'Vishing' and the ways to tackle it

Cyber criminals have evolved as a set of dedicated personnel, scheming new strategies and techniques on a regular basis to rob people of their hard-earned money and strategic data and information that they wouldn’t generally keep disclosed at both personal and professional levels.
While phishing activities have been a persistent threat since the advent of electronic mail era and the sophisticated way of cyber crime that accompanied it, the organizations have identified it and a basic part of training of the employees includes the practice of detecting these phishing mails and to either report, delete or ignore such mails, with even mock practices being conducted at random levels to keep the employees on check.

However, it is the latest mode of phishing, that is creating waves in the arena of cybersecurity, damaging people at both professional as well as personal levels.
“Voice Phishing” or simply “vishing” in short, has been making into headlines in both national as well as global media with the set of challenges that they are bringing with them. The activities have been troublesome in India, a country that has been witnessing a digital push since last decade at both public and private levels, where the agencies have been issuing advisory to citizens using every media possible, using popular faces from entertainment and sports to aware people of the threats that may follow. Even popular streaming service “Netflix” produced a show with vishing as the central theme.

So why is “vishing” so threatening?
Probably because of the medium it uses to commit crimes, which is way popular than the emails, the phone calls. The criminals will be impersonating any official authority, private or public, by gaining access to the phone number of the victims, and asking them confidential information, in the garb of some routine check-up or urgent troubleshooting exercise to help them secure their money or data from getting blocked or expired. With most of the operations on phoneline, the criminals target urgent and quick responses, so victims get less time to think upon, and provide them access to data thinking it as a regular, official exercise. By the time they know, it’s too late.

So, what can be possible remedies against such a vicious attack?
Authorities have been quick in assessing the danger vishing represents and hence have been sending mails, passing recorded calls, and spreading the message through popular media, using popular faces to make people aware of the threats that may come under the veil of benign looking calls. Government and financial organisations have been repeatedly notifying public to avoid sharing of their personal data, that can be classified as critical information, with government or financial institutions over phone calls as they will never ask for the same.
Apart from the general awareness program, following measures can keep the illegal activities in check:

  1. Be vary of picking up unidentified numbers and returning calls or texting them back which claim representation from government or financial institutions, even if they use familiar local codes.
  2. Avoid sharing of the personal info like phone numbers and email ids that are linked to your most critical financial and official accounts in public spaces, which the hackers can easily hack into and exploit.
  3. Using genuine and highly rates apps and software that can detect spams and blacklisted calls and can also be used to block and report the suspicious numbers to keep them in public record as a possible fraud attempt.
  4. Always cross check with official representatives of the institution you personally know, or the entity authorizes, about anything being asked by something that is trying to impersonate them.