Brajeshwar

2-min read

Is Phishing Gone? Maybe they’ve just gone Vishing

Reverse phone lookup services have been around for years. While people have been historically skeptical about what is in reality a database no more invasive of privacy than a traditional telephone directory, these fears might take a new form in the art of vishing.

Vishing is a relatively new scam based on old tricks. It basically combines the tactics of using false emails from trusted institutions to get people to reveal their credit card information, with the time tested traditional landline telephone call. What ends up happening is that a robotic machine is charged with dialing scores of numbers that have been collected either freely or criminally with the intent of leaving a voicemail notifying the individual they’ve been the victim of fraud and must call back immediately. When the victim calls back he is asked via voicemail to leave his credit card and bank information. The same old thing all these members of sub-Saharan African royalty are always emailing you about.

This scam preys on people’s trust of the landline and typically uses methods of hiding behind false caller ID readouts. These false IDs are legal and readily available online. But the scams profit, however crooked, is completely reliant on the volume of numbers the perpetrators have access to that they also can derive personal banking and similar information from. If the scammers can’t get a hold of a huge bank of telephone numbers, then they really can’t statistically make money off the one or two successful executions of the scam.

Reverse phone directories, while not ideal in that they don’t reveal any financial information which in huge tracts is appealing to a scammer sending out generic messages, still pose a potential problem in that if criminals can get a hold of an anonymous list of numbers sans names, they can recoup the loss by utilizing a reverse directory, getting the names, and taking it from there. I bet within half a day they can turn a list of 80,000 numbers into a list of names and addresses half that size, which can be used as a collective to find the source institution of the number list.

But reverse directories are ultimately these scammers worst enemy. Already these services are advertising themselves as the answer to vishing, which is exactly what such a service is designed to thwart. If a number calls and even the ID lists it as your trusted banking institution, definitely follow up by punching the number into a reverse directory.

Seriously though if you allow yourself to be talked into giving away your bank and credit card information by a voice automated robot, should I feel sorry for you?

Vishing is successful because it blends the trust of the landline phone with the persuasive baiting of financial scams. The Internet is indeed a superhighway for illicit activity, but just like drug runners and car thieves in real life, we share this highway. That means that wherever they go, you can follow, and more importantly the ways they find you can be turned around on them.

← Prev Next →