You’ve heard of phishing, right? Phishing is a way a cyber hacker can get into the company network by sending a malicious email. These phishing emails look legitimate to your employees and they believe it’s from someone within the company asking them to click a link. The employee clicks the link and viola – a data breach is underway.
Vishing – similar to phishing, in that it is a combination of voice and phishing. Vishing is a phone scam that uses methods similar to phishing to gain sensitive personal and/or business information.
The FBI’s Internet Crime Complaint Center estimates that vishing scams cost the victims close to $50 million in 2018.
How can you recognize, and protect yourself against, a vishing scam.
Be aware that during these calls, the cyber hacker will have trolled your social media pages and other social engineering techniques to gain personal or business information about you.
During the call the scammer will share those details with you in order to gain your trust… and potentially your passwords, access to your company and financial details.
The scammer could say he or she is from the bank you use and that your account has been compromised. He or she will say they need to access your account – with your help to assure its validity – in order to ensure your account is “safe” from the potential (fake) breach.
Scammers may also say they are from local law enforcement, the IRS or from a computer software company like Microsoft. If a scammer asks for access to your computer to install software that will protect you and your accounts from a cyberattack – be aware that they are planting malware and accessing all the information you have on your computer.
A vishing scammer can “spoof” the number from which they are calling to make it appear they are calling from a trusted source.
What are some common vishing scams?
- Compromised financial accounts. If this happens you will be asked about a payment you’d recently made and potentially for your log in credentials so the scammer can “lock down” your account to protect it from further fraudulent charges.
- Unsolicited loan offers. How often do you get credit card offers? Be aware that this could be a vishing scam, too. A caller will say they can give you an unbelievable interest rate if you want to roll over your other cards to this new one. They will tell you will earn points with the new card, and for a small fee you can apply. Be aware that legitimate lenders won’t call to make these offers.
- Social security, IRS and Medicare scams. These scams are typically perpetrated on older adults. The hacker will pretend to be a Medicare rep and try to gain financial information from the victim. Too often the older adult will believe the caller and will give out this personal information for fear of losing their Social Security or Medicare benefit if they don’t do what the caller says. The IRS calls will generally say there is an issue with a previously filed tax return and that you need to call back immediately. Be aware that the IRS, Medicare and Social Security reps will never place a call like this.
How can you protect yourself against a vishing scam?
- Sign up for the National Do Not Call Registry. When you add your home, business and mobile number to the registry it should slow the rate of calls. Certain scammers will still call so protect yourself and your information.
- Don’t answer the phone if it’s a number you don’t recognize. Let the call go to voice mail. Listen to the message and determine whether to call back.
- Just hang up. If you suspect it’s a vishing call, don’t stay on the line.
- Don’t say your name, respond to prompts or press buttons in answer to automated questions. If a caller says, “press 3” to be removed from our list or say your name to talk with an operator – you have verified to the scammer that they have reached a live, potential target.
- Ask the caller to identify him or herself, where they are calling from and a number at which you can call them back. Chances are, they will hang up on you. If they give a number, you can either call it back or report it to the authorities.
How to recover if you’ve been the victim of a vishing attack?
- Call your financial institution whether it’s about your bank account or credit card. Let them know about the call then cancel your credit card and stop further transactions on your bank account.
- Sign up for credit monitoring.
- File a complaint with the FCC
Learn the red flags and protect yourself and your financial data from a vishing scammer.
WareGeeks Solutions is a Roselle, New Jersey-based complete IT consultant and solutions provider. We specialist in Data Protection, specifically Business Continuity and Disaster Recovery (#BCDR). We work with medium and large law firms and in the healthcare industry. If you have IT or security questions contact Seth at WareGeeks Solutions. For information or a consultation, call (877) 653-7146, or email us at firstname.lastname@example.org. www.waregeeks.com