vishing attack.

Voice phishing: Koreans under attack

3 Mins Read

PUREVPNNewsVoice phishing: Koreans under attack

The Korean government reports that approximately 200 Korean individuals daily fall victim to “voice phishing,” with an average monetary loss of around 8,500 Korean won. The scammers employ effective tactics to achieve such a high success rate. These fraudulent schemes are more sophisticated than one might anticipate, discovered by Checkpoint.

Listen here.

Understanding vishing?

Vishing, an amalgam of “voice” and “phishing,” is a social engineering attack that exploits human emotions. The deceptive tactic works when an attacker initiates a phone call, posing as a legitimate person, to acquire sensitive details such as bank account numbers, home addresses, email addresses, or any information that can be utilized for identity theft in the future.

Unlike phishing attacks that employ various channels like emails or spoofed URLs, vishing attacks primarily rely on phone calls and Voice over IP (VoIP) technologies like WhatsApp, Skype, Messenger, and similar platforms.

Tactics used to initiate vishing attacks

Scammers employ several vishing attacks to deceive individuals and acquire their personal information. Here are a few common styles:

  • Caller ID spoofing, in which an attacker manipulates the caller ID to make it appear that the call is from a real source, such as a bank or a government agency. This tricks the recipient into believing the legitimacy of the ring.
  • Voice manipulation uses advanced techniques; the attacker alters their voice to mimic someone familiar, like a family member or a company representative, to gain the victim’s trust and extract sensitive information.

Source: Reddit

  • Prize or lottery Scams happen when a scammer informs the victim that they have won a prize or a lottery and asks for personal information or upfront fees to claim the reward. This preys on the victim’s excitement and desire for monetary gains.
  • Technical support scams pose a representative from a reputable company and claim that the victim’s computer or device has been compromised. They then try to convince the victim to provide remote access to their system or share login credentials.
  • Financial institution impersonation acts as a bank or financial institution representative claiming an issue with the victim’s account. They then request sensitive information, such as account numbers, passwords, or social security numbers, to resolve the problem.
  • Urgent action is required; the attacker creates a sense of urgency by claiming that the victim’s account has been compromised, and action is needed to prevent further damage. This tactic pressures the victim into sharing personal information without verifying the call’s legitimacy.

Twitter hack vishing is used as a tool.

A war against vishing: Here’s what you must do

Consider taking some steps to protect your organization from cybersecurity threats:

  • Create policies and procedures that cover password management, acceptable use of technology, handling of sensitive information, and a comprehensive written information security program.
  • Provide training to help employees recognise and avoid phishing attempts. Consider using a learning management system to deliver practical security awareness training.
  • Conduct regular phishing tests using services like CyberHoot’s Phish testing. This helps identify employees needing additional training and ensures they learn from their mistakes.
  • Utilize two-factor authentication for critical accounts, enable email spam filtering, regularly validate backups, and deploy antivirus, anti-malware, and DNS protection on all devices.
  • Manage personal devices connecting to your network: In the current work-from-home environment, either ensure personal devices meet security requirements (such as up-to-date software and antivirus protection) or restrict their use altogether.
  • Engage a third party to assess your organization’s vulnerabilities and prioritize risks. This helps you focus your resources and efforts on addressing the most critical security gaps.
  • Protect your organization by purchasing cyber insurance coverage.

You can enhance your organization’s cybersecurity posture and reduce the risk of falling victim to cyber threats by following the above mentioned guidelines by security experts.

Read more: Vishing awareness week.

Don’t catch the ball: Voice is a threat too

Real people will never ask for your personal information on calls. They sound legitimate and professional. So here comes your effort to be vigilant with such attacks. Never give your details, whatever the circumstances are. Stay safe!

author

PureVPN

date

May 17, 2023

time

1 year ago

PureVPN is a leading VPN service provider that excels in providing easy solutions for online privacy and security. With 6000+ servers in 65+ countries, It helps consumers and businesses in keeping their online identity secured.

Related Stories

Phorpiex Botnet Sends Millions of Emails in LockBit Black Ransomware Attack

Phorpiex Botnet Sends Millions of Emails in LockBit Black Ransomware Attack
Posted on May 14, 2024
South Australia Wants to Ban Social Media for Kids, Soaring VPN Searches

South Australia Wants to Ban Social Media for Kids, Soaring VPN Searches
Posted on May 14, 2024
The Rise of Malvertising Attacks by FIN7

The Rise of Malvertising Attacks by FIN7
Posted on May 13, 2024

Have Your Say!!

Join 3 million+ users to embrace internet freedom

Signup for PureVPN to get complete online security and privacy with a hidden IP address and encrypted internet traffic.

Get PureVPN