General Surgery Coding Alert

Question: What’s the difference between phishing and vishing, and how can we protect ourselves in our work environment?

Mississippi Subscriber

Answer: Your IT company or department should hold training for your staff, and keep you updated about common scams that are circulating at any given time. But for a brief primer, here are some common schemes you should be aware of:

• Phishing: An email that appears to be from a legitimate source, which asks you to click a link, bringing you to a “fake” website that asks for sensitive information.
• Vishing: Similar to phishing as a means to garner sensitive information, except the contact is through voice communication such as phone, voice email, or voice over internet protocol (VoIP).
• Smishing: With the same goals of stealing information, this scam happens through SMS (text) messages.
• Pharming: This scam is different, as it involves the perpetrator installing malicious code on your computer to redirect you to fake websites.

Many of these scams rely on “spoofing,” which means masquerading as a person or entity that you know and trust, often by changing just one letter of a name.

Some things you can do to protect against these scams include the following:

• Remember that most legitimate sources will never contact you asking for sensitive information.
• Don’t click on links in unsolicited communications.
• Examine spelling of email addresses and URLs for variations from known sources.
• Never open an email attachment from an unknown source.
• When in doubt, don’t use a number or link provided by the potential scammer, but independently find a number or email and contact the real source to see if the request is legitimate.