Vishing: What is it and How To Protect Yourself

• Publish Date: 2013/04/09 - (Rev. 2016/02/09)
• Author: Lee Robbins

Outline: Information regarding vishing the use of voice over IP telephones to collect personal information such as bank accounts birthdays and Social Security numbers.

Main Digest

Breakthroughs in telecommunications enable people to connect with one another in newer and increasingly cheaper ways. Unfortunately, they can also provide scammers and con men to do the same. Such is the case with 'vishing.'

The vishing definition, according to the FBI's official website, is the use of voice over IP (VoIP) telephones to collect personal information, such as bank accounts, birthdays, and Social Security, later to steal money or the identity of victims personal details later to be used for fraud. By being cautious and skeptical of any communication, you can safeguard yourself against these types of scams.

How Can You Protect Yourself

The vishing definition, according to the FBI's official website, is the use of voice over IP (VoIP) telephones to collect personal information, such as bank accounts, birthdays, and Social Security, later to steal money or the identity of victims. It's also referred to as "VoIP phishing" because it's the audio equivalent to regular phishing (using emails to do the same). For the scammers, vishing offers two significant advantages:

1) Caller ID's can be spoofed with VoIP phones concealing their name to potential victims.

2) entire operations can be created and taken down in short periods of time (as compared to traditional telephone lines).

Phone Numbers

Criminals land phone numbers in a region or area code (or copy customer phone numbers from financial institutions). They then receive an automated dialing system to call individuals and circulate a recorded message. The victims hear messages like: "Your debit card has been deactivated. To use it, it must be reactivated," or unintentionally, "There is an issue with your account," and are told to call a phone number or visit a website to ameliorate the situation. The phone number or website asks victims for personal information, and once it's entered it's used to be able to steal how vishers see fit.

Hooded man holding laptop computer

Dan Larkin, chief of the FBI's 'Cyber Initiative and Resource Fusion Unit' are reluctant to give an exact number of vishing on their website. "A lot of would-be victims are reporting this [vishing] as SPAM or phishing, but we know it's out there. It's happening." If the actual vishing statistics are anything like the numbers reflecting Internet scams in general it's a growing and costly problem; from 2005-2010 Internet scams tripled from 100,000 to over 300,000. The total dollar loss of these scams well exceeds $300 million annually. Scams range from classics like minimal schemes to modern favorites like the Nigerian scam and use a variety of tactics like phishing, vishing, and smishing (fraud using texting).

Regardless of the specific methods of scammers, Chief Larkin suggests that you treat any call, email, or text that seeks personal information with a healthy dose of skepticism. If there's any doubt in your mind "take time to contact the service number provided to you when you started the account; don't download anything that's uncertain and avoid websites that aren't trustworthy.

Types of Fraud

Most people use telecommunications for the convenience of services they offer. A small, but pernicious, part of the people use them to trick victims into providing personal information. Vishing and smishing, like their predecessor phishing, utilize cutting-edge technology to collect personal details later to be used for fraud. By being cautious and skeptical of any communication, you can safeguard yourself against these types of scams.