Phishing and vishing are just two different ways to go about the same concept. Phishing is when you get an email that looks legitimate, but that contains links that take you to a web page or initiate a file download that looks normal (such as a PDF) that actually downloads an executable file to your machine. The link may even open a real PDF file, but in the background, you’ve opened up a remote connection to a server in the cloud that provides access to your computer and network.
It will often look like it’s coming from one of your clients, but if you look at the domain name in the address, it will not quite be correct. It will often say something about needing you to complete some information in order to process an invoice.
If a computer on your network gets compromised, that opens up the possibility of other computers in your office getting compromised. Eventually if the invader gets to the right machine, it will be able to initiate transactions as if it were you, such as redirecting funds or documents to accounts owned by people who just want to steal your money. You may think you have made payments or sent documents to your clients or employers, when in fact it has gone to someone else completely.
It can cause serious complications to your business, as well as substantial financial loss.
How do you avoid this? Here are a couple of simple tips to help combat this problem.
If you get an email with a hyperlink in it, highlight your mouse over the link and make sure that it goes to a Web address that you recognize. If xyz.com company sends you an invoice, the link should go to xyz.com. If you are unsure, contact the company that has supposedly sent you the email and verify that that is correct.
If you get an email that says something like your password has been compromised, click here to reset your password credentials, make sure that the link is secured (starts with “https”), it might not be a legitimate registered domain. If you log in to that address, then you will be providing your login information to someone else.