There are a number of telephone or vishing (voice phishing) scams around at the moment targeting people in order to gain access to financial information, bank accounts or computer equipment.
These scams are often targeted at the less tech-savvy and more trusting members of society, particularly those over 55, but ultimately anyone of any age can be caught out if they are unwary.
The scammers are typically looking to trick the victim into handing over personal details, transferring money or allowing the caller remote access to their computer.
One particularly effective trick is the “No Hang Up” scam, where a victim is encouraged to call their bank by the fraudster who then pretends to hang-up the phone but has really kept the line open. The scammer then “answers” the call as if they were the victim’s bank, gaining the trust of the caller and persuading them that they need to do what the scammer says.
Another common vishing call is the one from “Microsoft Technical Support” or some other similar sounding organisation. These calls are looking to get the recipient to go to their computer and visit a particular site to either unknowingly or deliberately download software which allows the attacker to take over the user’s computer and “fix the problem”.
Unfortunately for the user this is likely to result in malicious software (malware) being installed to track the users online activity and allow the scammer to gain access to all kinds of sensitive information such as usernames and passwords, bank details, credit card information and more.
Identifying Phone Scams
Vishing scams can typically be identified because they have some or all of the following traits:
- Callers will ask you to do something you wouldn’t normally do or provide information beyond what legitimate organisations will request.
- They are always incoming calls but can sometimes have a legitimate “Caller ID” number.
- They will try to make you believe you need to take action urgently, pressuring you to avoid making the appropriate checks.
- They will try to get you to hand over full PIN numbers, passwords and other sensitive information not typically needed by your bank.
- They will attempt to persuade you that you have a problem with your computer.
Good Security Habits
So how can you help defend yourself and others from vishing attacks? Well, here are 10 good security habits to adopt for dealing with phone scams:
- Treat all callers as suspicious – verify they are who they claim to be and call their publicly listed number if in doubt.
- Keep your PIN and/or password confidential – no one else needs it all.
- Always press hang-up on your own phone even when a caller hangs-up first.
- Listen for the dial tone just before your phone dials an outgoing number from your land line.
- Hang up on anyone that claims you have a problem with your computer.
- Avoid making financial transactions based on an unexpected incoming phone call.
- Never hand over cash or credit cards to someone who comes to your door – banks don’t ever do this!
- Avoid the temptation to buy precious stones, metals or commodities over the phone.
- Always be polite but firm when informing the caller that you don’t believe them and that you will be informing the authorities.
- Register with the Telephone Preference Service (TPS) to reduce unwanted marketing calls – professional businesses have to adhere to this legal requirement in the UK.
If you have any concerns or questions contact Secure Thinking for free, unbiased advice on how to stay secure and avoid the scammers.