Attackers turn to vishing: 550 percent increase seen in vishing attacks

Vishing (voice phishing) cases have increased almost 550 percent over the twelve month period Q1 2021 to Q1 2022, according to the latest Quarterly Threat Trends & Intelligence Report from Agari and PhishLabs.

In Q1 2022, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The report provides an analysis of the latest findings and insights into key trends shaping the threat landscape.

According to the findings, vishing attacks have overtaken business email compromise (BEC) as the second most reported response-based email threat since Q3 2021. By the end of the year, more than one in four of every reported response-based threat was a vishing attack, and this makeup continued through Q1 2022.

“Hybrid vishing campaigns continue to generate stunning numbers, representing 26.1 percent of total share in volume so far in 2022,” said John LaCour, principal strategist at HelpSystems (Agari and PhishLabs are both part of the HelpSystems cybersecurity portfolio). “We are seeing an increase in threat actors moving away from standard voice phishing campaigns to initiating multi-stage malicious email attacks. In these campaigns, actors use a callback number within the body of the email as a lure, then rely on social engineering and impersonation to trick the victim into calling and interacting with a fake representative…”