A criminal phone phishing fraud is spreading on TikTok with all the virality of a prank: an automated answering machine informs the user that a large sum of money is about to be charged to his or her account. In fact, it is a perfect vishing scheme, which is the fraudulent practice of convincing people to reveal personal information and banking details over the phone.

This type of video is depopulating on TikTok and is put into practice by arranging the whole call by having the victim on the other end of the handset listen to the voice of a fake answering machine, in most cases employing text-to-speech software such as the common Google Translator that includes voice reading of phrases that are entered by manual typing.

The entire conversation will be centered in the invitation to want to communicate bank data “useful for the crediting” of incoming sums to the bank account, which, however, in this case are part of a prank phone call, but the result makes one wonder how fragile people are even behind a telephone handset.

In fact, what also emerges from the report is that people, when faced with regular e-mail phishing, have time to think before being persuaded to click certain links, or to believe in the legitimacy of a certain Web content.

How it works vishing?

On the phone, things change. Daily work activities and intense moments of the days, make our attention, to the content of a phone call, drop dramatically. These e-mails, which graphically simulate the targeted service, bring back to the user, rather than a link to click, a customer service number to be contacted with a sense of urgency, trying to convince the victim precisely about this urgent urgency.

The tools of defense for this kind of attack, are the usual good practices of digital hygiene already known also for phishing. Considering that everything almost always starts with an e-mail, let’s learn how to recognize a fraudulent, non-legitimate e-mail from the original of the same brand we are used to receiving. Let’s not just rely on the sender name we read at first glance, but let’s get into the merits of what address actually sent such a message in front of us.

How to defend from Vishing?

Finally, we are wary of all requests with a sense of urgency. Actions that need to be carried out in immediacy almost always lead to a failure to think about what one is doing, without having knowledge of the seriousness of certain wrong actions.