Skip to main content
Fraud Vishing header

Fraud update – What is vishing?

Voice phishing, sometimes referred to as 'vishing', is when fraudsters phone their victims and pose as authority figures like bank officials or service providers. They manipulate their targets into disclosing confidential and sensitive information (such as ID numbers, PIN numbers, passwords etc) and then use this information to commit fraud. 

Vishing works like phishing emails, but is just telephonic. A fraudster could use both these techniques in combination.

 

Don’t underestimate something as seemingly harmless as a phone call

How it works

 

Technology has made it easy for fraudsters to place phone calls through the internet, which makes it nearly impossible to trace the number back, and catch, these fraudsters.

 

The voice is a robot

Vishing attacks rely heavily on software that allows the fraudsters to robo-dial numerous people at once. When you answer, you’ll get a machine. Part of their social engineering tactic is to pick a number that will look familiar to you. Hang up immediately.

The voice is real person

Sometimes, there will be a person on the other end of the line. Most of us simply aren’t cynical enough to suspect someone who is calling us – and has personal information about us - to be anything but genuine. 

The fraudster will often create a sense of urgency. For example, he/she might pretend to be someone from Visa who tells you of suspicious activity on your card - you need to act right away to stop it.

In this case, ask the caller for specific information that someone in his/her position should have.  

They’re calling from Visa? What are the last four digits of your number?
It’s your bank? What’s your account number?

 

However, even if the fraudster has this information, it could also mean that he/she went out of his/her way to collect information on you and believe that you’re a good victim.

Latest vishing scam - Unclaimed rewards

You receive a phone call from your ‘bank’ to inform you of your unclaimed rewards. To claim your rewards, you must be authenticated and this involves sending a one time PIN to your cellphone. The fraudster will ask you to tell them what this PIN is. 

 

What’s really happening? The fraudster has your credit card details and is trying to make an online purchase. All he/she needs is your one time PIN to complete the transaction.

 

He/she also might have your online banking details and require you to click on ‘Accept’ or ‘Press 1’ to confirm it’s you. In reality, you’re authorising fraudulent online transactions on your account.

Four things you can do

  1. Tell the caller that you can’t talk right now and will call back in a minute. Then call the company directly he/she is claiming to be from and enquire about this call2
  2. Never give anyone a one time PIN over the phone
  3. Never click on ‘Accept’ or 'Press 1’ if you are not logged into your online banking
  4. Contact the 24/7 global Client Support Centre immediately if you think that your personal information was compromised in any way 

We're here to help you

If you are thinking about buying a property this year, get in touch with your Private Banker who will assist you every step of the way.

For more Quick Update insights, click on the image below:

 

Get in touch

If you have any feedback or suggestions, please let us know