Bad actors are successfully using vishing, also known as voice phishing, to attack organizations and people. Experts in cybersecurity are seeing a growing trend, with criminals combining vishing with phishing, to increase the effectiveness of their attacks. In fact, the 2022 IBM Security X-Force Threat Intelligence Index reports that click rates for the average targeted phishing campaign increased around three-fold, from 18% to 53%, when phone phishing (vishing) was also used by threat actors. In addition, PhishLabs reports that hybrid vishing attacks initiated by email increased 554% from Q1.

What is Vishing?

At Social-Engineer, we define vishing as the practice of eliciting information or attempting to influence action via the telephone. When malicious actors call, they often employ social engineering tactics to trick their targets into giving away sensitive information.