Vishing is a very well-known mechanism of phone fraud. Vishing is one of the varieties of phishing, and its classic example is theft of funds using the “grandson” or “policeman” method. Although this form of fraud is well-known, attackers still use the phone to conduct their criminal activities.
What is the method?
The entire attack begins with finding a phone number. This can come from a data leak or from profiles in social media (such portals are an inexhaustible source of data).
After obtaining the number, scammers make a phone call where - in the event of frauds related to cryptocurrencies - they introduce themselves as investment advisors, representatives of our exchange or another reputable entity from the crypto sector. Depending on the attack, scammers may want to:
- Get us to buy cryptocurrencies at the exchange or an exchange desk and send them to their address.
- Get us to set up and verify an account at the exchange or an exchange desk to which they will have access. Such accounts may later be used for transactions aimed at legalising the proceeds derived from crime.
- Get us, under the pretext of buying cryptocurrencies, to provide them our credit card details or access our bank account.
- Get us to install malicious software or programs that allow them to take control of our computer, such as teamviewer or anydesk.
The entire attack is not always limited to a single call. Scammers may contact the victim several times if they fail to attain their goal during the first call or if they see an opportunity to gain additional benefits.
How to avoid being scammed over the phone?
The best rule in such situations is the principle of limited trust. If someone calls you and offers incredible profit in a short time, the chance to receive free funds in the form of cryptocurrencies, informs us about our account being blocked or other undesirable events (such as a suspended payment or blocked funds), it is always a good idea to treat such a call as a potential fraud. If the call is about achieving very quick profit with cryptocurrencies, you should always thoroughly verify the company/person who offers such services. In most cases, it is scammers that make such promises in order to con you out of your money.
If someone calls you and introduces themselves as a BitBay exchange representative, informing you about problems with your account or funds over the phone, we advise that you always verify this information through another channel, chat or report.
We would like to stress at this point that exchange employees will never ask for a BitBay exchange password or any other passwords (e.g. for bank accounts). Also, they will not ask you to make a cryptocurrency or fiat transfer, provide your payment card details, or install additional software on your computer or telephone.