Vishing (Voice Phishing) definition in Cybersecurity
Vishing, short for "voice phishing," is a form of social engineering where attackers use phone calls to deceive individuals into divulging personal, financial, or security information. Unlike phishing which typically occurs through email or text messages, vishing specifically involves voice or telephone communications. Attackers often pose as representatives from legitimate companies, such as banks, government agencies, or tech support, to trick victims into providing sensitive data or making payments to fraudulent accounts.
Notable Incidents
- IRS Phone Scam: Scammers impersonate IRS officials to demand payment for unpaid taxes, often threatening legal action. (Wikipedia link)
- Microsoft Tech Support Scam: Victims receive calls from individuals claiming to be Microsoft tech support, alleging that the victim's computer is infected with malware and offering to fix it for a fee.
How to Protect Your Network against Vishing
- Educate and Train Employees: Regular training sessions to recognize vishing attempts and the importance of verifying caller identities.
- Implement Caller ID Solutions: Use advanced caller ID and verification technologies to help identify and block suspicious calls.
- Verification Procedures: Establish internal procedures for verifying the identity of callers, especially when sensitive information is requested.