Vishing is Evolving

Vishing is EvolvingThe phishing tactic using voice calls, known as vishing, is increasing in use and evolving. A recent study found that almost half of organizations surveyed were targeted by voice call phishing or social engineering in the past year. Robocalls and attacks on mobile phones are starting to be challenged by mobile carriers. Most of us have experienced “Spam Risk” on a mobile phone over the past year. Criminals are adapting to the new restrictions and targeting organizations instead of individuals. Unlike individuals, businesses have to answer their phones in order to serve a customer base. Criminals know this and are taking advantage of vishing tactics at the organizational level.

Another change is voice call attacks are evolving from robocalls to more targeted spear phishing attacks. Criminals are doing research on businesses and employees and targeting individuals instead of calling thousands of numbers with an automated tool. Criminals use software to crawl the internet looking for open-source information on social media and other websites. When they have enough information to form a picture of habits and character, they contact the employee to start building a relationship. The criminal may impersonate a customer, vendor, or employee within the same business.

98% of cyberattacks use some element of social engineering. The study found phishing was not limited to voice calls. 32% of phishing attempts were made over text message or SMS, and 16% were made over collaboration tools like WebEx or Microsoft Teams. As the telecommunication industry responds to criminal activity, hackers will continue to evolve their tactics. Voice phishing calls utilize the same concepts used in all phishing attacks. Criminals usually try to create a sense of urgency, so the employees don’t have time to ask questions. They may pretend to be a vendor asking for a billing information or a coworker asking for a password so they can quickly get a job done. The study cited employee education as the greatest defense against evolving attack vectors.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright