Vishing - or even voice phishing - is a telephone scam that aims to steal sensitive data from people. Let’s see how it works and how to defend yourself.
Vishing - also known as voice phishing, is a little-known, but no less dangerous scam. It is a close relative of phishing, which has taken on very different forms in recent years, making it even more dangerous.
Vishing aims at deceiving confidential information, such as passwords or sensitive data relating to current accounts, through telephone calls. To achieve this, the scammers behind vishing use social engineering techniques.
How vishing works
Every day, even without realizing it, we can come into contact with many attempts at vishing. Think of all those times you get a call from an unknown number.
When we answer, we can hear a recorded voice and mechanical or that of a real person who starts with "hello" and then tries to sell us something. These calls are often made by real call centres, while other times they are only simulated, as in reality they are staged by scammers who are trying to get your personal data.
Many people are used to not answering unfamiliar numbers, while others answer anyway. Some, once they realize that they are talking with a recorded voice or with a call center, hang up the call. In short, there are few people who pay attention to these phone calls.
In practice, scammers generally make phone calls asking people to release personal information. Calls are set up to appear to be from a legitimate entity, such as a bank, institution, etc.
Thanks to social engineering, which is based on psychological manipulation techniques to convince the interlocutor, scammers manage to obtain the data and deceive the victim. Among the emotions these people leverage most often are fear and greed.
The first manifests itself, for example, when the respondent feels accused of an offence. Leveraging the fear of consequences, the scammer asks to release data or pay money, to remedy the aforementioned (false) offense. Greed, on the other hand, generally misleads those who give in to messages that promise to receive prizes or money, without however being absolutely entitled to it.
How to defend yourself from vishing
To avoid falling into the deception of vishing, it is possible to take some preventive measures. First of all, it is essential to remember that it is really unusual (if not impossible) for banks or similar institutions to ask for access credentials to the current account via a phone call.
If such a scenario occurs and you find yourself giving the above information, the first thing to do is contact your bank customer service, to find out if the person to whom you gave it was entitled to ask for it. If you later realize that you have been duped, you must quickly change all your credentials, to avoid consequences.
Furthermore, many smartphones today have built-in applications that signal if the incoming call may be spam, in which case, it may be a good idea to activate this function or install an application that does the same thing.
In countries where it is provided, it is also possible to register in the opposition register, which allows you to no longer receive calls for commercial purposes. By registering, legally acting companies should no longer call you. If they do the same, you can submit a formal complaint to the Privacy Guarantor, if the conditions are right.
Original article published on Money.it Italy 2023-02-21 10:00:00. Original title: Vishing: cos’è, come funziona e come difendersi