Vishing is among the fastest-spreading cyber crimes in the world.
Cyber criminals find innovative ways to scam people out of their hard-earned money. Security agencies keep coming up with new solutions to counter these scams, but there is a need to be aware of the methods they use to target innocent people. Among this list is vishing - a type of cyber attack that makes use of voice and internet telephony (VoIP). It tricks targeted individuals into revealing sensitive data to unauthorised entities. Cyber security firm CloudSEK recently warned users about the threat, along with the emerging OTP grabber services.
What is vishing?
The term combines fraud that involve "voice" and "phishing". The scammers deceive people by talking quickly and persuasively on phone to catch them off guard.
Cypersecurity firm and anti-virus provider Kaspersky gave an example how vishing plays out. It is very similar to phishing that lure unprepared individuals into clicking on dangerous links - these may appear in advertisements.
Vishing takes it further. If a system gets locked down after clicking on a link, the individual is asked to speak to a "helpful" technician to get a fix - for a price. But after the card details are provided, the software doesn't work and the technician disappears.
How common is vishing?
According to the BBC, credit card fraud in 2015 was a $16 billion business globally, and vishing's share was $1 billion.
After getting the information from an individual, cyber criminals use it to initiate numerous fraudulent charges.
How to stay safe from vishing?
Bank of America advises its customers to avoid answering calls from numbers they don't recognise. There are instances where scammers leave voicemail with a callback number. Do not call a number back without checking to see if it belongs to a business they know.
Even caller IDs can't be trusted because criminals are routinely spoofing legitimate numbers of established companies and services.
While speaking to a person, do not reveal personal details like credit card information, or Aadhaar on the pretext of updating KYC, the bank's advisory says.
If a customer finds a conversation suspicious, it should be reported to the concerned bank. Moreover, it is advisable to change your password or block the card.