Identified Scam:

Vishing Scams: What They Are and How to Protect Yourself

In 2020, almost $20 billion was lost to phone scammers in the U.S. alone. With 165 million robocalls being made every day, it's hard not to be targeted.


Gemma Davison
Updated 4 October 2021
Vishing Scams: What They Are and How to Protect Yourself
Share to

Phishing Statistics 2021


90% of data breaches are caused by phishing
3.4 billion phishing emails are sent every day

1.4 million phishing websites are created every month

Source: Digital InTheRound, 2021

Sections on this page
  1. What are Vishing Scams?
  2. Red Flags of Vishing Scams
  3. Protect Yourself from Vishing Scams
  4. Examples of Vishing Scams
  5. Fallen for a Vishing Scam?
  6. Frequently Asked Questions

Vishing is one of the most common tactics scammers use to steal personal information, with the Federal Trade Commission (FTC) reporting 70% of scam attacks start with a phone call. However, staying one step ahead of vishing scammers is pretty easy if you know the warning signs.

Pushy sales tactics, threats of legal action, a sense of real urgency, and requests for personal information are all major warning signs that a call may not be genuine. And always be wary of an offer, special deal, or promise of a huge prize, which seems too good to be true.

Vishing definition

What are Vishing Scams?

A vishing scam occurs when a scammer calls you impersonating a genuine person or organization to steal your information, such as your full name, address, Social Security number (SSN), and more. They'll then use this information to steal your identity and, ultimately, money. Vishing is basically a phishing scam done over the phone.

Vishing calls may come from a blocked number or a fake or spoofed phone number, used to trick you into believing the call is from a genuine person or organization. For vishing on a larger scale, scammers will use robocalling devices to make thousands of scam calls a day.

Vishing calls will commonly either be spoofed or robocalls:

  • Robocalls: A phone call made by a computerized autodialer to deliver a prerecorded message. They are cheap and easy, making them a popular method of vishing for scammers.   
  • Spoofed calls: Scammers disguise who they really are by changing their caller ID to appear they care calling from a legitimate company or different location.

Red Flags of Vishing Scams

A robocall is usually a guarantee that you're dealing with a nuisance or scam caller. Therefore, it's best to hang up on robocalls and any other callers that:

  • Claim to represent a financial institution, a government agency, or a charity (if you're not expecting their call). It's extremely rare for these organizations to call you unsolicited.
  • Use a sense of urgency and pushy sales tactics to convince you to hand over your personal or financial information. They'll commonly say that you'll lose an unmissable deal or opportunity if you don't comply immediately—this is almost always a scam.
  • Threaten you with arrest or legal action if you don't immediately pay fines, tax arrears, or fix issues with your SSN, etc.
  • Demand you hand over personal information to verify your account details or risk losing access or having your accounts shut completely.
  • Claim you've won a sweepstake, lottery, or another prize from a competition you don't recall entering. They'll say to claim your prize, you just need to provide your bank account details or personal information to verify your identity—don't believe it.
  • Offer you travel deals, products, insurance, loan deals, etc., that sound too good to be true.
  • Are from companies that are not authorized to call you, especially if you're on the National Do Not Call Registry.

Protect Yourself from Vishing Scams

One of the best ways to avoid vishing scams is not to answer the phone if you don't recognize a number. Unfortunately, if you do answer these calls, you mark yourself as a target and will likely receive more scam calls in the future. 

Unfortunately, scammers utilize spoofing technology, allowing them to change their caller ID to make it appear that they are calling from a genuine company or different location. For example, even though your caller ID says it's the Social Security Administration calling, that's usually not the case. Spoofed numbers make it difficult to determine if a caller is genuine. 

Thankfully, it's easy to minimize your risk of becoming a victim of a vishing scam by following our top tips:

  • Let calls from unknown numbers go straight to voicemail. If you do answer and it's a robocall, hang up immediately. 
  • Block scam numbers as soon as you end the call.
  • Never share personal information, like your account numbers or login credentials, over the phone.
  • Verify a caller is who they say they are by hanging up and calling back the organization directly using a telephone number you know is legitimate.
  • Disconnect immediately from a caller that claims to be from the IRS or Social Security Administration—they never call consumers directly.
  • Don't trust caller ID completely. As we now know, scammers can spoof caller ID to make it appear they're calling from a legitimate organization. So if you're asked for personal details or something doesn't feel right, hang up.
  • Refrain from pressing keys or issuing a response to prerecorded messages. Your voice could be recorded and used for verification to access your accounts. Furthermore, any response to a scam call is likely to lead to more.
  • Don't follow instructions of a robocall to talk to a live operator, as you're likely to be bombarded with an aggressive sales pitch or vishing expedition.
  • Use a call blocking app that automatically blocks scam and nuisance calls before they reach you. Many call blocking apps also have caller ID features that identify a caller and whether the number has been previously linked to vishing attacks.

Examples of Vishing Scams

The primary goal of vishing scammers is to steal your personal information—to do this, they will pretend to be almost anyone. However, there are several vishing schemes carried out, year after year.

Compromised Accounts Scam

You're informed that there is an issue with a payment you've made on one of your financial accounts. The scammer asks you to hand over your account numbers or login credentials to fix the problem. Don't hand over your details, no matter how alarming the situation seems. Instead, hang up and call your account provider on their official number (look for this on their website).

Medicare Scam

Older individuals are often the targets of Medicare scams, where criminals pose as Medicare representatives—usually during Medicare open enrollment season—to steal sensitive information, such as bank account details or Medicare numbers. The scammer can then fraudulently use your Medicare benefits or use your personal information to steal your identity.

