Vishing-scams

What is vishing? Tips for spotting and avoiding voice scams

When your phone rings, it’s sometimes hard to know who’ll be on the other end. It might be someone vishing.

Vishing, a combination of ‘voice’ and phishing,’ is a phone scam designed to get you to share personal information. In 2018, phishing crimes cost victims $48 million, according to the FBI’s Internet Crime Complaint Center.

Here’s what to know about vishing attacks and how to help protect yourself.

What is vishing?

During a vishing phone call, a scammer uses social engineering to get you to share personal information and financial details, such as account numbers and passwords. The scammer might say your account has been compromised, claim to represent your bank or law enforcement, or offer to help you install software. Warning: It’s probably malware.

Vishing is just one form of phishing, which is any type of message — such as an email, text, phone call or direct-chat message — that appears to be from a trusted source, but isn’t. The goal is to steal someone’s identity or money.

It’s getting easier to contact more people, too. Scammers can place hundreds of calls at a time using voice over internet protocol (VoIP) technology and can spoof the caller ID to make the call appear to come from a trusted source, such as your bank.

Common vishing scams

About three-quarters of the fraud complaints reported to the Federal Trade Commission involve contact with consumers by telephone. Here are some of the common themes:

“Compromised” bank or credit card account

Whether it’s a person or a prerecorded message on the other end, you’ll be told there’s an issue with your account or a payment you made. You may be asked for your login credentials to fix the problem or asked to make a new payment. Instead of giving out your info, hang up and call your financial institution on their publicly available number.

Read also:  Common Cryptocurrency Scams: How to Protect Yourself

Unsolicited loan or investment offers

Scammers will call with offers that are too good to be true. They’ll say, for example, that you can earn millions of dollars on one small investment, pay off all your debt with one quick fix, or get all your student loans forgiven in one fell swoop. Typically, you must “act now” and will need to pay a small fee. Don’t fall for it. Legitimate lenders and investors won’t make these types of offers and won’t initiate contact out of the blue.

Medicare or Social Security scam

Phone calls are the No. 1 method scammers use to reach older adults, according to the Federal Trade Commission. Crooks pose as Medicare reps — often during Medicare open enrollment season — and try to glean financial information from the victim, such as their Medicare number or bank account details. Then the scammer will either fraudulently use the victim’s Medicare benefits or steal their money. Scammers may also claim to be from the Social Security Administration and threaten to suspend or cancel the victim’s Social Security number.

IRS tax scam

There are many variations of this type of scam, but typically, you’ll receive a prerecorded message. It tells you something’s wrong with your tax return and if you don’t call back, a warrant will be issued for your arrest. Scammers usually pair this with a spoofed caller ID made to look like the call is coming from the IRS. Before you proceed, it pays to understand what the IRS can and can’t do when they need to contact you.

How to spot a vishing scam

Here are some of the tell-tale signs of a vishing scam:

  • The caller claims to represent the IRS, Medicare, or the Social Security Administration. Unless you’ve requested contact, none of these federal agencies will ever initiate contact with you by email, text messages, or social media channels to request personal or financial information. In fact, be skeptical of anyone who calls you with an offer.
  • There’s a frantic sense of urgency. Scammers will try to tap into your sense of fear, using threats of arrest warrants and problems with your account. If you get one of these phone calls, remain calm and never give out your own information. Hang up and do your own investigation.
  • The caller asks for your information. They may ask you to confirm your name, address, birth date, Social Security number, bank account info, and other identifying details. To trick you into thinking they’re legit, they may even have some of this info on hand. The goal is to get the remaining info that they don’t have yet.
Read also:  What is spear phishing?

How to protect yourself from vishing

Aside from knowing how vishing works and looking for red flags, you can also:

  • Join the National Do Not Call Registry. Adding your home or mobile phone number to this registry is free and tells telemarketers you don’t want their phone calls. However, certain types of organizations may still call you, such as charities and political groups, and it won’t stop people from illegally calling your number.
  • Don’t pick up the phone. Although it may be tempting to answer every phone call, simply let them go to voicemail. Caller IDs can be faked, which means you might not know who’s calling. Listen to your messages and decide whether to call the person back.
  • Hang up. The moment you suspect it’s a vishing phone call, don’t feel obliged to carry on a polite conversation. Simply hang up, and block the number.
  • Don’t press buttons or respond to prompts. If you get an automated message that asks you to press buttons or respond to questions, don’t do it. For instance, the message might say “Press 2 to be removed from our list” or “Say ‘yes’ to talk with an operator.” Scammers often use these tricks to identify potential targets for more robocalls. They also might record your voice and later use it when navigating voice-automated phone menus tied to your accounts.
  • Verify the caller’s identity. If the person provides a call-back number, it may be part of the scam — so don’t use it. Instead, search for the company’s official public phone number and call the organization in question.
Read also:  Phishing for crypto: How bitcoins are stolen

How to recover after a vishing attack

If you’ve provided your financial information to someone who you later think is a scammer, first call your financial institution. Whether it’s your credit card issuer, bank, or Medicare contact, call and ask about canceling fraudulent transactions and blocking future charges.

You might also need to change your account numbers to make sure no one uses your existing accounts.

Freezing your credit reports can help ensure no one can open new accounts in your name. Then file a complaint with the Federal Trade Commission or the FBI’s Internet Crime Complaint Center.

While vishing attacks are crafted to trick you, it’s possible to learn the red flags before you pick up the phone. Stay ahead of the cyberthieves who are trying to tap your personal details over the phone.

Article Source: norton.com

Website Fraud Risk Assessment

In the digital era, securing your finances against online fraud is paramount. Before making any financial transactions on a website or platform, it's important to verify its credibility and legitimacy.
To begin, you can check if the website you're considering appears on our public database of known scam sites by clicking "View Scam Sites" below. This database is regularly updated and maintained by our team.
Alternatively, you can click "Submit a Request" below to complete a form and request an evaluation from our team of experts. We will conduct a comprehensive assessment to determine if the website is legitimate, checking for any scams, fraud, or illegal activities.
Don't take any unnecessary risks with your finances - take action today and submit a request or view our list of scam sites.

Submit a Request View Scam Sites