Many times, we tend to think of scams as affecting businesses and companies, rather than individuals. However, with the ease of access to personal information today, we see a plethora of personal, targeted scams as well. In this article, we will focus on two specific forms of these personal scams and learn how to remain safe from them.
The first scam type we will examine are vishing scams. These come in many forms. Maybe you’ve received a call from the “IRS” before. Or a call about your “auto warranty.” We will look at another specific, real-world example and discuss the keys to identifying it.
The next type of scam we will discuss is QR phishing scams. We have recently seen an uptick in these, which makes sense because QR codes are becoming more and more accessible and used in our day-to-day world.
Targeted Vishing Scams
Many of us have heard of the breaches caused by full-fledged vishing attacks on large companies. However, vishing can be a huge threat to individuals as well. Here is a transcript of a vishing call that a Social-Engineer, LLC (SECOM) team member received in January of 2025:
“Hello this voicemail is from Comcast Xfinity. Your current 50% discount on your monthly bill will expire by the end of the day to maintain your reduced rate call the number on your caller ID immediately. This is your final reminder to act call back now thank you…”
Does anything stand out to you as being “phishy” about this call? What stands out to us is the urgency the call attempted to induce. Statements like “will expire by the end of the day,” “immediately,” and “your final reminder,” are all in effort to influence the target to take quick action without considering the potential consequences. This is the main warning sign the SECOM employee spotted upon receiving this call. The fact that she is not a Comcast customer helped as well.
QR Code Scams
There are various types of QR code scams, but we will look at one that we have seen increasing in volume recently. Scammers have been sending unexpected packages with your name on them. These generally contain small, cheap items that are worth a dollar or less, that you did not order. These packages often contain a QR code instead of a note or card, in hopes that you will scan the code, which leads to malicious downloads or phishing links.
To avoid this scam, be sure to not scan any QR codes contained in packages that you did not order and report suspicious deliveries when possible.
Protect Your Personal Information
Scams targeting individual people are sadly becoming more and more commonplace. Vishing and QR code scams are now a part of our society, and it’s important we keep up to date on these scams so we can protect our personal information from being compromised.
When it comes to vishing calls, give yourself a moment to think through the request made on the call to determine if it really makes sense. Do the same before you scan a QR code. Think, “did I order this package?” or “is this QR code from a trusted source?” Implementing these tips will help you remain secure!
Written by
Shelby Dacko
Human Risk Analyst
Social-Engineer, LLC