Technology is becoming more sophisticated, and so are scammers trying to separate you from your money.
Most people are aware of phishing scams, those where a criminal sends an email requesting sensitive bank account information or personal identification information. While the tactics have gotten a little more inventive, there are certain tell-tale signs that tip off a prospective victim to the possibility of fraud. For instance, phishers will often use the name of a corporate official or a well-known entity (like the IRS) in the body of an email. Those emails, however, usually contain misspellings or oddly timed time stamps.
But what happens when the con comes in the form of a voicemail or text message? These techniques are referred to as “vishing” and “smishing.”
The term, “vishing,” is a combination of “voice” and “phishing.” Technically, it’s the illegal access of data via voice over Internet Protocol (VoIP). On a practical level, vishing is the use of voice messages to steal identities and financial resources.
Generally, the visher gains access to a group of private phone numbers – often through data breaches, like the massive Equifax breach in 2017. In one form of a vishing scam, victims receive a call with an automated message saying that his or her bank account has been compromised. The victim is then advised to call a specified toll-free number to reset security settings. At that number, the victim is prompted to enter his or her bank account number and other personal details.
Like vishing, smishing takes advantage of cell phone usage. While vishing uses automated messages to lead their victims into revealing personal information, smishing – which is short for SMS phishing – uses text messages to trick their victims into revealing their Social Security number, credit card information or online bank passwords. Smishing tactics can also be used to get the victim to click a link that downloads a virus or malware onto their phone or mobile device.
How to avoid being a victim of vishing or smishing
If you receive an email or phone call requesting you call them and you suspect it might be a fraudulent request, look up the organization’s customer service number and call that number rather than the number provided in the solicitation email or phone call.
- Avoid replying to text messages from people you don’t know.
- Be especially wary of text messages that come from a number that does not look like a phone number, such as a “5000” number. This is a sign that the text is actually an email sent to a phone.
- Do not click on links you get on your phone unless you know where they are coming from. Even a text message from a friend that contains a link could be a spoof, so consider contacting that friend directly before clicking on the link.
- Never install apps from text messages. Always go through an official app store.
Please contact us if you have any questions or think you may have been compromised.
Sources: Norton Security; Techopedia.com