Woman reading about vishing and smishing on her mobile phone

What is vishing and smishing

How to spot and avoid fraudulent calls and messages

Vishing and smishing

Vishing (voice phishing) and smishing (SMS phishing) involves receiving fraud calls or texts claiming to be from an organisation or known contact. Common examples include the bank, the police, HMRC, a supplier or even an internal member of staff.

They may claim that your account has been compromised, that there is suspicious activity on the account, or that a payment has been made by the business using incorrect bank details.

Caller IDs or numbers on display are relatively easy to change or spoof. Fraudsters have been known to convince people a call is genuine by getting them to cross-check the incoming call number with the official number of the bank, however fraudsters can use technology to spoof numbers which make them appear to be coming from a genuine source.

To make the scam more convincing, fraudsters could also use information about your company, employees or recent activities, using details that they have found online.

Smishing is similar – but is carried out through SMS text message. The text often contains a phone number, which connects you to the fraudster.

As with vishing, details can be spoofed, so it can seem as if the texts are coming from a legitimate source and they can even be inserted into genuine text communications with the bank.

Can you spot a visher?

Could you spot a fraudulent call? Take our test to find out. Listen to the two calls below or read the transcripts, and guess which could be a scam. We’ve based these calls on real conversations.

Hi I'm Francis, and I’m calling from the Barclays fraud team.

There have been three payments of £4,200 made from your business account this morning, and I’ll need you to confirm that you made these payments.

Before you do, I’ll need to take you through security.

Can I take your memorable word and passcode in full please?


This is Sam from the Barclays fraud team.

We've noticed unusual activity on your business account and need to take immediate action.

I've already spoken with your Relationship Director David Warner and he's given me the go ahead to contact you.

Before we proceed, you’ll need to verify some account details in full...


Answer – which call is a scam?

Gotcha! Both calls were from fraudsters.

What were the tell-tale signs that these calls were a scam?

Your security information.

In our test, both fraudsters claimed to be from a bank, and asked for memorable information. Your bank will never ask you for your full password, PIN, payment authorisation codes, provide you with details to make a payment, or request access to systems or PCs.

Fraudsters might also claim to be from a supplier, the police, or even a member of internal staff. Always stay on your guard, whoever claims to be calling.

To learn more about how you can avoid being scammed in the future, read the quick tips below.

Tips for protecting your business against vishing and smishing

  • The golden rule of vishing: if you’re at all suspicious of a phone call, immediately terminate the call. To check whether or not the person on the other end was legitimate, call a trusted contact at the organisation. Make sure you use a different phone – the fraudster can keep the original line open
  • Never assume that the caller is genuine because they know information about you, your company, your colleagues, or even if they have the right caller ID. Sophisticated fraudsters are able to collect enough information to seem legitimate, and employ advanced technology to mimic real organisations
  • Fraudsters often create a sense of urgency that convinces members of staff to act quickly, without properly thinking through the implications of their actions. Always give yourself time to stop and think. Do you really need to rush?
  • Your bank will never send texts that link to online banking log-in pages, or ask for confirmation of account or security details
  • Remember that your bank will never ask you for your full password, PIN, contact you and ask for payment authorisation codes, provide you with details to make a payment, or request access to systems or PCs.

Read related insights



Keep up to date with the regulations that could impact your business.


Fraud Protection

Fraudsters are working as hard as you are. Our content can help you stay ahead of them.


Current Trends

The latest research and expert analysis, including Brexit insight, from Barclays Corporate Banking.


Corporate Banking Solutions

Drawing on Barclays’ global expertise, our corporate banking solutions can help your business to transact and trade easily, manage risks and finance your plans for growth.