Phishing, smishing, and vishing

This is fraud enabled by social engineering where victims are tricked into giving out their personal and sensitive information such as bank account details and passwords.   

Social engineering is targeted behaviour designed to encourage human error, or creates a fake crisis to pressure the victim panic and make decisions not in their best interest. 

Phishing - usually mass distributed emails designed to catch victims to reveal data, for example with a lie that their password is about to expire, or their bank card is out of date on an account and “click” to fix the issue and enter all your details.   

Smishing - the same as phishing but using text messages, for example a text to a wide number of people to say “Mum, I’ve dropped by phone down the toilet and texting you from my new number. Can you send me £50….”, sent by fraudsters in the hope they will hook at least a few unsuspecting victims. 

Vishing - voice phishing, for example a phone call from someone pretending to be from a bank to trick customers into giving out sensitive information.  It is often in the form of an automated voice simulation technology. The calls can come in from a caller ID that is fake and looks legitimate such as from the HMRC, or a phone company.