What are vishing and smishing? Simplified, vishing is voice phishing and smishing is text phishing. Phishing is when scammers or attackers attempt to trick users into revealing sensitive information, sending money, or installing malware. So how does this affect your business? Art Ocain and Fayon Atkinson from Corvus Insurance discuss some common techniques scammers use, how AI has changed the techniques, and how you can protect yourself and your businesses.
Voice and Text Phishing Techniques
- Tech Support Scams: Scammers pretend to be tech support personnel, convincing victims to grant remote access, leading to malware installation or data theft.
- Bank or Government Impersonation: Using caller ID spoofing and impersonation, imposters claim to be from banks, asking for account details and PINs to steal money. Fraudsters may also pose as IRS/FBI agents or debt collectors, demanding money or personal information under the guise of unpaid taxes or pending legal actions. These scams may request payment through gift cards or cryptocurrency,
- Kidnapping Scams: Imposters may call and claim to be holding a loved one hostage and demand a ransom, usually completed through cryptocurrency or wire. They may use AI to mimic your loved ones voice as well to make it more convincing.
- Cryptocurrency Scams: Victims receive messages all in Chinese or claiming wrong number texts that will shift the conversation to cryptocurrencies, enticing the victims to share personal information or invest in fake ventures.
- Sextortion Scams: Scammers claim to possess compromising content and demand payment to prevent its release.
- Fake Notifications and Alerts: Fraudulent messages imitate legitimate services, like UPS deliveries, bank alerts, or tech support, leading recipients to click links or divulge personal/financial information.
With the integration of AI, voice and text phishing have become more sophisticated. Chatbots can engage in convincing conversations, making it challenging to differentiate between real and fraudulent interactions. Voice synthesis technology can imitate human voices remarkably well, making caller identification even more challenging. AI can also be used to create dangerous codes and links to steal information if opened. In other words, scammers are using AI to get smarter, stronger, and more dangerous.
Voice and Text Phishing on Businesses
Voice and text phishing can wreak havoc on businesses too. Here are some scenarios to watch for:
- Fake Vendor Calls: Fraudsters impersonate vendors, seeking payment updates.
- Impersonation of Higher-Ups: Scammers pose as executives to extract sensitive data.
- Tech Support Targeting Employees: Calls that trick staff into sharing login credentials.
To mitigate this, it is highly recommended that business invest into staff training and security protocols for verifying sensitive data requests.
Recognizing and Protecting Against Voice and Text Phishing
To protect yourself, look out for these warning signs:
- Unusual Sender Addresses or URLs: Carefully examine email addresses and links for any anomalies.
- Uncharacteristic Requests: Be cautious of messages requesting personal, financial, or confidential information.
- Emphasis on Immediate Action: Scammers often create urgency, pressuring victims to act quickly.
If you suspect phishing or have been phished:
- Change your passwords and monitor your accounts for suspicious activity.
- Contact your bank, credit card company, or relevant authorities immediately.
- If connected to your work accounts, immediately report the situation to your company IT
- You can also report phishing to the Federal Trade Commission.
Vigilance is key for protecting yourself and your business from voice and text phishing attempts. The world of voice and text phishing is evolving rapidly, and scammers are leveraging AI to create more convincing scams. Recognizing the red flags and staying informed are critical steps in safeguarding yourself and your business.