Suggested IT Security Resources
Vishing
Vishing (a combination of the words Voice and Phishing) is a phone scam where fraudsters target you by phone and try to trick you into divulging personal, financial or security information or into making a financial transfer to them.
A fraudster can phone you, claiming to be from a bank, card issuer, the Gardaí/Police or a service provider such as a telephone company, internet provider or computer company. They trick you into believing they are a legitimate representative of the organisation and that it is in your interest to give the information they ask for.
Fraudsters can try to extract information from you such as debit or credit card details, PIN number, online banking details, password and personal details such as name, address and date of birth. This information is then used to access your bank account or carry out transactions with your card.
The following are some variations of vishing:
- Fraud on your account: The criminal tells you that there has been fraud on your account and in order to protect the rest of your money you need to move it to a “safe account”. They provide you with account details and get you to transfer money out of your account to a fake account (which belongs to the criminals) either via an electronic transfer or via a money transfer service such as Western Union or Money Gram
- Technical/Phone support Scam: You receive a call from a company saying that there is a problem with your PC, laptop or modem (interne , broad band)that urgently needs to be fixed. For more details click here.
- Courier fraud: The fraudster makes contact with you by phone, advising you that something is wrong with your card and asking for personal information in relation to the card. They then advise you that they will send a courier to collect the card.
- Number Spoofing: The criminal makes contact with you by phone. They hide the number they are really calling from and make it look like they are calling from the phone number of the genuine company.
- There have also been cases where the fraudster encourages the victim to check the validity of their identity or to make an immediate report to the Gardaí/Police. When the individual hangs up their landline, the fraudster holds the line open (by not hanging up). When the individual picks up the phone again to ring the genuine company or the Gardaí /Police they do not realise that they are still talking to the fraudster.
Key Advice
- Be very wary of any unsolicited phone calls.
- Never divulge personal information until you have validated that the caller is a genuine representative of the organisation they claim to represent. You can do this by following a number of steps:
- Advise the caller that you will call them back once you have validated their identity.
- Look up the organisation’s phone number (by using the phone book or their website) and make contact directly with them to validate.
- Do not validate the caller using the phone number they have given you (this could be a fake number).
- If the caller is genuine, they will understand and welcome your need to validate them.
- Fraudsters may already have basic information about you in their possession (e.g. name, address, dob, account details), do not assume a caller is genuine because they have these details.
- Remember that it takes two people to terminate a landline phone call, you can use a different phone line to independently check the callers identity.
- Your bank or the Gardaí /Police will never ask for the following:
- Your credit or debit card PIN number or full online banking password.
- Request you withdraw money to hand over to them or transfer money to another account, even if they say it is in your name.
- To come to your home to collect your cash, payment card or cheque book.