-

Vishing - Fraudulent calls

30 September 2019

Can you spot a fraudulent call? Take our test and check out the answer, then read our quick tips.

Can you spot a visher?

Telephone fraud, or vishing to those in the know, is on the rise. Criminals use personal data and psychological manipulation to convince members of staff to either transfer money, or hand over confidential information about their company, which fraudsters could use to access funds later on. Fraudsters pretend to be from the police, utility providers, delivery companies or of course your bank.

Could you spot a fraudulent call? Take our test to find out. Listen to the two calls below or read the transcripts, and guess which could be a scam. We’ve based these calls on real conversations.

Hi I'm Francis, and I’m calling from the Barclays fraud team.

There have been three payments of £4,200 made from your business account this morning, and I’ll need you to confirm that you made these payments.

Before you do, I’ll need to take you through security.

Can I take your memorable word and passcode in full please?

End.

This is Sam from the Barclays fraud team.

We've noticed unusual activity on your business account and need to take immediate action.

I've already spoken with your Relationship Director David Warner and he's given me the go ahead to contact you.

Before we proceed, you’ll need to verify some account details in full...

End.

Click below to find out the result.

  • Gotcha! Both calls were from fraudsters.

    What were the tell-tale signs that these calls were a scam?

    Your security information

    In our test, both fraudsters claimed to be from a bank, and asked for memorable information. Your bank will never ask you for your full password, PIN, payment authorisation codes, provide you with details to make a payment, or request access to systems or PCs.

    Fraudsters might also claim to be from a supplier, the police, or even a member of internal staff. Always stay on your guard, whoever claims to be calling.

    To learn more about how you can avoid being scammed in the future, read the quick tips below.

Trusted names and personal details

Don’t be fooled by a call from an organisation that you might usually trust.

Fraudsters pretend to be calling from familiar organisations to win your trust and deceive you into letting your guard down.

To make the scam more convincing, fraudsters could also use information about your company, such as your manager’s name or recent activities, that they have discovered online.

Social engineering

Social engineering is the name for techniques involving psychological manipulation, which fraudsters use to convince you a fraudulent call is genuine.

In the case of phone scams, this often means creating a sense of urgency that convinces members of staff to act quickly, without properly thinking through the implications of their actions. Always give yourself time to stop and think. Do you really need to rush?

Caller ID and phone number spoofing

Caller IDs or numbers on your phone’s display are relatively easy to change or spoof. Fraudsters have been known to convince people that a call is genuine by getting them to cross-check the incoming call number with the official number of their bank, a trusted supplier or other organisation.

However, remember that fraudsters can use technology to spoof numbers which make them appear to be coming from a genuine source.

How to spot a potential vishing scam

The golden rule of vishing: if you’re at all suspicious of a phone call, immediately terminate the call. To check whether or not the person on the other end was legitimate, call a trusted contact at the organisation. Make sure you use a different phone – the fraudster can keep the original line open.

Never assume that the caller is genuine because they know information about you, your company, your colleagues, or even if they have the right caller ID. Sophisticated fraudsters are able to collect enough information to seem legitimate, and employ advanced technology to mimic real organisations.

Your bank will never send texts that link to online banking log-in pages, or ask for confirmation of account or security details.

Remember: your bank will never ask you for your full password, PIN, payment authorisation codes, provide you with details to make a payment, or request access to systems or PCs.

Read related insights

*
Insight

Fraud Protection

Fraudsters are working as hard as you are. Our content can help you stay ahead of them.

*
Insight

Cyber Fraud

Our cyber fraud report explores the key cyber threats that face businesses today and offers guidance on how businesses can mitigate these risks.