A sudden ring echoed through the room, piercing the silence.

“Hello?”

“Hey there, it’s Steve from Zen Bank. We’ve detected an issue with your bank account.”

“Wait, what?! What’s going on?”

“It seems some crucial details are missing, and you need to upgrade your account ASAP, or it’ll be closed today.”

“Today? It’s quite late, and I can’t make it to the bank. What details are missing?”

“No worries, I can help you upgrade right now. I just need some of your banking information.”

“Okay, what kind of information do you need?”

“Do you have your ATM card? I need you to provide the details on your ATM card.”

“Sure, thanks for your help. My card number is 6745 2387 -”

Sounds familiar, right? These phone call scams are unfortunately common, and despite their popularity, a significant number of people still fall victim. Shockingly, a report reveals that 1 in 3 Americans, approximately 33%, have fallen prey to phone scams. In Africa, there’s been a 40% increase, while Latin America tops the list, with Costa Rica experiencing a staggering 330% surge in phone spam calls. People lose substantial amounts of money to these scams. In this article, I’ll be addressing the tactic employed by cybercriminals to execute these scams. It is a known social engineering tactic called Vishing.

💡 Did you know that social engineering accounts for 98% of all cyber attacks?

Before delving into Vishing, let’s briefly discuss social engineering. Social engineering is the art of manipulating people into making security mistakes and divulging confidential/sensitive information. Social engineering thrives on manipulating human emotions, aiming to incite fear, greed, urgency, panic, curiosity, and sometimes even trust in the victim. Examples of social engineering tactics include phishing, vishing, smishing, impersonation, pretexting, and more.

Vishing is a social engineering tactic used by cybercriminals to trick individuals into divulging personal information, including financial details, over the phone. It occurs over the phone, and fraudsters execute it in various ways. One of them is through Impersonation. This occurs when the attacker poses as a trustworthy entity, such as a bank, government agency, or a legitimate organization. They may use caller ID spoofing to make it appear as though they’re calling from a legitimate source.

Pretexting is another method that is used by cybercriminals. This is where the attacker creates a convincing story to manipulate the victim into providing sensitive information or taking specific actions. For instance, they might claim there’s a problem with the victim’s bank account and request personal information to resolve the issue.

In addition, Baiting involves the attacker luring an unsuspecting victim with a highly attractive offer, playing on fear or greed to make them part with their personal information.

💡 It is important to be aware of these cyber trends in order to stay protected.

Now that we’re familiar with social engineering and its tactics, how can we protect ourselves from these attacks? Here are 5 crucial tips:

1. Avoid sharing sensitive information, such as passwords or financial details, over the phone unless you are certain of the caller’s identity.
2. Always verify the caller before giving out any sensitive information.
3. Maintain skepticism if the caller creates a sense of urgency or fear.
4. Enable two-factor authentication on your accounts to add an extra layer of security.
5. Educate yourself and those around you about common social engineering tactics.

💡 Make sure you share this article. You could be saving a life.

Attackers are constantly evolving their tactics, so staying vigilant and informed is crucial to protecting yourself from vishing and other social engineering attacks.