What is Vishing?
Vishing is phishing’s mobile counterpart. It is defined as the act of using the telephone in an attempt to scam the client for the surrender of private information to be used for identity theft. The scammer typically pretends to be a legitimate business and tricks the victim into believing he or she is going to profit. 143 million people were affected by the Equifax hack alone.
Anatomy of vishing step by step
Following steps are involved in execution of a vishing attack.
- Finding the Target
- Tricking the Target
- Using the Stolen Information
- Disappear
Types of Vishing
War Dialing
This is when the visher uses an automated system with a message concerning local or regional banks or credit unions to dial different area codes. Once someone responds to the phone, a generic or targeted recording starts asking the listener to enter bank account, credit or debit card numbers along with PIN codes.
VOIP
Voice over Internet Protocol, or VoIP, is an Internet-based phone system that can make vishing simpler by allowing multiple tandem technologies to operate. Vishers are known to use VoIP to make calls and to use VoIP-connected servers.
Caller ID Spoofing
This is the method of causing the phone network to show a false number on the recipient’s caller ID. Several companies are offering software to enable caller ID spoofing. VoIP has known vulnerabilities that require caller ID spoofing. Such devices are usually used to fill a caller ID with a particular bank or credit union, or simply with the words “Bank” or “Credit Union.”
Dumpster Diving
Simply dig through the dumpster of a bank and save any lists of customer phone numbers is one time and tested “hack.” Once the viewer has the list, for a more targeted attack, he can program the numbers into his system.
Prevention
Below are ways you can prevent yourself from falling victim of a vishing attack.
- Never call the number given to you or displayed on your Caller ID.
- Never share any personal information.
- Never respond to an unknown number call.
- Don’t completely trust caller ID.
Deeksha
Deeksha is a seasoned cybersecurity expert, dedicated to defending the digital domain from cyber threats. With a strong grasp of technology's dual-edged nature, she excels in threat detection, risk mitigation, and ensuring regulatory compliance. Her proactive approach and unwavering commitment make her a reliable guardian in the ever-evolving digital landscape.
