DT
PT
Subscribe To Print Edition About The Tribune Code Of Ethics Download App Advertise with us Classifieds
search-icon-img
search-icon-img
Advertisement

Don’t take the bait: Phishing, vishing and smishing scams on the rise

Info Nuggets
  • fb
  • twitter
  • whatsapp
  • whatsapp
Advertisement
TermMedium usedMethodExample
PhishingEmail or fake websitesFraudulent messages mimic legitimate organisations to steal data like passwords, bank detailsYou receive an email appearing from a bank asking to "verify" account details through a fake login page
Vishing (Voice Phishing)Phone callsImposter calls pretending to be from banks, govt., police, etc., to trick victims into revealing confidential informationFraudster calls claiming to be an RBI officer verifying your account
Smishing (SMS Phishing)Text messagesFake SMS with malicious links or urgent requests to lure victimsSMS saying “Your account will be blocked — click here to update KYC”
  1. Phishing
  • Relies on social engineering and digital deception
  • Common forms: Email phishing, spear phishing (targeted), whaling (targeting VIPs), clone phishing
  • Often uses urgency (“account suspended”) or rewards (“you won a prize”) to make victim act quickly
  • Risk: Financial theft, identity theft, ransomware infection
  1. Vishing
  • Combines voice communication with fraud
  • Uses caller ID spoofing to appear from genuine numbers
  • Often plays on fear or authority (tax notices, police cases, loan defaults)
  • Scammers may record calls for misuse of voice samples
  1. Smishing
  • Uses SMS/instant messaging (like WhatsApp)
  • Often contains short URLs to hide malicious sites
  • Exploits trust in mobile communication
  • Common during bank KYC updates, festival offers, or disaster relief scams

 

Advertisement

How to protect ourselves

 

  1. Awareness & verification
  • Never click on suspicious links or attachments in emails/SMS
  • Verify the sender independently (call bank/govt. helpline directly)
  • Cross-check website URLs for spelling errors and HTTPS
  1. Technical safeguards
  • Use spam filters, antivirus, and updated software
  • Enable two-factor authentication (2FA) for important accounts
  • Avoid using public Wi-Fi for financial transactions
  1. Behavioural practices
  • Never share OTPs, passwords, or PINs over calls/SMS
  • Ignore calls requesting urgent payments or personal data
  1. For organisations
  • Employee cybersecurity training
  • Incident reporting mechanisms
  • Email authentication protocols like SPF, DKIM, and DMARC

Report phishing attempts to:

Advertisement

  • Indian Cyber Crime Portal: cybercrime.gov.in
  • Helpline number: 1930
  • CERT-In (Indian Computer Emergency Response Team)

Civil Services Exam relevance

Prelims: Can be asked as MCQs — e.g., “Which of the following is NOT a form of phishing?”

Mains (GS-III: Internal Security):

Advertisement

  • Explain with examples in context of cybercrime trends in India.
  • Link with initiatives like the National Cyber Crime Reporting Portal and Digital India cybersecurity frameworks.
Advertisement
Advertisement
Advertisement
tlbr_img1 Classifieds tlbr_img2 Videos tlbr_img3 Premium tlbr_img4 E-Paper tlbr_img5 Shorts