You’ve probably heard about “Phishing” by now. Vishing is simply Voice + Phishing. Cybercriminals are attacking us from every direction — and through Vishing they contact would-be victims via phone calls.
5 tips to help protect yourself from Vishing attacks:
Don’t answer calls from unknown numbers — Let calls from unknown numbers go to voicemail. Many Vishing scams will also leave a pre-recorded voicemail message, which will give you a chance to properly vet whether the caller is from a legitimate source.
Be suspicious — Most successful Vishing calls appear to come from a company you know and trust. Bank fraud Vishing attempts are among the most prevalent, claiming fraud or suspicious activity. Banks will never ask you for private information over the phone — so don’t give it out.
Don’t be pressured — Some Vishing scams attempt to create a sense of urgency and fear. For example, claiming that you owe back taxes. Government institutions like the IRS almost exclusively communicate by mail.
Never provide user names or passwords — Most Vishing attempts try to convince the victim to give up PIN numbers, Social Security Numbers, credit card security codes, passwords, or other personal details. Reputable sources will never ask for these.
Beware of “no hang up” technique — While you may believe the call ended, the fraudster will maintain the connection while producing a faked dial tone. When you call the provided number, or your bank, you are instead speaking to another scammer and potentially giving away valuable information.
If you suspect you’ve been a victim of Vishing, report it immediately to the Federal Trade Commission.
The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.
A QR code is a square barcode that a smartphone camera can scan and read to provide quick access to a website, to prompt the download of an application, and to direct payment to an intended recipient. Businesses use QR codes legitimately to provide convenient contactless access and have used them more frequently during the COVID-19 pandemic. However, cybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for cybercriminal use.