Skip to main content
Lady looking at a call on her phone

19 Nov 2024

Vishing: Is that voice really who you think it is?

Make sure you’re not having a telephonic conversation with a scammer. Let’s unpack the dangers and methods of vishing fraud.

 

Watch the video

What is vishing?

Vishing, or voice phishing, is a phone-based scam where fraudsters impersonate trusted entities, such as your bank or other legitimate service providers, in order to trick you into sharing sensitive information, such as passwords, one-time pins (OTPs) or credit card numbers. Unlike phishing, which uses emails or messages, vishing scams rely on voice calls to create urgency and manipulate trust.
 

In a world of impersonators, who do you trust?

Imagine you’re sipping your morning coffee, scrolling through your phone when suddenly, a text message pops up. It's from your bank, or so it seems, alerting you to suspicious activity in your account. Before you can even process the information, your phone rings. The caller ID flashes your bank’s name. It must be important, right?

Don’t be fooled


Kevin Hogan, head of Fraud Risk for Investec (South Africa), explains, ‘These fraudsters are clever. They use tools like Truecaller to appear legitimate, thereby gaining your trust.’

You answer the call and the person on the other end - posing as a bank representative - sounds professional, even concerned. They mention a transaction you don’t recall and your pulse quickens. ‘They’ll ask for sensitive information, like OTPs,’ says Hogan. ‘It’s all very convincing.’

Unknowingly, many individuals provide these details, thinking they are securing their accounts, when in fact, they are handing over the ‘keys to their digital castle’ to the fraudsters.

Vishing targets not just the tech-unsavvy but also intelligent professionals who use digital tools and online banking every day.

 

How does vishing work?

Vishing works by tricking victims over a telephonic conversation.

Often vishing begins with a phishing or smishing attempt – for example, an SMS that appears to be from your bank, inquiring about the legitimacy of certain transactions. These transactions are fraudulent and are intended to deceive you into believing that your account has been compromised. You’re soon advised that a member from the bank’s fraud department will contact you.

You then receive the call from the scammer pretending to represent the bank. Hiding behind this veil of legitimacy – as well as the understandable panic a compromised bank account creates – the fraudsters press for you to divulge your account details, and once they’re in your account, to send the OTPs that authorise the transactions they are trying to make.

 

How can I guard against vishing?

Guarding against vishing requires hyper-vigilance and scepticism not to react to the panic vishing scammers attempt to create.

At the same time, you could be receiving a legitimate call from your bank’s fraud team that does need your attention. So how can you be safe? The important thing isn't just to be cautious but to be smart and prepared. If you get an unsolicited call, hang up and dial your bank directly on a verified number. Don’t listen to the caller.


Top tips

Verify caller identity:

If you receive a call claiming to be from your bank and requesting sensitive information, say you will call back. Don’t worry about appearing rude or unhelpful. Contact the bank directly using a verified number from their official website to confirm the legitimacy of the call.
If you receive a call claiming to be from your bank and requesting sensitive information, say you will call back. Don’t worry about appearing rude or unhelpful. Contact the bank directly using a verified number from their official website to confirm the legitimacy of the call.

Don’t share personal Information:

Never share private, financial or security information such as PINs or passwords over the phone. Never share private, financial or security information such as PINs or passwords over the phone.
A legitimate bank representative will never ask for this information during a call they initiate with you. Strict banking codes of conduct and privacy laws prohibit them from requesting this type of information. These regulations are designed to safeguard your financial details.

Monitor your accounts regularly:

Keep an eye on your bank statements and account activity. Early detection of any unauthorised transactions can help in preventing further damage and facilitate the resolution process.  
Keep an eye on your bank statements and account activity. Early detection of any unauthorised transactions can help in preventing further damage and facilitate the resolution process.
RELATED QUESTIONS
  • What is the difference between phishing and vishing?

    Vishing is simply phishing over a phone call.


Receive Focus insights straight to your inbox

Sending...

Please complete all required fields before sending.

Thank you

We look forward to sharing out of the ordinary insights with you

Sorry there seems to be a technical issue