Talk:Voice phishing/Archives/2014

No longer purely VOIP?
I was under the impression that the term was derived from the V in VOIP, and that the article was correct when it previously stated that vishing attacks were only properly labeled as such when VOIP technology was used by the attacker. Simply stating that similar attacks are possible over POTS doesn't make it true that all such attacks are "vishing." Rv'd, but won't rv again if a real explanation is given, preferably with a source to back up the broadening of the definition. MrZaius talk  02:29, 26 November 2008 (UTC)
 * There's been use of social engineering and caller ID spoofing abuse since before VoIP;. I'll dig up some refs before reapplying my edits.  IIRC, caller ID itself has some refs. I assume the V is for 'voice', and made the edits based on that assumption... I could be wrong there.--Elvey (talk) 23:58, 1 December 2008 (UTC)
 * I certainly wouldn't argue about the first part, but the second seems to involve a dramatic enough change to the definition that, as you say, it certainly warrants refs. Now that the etymology is in question, one must ask: Who coined the term? Getting back that far would help more than anything else, at this point. MrZaius  talk  01:02, 2 December 2008 (UTC)
 * Caller ID spoofing certainly pre-dates VoIP. "That has been possible for a long time, but it generally required special hardware and technical savvy." - http://www.msnbc.msn.com/id/11624504/
 * Definitions: A form of Phishing that provides a fraudulent contact phone number. When called, these phone numbers have automated menus or criminals that steal ... source: http://www.earthlinksecurity.com/security/articles/glossary/.  Alt: http://www.webopedia.com/TERM/V/vishing.html  Third meaning: http://blog.tmcnet.com/blog/rich-tehrani/security/vishing-definition.html.  So it seems the V is not for VoIP.  Editing accordingly.
 * Good enough - Thanks, MrZaius  talk  02:26, 4 December 2008 (UTC)
 * Well, as a matter of fact, due to the fact that VoIP is rarely used, the more commonly accepted term is "phone phishing", these days (and thank the Lord, as vishing is a dumb name anyway). The S (talk) 01:50, 22 May 2010 (UTC)

The 'V' in "Vishing" almost certainly originally stood for VoIP. Mass phishing operations could be run at very little cost due to the low cost of making thousands of VoIP calls, without dedicated hardware and at a higher level of anonymity compared to an operation using POTS. It would be fair however, to now consider any "Voice Phishing" (VoIP or otherwise) as "vishing" and whilst it may be a terrible name, it probably should be referenced on this Wikipedia entry at least once. Recent source that used "Vishing" to refer to VoIP Phishing: http://blog.phishlabs.com/vishing-campaign-steals-card-data-from-customers-of-dozens-of-banks (which was linked to by Cisco @ http://tools.cisco.com/security/center/viewCrr.x?alertId=34114)....But it's much easier to find sources that refer to "Vishing" as voice phishing. LlamaLlamaLamp (talk) 16:00, 1 June 2014 (UTC)