We often write here about email phishing or text messages that are scams. But fraudsters like to mix things up, to play the field, and to use all the tools of their scammy trade. So, in the interests of reflecting scams across the board, we have decided this week to talk about a recent case that involved a friend of mine – the case of the trickster and the telephone.
Last week, a friend told me that his wife got pretty close to being scammed. The woman, let’s call her Jane, received a cold call to her mobile. The caller was nice and friendly and told Jane he was calling to reveal Jane had won a raffle for a free holiday. Excited, Jane started chatting to this bringer of good tidings.
In the end, Jane was on the phone call for at least 10 minutes before the penny dropped – this was not real; she was being scammed out of personal information and the caller already knew too much. The modern name for the phone scam is ‘vishing’ from the words voice and phishing.
What is Vishing?
There is a lot of emphasis on digital scams. For some reason, technology is deemed to be ‘sexy’ and so it gets all of the attention. But the phone scam is alive and kicking and is just as serious as its digital counterpart.
Vishing involves the same tricks used by the digital scammer:
Trust– they build up a relationship with the person on the other end of the phone. This gives them greater opportunities to extract the information they need to follow through with the scam.
Urgency– some phone scams will use a sense of urgency to get you to hand over personal data. For example, the fraudster may convince you they are calling from your bank as your account is compromised.
Fear of Missing Out (FOMO)– in Jane’s case, the fraudster used Jane’s FOMO on an exciting holiday to attempt to get her to hand over sensitive data.
In the North East of Scotland in a 3-week period, vishing scammers stole £1.2 million from victims. Vishing scams are successful, so they will continue to be used. If you receive a call that sounds too good to be true or is asking for personal data such as name, address, PIN or banking codes, login credentials of any sort, do not release them.
Also, be careful when hanging up and trying to dial another number (like your bank to check the validity of the caller). Vishing techniques include holding open your line for a time; when you try to dial another number, you get sent back to the fraudster.
What Happened to Jane After the Vishing Scam?
Jane was able to recognise, during the call, something was amiss. She ended the call abruptly once she recognised the signs. She had, however, already given away her name and address – a simple “can you confirm your name and address” from the caller set that action in progress. Fortunately, when the caller asked for bank details to send part of the prize (spending money) Jane realised this was a dangerous situation.
However, Jane will now need to be extra vigilant. She has signed up for an account with a credit file agency to watch her credit searches, etc. She has also called her bank to warn them, even though she didn’t give out any bank details. She is now also considering signing up for CIFAS identity protection which reduces the risk of products, including financial services, being applied for in her name.
Why not help your colleagues stay safe and send them this little reminder. Feel free to edit, copy/paste the advice below:
A Phone call About a Holiday Prize is a Vishing Scam
Vishing is a form of phishing over the telephone. A vishing scam is currently operating by tricking call recipients into thinking they have won a holiday.
The scam is to extract personal information, including name, address, bank account details, login credentials, or similar.
DO NOT give our personal data on a phone call.
Fraudsters can also keep a line open even if you hang up. DO not try to immediately call your bank or similar to check a suspicious call. You will be placed back on the call with the fraudsters.