Vishing

As computer users have become more educated about the dangers of phishing emails, perpetrators have begun incorporating the telephone into their schemes. This variation on the phishing ploy has been termed vishing, indicating that it is a combination of voice (phone) and phishing.

In a typical vishing attempt, you would receive a legitimate-looking email directing you to call a number. This would connect you to an automatic voice system, which would ask for your credit card information.

In some cases email wouldn’t be involved at all. Instead, you would receive an automated phone call requesting your account information. Often the perpetrators would already have your credit card number and would be requesting only the security code from the back of the card.

Internet voice (VoIP) vulnerabilities are facilitating this form of fraud. Users can telephone anonymously. In addition, caller ID devices can be fooled into displaying a false source for a call.

Handle a vishing attempt as you would a phishing situation:

  • Don’t respond to it.
  • Don’t call a number given in an email.
  • Don’t give out your account information in response to a phone call you didn’t initiate.
  • Contact your credit card company directly and only by your usual means.

Go to Safe Computing at NC State.