Vishing attacks have been on the rise in recent months, putting our information and devices at risk. But what exactly are they?
Cybercriminals are not short of imagination and means to get hold of your personal data and banking information. An increasingly widespread method is vishing, also called voice phishing. It is part of the mishing family, which includes all phishing techniques that specifically target mobile devices, as is also the case with smishing.
Impersonating a technical support or customer service agent is one of the most common methods. The hacker will use an urgent threat, such as losing access to a service or a danger of infection on your device, to persuade the victim that they must act quickly and not give them time to think.
The explosion of vishing attacks
Individuals are not the only ones targeted. For hackers, companies are prime targets. In this case, attackers call employees and pretend to be IT professionals to gain their trust. They sometimes conduct investigations into the organization to add context to the conversation and make the trap even more credible.
A report from cybersecurity firm CrowdStrike found that vishing attacks increased by 442% in the second half of 2024 compared to the first half of the same year. Often, cybercriminals explain to their interlocutor that they need to intervene remotely using the Microsoft Quick Assist tool built into Windows. The Microsoft Teams platform has been used in several such campaigns to make phone calls.
An alternative to vishing is callback phishing. If the target cannot be reached by phone, they will then receive an email, again describing an urgent problem to be resolved. A phone number is provided and the victim is asked to call it to receive supposedly immediate help. Please be aware that no legitimate organization (government, service provider, bank) uses this type of message to contact us.
Source: ZDnet
0 Comments