Everything You Need to Know About Voice Phishing

Introduction

Phishing is a form of social engineering where attackers attempt to fraudulently obtain sensitive information such as usernames, passwords, and credit card details by disguising themselves as a trustworthy entity in an electronic communication. Phishing is commonly carried out by email, telephone calls, text messages, and links to malicious websites.

The goal of phishing is to trick users into taking an action, such as clicking on a malicious link or opening a harmful attachment. This may lead to the installation of malware, ransomware, or the theft of personal information, such as back accounts. Phishing relies on deceiving users rather than technically breaching security, which has made it a persistent threat, especially for the elderly and the not-so-tech-servy. Phishing by telephone is known as voice phishing.

This article will equip you with a general awareness of phishing tactics. Exercising caution when receiving unsolicited emails, text messages, and phone calls can help anyone avoid sharing information that can compromise them financially or cause the loss of data.

What is Voice Phishing?

Voice phishing, also called vishing. It is a form of social engineering attack where the scammer impersonates a legitimate company or institution and tries to get sensitive information from the victim over the phone. In Kenya, clients of major banks and mobile service providers are targeted daily.

   Some key things to know about voice phishing attacks are:

• The scammer may pretend to be calling from a well-known company like a bank, credit card company, utility provider, tech support, or government agency. For instance, you may receive a call from a mobile service provider with information that you have won a lottery, which requires you to give your Mpesa pin so that the money can be deposited. Once you divulge the pin number, you will lose your Mpesa account and the money in it.

• The caller may claim there is a problem with your account. This is done to build urgency and panic, causing you to divulge your sensitive details, such as credit card numbers, account passwords, dates of birth, etc., under the pretext of verifying your identity or resolving the fake issue.

• Scammers exploit people who are aware of ongoing legitimate promotions or contests run by major companies. The scammers call victims, claiming they have won a prize, and then ask for personal details.

• Scammers are getting more sophisticated at impersonating automated phone systems and even replicating actual company music that is played while on hold.

• Vishing exploits people's tendency to let their guard down while talking to a friendly voice, compared to being more skeptical with emails or pop-ups.

• Targets include both individuals and businesses, with the aim of stealing financial data that will eventually lead to loss of money.

Staying vigilant and never sharing sensitive information over unsolicited phone calls is the only way to avoid becoming a victim of voice phishing attacks.

Voice phishing,  is a deceptive phone scam where fraudsters impersonate trusted institutions such aslike banks, mobile providers, or government offices—to trick victims into revealing sensitive information. In Kenya, this tactic often involves callers claiming you’ve won a prize and then requesting personal details like Mpesa PINs, allegedly to process winnings. Once shared, victims can lose access to their accounts and funds. These scammers create a false sense of urgency by faking account problems, manipulating emotions, or mimicking legitimate call systems and hold music to sound convincing. They may also exploit real promotions by posing as official representatives. Unlike suspicious emails or links, voice phishing relies on human conversation to disarm. The only safe defense is caution: never share personal or financial information over an unsolicited phone call.

  Certain groups are considered more at risk from voice phishing (vishing) attacks:

• Senior citizens: Scammers prey on the elderly, who may be less tech-savvy and more trusting of authority figures over the phone.

• Individuals with financial assets: Attacks target people with bank accounts, investments, or retirement funds that scammers can siphon money from.

• Busy professionals: Busy schedules leave less time to verify calls, so scammers exploit time pressures to extract information faster.

• Non-native language speakers: language barriers make it harder to detect impersonation attempts or understand demands for personal details.

• Small businesses: Vishing can also target bookkeepers or finance employees of small companies looking to wire transfer funds.

• Remote workers: Isolation from co-workers makes it easier for scammers posing as IT support to gain remote access to systems.

• People expecting calls: If scammers know someone is waiting for a call back (e.g., regarding a job or refund), it raises suspicion less.

• Post-disaster areas: Residents recovering from natural disasters may let their guard down when scammers impersonate relief organizations.

So in general, anyone, including you, can be convinced that a legitimate authority figure urgently needs sensitive data, putting you at higher vishing risk. Maintaining skepticism about unsolicited calls from unknown numbers helps everyone avoid falling victim.

  Ten Steps to Protect Yourself From Voice Phishing

Here are 10 steps to help protect yourself from voice phishing scams:

1. Never share personal or financial details over an unsolicited phone call. Legit companies won't ask for this information upfront.

2. Do not trust caller ID, as numbers can be spoofed. Ask for a callback number instead, and don't use numbers given during the initial call. Look up the numbers online, as legitimate companies have easily identifiable phone numbers.

