There has been a sharp increase in cyber threats in recent years, largely due to developments in new technologies. Scammers are becoming increasingly sophisticated and they are always looking for new ways to exploit technology and unsuspecting victims. The latest in this line of security threats is vishing. And these victims come in all shapes and sizes, with criminals targeting everyone from huge organizations like Twitter (and sadly some employees fell for it), to unknown individuals.
But if you’re worried about cyber threats and the safety of your business, don’t panic. In this guide, we’re going to take a look at exactly what this is and the vishing threats that businesses need to look out for in order to protect themselves.
What is vishing?
Vishing is a relatively new term and therefore you might not be familiar with what it actually means. It works in a similar way to phishing, according to evalian.co.uk, which typically took place over email or SMS, but this scam relies on the voice, (answering a phone call or automated message), hence voice + phishing has become known as vishing.
In a nutshell, it is the practice of using phone calls and messages to deceive people into sharing personal information and sensitive data. For the most part, these criminals will impersonate a legitimate person or body. For example, they might call up and pretend to be the bank or the Government.
Sadly, Vishers rely on the fact that most individuals aren’t aware or very knowledgeable about these types of scams so they would have no reason to suspect the call wasn’t genuine. They also use a combination of emotional manipulation and scare tactics to try and get people to give up their details. Some even go as far as to set up fake caller IDs to make it look even more genuine.
What vishing threats should businesses be aware of?
This might all sound a bit concerning, but the good news is if you understand vishing scams and approach every phone call with caution – especially when sharing your personal information – you’ll be better equipped to protect yourself. To help you do this, we’ve pulled together five examples of scams that businesses should be aware of so they can keep themselves safe.
1. Suspicious activity on your bank account
An unexpected call from the bank can always ring alarm bells, especially when you’re a business owner and especially if they’re calling to inform you about suspicious activity on your account. While a genuine call from the bank will require you to confirm a few details for security reasons, remember, they will never ask you to share your full details over the phone. They might, for example, ask for characters from your password, your date of birth and a postcode, but they will never ask you to read out your full card number.
So if you receive a call that concerns you, don’t immediately go into panic mode, instead listen carefully to what the caller is asking. If they’re asking for sensitive details and a lot of it, it’s probably best to hang up! You can then call your bank directly to ask if the call was legitimate or not.
2. A call from a governing body
Much like the bank, an unexpected call from any sort of governing body can take you by surprise. Often, vishers will pretend to be working for the Government saying that you are owed a tax rebate or that you need to pay a fine right away. They might even threaten to take legal action if you don’t.
In most cases, they’ll try and trick you into sharing your bank details and/or making a payment right away. Again, no legitimate body will ever ask you to share this much sensitive information over the phone and they certainly won’t use threatening language, even if you do owe them money. So both of these should be a warning sign that this is probably a scam.
3. Offers for credit cards and loans
Vishers prey on the fact that businesses may be struggling for cash flow, especially in these difficult times. As such, they call around pretending to be a bank or building society and offering loans and credit cards at great rates. But as with most things, if it sounds too good to be true, that’s because it probably is, so don’t get sucked in.
Again, if you’re unsure whether the call is genuine or not you can hang up the phone, run an internet search and call the company back to check if the offer was legitimate. If it was and you’re still interested – great! If not, you’ve dodged a bullet.
4. A scare from technical support
Another scam that vishers use to target businesses is calling up and pretending to be an IT technician and informing them that their computer, device or database is infected with a virus or malware. This is understandably alarming to a business owner, especially with GDPR regulations to consider. They might then ask you to download software that lets them take control of your computer or call a certain number to reset your accounts and get rid of the intruder.
However, if you’re genuinely concerned that you’ve been hacked, it might be better to phone your regular security service provider. If you don’t have one, hang up and do a bit of research into local companies. Never download strange attachments and certainly never give a stranger access to your devices over the phone.
5. A request for charity
Lastly, scammers are not bound by the moral compass that most people are and they’ll use any cause to extract information and money out of their victims – even charity. If your business is asked over the phone to make a donation to charity, approach with caution. Scammers may lay it on thick by promising publicity for your company, something which is obviously good for business.
And of course, there are some legitimate charities that phone around, but they will not use urgency to try and get you to make a donation quickly and they will most certainly be friendly and in no way aggressive in their approach. After all, they’re trying to get you to donate to their cause.
So if the person at the end of the phone seems pushy, it’s unlikely to be a legitimate cause and certainly avoid sharing your information with them. If you’re not sure whether it’s genuine, you can always hang up and look up the charity online. Then you can go back and donate at a later date if you still want to (and it was a real charity reaching out).