Learn about the latest cybercriminal schemes that target users

Dec 23, 2011 13:28 GMT  ·  By

While most Internet users are familiar with the term phishing and its dangerous effects, security researchers are recording a considerable increase in two related malicious schemes, vishing and smishing.

Vishing is a variant of phishing, its name coming from a combination between the words voice and phishing, reports The Windows Club.

Vishing attacks are the ones where an unsuspecting user is called via phone by someone who pretends to represent an important organization such as a bank or a utility company. In these situations the crooks request large amounts of personal information that’s allegedly needed for certain operations, financial or otherwise.

An alternative to this method implies an email which urges the recipient to call a certain phone number. Usually these emails come with threats and they’re more advantageous for the cybercriminals since they don’t have to pay for the calls they make.

On the other hand, smishing involves, as you would guess, SMSs. In these types of schemes, the victim receives an SMS that warns of the fact that he (or she) has been automatically enrolled in a paid service.

In order to terminate the subscription, the recipient has to visit a URL and click a certain button, which instead of canceling the phony subscription, downloads a piece of malware infecting the phone. From here on, keyloggers or premium-SMS-sending Trojans are free to do as they like.

The secret to avoiding these malicious plots is never to panic, no matter how absurd the messages or phone calls are. If you suspect that the call or the email may be legitimate, contact the company involved yourself, but never use the contact details provided by the person that’s on the other end of the line.

Also, in some cities, local authorities have a special division that deals with these issues and you should consider reporting them. If there are a large number of complaints, they’ll surely act on it.