EMERGENCY INCIDENT RESPONSE
Get Started

Podcast: Voice and Text Phishing

Vivian Lee

Episode Summary

What are vishing and smishing? Simplified, vishing is voice phishing and smishing is text phishing. Phishing is when scammers or attackers attempt to trick users into revealing sensitive information, sending money, or installing malware. So how does this affect your business? Art Ocain and Fayon Atkinson from Corvus Insurance discuss some common techniques scammers use, how AI has changed the techniques, and how you can protect yourself and your businesses.

Voice and Text Phishing Techniques

Voice Phishing

  • Tech Support Scams: Scammers pretend to be tech support personnel, convincing victims to grant remote access, leading to malware installation or data theft.
  • Bank or Government Impersonation: Using caller ID spoofing and impersonation, imposters claim to be from banks, asking for account details and PINs to steal money. Fraudsters may also pose as IRS/FBI agents or debt collectors, demanding money or personal information under the guise of unpaid taxes or pending legal actions. These scams may request payment through gift cards or cryptocurrency,
  • Kidnapping Scams: Imposters may call and claim to be holding a loved one hostage and demand a ransom, usually completed through cryptocurrency or wire. They may use AI to mimic your loved ones voice as well to make it more convincing.

Text Phishing

  • Cryptocurrency Scams: Victims receive messages all in Chinese or claiming wrong number texts that will shift the conversation to cryptocurrencies, enticing the victims to share personal information or invest in fake ventures.
  • Sextortion Scams: Scammers claim to possess compromising content and demand payment to prevent its release.
  • Fake Notifications and Alerts: Fraudulent messages imitate legitimate services, like UPS deliveries, bank alerts, or tech support, leading recipients to click links or divulge personal/financial information.

AI Evolutions

With the integration of AI, voice and text phishing have become more sophisticated. Chatbots can engage in convincing conversations, making it challenging to differentiate between real and fraudulent interactions. Voice synthesis technology can imitate human voices remarkably well, making caller identification even more challenging. AI can also be used to create dangerous codes and links to steal information if opened. In other words, scammers are using AI to get smarter, stronger, and more dangerous.

Voice and Text Phishing on Businesses

Voice and text phishing can wreak havoc on businesses too. Here are some scenarios to watch for:

  • Fake Vendor Calls: Fraudsters impersonate vendors, seeking payment updates.
  • Impersonation of Higher-Ups: Scammers pose as executives to extract sensitive data.
  • Tech Support Targeting Employees: Calls that trick staff into sharing login credentials.

To mitigate this, it is highly recommended that business invest into staff training and security protocols for verifying sensitive data requests.

Recognizing and Protecting Against Voice and Text Phishing

To protect yourself, look out for these warning signs:

  • Unusual Sender Addresses or URLs: Carefully examine email addresses and links for any anomalies.
  • Uncharacteristic Requests: Be cautious of messages requesting personal, financial, or confidential information.
  • Emphasis on Immediate Action: Scammers often create urgency, pressuring victims to act quickly.

If you suspect phishing or have been phished:

  • Change your passwords and monitor your accounts for suspicious activity.
  • Contact your bank, credit card company, or relevant authorities immediately.
  • If connected to your work accounts, immediately report the situation to your company IT
  • You can also report phishing to the Federal Trade Commission.

Vigilance is key for protecting yourself and your business from voice and text phishing attempts. The world of voice and text phishing is evolving rapidly, and scammers are leveraging AI to create more convincing scams. Recognizing the red flags and staying informed are critical steps in safeguarding yourself and your business.

Video Version

Listen to more episodes at www.airiam.com/podcast, on SpotifyApple Podcasts, Google PodcastsAmazon Music, and other podcast platforms.

New Resources In Your Inbox

Get our latest cybersecurity resources, content, tips and trends.

Other resources that might be of interest to you.

Phishing Awareness
Phishing Phishing attacks use email or malicious websites to infect your machine with malware and viruses to collect personal and financial information. Cybercriminals attempt to lure users to click on a link or open an attachment that infects their co
Avatar photo
Alan Villasenor
>>Read More

AI‑Driven XDR for Incident Response: The Future of SOC Defense
AI‑Driven XDR for Incident Response: The Future of SOC Defense I’ve spent the better part of seven years getting the call no organization wants to receive. Ransomware is on the network. Data is moving somewhere it shouldn’t. Systems are going dark. In
Avatar photo
Art Ocain
>>Read More

Check Your Email: PTD, Verizon, Dejazzd, or Windstream From Any Computer
Most people have a PTD, VERIZON, or DEJAZZD email from their home or office computer. But what if you are away from that computer and need to get to your email? Below is a list of the companies and the corresponding websites where you can check your em
Avatar photo
Anthony Lewis
>>Read More