Switching from Windows XP to Windows 8 meant something as simple as shutting down his computer became a challenge for my seventy-something year old dad. When he coincidentally got a call from “Technical Support” as he was struggling with his new PC, dad was appreciative that they knew he was having issues before he had even called them. (Go figure, right?) When the caller offered to resolve the problem by entering his computer remotely, dad gladly provided access. Yikes! He entered a code and then watched as the caller took control of his mouse and keyboard and then proceeded to find mumbo jumbo code he called a virus. When he requested credit card information to remove the virus, my dad called me frantically to take over. Lucky me!
I called the telephone number my dad had been given and I was greeted by a distant sounding foreign accent in spite of the local number I had dialed. The answers to my questions about the nature of the infection were vague and unconvincing and things started to seem fishy, or shall I say, phishy? When the person on the phone insisted the only way to resolve the issue was to purchase a technical support plan from him, it became clear my dad was a victim of a “Vishing” scam. I hung up the phone and began the tedious process of dealing with a compromised computer and potential identity theft.
So, what is “Vishing?” Unlike email phishing, “Vishing” or voice phishing, is when a telephone is used to gain access to private financial or personal information. Hook, line and sinker, my dad fell for this Vishing scam! He willingly provided information and computer access to a fake technical support person who then proceeded to install malware onto his pristine and virus-free computer.
My dad’s situation was unpleasant and time consuming but it would have been far worse if he had provided credit card information or accessed financial information on his infected computer. Making lemonade out of lemons means that others can avoid the same predicament by hearing about my dad’s situation and by following 3 simple guidelines:
- Do not allow remote access onto your computer unless you are certain of the person’s identity and technical ability to help vs. harm you.
- Be highly suspicious of phone calls or phone messages that ask you to provide private information such as credit card or bank account numbers.
- Call telephone numbers listed on billing statements or other official sources instead of returning calls via numbers left in messages. This applies to offers for technical support, requests for donations or calls from banks or credit card companies telling you there is a fraud alert on your account. In all of these cases, you can contact these organizations directly via phone numbers you know are genuine (back of your credit card, for example) to make sure you are talking to a legitimate person at the organization you are intending to communicate with.
Sadly, the majority of the Vishing victims I’ve encountered are elderly. A discussion of Vishing dangers with all family members, especially seniors, is highly recommended to avoid the huge inconvenience and potentially large expense of identity and financial theft. I had such a talk with my dad – better late than never, right? I am confident my dad will not fall prey to another Vishing scheme in the future and I hope you can feel this confident about your family members too.
Until next time,… Stay Cyber Safe.