Recent Posts

Categories

An image of a hand hovering over a dimly lit cell phone screen that reads "Vishing".

There is an emerging cyber security threat called vishing, which is short for “voice phishing.” It’s like regular phishing, where cyber criminals pose as a legitimate company in order to trick you into providing sensitive information via email. However, vishing occurs over the phone.

Here’s what you need to know to keep your business safe.

How Vishing Works

In a vishing attack, cyber criminals pretend to be someone trustworthy, like a bank or tech support person. They’ll call you up and try to trick you into giving away sensitive information. This can be a credit card number, password, or even access into your system.

Sometimes, the scammers might even convince you to do things that put your business at risk. They may get you to download harmful software, send them money, or give them administrative access to your infrastructure.

Vishing is just like a phishing email, but over the phone. The cyber criminals may also use social engineering tactics to manipulate people, and it can be very effective.

An image of a man on the phone with a scammer, as he hands the scammer his credit card. (Representing Vishing)

Protecting Your Business from Vishing Attacks

Here are some simple steps to help keep your business safe from vishing.

An icon of two employee's, one employee training another while they sit at a computer.

Educate Your Employees

Make sure everyone on your staff knows about vishing and how to spot a suspicious call. If you don’t train employees about this real threat, how will they know how to identify it?

One tool to help educate your employees is security awareness training. These programs teach staff members about the latest threats and best practices in cyber security. Learn more about the importance of security awareness training and how it can help safeguard your business.

An icon of a book representing company policies.

Set Clear Rules

Companies should create and follow rules about what information can be shared over the phone. Tell your team never to give out sensitive information to callers they don’t know.

Include processes to double check and verify before sensitive information is given, or access is granted.

An icon of a cell phone showing its ringing with caller ID.

Use Caller ID

Encourage your team to check caller ID to see who’s calling. This practice can help provide additional protection against vishing attacks. But remember, caller ID can be faked, so it’s not always reliable.

An icon of a magnifying glass verifying an identity.

Double-Check Requests

If someone on your team gets a strange request over the phone, tell them to verify it using a different method. For example, the caller could call back using a trusted number or send an email to confirm.

This extra layer of verification can help ward off cyber criminals.

By following these steps, you can help protect your business from vishing attacks and keep your sensitive information safe.

If your company is in need more robust cyber security solutions, learn more about improving your cyber security posture or contact ISOCNET today for a free consultation.

Related Posts

An image of a security operations center watching for threats.

What is a Security Operations Center?

An image of connected circles representing business continuity and disaster recovery.

Business Continuity vs. Disaster Recovery

An image of a man touching a business continuity icon.

What Does a Business Continuity Plan Typically Include?