All You Need To Know About Phishing and Vishing

What Phishing is:

Vishing is basically a type of Phishing. A combination of the two words, Voice Phishing. It’s a modified version of Phishing, a modern day scam technique which uses interaction through voice or on call. Vishing has been so frequently used by scammers because it uses voice to voice interaction, which people are more vulnerable to, and have a higher likelihood of trusting the “Visher”. The Vishers trick their victims into giving up sensitive information over the phone, information such as Bank Account Details or PIN Code for security lockers. It involves the Vishers usually impersonation Bank or Government officials, a reason due to which people tend to believe them out of fear and give up their information. 

How it Works:

Vishing mirrors Phishing techniques, as it’s technically an extension of it, where the Visher sets up an environment where the victim is “supposedly” in trouble, usually with bank fraudulent activities, or a government officer, asking the victims for their information, or else they would present the victims with threats of either their assets being frozen, or jail-time. Demographically, the victims are preferably of an older age, or technophobic people, who would have no experience with such scenarios and are more likely to end up getting scared.

The alarming fact about is that it has become more common than ever, nearly 30% of the population have experienced a potential Vishing attempt. In 2018, it came into notice that nearly 30% of the incoming calls were Scam Calls which were meant to target the receivers. Out of which, 75% of the scam call receivers said the scammers had some personal information about them. Out of these receivers, 6% have lost their money to the scammers. One of the reasons of people falling prey to this scam is that majority do not have the awareness of these scams, and they tend to blindly listen to the scammers as people still have it in their minds that these scams are only restricted to the old “Phishing” techniques where people would be targeted through unreliable sites off the internet.

Phishing, Vishing, and Smishing:

Phishing has ended up being distributed in three categories:

  1. Phishing: The old classic Phishing, where a person would mistakenly or be misled to click on an advertisement or a link, which actually be a part of a hacking scheme, which would breach a way into the victim’s computer, and fetch sensitive information about the victim which can be used as leverage and whatnot. Or a simple notification of how the victim’s computer has been affected by viruses and they should install etcetera software to avoid their devices from getting affected.
  2. Vishing: The modern day Voice Phishing, which involves scamming the victim through a phone. In Vishing, Voice over is usually used due to the advanced technology, which makes it tougher for the authorities to trace the scammers. Human psyche also has a tendency of trusting when they hear another person’s voice, thus Vishing is more effective than Phishing. 
  3. Smishing: Smishing is a similar type of attack, just that it uses text messages to scam people, as suggested from the name, it’s a combination of SMS Phishing. It usually contains messages from the scammers, sending the victims congratulatory message on winning a lottery, and to get a hold of their prize money, they obviously have to pay some amount as delivery charges.

Vishing Techniques:

The ultimate goal for the attacker is to profit from you in some way, which can vary from either getting your account details in order to get access to your account, or make you directly pay it to them. Among the techniques, a very excessive one is Wardialing, where they would be making hundreds of thousands automated calls to random people hoping someone would catch the bait and give up their information. While this way requires resources, there is a high probability of stumbling upon people who are vulnerable and willing to give up their information. 

A more effective way is striking less victims, but with solid information and a stronger case, it’s called “Spear Vishing”. The attacker would gather information about the victim, like home address which would present as a sort of verification for the attacker to actually be an Official. The attackers tend to target rich individuals using this technique, as it would be better to pawn off more money from a single individual.

Preventing Phishing:

It has become necessary to be careful in order to avoid being a victim to Phishing. It goes without saying, the very first step in avoiding is by being careful. If you suspect that you are being targeted while on a phone call, just simply hang up. It’s never bad to hang up on a call and calling back, scammers usually panic when a victim calls back and they tend to not reply. Another way would be to simply calm down, and before giving up any information about yourself, demand the information of the caller down to the details because that is where they make mistakes. After this, take your time and call the authority to check whether the specific individual exists. It is also preferred to relay this information in your company as companies can also become target of such frauds.

Understanding of these scams is vital for businesses and individuals. Hackers and scammers are coming out with different approaches and ideas to malign systems. One has to be extra-careful and watchful. If you look at things from a distance and act without losing your calm, you will be able to spot the “too good to be true” element in all these scams. Whether it is phishing, vishin or smishing keep your eyes open to spot the trap. With this information shared here, you can get the idea about multiple scams.