Vishing is a scam carried out during telephone calls where criminals impersonate company employees to obtain personal and private information from victims or to get them to install malicious software (malware) on their computers.
This form of social engineering is based on the psychological manipulation of the people who answer the call. Scammers use an alarmist tone to cause concern and can even replicate sound effects similar to a call center or an office to make the attack seem more plausible. In addition, before the scam is carried out, attackers search the Internet and social media for basic information about the people they are going to target in order to make the call appear legitimate.
Criminals often claim that they have detected unusual activity on the victim’s computer or device, so they ask the victim to install a program to fix the problem or ask for access to solve the problem themselves. Other pretenses include participation in a competition or prize drawing, or an offer for a gift certificate.
How you can protect yourself from this scam
As a general rule, do not provide confidential information, such as passwords or credit card numbers, during any phone calls you receive.
Be on alert if you receive an unsolicited call and be wary of any callers who promote a sense of urgency.
If you receive a call and you doubt its legitimacy, do not perform any actions and contact the company that supposedly called you directly (search for the phone number online or on its official website).
Block fraudulent phone numbers so they can’t call you back.
BBVA will never request personal information or banking details from its customers over the phone on an outgoing call, i.e. when the bank is making the call. Therefore, we strongly recommend that you hang up if you receive a call asking for the username or password used for online banking access.
If you suspect that a call may fraudulent, you can contact us at (+34) 900 102 801 to report what happened and so we can guide you on how to proceed.