Vishing is short for “voice phishing,” a type of cyberattack that uses calls or voice messages designed to trick victims into providing sensitive information, such as financial or login credentials. These details can then be used for criminal activities such as fraud, identity theft, or financial theft. Callers pretend to be from a reputable organization or authority with a story you’re likely to believe.
Vishing isn’t limited to phone calls. Many vishing attacks start with a phishing email, urging the recipient to dial a number. Once in a call, scammers use social engineering tactics to convince the target to share their personal details.
In vishing scams, attackers pretend to be from reputable organizations (such as the victim's bank, the IRS, or a package delivery service) and make unexpected phone calls. They might use toll-free numbers or use voice over internet protocol (VoIP) technology to appear as trusted organizations.
According to Cisco, phishing attacks are common and costly: In 2022, phishing was the second most common cause of data breaches, costing organizations an average of US $4.91 million in breach expenses.
Often, vishing scams target the elderly, new employees, and employees who regularly receive external calls as part of their job. Defending against vishing attacks requires vigilance, informed precautionary measures, and robust email security solutions. It’s important to recognize the signs of a vishing attempt.
Here are some tips to keep in mind:
Vishing scammers often use spoofed phone numbers to appear to be from a trusted business, subtly different from a number you’d actually recognize. Always be cautious, no matter what displays on Caller ID.
Vishing and phishing tactics often incite urgency or fear, such as an urgent account problem, suspicious activity, or a final warning. They may also fake familiarity, hinting at a prior conversation, relationships, or corporate hierarchy. All of these are intended to make you act without thinking.
The goal of a vishing attack is to steal your sensitive information, such as passwords, PINs, verification codes, or financial information. Legitimate institutions will never request such details through unsolicited calls.
Scammers might have what seems like personal knowledge about you, taken from online sources or social media, to make the call seem legitimate. However, knowing your address, recent transactions, or family details does not confirm the caller's authenticity.
If a call seems suspicious even when it sounds genuine, don't act immediately. Instead of following the caller's instructions, hang up and call the institution or person directly using a verified number from their official website or your contacts. You should never use the call back number provided during the suspicious call.
Thank you for taking the time to read these tips. Our customer’s cybersecurity is important to us, so here’s your chance to use the knowledge you just read to enter for a chance to win a $300 Amazon gift card. We will select a random winner from all complete and correct entries. Good Luck!
Contest Rules: No purchase necessary. Void were prohibited. One entry per person. Must be 18 years of age or older to enter. Employees and family members of PenTeleData and their affiliates are ineligible. This contest is open to legal residents in PenTeleData territories only. One winner will be selected at random and will be announced after the selection on or about November 30, 2024. Odds of winning will depend on number of entries. Winners must grant permission for PenTeleData to use his/her name, statements and image in future promotions, without compensation. All PenTeleData decisions and prize awards are final. Prizes may not be substituted and are not refundable, transferable, or redeemable for cash.