The use of telephony (typically Voice over IP telephony) to perform phishing attacks is known as voice phishing or vishing.
Landline telephone services are typically reliable because they are terminated at recognized physical locations and are associated with a bill-payer. However, contemporary Voice over IP (VoIP) technologies like caller ID spoofing and automated systems (IVR) are frequently used by vishing criminals to evade detection by law enforcement authorities. Voice phishing is commonly used to acquire credit card numbers or other personal information from individuals for use in identity theft operations.
Voice phishing assaults are often carried out via automated text-to-speech systems that instruct a victim to contact a phone number controlled by the attacker, although some employ live callers.
The fraudster poses as an employee of a reputable organization such as a bank, police department, telephone company, or internet service provider in order to gain personal and financial information about credit cards, bank accounts (including the PIN), and the victim's personal information.
With the information obtained, the fraudster may be able to get access to the account and empty it or perpetrate identity fraud. Some con artists may attempt to persuade the victim to transfer monies to a separate bank account or withdraw cash to be paid directly to them.
Scammers frequently target immigrants and the elderly, coercing them to transfer hundreds of thousands of dollars in response to threats of imprisonment or deportation.
A unique feature of Vishing is the speedier response time to an attack attempt owing to enhanced accessibility to a phone, as opposed to an email, when the victim may take longer to answer. Scammers may sometimes just change phone numbers if a certain number is blacklisted, and they frequently discover methods to get past restrictions and regulations. Phone companies and governments are always looking for innovative strategies to reduce the number of bogus scam calls.
Voice phishing has certain characteristics that set it apart from comparable attack methods such as email phishing. Vishing enables the targeting of those who do not have a functional understanding of email but do have a phone, such as the elderly, because of the growing reach of mobile phones. Due to the confidence, many users have while interacting with someone on the phone, the historical popularity of call centers that ask for personal and confidential information makes it simpler to obtain sensitive information from victims.
Vishing assaults can be more personal and hence more powerful than similar alternatives such as email since they use voice communication.