Understanding Vishing and Smishing
Voicemail and Texting Scams
Vishing (voice phishing) and smishing (SMS phishing) are two tactics that, despite their simplicity, continue to claim victims worldwide. Learn more about these two tactics and how you can protect yourself from becoming the next statistic.
Understanding Vishing and Smishing
- Vishing: Short for "voice phishing." It’s a type of social engineering attack where scammers use telephone calls to deceive individuals into divulging personal, financial, or security information.
- Smishing: This form of phishing involves the use of SMS (Short Message Service) text messages to deceive recipients into revealing personal information, downloading malware, or being lured into a scam. The term "smishing" blends "SMS" with "phishing," identifying it as a text-based phishing variant.
How Vishing and Smishing Scams Unfold
A common vishing scenario might involve a call from someone claiming to be a bank official, alerting you to suspicious activity on your account. They sound professional, even providing some correct details about you. Before you know it, you’re asked to provide your account number and PIN for "security purposes."
In smishing, you might receive an urgent text message that looks like it's from your cell phone provider, claiming there's an issue with your service. It urges you to click a link to avoid having your service cut off. The link leads to a fake website designed to steal your login credentials.
A Vishing Scenario
You receive a phone call just as you're starting your day: “Hello, this is Mike from the fraud department at your bank. We've noticed several suspicious purchases on your account today that seem out of character. Could you please verify your account number so we can make sure your funds are secure?” The voice is calm and seems genuinely concerned, but the call is nothing but a vishing scam as it requires you to provide sensitive information.
A Smishing Scenario
You receive a text message in the evening: “URGENT: Unusual charges detected on your credit card ending in 1234. Click here immediately to verify transactions or call 1-800-FAKE-NUM to dispute charges.” It’s alarming, convincing, and entirely fake.
Strategies to Guard Against Vishing and Smishing
- Verify Independently: Never use contact details provided in an unsolicited call or text. Look up the organization’s official contact information yourself and get in touch to confirm the claims.
- Be Skeptical: Always approach unexpected communications with caution, especially if they ask for personal information.
- Don’t Click Links in Texts: If you receive a suspicious link, do not click. If the message claims to be from a legitimate source, verify it by contacting the organization directly through official channels.
- Use Spam Filters: Activate spam filters on your phone to reduce smishing attempts and set up your phone to block unknown callers to fend off vishing attacks.
Trust Your Instincts
When it comes to vishing and smishing, the best advice is to trust your gut. If a call or text feels off, it probably is. Always verify through known, safe channels and remember - when in doubt, hang up the phone or delete the message.