Vishing, Smishing, Phishing and Wishing…

Friday, October 08, 2010

Katie Weaver-Johnson


Now that football season is rolling along at full speed, someone may need to throw a penalty flag for piling on in the financial sector!

We blogged earlier this week on several financial sector headlines and escalating challenges, and now we learn that community banks and credit unions are being targeted by sophisticated vishing and smishing attacks.

But the lessons learned I want to discuss in this blog involve the consumers of financial institutions.  Why are so many consumers falling for these social attacks such as vishing and smishing?

For those who are not familiar with the terms vishing and smishing… vishing attacks are phone-based using voice calls and smishing attacks are text-based… not to be confused with phishing attacks that are e-mail based.

Perhaps the best advice from the BankInfoSecurity article was the comment from Robert Siciliano, a McAfee security consultant and founder of, saying constant and consistent consumer education is the only effective way to fight vishing and smishing.

Lessons learned show that most financial institutions are not delivering effective consumer education to keep up with constantly changing risks and threats. 

Wishing that phishing and vishing and smishing will go away…

Unfortunately, it seems like most financial institutions are wishing consumers will educate themselves and the risks will go away. 

But when you read between the lines and look at what the bad guys are doing with phishing, vishing, smishing and keyloggers, there is a game changer opportunity for financial institutions. 

The financial institutions that take a futuristic approach to delivering constant and consistent consumer education to their customers on an ongoing basis – and I don’t just mean fliers in statements or web site banners – will build more trust, more accountability and more customers than those that don’t.

Cross Posted from Awareity's Lessons Learned Blog - written by Rick Shaw, Awareity's CEO/President

Possibly Related Articles:
Phishing Vishing
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.