‘Vishing’ attacks are using scam phone calls to trick users into giving out personal details

Flanksy

Malware known as FakeCall is causing significant disruption by manipulating incoming calls on smartphones, enabling ‘vishing’ scams aimed at tricking individuals into disclosing personal information.

Vishing, or voice phishing, is a scam technique that uses phone calls to fraudulently obtain personal data. Scammers impersonate trusted organizations such as banks, utility companies, ISPs, or delivery services to convince people to share sensitive details like credit card numbers, access codes, or identification information.

This issue is escalating due to the FakeCall malware, which can intercept and record incoming and outgoing calls, as well as access stored contacts and SMS messages on the device. Cybercriminals can identify specific numbers and call potential victims back, posing as bank representatives, tax officials, or delivery personnel to extract confidential data. The purpose of vishing aligns with that of traditional phishing campaigns: to collect personal information for fraudulent activities, including identity theft and unauthorized online purchases.

To protect yourself from vishing, it’s essential to stay alert and apply the same basic precautions as for phishing. The primary rule is to never disclose personal information over the phone unless you initiated the call. If uncertain, hang up and call the official number of the organization to verify the legitimacy of the call. Additionally, you can block calls from unknown numbers through your phone’s settings to reduce the risk of malware compromising your device or its settings.