Vishing (voice phishing) is a scam technique where a fraudster contacts a victim by phone, impersonating a trusted organisation — a bank, a government agency, a delivery service — to extract sensitive information or money. Unlike email phishing or SMS smishing, vishing exploits the human voice, making it psychologically more convincing.
How a vishing attack is structured
A well-executed vishing call follows four stages: building a credible pretext, establishing trust by citing personal data, triggering artificial urgency (frozen account, tax audit, parcel stuck in customs), then extracting your card number, one-time SMS code, password, or national insurance number.
The AI voice-cloning threat in 2026
Generative AI tools can clone a person's voice from a few seconds of audio found on social media. Establish a secret code word with close family members to verify identity in emergencies.
Red flags and the hang-up technique
Key warning signs: extreme urgency, a request to keep the call secret from your bank, being asked to read back an SMS code you just received, or threats of arrest or account freezing. If in doubt, hang up immediately and call back using the official number you find yourself on the organisation's website, service-public.fr, or ameli.fr. Search suspicious numbers on TelCheck and report via Signal Conso (signalconso.gouv.fr). If victimised, call France Victimes on 116 006 (free, 7 days a week).