Phishing, Smishing, and Vishing – Do you know the difference?

Scammers can use phishing, smishing or vishing to contact you in an attempt to obtain personal information about you and use that for identity fraud.

Identity fraud uses your personal data or financial accounts to steal money, receive loans or services in your name, or to commit other types of crimes. According to the Federal Trade Commission, in 2021 alone, there were more than 1.4 million reports of identity theft. Avoid becoming a victim by understanding these methods and how to defend yourself. 


Cyber attackers use phishing in an attempt to trick victims into clicking on deceptive links in their emails. The link will usually take the victim to what seems like a legitimate form that asks them to type in their usernames, passwords, account numbers or other private information. What they don’t realize is that this information is being sent directly to scammers. 

One way this can be done is that you receive an email that says your bank account has been locked and asks you to click on a link so you can regain access. The reality is that the link will lead you to a fraudulent form that simply collects your information, such as your online banking username and password. You have just given the thieves the chance to log in to your account and steal your money.


Similar to phishing, smishing takes the same approach, but via text messages. A smishing text message will often contain a fraudulent link that takes victims to a form that request’s your personal information. The link can also download maleware such as viruses, ransomware, spyware or adware onto the victim’s device.

Many times these text messages seem to be urgent request from the bank or a delivery service. If you are distracted and not reading your messages properly you can easily fall victim by wanting to be quick to respond instead of cautious. 


Sadly, vishing has become all to common. Here the victim is contact via phone or even a voicemail. The call, which can use either a real person or a prerecorded message, pretends to be a real company, even one you may be familiar with, to solicit personal information. 

For example, you could receive a call about your internet service having issues, once you answer the call, you are quickly connected to an “agent” who may ask you for personal information to confirm your identity, which may include your full name, ID number, social security number, or even your credit card number. 


How Can You Protect Yourself from These Attacks?

To avoid becoming a victim of phishing, smishing or vishing, try to apply the following rules. These can protect you directly from scams and reduce the likelihood you will be targeted in the first place.

  • Never click on links from someone you don’t know. Go directly to the certified website for the organization the communication seems to originate from and check to see if the notification indicated in the email or text message is real.
  • Never give out personal information to someone who randomly contacts you.  If they claim to represent a bank, government organization or company you already do business with, hang up and tell them you will call right back. Then go to the official website of the organization and call them at their official phone number to find out what’s really going on.
  • Don’t answer calls or texts from numbers you don’t recognize. Even if you answer only intending to ask to be taken off the list, the scammers will note that you interacted with the call. This will likely increase the number of calls you get from scammers in general.

R3CG offers comprehensive cybersecurity solutions that protect against a diverse range of issues.  Phishing, smishing, and vishing are not expected to go away, these tips can benefit . R3CG also provides alternatives suchs as firewalls, anti-virus, anti-spam, wireless security, and online content filtration.  By having an IT expert to guide and support you, then you can effectively fight against even the most determined criminal. Contact us today!