What is vishing?

We’ve all heard about phishing, where a fraudster sends an email from a familiar or authoritative source and tricks you into providing your personal, financial or company information.

Vishing, or voice phishing, is where a fraudster does the same over a landline or mobile phone. They lead you to believe they’re trustworthy and then use the information you give them to either impersonate you, steal your money or sell your data.

The thing about it is that voice phishing fraudsters can’t be caught – placing a phone call through the internet is virtually impossible to trace.

Vishing attacks are often automated, where voice recordings are sent to many people at once using purpose-built software. Other times, it’s the hackers themselves who’re making the calls.

Either way, the scammers don’t hold the power – you do – because the success of a vishing scam relies on you falling for it and voluntarily giving them the details they’re after.

Vishing examples

Some scammers already have some of your personal information, such as your credit card details, but in order to gain access to your account they’ll need a one-time pin (OTP) that’s sent to your phone.

The phone call they make to you then, will be to try and get you to give them an OTP sent to your phone. If you read it to them, they can then enter the OTP that was meant for you only and access your online profile or complete a purchase for themselves.

Warning bells should start ringing as soon as a caller tells you they’ve found fraudulent activity on your card and need to verify you to secure your account.

Vishers, pretending to be from the bank or a security company, could also offer to help you install software to “protect your system”. Where it’s a scam, the software will turn out to be malware in disguise.

Some scammers are easy to detect but others do a good job of impersonating a trustworthy source. The only solution is to be extra sceptical when someone you don’t know calls you.

Vishing don’ts

Don’t give out personal or company information to someone who:

• is an unsolicited caller, no matter who you think it is
• already has some of your information, until you can verify their identity
• asks you to give them your bank details or an OTP over the phone
• asks for immediate payment
• says they can solve a problem with your bank account
• offers unsolicited technical support
• tells you you’ve won something

Also, don’t feel obliged to carry on a call politely if you suspect it’s a scam. If you’re in two minds, ask for their number and say you’ll call back. Or ask them a few “security” questions of details they should have if they are who they say they are.

The power to refuse

The good thing is that a voice phisher’s chance of success depends entirely on your response. If you don’t give them what they’re asking for, you’re safe.

If you’d like to improve your company’s cyber security measures, chat to us.

Do you have proper data protection in place?

New all-in-one cyber security and backup product gives more peace of mind


Get a 14-day free trial

Step 1 of 2

  • Sign up for your
    Free Trial

    Please complete the form to sign up for your free trial. For all our other products, please contact us for a consultation.

  • I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

The reseller zone is currently out getting a facelift as we look to integrate it with our backup platform, as it stands you can overview your clients on our new backup console. If you don't know what console that is, please reach out to us.

  • Hidden
  • I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

  • I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

  • I have read and understand IronTree Internet Services (Pty) Ltd's privacy notice.

We are taking all necessary precautions around the COVID-19 situation. Our offices are closed and our team members have each been set up to work remotely in self-isolation at home. As far as possible IronTree will maintain business as usual. All our resources such as server platforms, transactional capacity, telephony and electronic communications, including video meeting facilities, have been configured in the cloud and are 100% operational. Please feel free to contact us if you require our assistance. Stay safe!
One of our team members will be happy to help answer any questions you have!
Just click the chat icon in the right-hand corner.