What is Vishing?

Vishing is a cybercrime that relies on the phone and voicemails to steal confidential and corporate information.

Security awareness is the best line of defence against this type of attack, so be sure to incorporate vishing education into your information security awareness program. Policies and procedures should be established and communicated to ensure that employees can verify identity when the helpdesk or anyone else from the company calls and asks after proprietary topical information.

Examples of Vishing

Vishing is extremely common, and these four examples underscore how easy it is for cybercriminals to convince victims to act.
  • The caller pretends to be calling on behalf of the government. And the caller is merely calling to verify personal identification details. The caller may threaten to suspend tax refunds or social security payments if the victim does not provide the information required to confirm their account and identity.
  • The caller pretends to be tech support for Microsoft, Amazon, or the area wireless provider. They have noticed unusual activity on the victim's account and want to confirm that they have the correct account details. The cybercriminal may ask for an e-mail address to send a software update to, telling the victim to install this to protect their computer from cybercriminals. However, this installs malware on the victim's computer.
  • Using a spoofed phone number and caller ID cyber criminal pretends to be calling on behalf of the victim's bank. The caller says that there has been unusual activity on the victim's account and asks the victim to confirm their bank account details, including their mailing address for proof of identification. The cybercriminal then uses this information to commit identity theft.
  • Everyone wants to win a free prize and cybercriminals take advantage of this to trick unsuspecting victims into providing confidential information. The caller claims this information must process the free bonus and guarantee the victim receives it on time.

Looking for Cyber Security Services?