182 Chapter6·Phishing,SMishing,andVishing In other cases, customers may need to contact the organization purporting to be related to the unsolicited message, calling a phone number manually identified by the consumer, to establish trusted communications with the organization to identify if the unsolicited number is legitimate or not. Even then, some organizations are not aware of various marketing lines, promotions, or fraud alerts related to such phone numbers (and may not provide much help). More recently, local news organizations in the U.S. have begun to cover widespread unsolicited calling to a local area. This is historically related to telemarketing efforts. Today, with new legislation in place and notification of phone-based fraud, news agencies warn consumers of calls from various organizations as fraudulent and provide guidance on where to report such instances of fraud attempts. Coordinating with local media can be of assistance to some consumers based upon resources mobilized by the agency in helping deal with such fraud alerts. Understanding Vishers'ToolsandTechniques Vishing attacks may involve traditional e-mail spam components, such as harvesting e-mails, and the harvesting of public phone numbers. It is common for vishers to harvest phone records for specific geo-locations. Individuals that regularly perform vishing attacks typically rotate attacks from various selected cities and states and countries to avoid too much activity in any one area at any single point in time. A VoIP server is required to install software and recordings necessary to efficiently interact with victims for theft of sensitive information. It is common for fraudsters to use a vishing pack to quickly deploy slightly modified data for each attack. Once this is in place, the visher may perform wardialing or subscribe to an outbound broadcast service, or subscribe to or distribute spam to connect with possible victims. They are not always clear on who may be a customer of a specific bank or organization, but they do pick institutions known to be used in the region and are hopeful of tricking a certain number of potential victims into divulging information to the VoIP server. Once credentials are collected on a VoIP server, they may be stored there for a period of time or sent to the visher in real-time. It is common to see comma delimited data files stored on vishing servers, and then sent to a temporary e-mail account used for vishing credential collection and/or working with various vishing subscriptions and other operations. For example, a temporary Google e-mail account may be used by a visher to associate it with a fake identity to sign up for a demonstration of an outbound broadcast service. The visher