Abstract
A vishing attack is a category of Phishing attack in which the attacker attempts to capture clandestine information through a phone call or Short Message Service (SMS). These types of attacks mostly target financial information and uneducated people are victims. In this paper, a user friendly security mechanism is proposed for preventing vishing attack in banking system under one nation. The proposed authentication mechanism uses a Central Banking Server (CBS) which act as an Authentication Server (AS) and a nationwide unique phone number. The proposed approach is simulated and analyzed by means of Scyther which is a protocol verification tool and the results show that our mechanism is more protected and harmless from vishing attacks.