Consider following on social media!

Quick note: if you’re viewing this via email, come to the site for better viewing. Enjoy!

Oh a new post, I guess I get to see what all this Scriptingthewhy nonsense is about.
Photo by Mike Jones, please support by following @pexel.com

Scammers are trying to get people with the old hook, line, and sinker. Phishing emails aren’t the only thing you have to be on the lookout for, well, in this case, keeping an ear out for.

Scammers have turned to fishing phone calls to lure potential victims into giving most if not all their information. We will be looking at what kind of attack this is, who used it, the functionality, and effects upon release, and what are some ways to keep safe when you’re just trying to use the phone to call Nana.

Who are these people that keep calling me fam?
Photo by Liliana Drew, please support by following @pexel.com

The Attack

What are the latest attacks on the internet coming up like gas prices and rising panic of the future? Look no further than what’s called “vishing.” This version has been named “LetsCall”. If you’re under a rock and have no clue, don’t worry, we got you.

Vishing is similar to email phishing; this is the act of posing as someone the victim may know or a reputable business in hopes they fall victim and leak sensitive information.

Vishing is done differently because this attack uses the phone instead of sending the victim a letter saying “I’m a prince with a lot of money and I need your account to hide it in.” And before you ask, yes, people still fall for that.  

Hello, it’s me. I was wondering if all these years you’d like to meet.
Photo by Tan Danh, please support by following @pexel.com

Who Can It Be Now

Since its release on the market and a lot of threat actors are using it, no one person or group has been made a name for using it but that doesn’t mean someone won’t slip up in the future.

It is believed that the group of threat actors consists of both front-and-backend developers, designers, and operators who specialize in voice social engineering.

This is a nice little mix of; down let your guard down but don’t get your hopes up.

Enjoy the read so far? Why don’t you consider subscribing so you can keep up to date?

When it comes to the world, it’s a game of chess.
Photo by Pixabay, please support by following @pexel.com

That Sinking Feeling

LetsCall has been used to target users in South Korea but given how crafty it is, it’s believed that attacks have expanded since its release to European Union countries. This is a growing concern because LetsCall comes ready to go out of the box and this means anyone can use it.

It has been noted that there are three parts to this attack. The first step is, as with many phishing attempts where a fake site is created for the victim to interact with, in this case, it’s the Google Play Store. From there they download the first portion of the application chain attack.

Once the application is installed and run, it redirects all incoming calls to a call center controlled by the threat actors. In the call center, there are trained operators posing as bank employees, this is done with the intent to extract sensitive bank information.

To facilitate connections and bypass firewalls, threat actors make use of the Voice over Internet Protocol (VoIP)— is a technology that allows the user to make internet-based calls instead of using a standard phone, and Web Real-Time Communication (WebRTC)—which allows for audio and video to work within webpages by allowing peer-to-peer communication.

So in short, once this is on your phone, the only people you will be able to contact is the call center.

When it comes to your information, operate with top secret clearance.
Photo by Caleb Oquendo, please support by following @pexel.com

The Prevention

At this point, we’re assuming you don’t want to make friends with people from a random call center and you’re looking to protect yourself. A good form of protection is to use and do not disclose your 2MFA (Two-Multifactor Authentication), password, and any other possibly sensitive information.

Check your caller ID before answering as you could more likely tell by the number that it’s a scammer calling you. If you choose to engage with the scammers, explore how much information they are willing to give you regarding their full name, the company they’re working for, and the reason pertaining to the call, and request an extension number in case the call drops.

You should red flag anyone requesting payment via prepaid or gift cards as this will be the payment method of scammers and not a legitimate organization. Any questionable or suspicious interaction should be documented, and authorities should be involved.

Remember, the best kept secrets are the ones no one finds out about.
Photo by Ty Huynh, please support by following @pexel.com

Made it this far and found this to be entertaining? Then a big thanks to you and please show your support by cracking a like, sharing this with whomever, scripting a comment, or plug-in to follow.

Would like to give sincere thanks to current followers and subscribers, your support and actions mean a lot and has a play in the creation of each script.

Do you feel like there is something I may have missed on LetsCall? Script a comment below.

Discover more from Scriptingthewhy.com

Subscribe to get the latest posts sent to your email.

Unknown's avatar

Published by EchelonVigil

EchelonVigil—a storyteller, strategist, and relentless believer in the power of transformation. Through Scriptingthewhy, I explore what it means to lead with clarity, create with purpose, and show up authentically in every space I touch. My journey isn’t just about tech—it’s about influence. I’ve helped creators, collaborators, and communities unlock their voice, refine their vision, and build systems that reflect who they truly are. Whether I’m shaping a brand, mentoring a team, or crafting content that resonates, my goal is simple: elevate others to become the sharpest, boldest version of themselves. I lead with empathy, challenge with intention, and build with soul. If you’re here to grow, disrupt, or redefine your lane—you’re in the right place.

Leave a comment