Vishing/SMSishing

Vishing or Voice Phishing is a criminal activity that is designed to use social engineering to gain access to your personal information. Attackers will use Caller ID spoofing to trick your phone company to display the name or number of the legitimate person or business they are claiming to be.

Much like Phishing, the attacker will try to entice you to give up sensitive information, by creating urgency and using scare tactics, then asking for sensitive information.

For example:

  • You receive a phone call from your financial institution stating that you are a victim a Cyber Crime.
  • Then ask you for your bank account information to confirm your identity.
  • Then they state your account has been fixed and they hang up.
  • The attacker now has all the information they need to steal your identity.

Any reputable business will never ask you for any sensitive information over the phone.

SMSishing or SMS Phishing, is very similar to all other Phishing attacks. The advancement made with smartphones and business communicating to their customers over text message has made SMSishing very popular. The attackers will try to bait you into divulging sensitive information using social engineering, urgency, and scare tactics.

If you believe you were contacted by a Vishing or SMSishing attack, contact the person or business that they were impersonating immediately.