3. Scammers often claim to be technical support and say they need remote access to "help" with a problem. But this gives them control over your computer. Do not install remote access software or provide remote access to your computer without verifying the caller's identity.

4. Use caution if immediately prompted to pay unusually large bills or taxes, especially by wire transfer, gift card, or crypto. These are red flags.

5. Rather than clicking links, verify the reason for any unexpected calls about accounts or problems directly on the company's official phone numbers, website, or app.

6. Don't panic if threatened with arrest or other consequences. Scammers exploit fear to steal information.

7. Warn elderly relatives and check in on them regularly to look out for signs of a potential scam.

8. Report vishing numbers to the implicated company for scam attempts. Safaricom in Kenya has the number 333 for reporting via text messages.

Being vigilant and taking the above simple precautions can go a long way in protecting you from would-be hackers before they have a chance to steal personal details.

  Conclusion

  By pretending to be from a victim's bank, tech support, or government agency, cybercriminals are able to exploit a person's trust. Anyone can fall prey, regardless of age or background, but studies show the elderly and non-tech-savvy are most at risk. Thanks to spoofing technologies, scammers can appear to be calling from anywhere, so vigilance is important for all. Phone number spoofing is the use of special devices or phone services to fake the caller ID number that displays, making it appear the call is coming from a trusted source like a local number.


These ideas don’t just write themselves—they’re fueled by late nights, research dives, and homemade snacks. Buy Me a Coffee and keep Kenya’s perspectives flowing.

I am an artist who also writes fiction. I speak English, Kikuyu, Kiswahili, some French, and some Lingala. I understand several Kenyan Bantu languages and a bit of the Nilotic 'dholuo' (Obama's father's mother tongue). I can play some guitar and piano but I spend more time reading and writing.

Comments

Post a Comment

Your comments are very important to this blog. Feel very free to make your opinion known. We will respect it.

Popular posts from this blog

Who care's in Nairobi?

Image
This article is a work of satire and fiction. The events and characters depicted are purely fictional and intended for humorous entertainment purposes. The views expressed do not necessarily reflect reality or endorse any specific behaviour. The City of Nairobi The streets of Nairobi are littered with garbage, hawkers, kiosks, etc. In fact, this former city in the sun has become one big open-air market with no planning whatsoever. Now that the election is round the corner, things are worse. Getting rid of the hawkers would be like throwing good votes into the sea so no politician will touch them.  Besides the garbage, refuse, and overflowing and bursting sewage system, the planning officers add to the pollution by spewing empty vitriol and unnecessary verbiage. We know that they are chasing rate defaulters because they want to raise money for the coming elections—the biggest ever in the history of independent Kenya.  On the sidewalks one faces the risk of fal...
Read more

The Dark Sparkle in Your Smartphone: Unpacking the Story of Coltan

Image
                                                           Image from https://rb.gy/9ly6qn Introduction: Ever wonder what makes your sleek smartphone, your trusty laptop, or that immersive gaming console tick? Well, pull up a chair, because it turns out a seemingly ordinary black rock, called coltan, plays a surprisingly pivotal role. My digging into the history of this mineral took me way back to the 19th century and the heart of the Kingdom of Kongo, now the Democratic Republic of the Congo (DRC). The Minerals that constitute coltan were discovered were first discovered in the 19th century, though, at the time, its significance was not fully realized. Coltan is an ore containing niobium and tantalum. Niobium was discovered in 1801 by Charles Hatchett, and tantalum was discovered in 1802 by Anders Ekeberg Interestingly, while Europ...
Read more

Konza Techno City: Unpacking the Blueprint for Africa’s Digital Future

Image
Introduction Picture a city where Kenyan innovation takes centre stage—where startups powered by AI, biotech breakthroughs, and fintech pioneers shape the future. This is the vision behind Konza Technopolis, Kenya’s bold move to position itself as a continental tech leader. The city is conceived within the framework of the Kenya Vision 2030 blueprint. Konza is more than just another tech city—it’s Kenya’s bold step toward shaping Africa’s digital destiny. By pioneering smart infrastructure, fostering innovation, and driving economic growth, Kenya isn’t following tech trends—it’s leading them. It is envisioned as a smart, sustainable metropolis fostering innovation and designed to attract a dynamic mix of local enterprises, international startups, research institutions, and even potentially those major tech giants such as IBM, Microsoft, and Intel, who showed early interest, alongside other significant international players like General Electric (GE) and Huawei. While some, suc...
Read more