Main Content Start

Vishing And How To Not Fall Prey To It

Woman making a call on her mobile phone to illustrate vishing concerns
September 30, 2016

What is vishing?

Vishing, or “voice phishing”, is the telephone equivalent of phishing, a tactic cybercriminals use to spread viruses and conduct identity theft, also known as a “phone scam.” But instead of using email or other electronic means to trick their victims, scammers use the telephone. The goal is to get victims to surrender personally identifiable information (PII) that can be used to steal their identities or to obtain their credit card numbers.

What You
Should Know

Vishing is when criminals try to trick you into forfeiting private info over the phone.

What You
Can Do

Be suspicious of anonymous or strange callers, and don’t give out private info.

How vishing works

Typically, the scammer pretends to be a legitimate business in order to fool the victim into thinking they will profit somehow or win something like:

  • A “free” trip
  • A free product or service
  • An extended warranty for car or other
  • Investment “opportunities”

If the victim hands over their credit card or other info, the scammer can then use their card, or sell the information to someone else for purposes of identity theft.

86.2 million calls per month in the U.S. are phone scams.1

Vishing combined with malware

Another common scam is to get a call from someone pretending to be a support representative” who wants to help you “fix” your computer since a bug or other problem was detected. The caller will ask the victim to download remote support software so they can correct the problem. In reality, the victim is downloading malware.

How to protect yourself from vishing

Think twice – Treat calls from unknown numbers just as if a stranger approached you on the street with the same offer. If you wouldn’t give your info to a stranger, don’t give it to the caller.

Educate yourself Legitimate companies and organizations generally never ask you to provide your PIN or password over the phone or online.

Hang up – If you get a call from anyone (or a recording) asking for PII, hang up.

Don’t trust caller ID – It can be hacked as well to show you a false number.

Document the call – Note what was said, what information they wanted, and, if possible, the phone number or area code of the caller.

Do not “confirm” PII Never give out credit card or social security numbers (SSN) to callers looking to “confirm” your account information. They aren’t confirming it; they never had it in the first place.

Do not pay If a caller says you have to pay a fee, it’s not a gift or a prize; it’s a purchase.

Report it – If you think you are a victim of vishing, write down what happened and how you first noticed the fraud. Keep all paperwork that you think may be helpful in the investigation. Then, follow the steps below:

  • Contact your local police and file a police report.
  • Contact the financial institutions, credit card companies, phone companies and any accounts you suspect may have been opened or tampered with.
  • Report it to the Federal Trade Commission at https://www.ftccomplaintassistant.gov/ or by calling (888) 382-1222 and the FBI’s Internet Crime Complaint Center (I3C) at https://www.ic3.gov/default.aspx.
Related Terms:
Skip to footer