Spot the signs of vishing
Vishing is a telephone-based form of social engineering in which someone calls you directly and pretends to be from a legitimate company or service. Once on the line, they ask questions, try to get you to do something, or direct you to a website in order to obtain personal information, such as Social Security or financial account numbers.
Check the company
Is the phone call from a legitimate company? If you can, look up the phone number or company name to see whether it’s legitimate. Always be extra cautious if it’s a company you’re not familiar with.
Call them back using a number you have on file
If the caller says they are from a company you know or do business with, hang up and call them from a number you know. For example, if a caller says they are from your bank, call them back with the number on the back of your card.
Watch out for requests for sensitive information
Be suspicious of requests for sensitive information, such as user IDs and passwords, financial account numbers or Social Security numbers.
Be careful with websites
Be suspicious of requests to visit a website, particularly to fill out a form or download software.
Protect your computer
If you are asked to access anything on your computer, beware! Do not download software, give the caller access to your computer or modify systems files in any way.
Hang up
When in doubt, hang up the phone and do not accept future calls from the number.