A social engineering scam in which confidential information (such as credit card information) is extracted from a target over the telephone for financial gain. A common vishing scam involves an attacker who uses the guise of a technical support employee to call the victim and inform them that they have a serious problem with their computer which needs to be resolved. Thereafter, the victim is asked for sensitive information, such as their credit card details.
Other pretexts used during vishing scams include calls from broadband companies about “outstanding balances” and calls from your bank’s “fraud department” about a fraud that has occurred on your account and which needs to be “urgently resolved”. Vishing scams can have surprisingly high success rates as an authentic call-centre environment is often used along with spoofed phone numbers, which appear to be local or familiar to the victim. Also, the victim’s logical judgement gets impaired by a huge sense of urgency that is imposed on the victim by the fraudster. Vishing is often used in conjunction with a phishing email as any story becomes more credible if it comes from more than one source.