Protecting yourself from vishing attacks
University of Phoenix
Introduction to Information Systems Security
May 25, 2009
Since 2003 Phishing attacks have been an ongoing threat to consumers and businesses. According to Internet.com "Phishing is the act of sending email that falsely claims to be from a legitimate organization. This is usually combined with a threat or request for information: for example, that an account will close, a balance is due, or information is missing from an account. The email will ask the recipient to supply confidential information, such as bank account details, PINs or passwords; these details are then used by the owners of the website to conduct fraud. " There is now a new type of scam that consumers must be aware of, it is called vishing. According to Marguerite Reardon "Vishing is a socially engineered technique for stealing information or money form consumers using the telephone network. The term comes from combining "voice" with phishing," which are online scams that get people to give up personal information (2009). This paper will review and article by CNET Protecting yourself from vishing attacks to explain how to protect oneself.
To under stand vishing, an explanation on VOIP must be given. Voice Over Internet Protocol (sometimes called Internet Telephony) is touted in some circles as the technology of future. The reasoning is simple, VoIP is bringing possibilities to the forefront of technological thinking because the possibilities were listed as impossible just a few years ago. VoIP uses a broadband Internet connection for routing telephone calls, as opposed to conventional switching and fiberoptic alternatives. This process promises to provide higher efficiency and lower cost for communication consumers. However, VOIP technology also has vulnerabilities that must be addressed by consumers and businesses.
So how does vishing work? Marguerite Reardon explains that " Typically...