Skip main navigation

New offer! Get 30% off your first 2 months of Unlimited Monthly. Start your subscription for just £35.99 £24.99. New subscribers only T&Cs apply

Find out more

Vishing Warning Signs

In this video two different Vishing attack examples are discussed, highlighting the red flags to look out for to prevent such attacks.
How do you recognise vishing scams? The caller may claim to represent the IRS, Social Security Administration, the police department, or the courts. Unless you have requested a call, none of these agencies will ever initiate contact with you by email, text message, social media, or telephone to request personal or financial information. There’s almost always some frantic sense of urgency. Scammers will try to tap into your sense of fear using threats of arrest warrants and problems with your account. If you get a call like this, remain calm and never give out your personal information. Hang up and investigate on your own. And lastly, the caller’s asking for personal information.
They may ask you to confirm your name, address, birth date, social security number, bank account information, and other identifying details. To trick you into thinking that they are legitimate, they may even possess some of your information that they can obtain from public sources. Their goal is to get the rest of the information that they don’t yet have. There’s several types of vishing calls you might receive. Supposed fraud or suspicious activity on your bank account, which I get these calls a lot. A legitimate caller is never going to ask for your banking information. A fraudulent caller is going to ask you to give them your banking information or your social security number.
Overdue or unpaid taxes to the Internal Revenue Service, the IRS, or to other tax agencies. I’ve gotten these a few times. And they’re always just about to send the police to arrest me unless I make a payment right now over the phone. Prize or contest winnings, such as a cruise or an all-expense paid vacation. Fake computer tech support calling to remotely access your PC to fix a problem. I used to get these calls all the time from Windows Technical Support when I only had an Apple computer. And they would still tell me that my computer was sending out problem reports to them. And then there are the fake government agencies, such as court or law enforcement agency.
I have a couple examples of those for you. I received this voicemail on my phone after ignoring a call from a phone number I didn’t recognise. Apparently, there is a court case against me. And ignorance of this message will be considered an intentional attempt at non-appearance. So far, I have not been arrested. This is a very common scam. Generally, warning people about any legal action will get their attention. This is the actual voice mail. [AUDIO PLAYBACK] - As soon as possible, our call back number is 833-971-2298. I repeat. It’s 833-971-2298. Ignorance of this message will be considered intentional attempt at non-appearance. [END PLAYBACK] This is another voicemail I received from a number I didn’t recognise.
This one also has me on my way to prison. They’re asking for my social security number in the voice mail to verify whether I have committed some type of crime. You will notice that there are no details, including my name or what crime I have allegedly been involved in. Here’s that voice mail. [AUDIO PLAYBACK] - Immediate basis. As we have received suspicious route of informations on your name, the moment you receive this message, I need you to get back to me on my department division number. That is 833-965-2311. I repeat– 833-965-2311. Verify the last four digits of your social security number to better assist you with this issue.
If you don’t respond, we will have to issue an arrest warrant on your name. [END PLAYBACK] I promise I’m not the kind of criminal these people seem to think I am. So what can you do to protect yourself from a vishing attack? Aside from knowing how vishing works and looking for red flags, you can also join the National Do Not Call Registry. Adding your home or mobile phone number to this registry is free and tells telemarketers you don’t want their phone calls. However, certain types of organisations may still call you, such as charities and political groups. And it certainly won’t stop people from illegally calling your number. Don’t pick up the phone.
Although it may be tempting to answer every phone call, simply let them go to voicemail if you don’t recognise them. Caller IDs can be faked, which means you might not know who’s calling. Listen to your messages and decide whether to call the person back. I only answer calls from people I know. And I wait for the others to go to voicemail. If it’s a legitimate call, they will leave a message and you can return the call. Hang up. The moment you suspect it’s a vishing phone call, don’t feel obliged to carry on a polite conversation. Simply hang up and block that number. Never press buttons or respond to prompts.
If you get an automated message that asks you to press buttons or respond to questions, do not do it. For instance, the message might say, press 2 to be removed from our list, or “say yes to talk with an operator.” Scammers often use these tricks to identify potential targets for more robocalls. They also might record your voice and later use it when navigating voice automated phone menus tied to your accounts. Verify your caller’s identity. If the person provides a callback number, it may be part of the scam, so don’t use it. Instead, search for the company’s official public phone number and call the organisation in question.
In conclusion, you have learned what vishing is, what objectives attackers are aiming for and vishing, and who is at risk for vishing attacks. We discussed red flags and warning signs of a vishing attack, and covered several examples, as well as what you can do to protect yourself from a vishing attack. In the next video, we will discuss dumpster diving, a social engineering attack that physically steals information. I’ll see you there.

In this video two different Vishing attack examples are discussed, highlighting the red flags to look out for to prevent such attacks.

You will be surprised at the lengths attackers go to try and trick you.

This article is from the free online

Cyber Security Foundations: Common Malware Attacks and Defense Strategies

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now