In recent months, we have witnessed an escalation in vishing cases, which has put numerous people in check. One of the most notorious cases is undoubtedly the 3 million euro scam that was reported in Spain with this technique with what can also be known as the double call scam. This is a practice with numerous risks, and which has already been alerted by numerous organizations.
In order to know what vishing is, you have to understand exactly what phishing is trying to achieve, what it is a much better known technique when trying to get personal information through the impersonation of a large company. Now, this technique that is usually done through a fraudulent link has evolved thanks to social engineering techniques to vishing.
What you should know about vishing
There are several modes of action to carry out vishing, and always It will depend on the social engineering techniques used. We are going to focus on two of them throughout this article.
The first of them focuses on sending an alert via SMS or email to a person who feels scared. It can be said that an unauthorized access has been registered in the bank account for example, and a link that a priori will do nothing more than access the bank’s website. But this access will be detected by cyber criminals.
At that precise moment, they will contact the victim by phone, advising that they have been able to click on a fraudulent link, pretending to be the bank. The victim will obviously trust this person and will give you truth. In the end, the victim will offer personal data such as name, ID, address and even online banking verification codes to make transfers without control.
In a second case, we have the classic double call scam. In this situation the victims receive a call from a telephone or energy company informing them of a rate increase. When you hang up on this call, you receive a second call from another company that offers a much cheaper price.
Through this call and with the excuse of changing from a company that has recently increased its price to another with a cheaper price, the victim is going to offer all their most sensitive data. It must be taken into account that previously a job is done to collect as much information as possible from the victims to get the best loot.
There can be many examples for these situations, since the most common may be that the scam attempt is impersonating a bank or an energy company. But in the end, any type of company or public administration can be used, such as Social Security or the Tax Agency.
Tips to avoid being a victim of these scams
As we always say before any type of threat on the network, the best tool to avoid it is to do use of common sense. It is what is really going to work for you, as you cannot block the number as such of the scam or receive a dangerous call warning as the scammers constantly change, making it almost impossible to register.
Within common sense, the advice to never offer personal information over the phone stands out above all. unless you are 100% convinced of who is asking you. This is achieved especially when it is you who is calling a company through official channels.
In this way, when they contact you directly by phone to offer you an offer that you have not requested, it is always to check that this is true. Simply, the call must be hung up and contacted through the customer service telephone number that appears on the official website of the company to make sure that it is something totally true.