As more businesses than ever work solely online, it can be harder for employees to know if a vishing attack is a hoax or if the person on the other end of the phone is an official representative of a company. Thankfully, there is tons of information on the internet regarding hacking and vishing attacks and how to stay safe, yet these fraudsters are always coming up with new and inventive ways to trick businesses. If you want to protect your business, here are a few things you can do.
What is Vishing?
It may be that you haven’t heard of the term vishing; phishing is a more commonly used term that describes the same practice, just carried out in a different way. Both terms are defined as an unlawful attempt of obtaining private and confidential data. Phishing is usually via email, or over the internet in some form. Vishing is named this way because fraudsters attempt to obtain data using voicemail or telephone calls. This means you and your employees need to be aware of who is on the other end of the phone before providing any confidential information.
Ways to Protect Your Business
There are several things that both you and your company can do to prevent vishing attacks to your business, these include:
- Don’t answer unknown numbers: it can be hard to stay away from unknown numbers as you do not want to miss an opportunity to talk to a potential new client but if the call is important, they will leave a voicemail. Be sure to always have a voicemail facility for this reason.
- Always be aware: why does this person need this information? Always reiterate the importance of your employees questioning the need for information and if they are unsure, get them to pass it on to you.
- Get telephones with caller ID: this allows employees to see where a call is coming from. If they save regular clients onto their phones, they can see exactly who is calling. Be aware that fraudsters can imitate caller IDs and so you should never solely rely on this.
- Hang up and call back: if you don’t believe you are talking to the right person, state that you need to call back. If you call back the company and they are unaware of you, you made the right decision. This is a sure-fire way of knowing who you are talking to.
Oftentimes, attackers will gather an abundance of information before vishing. They may even hack your business email accounts or pose as a customer to gain information about your business and companies your business works with. All companies should provide confidential information safety training for employees which covers staying safe both online and offline. Any potential vishing attacks should be reported immediately to a manager and appropriate action taken. Vishing can occur at any time. Always remain vigilant and consider vishing/voice phishing protection for your business.
To protect yourself and your business, you need to be sure you understand vishing and how clever these attacks can be. Avoid sharing confidential information over the phone unless absolutely necessary.