অসমীয়া বাংলা English ગુજરાતી हिंदी كأشُر ಕನ್ನಡ മലയാളം ଓରିୟା தமிழ் తెలుగు

Few Types of vishing attacks

Type 1: Calling users on some pretext

User might get  a call  with a message such as:

  • Your ATM card has been deactivated. Call back immediately to reset your card.
  • Your account has been compromised. Please call this number to reset your password.

When the number suggested is dialed, you hear an automated recording that asks for sensitive information. The users are prompted to disclose card number, PIN, three-digit CVV etc., this data is used by the vishers to carry out illegal transactions from account.

Some types of voice phishing calls are even a hybrid where user will receive a call from an automated system that will then have a real person step in to take over the call. 

Be Cautious and Don't trust caller ID - Just because caller ID displays a phone number or name of bank, it doesn't guarantee the call genuine.

Type 2:  Impersonating the bank officials

In this case, the target receives a call from someone who says he is from bank. They may tell that there is a problem with account or with a payment from account. To correct the problem, they may ask the banking details.  Once the fraudster gathers those details the visher can make an online transaction using their card details. Further they even ask for  OTP to commit financial fraud.

Verify the caller details before proceed - Try to verify the details of the caller, don’t panic and jump into actions on the urgency stated by the caller.

Type 3: Request to download apps

The Visher will make a call and ask to download an app in a pretext to resolve an issue. They share a link to download some app.   These apps may install malware/trojan to device or give a remote access of  phone to the visher.

These apps may also capture  keystrokes (while typing), and send them to the fraudster server. These details can be used to carry out transactions to steal money from the account.

Be suspicious of all unknown callers - User should be suspicious of phone calls as when they ask to download apps or seek remote access.

Type 4: Artificial intelligence/ Internet bot-based vishing calls called as deep fake

Voice phishing also targets businesses as well to get employees to provide sensitive information.  A fraudster used voice generation software to impersonate officials voice and to transfer the money to a fraudster with the promise that the funds would be reimbursed immediately.

Ask questions and call them back - if someone is telling transfer money or asking for information, tell them will call them back to ensure are dealing with the right person.