According to the IC3 or Internet Crime Complaint Center, Vishing is simply voice phishing, a scheme whereby unsuspecting callers are directed to rogue IVR systems which are disguised as real systems from banks, credit card companies, etc.
These systems masquerade as real banks interactive voice response systems asking for confidential information.
In other words there is a relatively new way to get unsuspecting people to part with their confidential and personal information.
The requests to contact these IVR systems can come via telephone calls as well as e-mails.
According to the Wall Street Journal there is a hacker who even sells a kit which crafts e-mails which look like they come from real banks.
So now, we need to not only be concerned about clicking on web links but also calling telephone numbers.
So why is this good news? Well, there is an opportunity for a developer to come up with a system that checks phone numbers against a vishing database to ensure the number called is not fraudulent.
A second option would be to do a database dip and look up the phone number being called just as you dial. When you call Bank of America for example you expect to see the display say Bank of America. If you see "Unknown" you know you dialed a suspicious number.
M. Rezaul HassanJanuary 24, 2008 at 10:57 pm
This information really helpful, specailly small and medium enterpreneur. Because for this groups, usually enterpreneur himself used to do banking job, and they remain very busy and do the banking on the run. So they need to be more careful. Thanks
M. Rezaul Hassan
Why Teaching STEM to Inner-City Kids is Like Fracking For Untapped Potential
How Beep Takes the Slow, Steady and Potentially Safer Approach to Autonomous Vehicles
Using PCAP in Federal Government to Improve Cybersecurity