vishing


Also found in: Dictionary, Financial, Wikipedia.

vishing

(Voice phISHING) Also called "VoIP phishing," it is the voice counterpart to phishing. Instead of being directed by email to a website, an email message asks the user to make a telephone call. The call triggers a voice response system that asks for the user's credit card number. The initial bait can also be a telephone call with a recording that instructs the user to phone an 800 number.

In either case, because people are used to entering credit card numbers over the phone, this technique can be effective. Voice over IP (VoIP) is used for vishing because caller IDs can be spoofed, and the entire operation can be brought up and taken down in a short time, compared to a real telephone line. See phishing and VoIP.
References in periodicals archive ?
Rachel Tobac: In terms of social engineering from a high level, companies think about that and have pretty good training about how to spot things like phishing attacks through email or through malicious links, but from my experience, I have not seen an overwhelming uptick in training on vishing attacks.
Scammers are relying on people's vulnerability and vishing is particularly insidious in exploiting this.
The next chapter introduces higher mathematical models for working with phishing identification and mitigation and more complicated vishing attacks.
The retrieved information could be employed to empty bank accounts, but also for subsequent spamming, phishing or vishing purposes.
Vishing bank accounts will accelerate, due to ease of exploit and the appeal of easy money.
Like most other social engineering exploits, vishing relies upon the 'hacking' of a common procedure that fits within the victim's comfort zone.
Users of Voice over Internet Protocol (VoIP) systems must be mindful not only of denial-of-service vulnerabilities in their VoIP PBX implementations, such as the vulnerability discovered in Asterisk, but underlying VoIP protocol weaknesses that may leave organizations open to vishing, a new security threat which uses VoIP to steal user information, and spam over the VoIP network," said Chris Rouland, chief technology officer of Internet Security Systems.
Detective Inspector Traci McNally, who heads up NERSOU's fraud team, said: "This activity came about as a consequence of a number of victims being defrauded of thousands of pounds during vishing scams.
The topics include the latest trends in online fraud, such as phishing, vishing, the credit/debit card fraud types, modus operandi, counterfeiting and skimming etc.
The word vishing is a combination of "voice" and "phishing", another scam where fraudsters obtain personal details and passwords by sending fake emails designed to look like they came from legitimate organisations such as banks.
Don't fall victim to the latest scam - vishing - by giving your bank details to strangers over the phone
Vishing involves a fraudster posing on the phone as someone from a bank or building society fraud investigation team, the police or another legitimate organisation such as a telephone or internet provider.