May County COMPASS: Protecting Yourself Against Vishing Attacks

Contributed by the South Carolina Department of Administration’s Division of Information Security

 Did you know there is a form of cyberattack that can be used to turn your phone into a weapon of fraud? This practice, known as vishing — short for voice plus phishing — uses fraudulent phone calls or voice messages to trick victims into providing sensitive information like login credentials, credit card numbers or bank details.

Vishing Cyberattacks

Purporting to be from reputable organizations, vishing attacks try to induce individuals to reveal personal or company information. These attacks often catch targets off guard, leading them to make impulsive decisions or allowing scammers to establish a personal connection. The most popular forms of vishing include callers pretending to be from banking, government, technical support or telemarketing entities. Unfortunately, advances in technology such as internet-based calling and artificial intelligence (AI) have made this form of attack even more effective.

How to Protect Yourself

Help protect you and your information by staying alert and following these practices:

  • Register with a do not call list. 
  • Avoid answering unsolicited calls on your cell phone.
  • Let calls from unrecognized numbers on your cell phone go to voicemail.
  • If you receive a suspicious call, hang up and block the number. Criminals can use AI to replicate a person's speech.
  • Never redial missed calls from unfamiliar numbers. Research the official phone numbers from trustworthy sources.
  • Do not respond to voice prompts asking you to press buttons or respond to yes or no questions.
  • Train employees to be alert to vishing tactics.
  • Be wary of threats or a sense of urgency. Callers employing these tactics are typically not legitimate.
  • Never share sensitive data over the phone.

By staying alert and following these measures, you can reduce the risk of falling victim to vishing schemes and help protect you and your information.

The South Carolina Department of Administration's Division of Information Security is responsible for a variety of statewide policies, standards, programs and services related to cybersecurity and information systems, including the state’s security information and event management system and the state’s Security Operation Center.