Scammers seem to be increasingly sophisticated in the ways they make us part with our money. Many of us like to think we’re too savvy to be scammed, but the reality can be very different and even though you might have never been scammed I’m sure you know someone who has. Some of those would-be victims may also be your colleagues or your employees, and very much active on your business network. Being aware of vishing and making sure your teams are aware of it could save you more than just money!

So what is vishing?

Vishing is a mashed up word short for ‘voice phishing.’ It is a form of social engineering which targets one of the least secure parts of your network, your users. It normally goes something like this: Someone calls a user saying they are from the bank’s fraud department. They address the user by name, they know where the user lives and use personal information to convince them they are real. They will tell the user that they believe their credit card was used fraudulently and that their accounts have now been frozen.

They will then try to guide the user through a process so that “further fraud” can be avoided in the future. The call is convincing, the people talking are experienced and are very good at what they do. The outcome is generally the same, and the user ends up losing his money.

Not persuaded about how convincing they can be? Just have a look at the below video.

From Fusion: When You Dare Two Expert Hackers To Destroy Your …

After the hacks of Sony Pictures, JPMorgan Chase, Ashley Madison, and other major companies, Real Future’s Kevin Roose got curious about what it felt like to be on the victim’s side of a giant data breach. So he decided to stage an experiment: he invited two expert hackers to spend two weeks hacking him as deeply and thoroughly as they could, using all of the tools at their disposal. The result was a shocking privacy nightmare. Watch full episodes of Real Future here: http://fusion.net/series/real-future-show/

Posted by Digg on Friday, February 26, 2016

Not persuaded about how convincing they can be? Just have a look at the below video.

With technological defences becoming more and more sophisticated each day, scammers are turning to the security layer which can be most easily exploited – the human element. The more advanced of these will use malware or phishing to gather information about you, even track your social media use. This gives them a huge amount of identifiable information which they will use to convince you they are legitimate.

The cost of vishing

Most instances of vishing are designed to part the user from their cash. However, there has been accounts of vishing against businesses and as we all know data can be more valuable than money. This doesn’t even take into consideration the other ramifications a vishing attack can have on a company. With vishing an attacker can gain access to private company data and customer or proprietary information. This can impact the business’ reputation, trust and even result in proceedings if data is stolen.

How can you prevent vishing?

Preventing vishing needs to be a two-step approach and both of these steps are relatively simple and cost effective when considering the time and money spent to recover from a vishing attack. They also have other benefits besides protecting you from vishing.

Educate your users – Social engineering is dependent on using human interaction as the attack vector, tricking people into doing something that goes against their normal security procedures. Educating your employees by showing them how these scams work can go a long way to tackling them. It is also helpful to educate them about what to share on social media and what to keep private. This awareness can be used to tackle a multitude of scams and potential business threats.

Robust technological defences – Some scammers use malware or phishing emails to gather the information necessary for vishing to work. Having good malware, phishing and spam filtering and antivirus defences can help reduce this risk significantly. It will also protect your network from multiple threat types at the same time.

Vishing isn’t new but it is becoming more sophisticated. Even tech savvy companies fall prey to such tricks – it even happened to Snapchat! It’s time to recognise the threats of vishing before it’s too late and you become yet another victim!