Most computer users and Internet surfers are by now aware of Phishing and its two variants Tabnabbing and Tabjacking. In this article we will try to make you aware of two more variants or attacks or scams : Vishing and Smishing
In Phishing, an email “appearing” to be from a legitimate source is sent, requesting the recipient to visit an authentic looking URL, to login in and enter sensitive personal data. These are then harvested by the sender and misused with a view to making profits.
What is Vishing
Vishing is a variant of Phishing, the term being coined as a combination of Voice and Phishing.
Vishing attacks are usually initiated via a telephone, where the caller, claiming to be from some legitimate organisation or institution, calls to verify some personal information about you. He may mention a few basic details about you correctly, leading you to believe that it’s the real thing. A smart caller then may unknowingly extract sensitive information from you about you.
Alternatively, you may instead receive an email, asking you to call up a particular telephone number immediately, to prevent your account being blocked. Here again, a shrewd talker will try to fool you into inadvertently divulging some personal financial details about you.
A typical Vishing scamster may make use of Voice over Internet protocol (VoIP) and even leave a Toll Free number for you to call.
What is Smishing
With text messaging becoming so popular, scams involving SMS’s had to appear! Smishing is a termed coined from Short Message Service (SMS) and Phishing. In these scams, you may receive an SMS stating that your account will be charged since you have confirmed enrollment in some particular program or service like a dating service, some club, some vacation scheme, some phony purchase and so on. And that if you do not reply within say 2 days, your account with be charged with some money. You may then be asked to visit a URL and/or click on Cancel to cancel the order. Clicking on such links or on Cancel /Confirm options, may download a trojan, thereby exposing your mobile device to criminal access.
How to avoid falling prey to Vishing and Smishing scams
Whatever happens, do not panic! Make it a rule not to respond to such emails, phone calls or SMS messages.
If you do receive them, simply call up the bank number or write a fresh email or phone the bank directly on the contact details which you know to be genuine. This is the most basic common-sense rule to follow!
You may also wish to consider reporting such scams to your local authorities.