BizSugar.com › News › Vishing: The Latest, and Greatest, Security Concern

Cybercriminials' latest effort involves a combination of VoIP and phishing and is aimed squarely at small and midsize businesses.

Cybercriminals have become quite adept at taking advantage of the latest technology. Their latest foray centers on leveraging the significant acceptance of Voice over IP (VoIP) to steal personal information.

The crooks' latest ploy is a variation of phishing, which has become a significant problem in the last few years. Vishing operates like phishing and tries to persuade consumers to divulge their personal information by claiming that their accounts have been suspended, tampered with, deactivated, or terminated. A couple of variations on the scam have arisen. The first mixes phishing and vishing. The recipient receives an e-mail message but is instructed to call rather than click on a link to verify personal data. In another scenario, text messages are sent to cell phones claiming the recipient's on-line bank account has expired. The message instructs the recipient to renew their online bank account by using the link provided.

In other cases, crooks create fully functional PBXs using low cost PCs and inexpensive voice software. The perpetrators use dialers and bulk-rate VoIP services to flood an area with automated telephone calls, either reaching consumers or leaving voice mail messages. Recipients are directed to contact their banks, credit card companies, or merchants to verify their personal data.