I’ve talked a number of times about Phishing and we’ve talked about Smishing. Today, I want to touch on the subject of Vishing. Vishing is Phishing using voice. This isn’t new. You’ve all either received or know of folks who’ve received, phone calls from folks pretending to be from “Microsoft Support” or “Visa”. You may even know someone who fell for this scam.
But today’s “vishers” are getting more sophisticated, and in some cases, are more threatening. I personally know of two healthcare workers who were threatened by folks on the phone pretending to be part of the government, accusing these healthcare workers of inappropriate activity, threatening them with lawsuits if they didn’t “resolve the issue immediately” on the phone. In both cases, the person on the other end knew the name of the individual they were talking to and also knew their medical license number. The threat actors asked for money to be transferred to a bank account to“resolve the issues.” Fortunately, both individuals hung up on the caller.
Likewise, healthcare workers are getting targeted with fake “contact tracing” calls. The threat actor pretends to be following up on Covid-19 related cases and begins asking more detailed information in order to get enough stuff like SSN and DOB, to perform identity theft.
If you haven’t done so, make sure you are using both your smartphone and carrier’s technology to block suspect phone numbers. These services work similar to email filtering – they don’t remove all bad calls, but they stop a lot of them. There are also good third-party apps that will screen suspect phone calls on your behalf.
Regardless, some calls will come through. Handle unsolicited phone calls the same as you do unsolicited, suspicious emails or texts. Get the name of the company or organization the caller says they represent. Call the company by looking up their number on an official website, especially if the caller says they’re from a government agency. Do not call any number the “visher” provides you. These individuals have a network of people standing by to answer phone and the numbers are often in your local area code.
The FTC publishes some great articles on scams and lists some of the more prevalent scams being reported. If you’ve never visited this site, have a read. https://www.consumer.ftc.gov/features/scam-alerts.
Be safe. Be Secure.
And feel free to download our Vishing poster, print it, or distribute it throughout your organization. Phishing, Smishing, and Vishing aren’t going away anytime soon. Neither should our vigilance.
