Phishing, Vishing, Smishing - Where does it end?

December 2019 Newsletter

Scammers and cybercriminals don’t quit. They’re constantly coming up with new, more sophisticated ways to steal your money, credentials, identity or sensitive information. Here’s what you need to know.
 
You’ve probably heard of phishing—using email to pose as a reputable company to extract personal information. But did you ever think the threat would evolve into vishing and smishing? Unfortunately, they aren’t just silly wordplay—they’re both real scams. But instead of using email, vishing and smishing target your phone.
 
Vishing—or voice phishing—is a threat that involves using voice messages to steal your information.
 
In one example of this scheme, you get a concerning voicemail in which the caller says something like, “Your bank account has been compromised.” Upon dialing the specified number to “reset your security settings” or “have your account restored,” the scam is successful when the recipient is tricked into revealing their account number or personal details by entering them on the keypad.
 
Smishing is another phone scam, but this one involves text messages, or SMS.
 
This is where a customer gets a text from a supposedly trusted source, such as a bank, claiming a suspicious purchase was made with your account. The text instructs the recipient to contact the bank via a phony number. If the target dials the number, a scammer answers, posing as a bank employee, and requests account data to cancel the purchase.
 
Suspicious links, strange numbers and voicemails requesting urgent action are all red flags that accompany these kinds of phone scams. Fighting back is just a matter of diligence and common sense.
 
Be wary of unusual numbers: If you receive an automated call asking for your personal information, hang up. If the caller claims to be from your bank or another agency you normally trust, call the company directly using a verified phone number. Ask a live representative if the information being requested is actually needed.
 
Don’t trust strange links: If you can’t verify a person or agency from whom you’ve received a text, don’t respond or click links. Links you can’t verify could be loaded with malware or direct you to a phishing website designed to harvest your info. Delete messages you don’t trust.
 
Download trusted apps: Use the Apple Store or Google Play to download, for example, your bank’s official app. Vishers and smishers send malicious links through texts that look as if they come from a bank or another official source. Only download apps from trusted websites.
 
Report and forward: Document a scam attempt and notify the agency being represented. Also, most U.S. phone carriers, including AT&T, T-Mobile, Verizon and Sprint, allow you to report scam messages. You can forward them to 7726 (SPAM on your keypad) free of charge.
 
Don’t let vishing and smishing steal your important information. Hang up, hit delete and don’t give criminals a chance.

Updated: Nov 17, 2020