance and difficulties encountered

Estimating cyber risk: importance and difficulties encountered

The biggest challenge regarding cyber security is to estimate cyber risk in a credible, sustainable ...

Leave a Reply

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *