Personal
Premium
Business
About the Bank

18.06.2025

Vishing — fraud you can protect yourself from

Contents of the article

  1. What is vishing?
  2. How does vishing work?
  3. What information are fraudsters after?
  4. Fraudsters' tools
  5. Examples of vishing scenarios
  6. How to avoid falling for a vishing scam
  7. Where to report fraud
  8. Conclusion

 

Modern financial scams are evolving at an incredible pace. Resourceful fraudsters come up with new ways to deceive, using not only technical tools but also human trust. One such method is vishing. In this article, we explain what vishing is, how to recognize it, what scenarios fraudsters use, and how to protect yourself from deception.

 

What is vishing?

Vishing is a type of fraud in which the perpetrator calls you, posing as a bank employee, police officer, government official, or even a relative, in order to extract confidential information or force you to carry out a financial transaction.
The word "vishing" comes from the English term voice phishing. It refers to the attempt to steal your data specifically through a phone conversation.

 

How does vishing work?

Fraudsters do not hack into banking systems. They take an easier route and use social engineering — manipulation techniques that prompt a person to voluntarily disclose important information.

Usually, the perpetrators apply emotional pressure, urgency, fear, or, conversely, promises of gain. A person under stress is more likely to make mistakes — fraudsters exploit this. Their goal is to hook you and lead you to the point where you hand over the key to your money yourself.

Key signs to identify vishing:

  • unexpected phone call;
  • demand to provide confidential data or transfer money;
  • sense of urgency;
  • control over your actions.

 

What information are fraudsters after?

Most often, the goal of scammers is to gain control over your account or banking app. To do so, they ask you to provide:

  • payment card number, expiration date, CVV code;
  • one-time codes from SMS;
  • login and password for online banking;
  • security word used to verify your identity in a call center;
  • TIN, passport number, photo with documents;
  • financial phone number.

Sometimes, fraudsters also seek other personal information — for example, from the eHealth medical system. In 2025, there were recorded cases where scammers, posing as "doctors" or "nurses", asked victims to provide an SMS code for “re-registration”, thereby gaining access to the victim’s digital medical profile and phone number.

 

Fraudsters' tools

To deceive a person, perpetrators combine technical tools with psychological manipulation. Their tactics include:

  • Caller ID spoofing: you receive a call that appears to come from a legitimate bank or police number;
  • Multichannel fraud — SMS or emails urging you to call back;
  • Automated calls or voice messages from a “bank”;
  • Imitating a relative’s voice using artificial intelligence;
  • Urgency: warnings of danger or the need for immediate action, leaving minimal time to think.

All of this is intended to make the call seem real and pressure you into acting immediately.

 

Examples of vishing scenarios

Scenario: “Relative in trouble”

One of the most common scams is when you receive a call from someone posing as a police officer or doctor. They tell you your relative has supposedly been detained or hospitalized, and you must urgently transfer money to help them.

Sometimes the situation is intensified when the "relative" calls personally to ask for a loan — and the voice sounds real, making it hard not to believe.

Advice: stay calm. Verify the information. Try to contact the relative directly. If they don’t answer, call the police at 102.

Scenario: “Your card is blocked”

The disguised scammer introduces themselves as a bank employee and says your card has been blocked due to suspected fraud. To "unblock" it, they ask you to provide:

  • card number and CVV;
  • SMS code;
  • full name or security word.

Signs of fraud: pressure, panic, and requests for sensitive information. Banks never ask for such data over the phone.

Scenario: “Security department verification”

Scammers may pose as bank security staff, claiming they’ve detected unauthorized activity and:

  • ask you to transfer money to a “reserve account”;
  • direct your actions at an ATM;
  • suggest disabling limits or removing blocks.

Signs of fraud:

  • All actions are dictated over the phone.
  • Lack of logic — they ask you to transfer money yourself.
  • Threats or warnings of “liability for inaction”.

In both of these scenarios, a common feature is present: real bank employees have no right to request such information by phone. If you have any doubts, immediately contact the bank yourself — call the official number listed on the back of your card or on the bank's official website.

Scenario: “You’ve won a prize”

You are told you’ve won a promotion or are entitled to compensation. To receive the payout, you are asked to:

  • provide banking details;
  • make an “insurance payment”;
  • follow a link or install an app and enter your information.

Signs of fraud:

  • Promises of quick money in exchange for prepayment.
  • Links to phishing websites.
  • Requests to install malicious software.

Before taking any action, follow these safety steps:

  • Check the organizer in the Unified State Register — this will confirm whether the company actually exists.
  • Verify whether such a promotion is really taking place — especially if a car is being raffled, contact the official dealer.
  • Check the link using a special online service for detecting phishing websites (e.g., CheckMyLink or others) to ensure the site is legitimate.

 

How to avoid falling for a vishing scam

  1. Never disclose confidential data, even if the number looks legitimate.
  2. Remember: banks do not call to ask for your passwords, codes, or CVV.
  3. Do not trust the number displayed on your phone — scammers can spoof numbers.
  4. End suspicious calls and call back using the official number.
  5. Do not follow instructions dictated over the phone by “support staff.”
  6. Enable multifactor authentication on all services.
  7. Stay calm — scammers rely on your stress.

 

Where to report fraud

If you fall victim to a vishing scam, you should:

  1. Immediately block your card via the mobile app or bank call center.
  2. Change passwords for online banking and all important services.
  3. File a report with the Cyber Police Department of the National Police of Ukraine via the website https://cyberpolice.gov.ua/ or by calling 0 800 505 170.
  4. Contact your bank for additional instructions on securing your account.

 

Conclusion

Vishing is a dangerous but not new type of fraud. However, with the advancement of technology and artificial intelligence, it is taking on new forms and more complex schemes. Only vigilance, awareness, and a calm response can help you avoid falling into the trap of scammers.

Take care of your information security every day — and no fraudster will be able to exploit your trust.

 

Useful articles on the topic:

  1. What is phishing and how to protect your personal information
  2. What is a financial phone number and how to protect it from fraudsters
  3. CVV security code on the card
  4. How to shop online safely
Oleksandra Topol - Head of marketing
Oleksandra Topol Head of marketing
Latest News

We use cookies for website operation and optimization of service. By using our site, you you consent to our use of cookies.