This share prices have a 15 minute delay and are shown in the local time of the market in which the quote is displayed.
Last update: 29/09/2022
With fraud on the rise (especially online), protecting your bank info is more important than ever. Fraudulent schemes can be done via email, SMS and even by telephone. This article explains how phone scams work and how to recognize them.
Let's imagine for a moment that you receive a phone call from someone who claims to be an employee of your bank and tells you your credit card has been unexpectedly deactivated and you must urgently confirm your card details to reactivate it. They ask for your card's expiry date and the card verification code (CVC), information that your bank would never ask for.
These types of calls are known as "vishing". They're more common than we think, and we must be prepared to recognize them so a third party won't get hold of our bank info.
What is vishing?
Vishing is a telephone scam in which criminals claim to be a person, a bank, an energy or gas company, or any other organization that would have a reason to contact you. Their aim is to steal personal or bank information or even to convince people to transfer money to scammers.
What differentiates vishing from phishing (via email) and smishing (via SMS) is its communications method (e.g. the telephone). It is a portmanteau that combines "voice" and "phishing".
How does vishing work?
Social engineering is what vishing scammers (or "vishers") use to get their victims to provide information or transfer money. It involves manipulative and persuasive techniques. The three most common in banking are:
- Direct call. The visher makes the call pretending to be an employee of the bank. Before making the call, they have likely learned the victim's phone company, streaming platform or other services usually paid by credit or debit card to sound more convincing and carry out the scam. In fact, sometimes victims can even post compromising info or their buying behaviour on social media. Therefore, the victim can be convinced more easily to provide the information the visher wants.
- Double call. This is a more elaborate method but persuades victims even more. A recorded message (usually by a robot) informs the victim of an apparent problem (such as unauthorized access to their digital banking app) and gives them a phone number to call and resolve it. The scam occurs when the victim calls and gives their log-in details or other requested info.
- Various techniques combined. Criminals also often use additional methods to vishing . They might "smish" (or text) their victim with a telephone number that appears to be from their bank but which they actually control.
“Spoofing”: When looks are deceiving
When making calls, cybercriminals may use spoofing, which consists of making up a fake website, company or individual. It may involve displaying the apparent company's caller ID to hide the original caller.
How can we protect ourselves from vishing?
A very easy way to avoid vishing is to be alert and informed and to take some simple precautions, such as not sharing your personal or financial info and security codes.
If you want to learn more about vishing, read this article (in Spanish) on the Tu Futuro Próximo website (a blog by Santander Consumer España).