Example Medicare Scam Call

My name is Jennifer and I'm calling on behalf of the National Enrollment Center for Medicare Benefits, and the reason I'm calling is to follow up on an inquiry that was made regarding some extra benefits. And now that it's almost enrollment season, you may qualify for some additional benefits and also receive an increase towards your vision, dental, hearing, and among others. 

Can we have your Medicare Part A and Part B information which is that white and blue card? 

Debt Collection Scam

A scammer calls claiming to be from a debt collection agency and demands payment to settle your debt with a claimant, otherwise, the charges will skyrocket, or they will send bailiffs to your home. 

Genuine debt collection agencies are required to issue verifiable information about a supposed debt, such as the amount owed and the creditor. You don't have to make a payment immediately, as you have the right to ask for written confirmation of the debt that they must provide within five days of the call.

IRS Tax Scam

There are several variations on the IRS tax scam. One of the most common versions involves you receiving a prerecorded message claiming there is a problem with your tax return, and if you don't return the call, you'll be arrested. To add legitimacy to their threats, scammers will use a spoofed caller ID to make it appear the call is coming from the IRS. 

Example Robocall IRS Tax Scam

Hello this is the Federal IRS Department calling to let you know that there is a lawsuit been filed against your name along with a warrant issued by the Internal Revenue Service due to tax evasion and deviation and the IRS have a strong evidence that you have failed to file your actual income tax which was higher than it was supposed to be.

Press "1" now to be transferred to an IRS representative. Not doing so will result in your arrest.

If you call back, a demand for payment will be made, along with more threats of legal action if you don't comply. The IRS will never call you unsolicited. If someone calls you claiming to be from the IRS, they're lying, so hang up immediately.

Unsolicited Loan Scam

People with poor credit are often targeted with this scam, which offers unbelievable low-interest credit cards or loans. However, you need to pay a small upfront fee immediately or risk missing out on the offer. If you make the payment, the credit card or loan never materializes.

Fake Charity Scam

The popularity of this vishing scam often increases when there has been a national tragedy or natural disaster. Scammers will take advantage, claiming you must donate now to provide aid to victims. However, you should know that legitimate charities will never pressure you into donating. If you feel compelled to contribute to a cause, do it directly through a genuine website, not an unsolicited call.

Social Security Scam

A caller gives you the alarming news that an issue with your SSN has resulted in your identity being compromised. Unfortunately, if you want the problem to be fixed quickly, you'll need to pay a fee. 

Example Scam Robocall

This is the final reminder from the Social Security Administration. Your Social Security number has been suspended. We would request you to get back to us so that we can discuss about this case. Thank you.

It's very rare for the Social Security Commission to call you without you requesting it. If you get an unexpected call from someone declaring they're a Social Security agent, hang up and report the caller to the FTC.

Fake Prize Scam

The caller tells you that you've won a free cruise, lottery, or another exciting prize. All you need to do to claim your prize is to provide some personal information—like your SSN or credit card details—to verify your identity. 

Handing over personal information, particularly over the phone, should never come as a condition for claiming a competition prize. Additionally, don't forget, you can't win a prize for a competition you didn't enter.

Fallen for a Vishing Scam?

If you've provided financial or personal information to someone over the phone who you later think is a scammer, take the following steps as soon as possible:

  • Check your accounts for fraudulent transactions and withdrawals and report/dispute them immediately.
  • Alert your bank and/or credit card provider to inform them that your accounts have been compromised. Inform them of the unauthorized transaction and ask them to cancel your current cards and issue you with new ones. You may also need to change your account numbers to prevent further use of your existing accounts.
  • Check your credit reports for signs your identity has been stolen, such as unauthorized lines of credit opened in your name.
  • Freeze your credit reports or place a fraud alert if necessary to stop any further accounts from being opened in your name. In addition, alert the credit agencies to any fraudulent activity in your accounts.
  • Change your passwords to all your online accounts if you've handed over personal information. Use a password manager to generate unique and complex passwords and to store your account credentials securely.

Report Vishing Scams

Report scam calls to the authorities and to the company/agency that the scammers are impersonating. Reporting the fraud may not help with getting your money back or recovering from identity theft immediately, but it will help put a stop to the scammers at large.

Frequently Asked Questions

How do I report vishing attacks?

You can report the details of a vishing attack to the FTC, which helps law enforcement to apprehend the scammer and alert others of the dangers.

How do I know if a caller is genuine?

If you’ve answered a call and you’re unsure if they are a scammer, ask them to call you back and hang up. This allows you to look up the number online and see if it has been linked to vishing attacks.

Don’t be afraid to ask a caller questions. Genuine companies will be happy to answer whatever queries you have without pressuring you to take immediate action. If a caller asks you to provide personal information, end the call, and ring the company back, using a number from its genuine website.

Can I block calls from scammers?

The primary cell phone providers have effective call blocking methods that protect you against scam callers. Some caller ID and call blocking services are included with your plan, but you may have to pay for additional features depending on your provider.

Unfortunately, even with scam call protection from your phone provider, some vishing attacks may sneak through. Get an extra layer of protection with a call blocking app, which has huge databases of numbers linked to fishing attacks. If one of these numbers tries to call you, it will be blocked before it reaches you.

Some apps have advanced caller ID features that can give you information on unknown callers and allows you to look up the numbers of mystery callers.

Comments