Phishing, Smishing, and Vishing – Oh My!
We’ve used this space before to bring your awareness to phishing and smishing campaigns that can expose your personal information, and today we’re writing to share about vishing campaigns. Vishing, or voice phishing, refers to scams conducted via phone, and we’ve recently learned of a new campaign targeting Schwab clients. Let’s review a few important points about this campaign, courtesy of Charles Schwab:
What would happen if I was being contacted as part of this scam?
- Schwab has received reports that scam callers have been impersonating Schwab by phone and requesting non-public client information, including Social Security Numbers. In these calls, the caller ID displays the name “Charles Schwab” and a Denver area code.
What should I do if I receive such a call?
- If you receive a suspicious call posing as Schwab, hang up immediately and then call Schwab at 800-435-4000 to discuss the situation as soon as possible.
How can I be sure that the phone call I receive is really a scam?
- Unless you’ve initiated a request with Schwab, Schwab will not call you for your personal information.
I’m interested in learning more about vishing – what can you tell me?
- Vishing – or voice phishing – callers use “social engineering” to attempt to trick the recipient into providing private information over the phone that the scammer can then can use to illegally acquire further private information or assets.
- This kind of scam often feels more personal as it is deigned to play on human trust and emotions.
- Unfortunately, making a phone number appear to be associated with an individual or association that it’s not, also known as “spoofing”, is a very easy thing for scammers to do. No matter where the caller is located, they can appear to be calling from a local area code, or from the same area code as a trust institution like Schwab, or even a government agency like the Social Security Administration.
- Often if you don’t answer, they will leave a message asking you to call them back.
- As phishing attempts continue to evolve and find new attack vectors, we must be vigilant. When it comes to cybersecurity, the best offense is a good defense.