Mutare on Wednesday released a report finding that 47% of organizations experienced a voice phishing (vishing) or social engineering attack in the past year.

Even more troubling, most organization are unaware of the volume of unwanted voice traffic traversing their networks, or the significance of threats lurking in unwanted traffic, which includes robocalls, spoof and spam calls, spam storms, vishing, smishing, and social engineering.

The survey also found that in all industries, 9% of all calls received by businesses are unwanted. Moreover, 45% of all unwanted traffic is tied to nefarious activity, while the survey ties 55% to nuisance activity. Amazingly, more than one-third (38%) say their organizations do not collect any data on the amount of inbound, unwanted, and potentially malicious voice traffic hitting their organizations.

The main reason that phishing scams are so convincing is that they often mimic the look of a brand or a credible person down to a very fine detail, said Ryan McCurdy, vice president of marketing at Bolster, Inc. McCurdy said to make matters worse, they prey on human action bias, with a call-to-action stating that attention must be taken right now.

“The same tactics are used in smishing campaigns as in phishing campaigns,” McCurdy said...