Picture this: You are stuck in your car in a never ending traffic jam. You get a call on your mobile. You answer the call, hoping to talk to someone. But instead, you hear a recording—informing you that your credit card or bank account has been used for a fraudulent activity or there has been a very high-ticket transaction on your credit card. Obviously, you panic. Who wouldn’t? The recording also tells you to call back on a particular number immediately. With your mobile in one hand, you hunt for a pen and paper in your car’s glove compartment to write down the 1800-toll free number and realise that the call is from “bank”. You decide to call.
But you better not because, you’ve just been under a vishing attack.
Vishing is similar to phishing, which is a fraud perpetrated though an email that seems to be send by your bank to get you personal and banking details. The only difference in vishing is that the fraudster uses the phone. It is, however, an amalgamation of phishing and voice over internet protocol technology. Here the fraudster uses an automatic dialing software to make random calls and then entices you to share your sensitive financial details with him over the phone.
Now, we go back to the aforementioned scene in the car. You are not aware of vishing and you call back. You either hear a machine or an individual answering the call, saying, just like your bank would, the call cannot go through, unless you clear the verification procedure. You are asked to punch in your credit card number. After a little bit of cursing, you get your card handy and punch in the details. Natural, as you are worried about the amount that has been siphoned off. Then you are asked to punch in the card CVV number, and the expiry date, your bank account number and what not. Under a normal circumstance, you would have cribbed about so many verifications, but since you want to know about the fraud that has happened on your card, you simply provide the details without much though or resistance. Sadly, you just gave your home keys to the thieves. Now that the fraudster has your details, he can easily use it actually commit a fraud on your account.
So, now that you know what vishing is, knowing a few things will held you shield yourself from such attacks. If you get such a call from a machine, you should not call back in the number. When you call back, a number that flashes on your screen could well be your bank’s number. Just like a phishing email may look like it is from your bank. But actually it’s not. Also, never call back on any number you receive via SMS or email. If you do by mistake, never provide any sensitive financial details.
Bear also in mind that sometimes a missed call from an unknown number or a private number can also turn out to be a vishing. Experts say at times the call is call from a number beginning with +92 (Pakistan). In such cases, the recorded voice tells you that your phone bill or some such is not paid and urge you should make a credit card payment right away to avoid late payment fees. If you give your details, you are done.
But the catch is there are times when banks really call up. In that case, a bank representative always has some basic information about you. Be careful, if you get a call where the representative has no basic information. We suggest, hang up and call back on the bank’s number mentioned on the back of your debit /credit card or account book.