Vishing - phone-based “voice phishing” – attacks are alive and well, taking victims of their time, emotions, and money. This new scam can scare you into becoming a victim.
We’ve talked before about the use of vishing as an attack vector many times here on the blog. We’ve even heard a first-hand account from a Microsoft MVP. The goal is simple – convince the mark they need to pay a handsome sum of money and collect. We’ve seen it in many forms – tech support calls, IRS scams, etc. This latest vishing scam takes advantage of nearly everyone’s ignorance about grand juries.
The scam is easy enough to pull off: callers identify themselves as a member of a Sherriff’s office or officers of a court system. They provide just enough personal detail to persuade you they are legitimate. Then comes the moneymaker: “you are in contempt of court” for failing to appear for a grand jury summons and must either pay a fine immediately, or a bench warrant will be issued for your arrest.
One Los Angeles journalist documented her personal vishing experience demonstrating how this scam angle has the potential to trick victims into paying up.
Vishing has become far more mainstream as part of corporate scams. We recently wrote about how social engineering over the phone can be used to further the efforts of a scam campaign. Organizations need their employees to be sufficiently educated about scams (both phishing and vishing), social engineering techniques, and more using Security Awareness Training, which elevates an employee’s sense of security and scrutiny when interacting with any kind of external communication.