Forgetting Phishing – high tech fraudsters are turning to Vishing and SMiShing to lure unsuspecting fools out of their personal details and money.
Phishing – the Nigerian prince/lottery win emails that try to get you to part with your cash or information or websites with a similar focus – are well-established as one of the internet's evils, but new fraud tricks are appearing all the time.
Apparently two of the new kids on the fraudulent block are Vishing and SMiShing.
Vishing takes advantage of caller ID to pretend to be a famous organisation urging the caller to ring back and use an automated response to hand over their details.
SMiShing on the other hand uses SMS messages – asking people to ring a number and leave information.
SMiShing your money away
"The fraudster will typically provide a phone number for the victim to call, where an automated Voice Response (or Interactive Voice Response – IVR) system will ask for their card number, PIN, address and other financial details," explains David Britton of fraud detection and intervention specialists 41st Parameter.
"These phone systems are typically set up to mimic the legitimate bank phone system, making it difficult for the victim to differentiate.
"In the case of Vishing, the fraudsters are actually exploiting the very mechanism that is intended to protect the victim (Caller ID) to gain a level of credibility and trust.
"The fraudster will typically use the existing phone infrastructure and will spoof the caller ID to make it appear as if a phone call is coming from the organisation they are impersonating.
"They will then prompt the victim to call back at the same number that appears on the caller ID, and then have them enter their personal financial information via an automated response system."
Of course, as with all of these scams, making free with the personal info is fairly idiotic, so if you feel you may fall into the SMiSher-man's net then it's probably best to get a trusted adult to handle your bank accounts.
