What are smishing and vishing - Meet the fraud variants
.png)
And you thought phishing was the only thing to worry about!
We hate to be the bearers of bad news but alas, we have a hard job to do. We are actively working towards helping you secure yourself and your family members by identifying and thwarting attempts of fraud online and via phone. While phishing is a common form of fraud that most of us are wary of, there are other forms too that you should be aware of.
In this article, we will go into the depths of smishing and vishing, which belong to the same family as phishing. In fact, we can call them the sub-sets of phishing.
Phishing
As we all know, phishing attacks, usually delivered via email, are impersonation-based. In simple words, the hacker impersonates someone else to gain your trust and lure you into clicking on dangerous links.
Verizon recently reported that 96% of all phishing attacks are email-based, which helps us understand why phishing attacks are referred to as email frauds only. Attacks from other means of communication are often taken lightly and to avoid this, they have been categorized into these sub-sets.
Smishing
Smishing is short for SMS Phishing. Any phishing attacks via SMS are known as smishing attacks. They aim at taking your personal information by impersonating someone you trust. They may also contain bait that needs urgent action from your end. Lottery rewards are the most common types in this category closely followed by fake bank information and updates.
Identifying a smishing attack
Due to lack of awareness, many users fail to identify smishing attacks. We ought to give kudos to the hackers too, though, because the messages actually seem genuine. But, to avoid falling prey to these SMSes, we advise that you read them carefully and block them if they -
· Ask for personal information
· Force you to act “immediately”
· Have typos or poorly formed sentences
· Ask you to click on links
Vishing
Vishing is short for Voice Phishing. You guessed it right - phishing attacks via phone calls are called vishing attacks. These scammers use VoIP technology, automated call processes, and tech to fake caller IDs to attack users.
Vishing has seen a shocking rise in the past few years, especially in the pandemic, with hackers posing as government officials to instill fear and get payments done.
Identifying a vishing attack
Identifiers of vishing attacks are similar to smishing attacks. You have to be even more careful with voice phishing, though, because it is easy to get carried away or scared and give information to someone on the spot. Common red flags include:
· Asking for a charitable donation
· Announcing that you have won a prize and you need to give personal details to claim it
· Banking executives saying your card needs renewal and they can do it on the call if you give them your card details
· Banking executives saying there’s been suspicious activity and they can block the card if you give them your personal information
· Government institutions threatening legal action if you don’t pay a fine
· Asking you to download a software program, claiming that your computer or phone is under attack
If you look closely, you will see a pattern here. All the common vishing attacks have one thing in common - they play on emotions. They mostly scare you into revealing your data or give you a sense of winning. We recommend not falling for these traps and never acting impulsively on call.
P.S. It’s always better to be safe than sorry and that’s why even if a caller from a bank or a charitable trust seems genuine, offer to call back and do the necessary research.
How to prevent phishing, smishing, and vishing attacks
GOOD NEWS - You don’t have to worry about any of these attacks!
There are simple ways of preventing them altogether. Let’s take a look at a few:
· Never click on any unknown link
· Conduct due diligence before entering information on forms
· Use a secondary number on social media, shopping sites, etc. so that your primary number remains private
· Block any and all suspicious messages and numbers
· Update your security settings and keep your phone updated to the latest OS version
Conclusion
Scammers are becoming more and more sophisticated, using various software programs to get their way. Prevention is definitely the best cure, thus. Doosra will help you to a great extent in this regard by providing you a SIM-less virtual number that you can use for all public purposes. Since it auto-blocks all calls, you will never have to worry about vishing. Smishing attacks can also be avoided because you will consciously know not to take any SMS seriously (besides OTPs). Sounds great, doesn’t it?