The term “vishing” is a socially engineered technique for stealing information or money from consumers using the telephone network. The term comes from combining “voice” with “phishing,” which are online scams that get people to give up personal information.
Typically attackers use a technique called caller ID spoofing to make it look like calls are coming from a legitimate or known phone number. It’s a very similar technique to email spoofing, which makes e-mail addresses look like they are coming from a trusted source. But because people typically trust the phone service and caller ID, spoofing phone numbers can be particularly damaging.
And just like with online phishing attacks, which direct consumers to phony Web sites, vishing attacks usually have a recorded message that tells users to call a toll-free number. Sometimes these messages also include threats of supposed legal action if ignored. The caller is then typically asked to punch in a credit card number or other personal information.
- Use Caller ID to screen calls, and consider not even answering unfamiliar numbers. If it’s important, they will leave a message, but also be careful to check the organization exists, and verify its phone number carefully prior to calling back.
- If someone calls and asks “Can you hear me?”, do NOT answer “yes.” Just hang up. If they get you on a recording saying yes, then they can use that for you to have agreed to any number of terms and conditions or modifications to your account.
- Make a note of the number and report it to bbb.org/scamtracker to help warn others. BBB also shares Scam Tracker information with government and law enforcement agencies, so every piece of information is helpful in tracking down scammers.
- Consider joining the Do Not Call Registry (DoNotCall.gov) to cut down on telemarketing and sales calls. This may not help with scammers since they don’t bother to pay attention to the law, but you’ll get fewer calls overall. That may help you more quickly notice the ones that could be fraudulent.
- Check your bank and credit card statements regularly for unauthorized charges. It’s also a good idea to check your personal telephone and cell phone bills, as well.