Vishing

Vishing, a portmanteau of “voice” and “Phishing,” is a form of SOCial engineering attack where fraudsters use the telephone system to trick individuals into revealing sensitive information. This could include personal data such as credit card numbers, social security numbers, or login credentials.

In a typical vishing attack, the attacker pretends to be from a trusted organization, such as a bank, a government agency, or a service provider. They may use a variety of tactics to make the call seem legitimate, including Spoofing the Caller ID to make it appear as though the call is coming from a trusted number.

The caller often creates a sense of urgency, for example, by claiming that there’s a problem with the target’s account that needs immediate resolution. They then ask the target to provide sensitive information, or perform a specific action, such as transferring money to a certain account.

Vishing attacks can be highly sophisticated, with attackers sometimes using Voice over IP (VoIP) technology and other advanced techniques to intercept and alter communications. As such, it’s important to be cautious when receiving unsolicited phone calls asking for sensitive information. If in doubt, hang up and call back using a number you know to be legitimate.