What is vishing?

Every year there is an increase in cases of digital fraud using social engineering techniques to deceive users. Social engineering involves obtaining sensitive information such as bank details and passwords that enable cybercriminals to commit fraudulent activities.

Recently, numerous cases of fraud committed using the vishing technique have been identified and it is therefore essential to know what it is and how we can protect ourselves.

What is it?

It's a type of social engineering that sets out to obtain users' personal and bank details by means of a telephone call, deceiving the victim by impersonating a trusted third party.

How does it work?

A common example is the fake computer technician who calls to solve an alleged problem with the computer. The cybercriminal seeks to convince the user that in order to solve the problem, they need to install a remote access programme. In this way, they take control of your computer and have access to your banking information.

Another growing practice is to impersonate a mobile phone operator. In this case, they offer the opportunity to take part in a draw for high-end gifts, such as state-of-the-art smartphones. It's important to remember that these deceptive offers not only reach us via phone calls, but also through messages and online advertising.

How can you protect yourself?

The first method of prevention is to be aware. Thus, you can follow some security recommendations to pre-empt cyber-attacks and keep your computers protected:

  • Be suspicious if you get a call from a known company which you are not expecting. And, above all, any communications that request urgent action, such as providing your bank details.
  • Do not provide personal information or reveal your bank details. Banco Santander never requests confidential information by e-mail, SMS or any other unsecured channel.
  • Beware of offers that are too good to be true, promotions or refunds that you didn't ask for. If you have any doubts about what they are offering, contact the legitimate organisation.
  • What should you do? Stay calm and don't follow the cybercriminal's instructions. It is best to interrupt the conversation and contact the bank or organisation to report what has happened. If you have provided your details, quickly check your accounts to see if there has been any activity.

You might be interested in