VISHING AND SMSHING
Vishing is a grouping of “voice” and “phishing”. Vishing is like another Social Engineering attack phishing – the major difference being a mode of attack. While phishing involves the use of emails to trick a target into providing the target’s personal details; vishing involves voice or telephone services. A typical vishing call involves an imposter, posing as an official from the bank or another organization asking for your personal details. These attackers could offer creative reasons to fetch information from a target.
SMShing is a grouping of “SMS” and “phishing” which is any kind of phishing that involves a text message. The information an attacker is looking for can be anything from an online password to your PAN card details or Aadhaar details or any other sensitive/personal details which could lead to financial compromise.
Modus operandi of vishing:
- Imposter calls as an individual posing banker/agent and seeks confirmation of card PIN / OTP by sharing a few details such as name or date of birth to gain confidence.
- The imposter pressurizes into urgently / immediately requesting card PIN / OTP citing emergency, details required to block transaction or payment required to stop penalty, etc.
- If any individual falls for such bait, his/her credentials are then used to defraud.
Modus operandi of SMShing:
- Imposter sends a text SMS or message via messenger as banker/agent and seeks confirmation of password / OTP by sharing a few details such as name or date of birth to gain confidence.
- The imposter pressurizes into urgently / immediately requesting card PIN / OTP citing emergency, details required to block transaction or payment required to stop penalty, etc.
- If any individual falls for such bait, his/her credentials are then used to defraud.
Security measures:
- Be cautious while clicking on SMS/Chat links, especially ones received from unknown senders.
- If you have not tried to generate or reset your PIN but still receive an SMS mentioning the code, report the same to the bank immediately
- To report any vishing/smshing attack or attempt, kindly contact our bank. along with details such as calling/messaging number, any pertinent details of the conversation or recorded message, the call-back number (if indicated during the call)
Always remember Jo Satark, Wohi Surakshit!
To report a fraud, write to us at