Vishing is essentially phishing’s touchier, feelier, voice-based cousin: a phone scam in which fraudsters target individuals to deceive them into revealing personal and financial information – sometimes going so far as to lure the unwitting into authorizing payments to the fraudster’s account.
Typically the criminal will make a cold phone call to a potential victim, posing as someone from a bank or building society fraud investigation team, the police or another legitimate organization (such as a telephone or internet provider). They attempt to obtain financial information that often includes credit/debit card details (including PIN), bank account details and personal information, such as full name, date of birth or address. According to the Financial Fraud Action UK (FFA UK), this information is then used by the fraudster to gain access to their victim’s finances. Fraudsters can also deceive the victim into transferring money themselves from their own bank account to one that is accessible to the fraudster. A variation on this scam involves the victim being persuaded to withdraw money from a branch or ATM to pay the perpetrator.
“Fraudsters can use personal information gleaned from vishing in a number of ways, including to access a victim’s bank account, make fraudulent purchases and commit identity theft,” said DCI Dave Carter, head of the Dedicated Cheque and Plastic Crime Unit (DCPCU), a banking industry-sponsored police unit, in a statement. “Always be wary of cold callers who suggest you hang up the phone and call them back. Fraudsters will keep your phone line open by not putting down the receiver at their end. Remember that it takes two people to terminate a call so try and use a different phone line if you are asked to ring back. If you think you’ve already been a victim of this scam, contact your bank or card company immediately.”
FFA UK has released a fraud intelligence report highlighting the growth of the threat, noting an overall increase of about $56 million across remote banking and remote purchase (telephone and online), account takeover and application fraud in the last financial year. Out of that, early estimates indicate that just under $11 million of that may be attributed to vishing.
The findings suggest that one in 25 adults in the UK may have been a victim of vishing, with 43% of those victims, sadly, over 50 years old. Almost a third (30%) of the UK population received at least 10 cold calls per month, with 41% suspecting that a call was fraudulent or suspicious. However, when it came to those aged 50 and over, this group were shown to be particularly at risk, with almost half (47%) having received a fraudulent or suspicious cold call.
The older population may be more willing to fall for the scams, but fraudsters are reaching out to a wide swath: Almost a quarter of people in the UK (23%) have received a cold call requesting personal or financial information. Four in 10 people (39%) admitted they found it challenging to tell the difference between a genuine and fraudulent call.
Vishing may be on the rise, but it's nothing new: the FBI warned consumers of vishing scams as far back as 2008. As always, consumers should be wary of unsolicited approaches by any method, be it email, phone or Facebook message – or any other route.