Vishing is a form of social engineering that involves contacting victims via telephone and tricking them into giving personal information or money. Attackers will often pose as a legitimate organization, such as a credit card company or a government agency, such as the IRS.
Vishing attempts may come from an automated call center claiming that you have won a prize or from a person threatening dire consequences (credit card cancelation, immediate arrest, loss of licensure, etc.) if you don’t provide information or make a payment immediately. The callers usually prompt the victim to make an immediate payment or “verify” their identity by providing bank/credit card account information or personal information such as a social security numbers.
Here are some tips to prevent being a victim of vishing:
- Be suspicious of unknown callers.
- Don’t trust caller ID – Attackers have techniques to make it appear that the call is coming from a legitimate source.
- Ask questions – If someone is asking for your personal information as them for details about the company. Research the company to see if they are legitimate.
- Call them back – Ask for a number to call the person back. Look up contact information for the company and call them directly to confirm the offer.
A message from UConn Health IT Security
For more information, contact: IT Service Desk at x4400, Option 2