Don't get caught by phishing
19 November 2024
Phishing is an attempt by scammers to deceive you into sharing sensitive information like passwords, credit card details or personal data.
Vishing, or voice phishing, is a phone-based scam where fraudsters impersonate trusted entities, such as your bank or other legitimate service providers, in order to trick you into sharing sensitive information, such as passwords, one-time pins (OTPs) or credit card numbers. Unlike phishing, which uses emails or messages, vishing scams rely on voice calls to create urgency and manipulate trust.
Imagine you’re sipping your morning coffee, scrolling through your phone when suddenly, a text message pops up. It's from your bank, or so it seems, alerting you to suspicious activity in your account. Before you can even process the information, your phone rings. The caller ID flashes your bank’s name. It must be important, right?
Kevin Hogan, head of Fraud Risk for Investec (South Africa), explains, ‘These fraudsters are clever. They use tools like Truecaller to appear legitimate, thereby gaining your trust.’
You answer the call and the person on the other end - posing as a bank representative - sounds professional, even concerned. They mention a transaction you don’t recall and your pulse quickens. ‘They’ll ask for sensitive information, like OTPs,’ says Hogan. ‘It’s all very convincing.’
Unknowingly, many individuals provide these details, thinking they are securing their accounts, when in fact, they are handing over the ‘keys to their digital castle’ to the fraudsters.
Vishing targets not just the tech-unsavvy but also intelligent professionals who use digital tools and online banking every day.
Vishing works by tricking victims over a telephonic conversation.
Often vishing begins with a phishing or smishing attempt – for example, an SMS that appears to be from your bank, inquiring about the legitimacy of certain transactions. These transactions are fraudulent and are intended to deceive you into believing that your account has been compromised. You’re soon advised that a member from the bank’s fraud department will contact you.
You then receive the call from the scammer pretending to represent the bank. Hiding behind this veil of legitimacy – as well as the understandable panic a compromised bank account creates – the fraudsters press for you to divulge your account details, and once they’re in your account, to send the OTPs that authorise the transactions they are trying to make.
Guarding against vishing requires hyper-vigilance and scepticism not to react to the panic vishing scammers attempt to create.
At the same time, you could be receiving a legitimate call from your bank’s fraud team that does need your attention. So how can you be safe? The important thing isn't just to be cautious but to be smart and prepared. If you get an unsolicited call, hang up and dial your bank directly on a verified number. Don’t listen to the caller.
Receive Focus insights straight to your inbox
Browse further in