October 18, 2022

The 3 Siblings of Cyber Scams Explained: Phishing, Vishing, and Smishing

The 3 Siblings of Cyber Scams Explained: Phishing, Vishing, and Smishing

We know it’s vital to protect our information online, for the benefit of ourselves, those we have contact with, and our businesses. However, without knowing what the dangers are and the various types of potential cyber attacks, your defenses are likely going to be limited. In March 2021 alone, 465 brands were targeted by cyber scams. To prevent it from happening to your organization, you need to know about the three siblings of cyber scams: phishing, vishing, and smishing.

Although very similar in many ways, each type of cyber scam employs a unique approach in using social engineering to reveal your personal information. Knowing what to watch out for can help you to be prepared and minimize the damage these scams can cause. As a business owner, ensure each of your employees is aware of how to prevent cyber scams and what to do should they get scammed. This guide is an excellent place to start understanding the basics.

The 3 siblings of cyber scams explained

Although similar in name, the three siblings of cyber scams differ in some important respects. As well as their central channel to scam people, phishing, vishing, and smishing can vary in the indicators they offer to suggest they are not genuine. Similarly, there are various actions you can take to protect your information and accounts to block spam texts, calls, and emails. 

What is phishing?

Perhaps the best known of the three, phishing is generally associated with fake emails which attempt to get you to interact with them and give up your information. Often, these emails appear as if they are from trustworthy companies, whether that’s your bank, the local postal service, or somewhere you recently made a purchase. These messages rely on human error and folly in trusting the source. Phishers specifically prey on those who are less confident using technology.

Image sourced from Wealthyrelief.com

Phishing uses social engineering, which is a method of manipulating someone into giving up something of value. In this case, they want your personal information so they can hack your accounts. Fraudulent emails are aimed to gain your trust so that you do not question filling in a form, following a link, or giving a legally binding electronic signature

Typically, fake emails use fake addresses, so they may hide the sender's address. If they do not, check their email against others from the same company they claim to be from to ensure it's legitimate. 

Also, the spelling and tone of the email can show that the sender is rushing you, wanting you to make impulsive decisions rather than think it through. These are some major hints that show you that you are dealing with a phishing attack and not a genuine email.

What is vishing?

Similar to the premise of phishing, vishing refers to voice phishing or fraudulent phone calls and voice messages. Again, vishing calls disguise themselves as companies you know and trust, such as your internet provider or computer technician. Once they present you with a scenario that forces you to act and trust them, they tend to take you through the steps to ‘rectify’ the situation while on the phone and get your personal information. 

Because scammers can easily find company support and sales phone numbers online, vishing is a very serious problem for businesses. Instead of posting these numbers on your ecommerce website, try providing online customers with a button to dial your business or using power dialer software to make outgoing calls to clients. 

Free to use image sourced from Pexels

Nonetheless, dangerous phone scams can be spotted and avoided. Typically the companies scammers pose as, such as banks and internet providers, ask for the account holder at the start of the call. If the person calling does not know the account holder's name, that is a warning sign.  

Unless you schedule a call with the company, withhold your information and refuse to give it to the caller over the phone. If it is a genuine call, it can be arranged to happen in person or by email. 

What is smishing?

The last of the siblings is smishing. Smishing is a portmanteau of "SMS". It covers fraud SMS or text messages. By finding phone numbers online, hackers can text you messages that seem to be from authentic sources. Smishing also uses social engineering to convince you to give up information, usually by following a link or replying to the text with specific details. This method is a quicker way for scammers to reach many people convincingly in a shorter period.

We often read text messages quickly, so we may be less likely to notice if it’s a fake. In a rush, you may click the links or give your information without thinking, which is what the scammers are hoping for. When using omnichannel contact center solutions, beware of messages asking you to follow a link or that avoid using your name when they claim to be from companies you have an account with. Return to read these messages when you can verify them.

A crucial way of stopping smishing messages is through installing security applications or using the malware software on your phone. It helps to filter out fake messages and alert you to those that could be harmful. Notifying you of this can prevent you from impulsively responding to scam texts - preventing the sender from getting your personal information.

Moreover, if you’re looking to protect your business from spam text messages you could look to download a spam protection app such as that provided by RoboKiller. By using their app you can customize the settings to suit your needs and successfully block any unwanted messages that come your way.

