What is Vishing, Smishing, Pharming, and Whaling


Vishing is also phishing. It is using voice VoIP communication technology for fraud. The criminals’ spoof calls from legitimate sources using voice over IP (VoIP) technology.

The victim can receive a recorded message that appears legitimate. Vishing works just like phishing but does not always occur over the internet and is carrying out using voice technology.  Vishing attack also uses voice emails, landline, and telephone.

It is not easy for authorities to trace vishing; especially when the criminals using VoIP. Criminals aim is to get credit card numbers or other information to steal the victim’s identity. Vishing takes advantage of the fact that people trust the telephone network.


Smishing is Short Message Service Phishing. It using text messaging on cellular phones. Criminals masquerade as a legitimate source to gain the trust of the victim. It is an attack in which the user is trick into downloading a Trojan horse; virus or other malware into his cellular phone or other mobile devices.


Pharming is a scamming practice in which the impression of a legitimate website to mislead users into entering their credentials. It redirects victims to a fake website that appears to be official.

Victims then enter their personal information thinking that they connected to a legitimate site. Pharming also installs malicious code on a personal computer or server, misdirection victims to fraudulent Web sites unknowingly. In pharming, more users computer get infected because it is not needed to target people one by one just like phishing.

Some criminals sent a code sent an e-mail modifies local host files on a personal computer. A computer with a compromised host file will redirect to the fake website even a user types a correct Internet address.

Domain name system poisoning is another method of pharming. in which the domain name system table in a DNS server is modified so when someone wants to access legitimate websites but directed toward fake one. The host file change in the personal computer is not required in this method.

Anti-spyware programs cannot fix this type of pharming because nothing needs to be technically wrong with the end-users’ computers.

Gene pharming is another type of pharming. In this type of pharming, the human protein is produced from animal DNA alterations. These proteins seem in the blood, eggs, or milk of the animal. Therefore livestock to produce several useful drugs.


Whaling is also phishing. It targets very high-profile targets within an organization such as senior executives as well as govt organization. These criminals also target politicians and celebrities. The whaling also called whaling phishing attack.

The attacker’s goal of whaling phishing attacks is to manipulate the victim into authorizing high-value wire transfers to the attacker. The whaling attacks are not easy to detect than standard phishing attacks because of its high value.  The security administrators in an organization can cut the effectiveness of whaling attacks by security awareness training to the management staff.

The whaling attack is trick personal or corporate information through social engineering, email engineering, and content spoofing. The attackers may send an email from trusted sources and some attackers may create a malicious website especially.

The attackers also the target’s name; their job titles etc. Whaling attacks usually depend on social engineering. The attackers may send hyperlinks or attachment to infect victims with malware.