Vishing and smishing
Vishing (voice phishing) and smishing (SMS phishing) involves fraudsters calling or texting claiming to be from an organisation or known contact. Common examples include the bank, the police, HMRC, a supplier or even an internal member of staff.
They may claim that your account has been compromised, that there is suspicious activity on the account, or that a payment has been made by the business using incorrect bank details.
Caller IDs or numbers on display are relatively easy to change or spoof. Fraudsters have been known to convince people a call is genuine by getting them to cross-check the incoming call number with the official number of the bank, however fraudsters can use technology to spoof numbers which make them appear to be coming from a genuine source.
To make the scam more convincing, fraudsters could also use information about your company, employees or recent activities, using details that they have found online.
Smishing is similar – but is carried out through SMS text message. The text often contains a phone number, which connects you to the fraudster.
As with vishing, details can be spoofed, so it can seem as if the texts are coming from a legitimate source and they can even be inserted into genuine text communications with the bank.