Image sourced from Hellofaread.com

How to protect yourself from cyber scams

Now that you know the different types of cyber scams, it’s important to take preventative measures to secure your email and phone. Particularly in a business context, having employees regularly trained to protect themselves from cyber threats and report spam calls can save your business from serious security breaches and potential financial losses. Ensure you take the following steps to prevent scammers from getting your personal information.

Protect your personal information

Whether using social media, updating your business ecommerce website, or filling out online surveys, be wary of where you share your personal information. It can be tempting to give this information to create more honest profiles of yourself. However, this makes you more vulnerable to scammers. Especially avoid sharing contact information and be sure to use buttons or click-through links to direct customers to send an email or make a call.

Identify scam attempts

Knowing what phishing, vishing, and smishing are is the first step in spotting these scams early on and being able to do something about them. Using security applications or add-ons can also help with highlighting spam, so you can approach suspicious messages with caution. Look out for spelling errors, unknown senders, and a tone that pushes you into doing something. If you are unsure, double-check by contacting the company separately and asking about it.

Don’t respond

Until you’re certain you know who you are responding to, don’t interact with the message. If you are dealing with a vishing call, finish it as quickly as you can or use IVR technology to receive the call for you. Most importantly, don’t give away your personal information or follow any links. Scammers aim to get these details, so providing work contact details or confirming your name can help them. The best policy is to delete the messages and hang up the phone.

With RoboKiller’s app you don’t need to even answer the phone. Their algorithm analyzes all incoming calls before you even hear your phone ring. And, as their technology is 99% effective, you’ll always feel confident picking up calls.

Free to use image from Pexels

Update your security software

New methods and approaches to cyber scamming are constantly being created using tools for continuous testing, so your security software needs regular updates to avoid malicious messages slipping through. These updates inform your software of suspicious sender addresses and  numbers and highlight common words and phrases in scams. Your security software prevents scams from reaching you, preventing scammers from using social engineering to exploit you.

Let others know

Stopping cyber scams is easier when it’s a team effort. It could mean informing other colleagues when receiving vishing calls at work, notifying companies that phishing emails claim to be originating from, or letting friends know about smishing messages they may also receive. Doing this puts others on alert and allows companies to warn their other users about suspicious activity and scams. With this warning, many others are less vulnerable to scams. 

Don’t be caught off guard by phishing, vishing, and smishing

Occasionally, you may be fooled by a scam. In these situations, it’s important to act fast and reduce the damage. As soon as you’re aware of the scam, inform the company that the scammer was posing as and close your account or change your passwords. This will put the business on alert for strange activity from your account and can prevent payments or other actions from being taken by the scammer, as well as ensure the safety of other accounts.

Cyber scams are intended to be hard to spot and convince you to give your information away. The more you know about them, the better you can identify them and react in a way that minimizes the threat. Likewise, being part of a larger group and using call blocking technology to prevent cyber scams can pool your knowledge and better protect everyone within the group. Particularly in workplaces, start cyber security conversations in your departments and teams. 

Author Bio: Grace Lau, Director of Growth Content, Dialpad

Grace Lau is the Director of Growth Content at Dialpad, an AI-powered cloud communication platform and hosted call center software for better and easier team collaboration. She has over 10 years of experience in content writing and strategy. Currently, she is responsible for leading branded and editorial content strategies, partnering with SEO and Ops teams to build and nurture content. Grace has also written for other domains such as GoCo and Taplytics. Here is her LinkedIn.

Free 15 day trial
Start your free 15-day trial of Robokiller Enterprise
You’re one step away from a spam-free phones.
Get Started
Learn about Robokiller Enterprise's pricing options
Learn more
Free 15 day trial
Fight back against spam and reclaim your phone.
You’re one step away from a spam-free phone (and a little poetic justice, thanks to Answer Bots).
Sign up for a 15-day free trial
STIR/SHAKEN: What the FCC’s New Standard Means For Your Business
August 27, 2021
STIR/SHAKEN: What the FCC’s New Standard Means For Your Business
Read more
arrow right
STIR/SHAKEN 101: Your Quick & Easy Guide to FCC Compliance
August 20, 2021
STIR/SHAKEN 101: Your Quick & Easy Guide to FCC Compliance
Read more
arrow right
What is a Robocall Mitigation Program?
November 12, 2021
What is a Robocall Mitigation Program?
Read more
arrow right