Skip to main content

Cybersecurity “Vishing” Attacks — All You Need to Know



The spate of cyber attacks has significantly remained on the increase, and there are no signs of it slowing down — not with the continued reliance of individuals, small businesses, educational institutions, and of course governments around the world on Cyberspace.

This reliance has made cyberspace to generate a vast and unending pool of sensitive data and information which are of very high value, hence making it a gold mine and prime target for cyber criminals to exploit.

If we examine this from the perspective of information technology versus the humans who generate, process and store/transmit the information, we can try to determine which aspect is the most vulnerable to the tactics and techniques of the cyber “Bad Actors’’. Over time it has been determined that the weak-link in the chain is the “end-user” side. To a considerable extent, the Information Technology security side has matured over the years and is constantly being developed. Several reports have attributed a very high percentage of cyber attacks to human error. According to thrivedx, 95% of cybersecurity breaches are caused by human error which apparently were preventable.

What is Vishing?

Now, one of the ways this end-user cyber attack occurs is through a tactic called “Vishing” — which is simply a social engineering attack that occurs over a telephone call, whereby the caller attempts to use psychological manipulations to trick users into divulging personal/organizational sensitive information.

Phishing is a more common term which involves hackers sending enticing or compelling emails sometimes claiming to be a known organizational users, but with malicious attachments in form of documents and pictures. Vishing is simply the voice version of phishing!

What is the Primary Purpose of “Vishing” Attacks?

The ultimate aim of a vishing attacks is to steal valuable information such as login details, Personal Identification Numbers (PIN), and bank account details which is usually targeted at gaining access to the victim’s bank accounts.

How to Recognize Vishing

Vishing attacks comes through phone calls either on personal mobile or organizational phone systems. The main red flag to look out for is when the caller presents a frantic sense of urgency, which sometimes sounds like a threat. Sometimes the call may not come from a human at the other end, but an automated call with instructions to key in information via the telephone keypads.

Also, it is worth noting that the callers are usually experts in their field or self-acclaimed experts, and attempt to use the right professional terms in their communication. They could masquerade as IT technicians, financial advisers, bankers, or even medical personnel.

Emails and/or text messages do usually get sent to the recipient as follow-up to the vishing calls, with malicious links that can lead to compromised websites designed to harvest sensitive information like passwords and credit card details. Also, the attackers do call with different numbers, thereby making it difficult to get them blocked.

Vishing Attacks Statistics

According to statista, “In the second quarter of 2023, the volume of vishing attacks worldwide saw a 10 percent increase since the previous quarter. This change was more significant in the two preceding quarters when a 40 percent increase was detected”.

Precautions Against Vishing Attacks

i. Avoid getting swayed by the sense of urgency presented by the call requesting for sensitive information

ii. Endeavor to keep the communication going and try to gather and write down some information about the caller, which can be useful for cyber incident management investigations.

iii. In the case of automated calls, kindly drop the call and do not attempt to press the keypads to provide any information like PIN and banking card details.

iv. Report suspected vishing incidents to your organizational IT or on relevant government platforms.


Labels:
Location: Aylesbury, UK

Comments

Post a Comment

Kindly drop you comments, love to hear from you. Thank you.

Popular posts from this blog

WhatsApp - How to Enable Two-Step Verification

Once again I bring to you online security tips; this time it is about the popularly used mobile messaging app  - WhatsApp.  Two-step verification ensures safety of the application and prevents intruders from taking over your account. Here are the steps to enable the two-step verification. Step 1: Open WhatsApp Settings. Step 2: Tap Account > Two-step verification. Step 3: Tap Enable. Step 4: Enter a six-digit PIN of your choice and confirm it. Step 5: Provide an email address you can access (Recommended) Step 6: Confirm the email address and tap Save or Done. You should see the final page as show below With this you have successfully enabled two-step verification on your WhatsApp account. Remember to keep your six-digit PIN safe and never disclose to anyone. Hackers can come by way of social engineering and trick you to release sensitive information like the six-digit PIN, beware of such. Thank you for reading and I hope you find this quite helpful. Stay safe!
1 comment
Read more

WHATSAPP: HOW TO BACKUP CHATS & MEDIA ON GOOGLE DRIVE

With Google Drive cloud storage service you can backup WhatsApp media which includes chats, photos, videos, audio and documents. It is goodbye to data loss! The importance of performing this backup is if you change or lose your device you can always retrieve all your previous media files with ease. Google has recently announced a new agreement with WhatsApp regarding backup of WhatsApp chats and media on Google Drive which will allow users have extra storage different from their normal Google Drive storage quota. The announcement reads; "Due to a new agreement between WhatsApp and Google, WhatsApp backups will no longer count against Google Drive storage quota. However, any WhatsApp backups that have not been updated in more than a year will automatically be removed from storage. This policy will go into effect for all users on November 12, 2018 though some users may see the quota benefits earlier. To avoid the loss of any backups, we recommend that people manually back up...
4 comments
Read more

INTERNET PENETRATION - Nigeria Top Three in Global Online Search

Over the years Internet penetration has greatly improved across the developing countries of the world especially Nigeria which now has over 92 million internet users. Finding information online has become a common practice as people comfortably search for information using web search engines, especially Google  and get relevant search results that answers their questions and further provides them insight to related articles, events, photos, news and even map locations. Thanks to Google Map Local Guides like myself who diligently contribute to improve the map by sharing knowledge of the local environment. The mobile internet revolution has made it possible for people even in the rural areas to have access to internet on their mobile devices. During my University days, precisely in the year 2008, I carried out a questionnaire research on the topic: "How Effectively Do You Utilize Your Mobile Phones For Internet Access", the responses were amazing as people were alrea...
3 comments
Read more