Vishing
Voice phishing - using phone calls to deceive victims into revealing sensitive information or taking harmful actions.
Also known as: Voice Phishing, Phone Phishing, Phone Scam
Category: Concepts
Tags: cybersecurity, security, fraud, attacks, phone
Explanation
Vishing (voice phishing) is a social engineering attack conducted over the phone. Attackers call victims pretending to be from legitimate organizations - banks, government agencies, tech support, or employers - to extract sensitive information or manipulate them into taking specific actions.
Vishing is effective because phone calls create urgency and pressure that's harder to resist than email. Hearing a human voice builds false trust, and victims can't easily verify caller identity. Modern vishing attacks use caller ID spoofing to display legitimate-looking numbers, and some even use AI-generated voices to impersonate specific people.
Common vishing scenarios: 'bank fraud department' calling about suspicious activity, 'IRS' threatening arrest for unpaid taxes, 'tech support' claiming your computer has viruses, 'utility company' threatening service disconnection, or 'grandchild' claiming to be in trouble and needing money urgently (grandparent scam).
Defense strategies: never give sensitive information to incoming callers - hang up and call back using an official number you look up independently. Be suspicious of urgency and threats. Remember that legitimate organizations won't ask for passwords, PINs, or full card numbers over the phone. If something feels wrong, trust your instincts and verify through official channels.
Related Concepts
← Back to all concepts