What Is Vishing aka Voice Phishing?

How to protect yourself against a vishing attack

Woman on a phone call on her smartphone.

Fezbot2000/Unsplash

Vishing is a phone-based scam relying on phone calls and voicemails to trick unsuspecting people into giving up their sensitive personal information. To better understand this lesser-known form of phishing, here's a breakdown on how vishing works and how to protect yourself from vishing attacks.

What Is Vishing or Voice Phishing?

Like caller ID spoofing, vishing is a phone-based scam. But unlike caller ID spoofing, vishing is less about scammers disguising their phone numbers and more about scammers calling and/or leaving voicemails intended to persuade and frighten victims into giving up their personal information. And as software company Intuit notes, if these scammers' vishing attempts are successful, it can result in victims having their identity stolen.

The word "vishing" is actually a combination of two words: voice and phishing. The word combination is a reference to the fact that vishing is a phone (or voice)-based form of phishing, which is another scam type that also generally involves impersonating trustworthy entities or people to get people to divulge personal information to scammers. The concept of phishing is most closely related to email scams, however.

The main problem with vishing is it's often used by scammers to gather personal financial information they can then use to access their victims' bank accounts. In some cases, such information can also be used to steal a victim's identity, which can allow scammers to open new accounts like credit cards, in the victim's name.

How to Protect Against Vishing Attacks

While you may not be able to block all vishing attempts, there are still a few things you can do to minimize the risk of falling for one:

  1. Don't give your personal information to a suspicious caller. Anti-virus software brand Norton by Symantec recommends ending the call, then contacting the company in question with a verified phone number (from the company's official website) to see if the previous phone call you received was legitimate.

  2. If you get a suspicious call, block the number. Your smartphone should offer a way for you to block calls or you can use an app to block numbers. You should also generally avoid accepting phone calls from unknown numbers.

  3. Know how trusted companies and agencies would normally contact you. As Navy Federal Credit Union advises, companies or even agencies like the IRS are probably unlikely to call and harass you for money or your personal financial information. Bearing that in mind can really help you stay calm in a vishing situation, instead of panicking and just giving up all your information to a stranger over the phone.