Skip to main content
Vishing

Vishing (Voice Phishing) in Social Engineering News

By September 28, 2022No Comments

A new report by Mutare reveals costly and pervasive shortcomings in enterprise security protections against voice network attacks, such as vishing, robocalls, and spoof calls. Significantly, nearly half (47%) of organizations in this report experienced a vishing (voice phishing) or social engineering attack in the past year. As you will see in the following news story, criminals are successfully using this attack vector to extract information and compromise targeted enterprises.

Cisco Confirms Vishing Attack

On August 10, 2022, Cisco released a report confirming a breach of its network. During the investigation, Cisco found that one of their employee’s credentials were compromised after an attacker gained control of a personal Google account where credentials saved in the target’s browser were being synchronized.

The attacker then conducted a series of vishing attacks posing as various trusted organizations. The goal? To convince the employee to accept multi-factor authentication (MFA) push notifications started by the attacker. The attacker succeeded in achieving an MFA push acceptance, granting them access to VPN (Virtual Private Network) in the context of the targeted user.

Test. Educate. Protect — Social-Engineer’s Managed Vishing Service

Vishing (Voice Phishing) in Social Engineering News
The attack on Cisco highlights the urgent need for security awareness training that includes social engineering techniques commonly used by attackers. It is interesting to note that more than one-third (36%) of respondents in the Mutare report cited security awareness training as the top solution to protect voice networks from vishing. Enterprises recognize the need for training but may find it difficult to implement. The Social-Engineer’s Managed Vishing Service can fill this security gap.

Our vishing method deploys professionally trained and certified social engineers to elicit critical information from your employees. Hundreds to thousands of calls per month can be made to your employees by certified social engineers capable of pivoting and adjusting conversation like a real attacker. Our program offers both scale and quality. We do not use script-driven call center staff and we never use robocallers! Act now to protect your enterprise from vishing attacks.

Please contact us today for a consultation.

 

www.Social-Engineer.com

Tags:

Security Assessment Case Study
Learn more about the importance of a Social Engineering Risk Assessment.
Download Now
Security Assessment Case Study
Learn more about the importance of a Social Engineering Risk Assessment.
Download Now
What Makes Us Different
At Social-Engineer, we pride ourselves on what we do and how we do it. We are a security services provider, focusing on four primary attack vectors. This case study will go through how we can protect your company and what makes us different.
Download Now
What Makes Us Different
At Social-Engineer, we pride ourselves on what we do and how we do it. We are a security services provider, focusing on four primary attack vectors. This case study will go through how we can protect your company and what makes us different.
Download Now
Woman vs Machine
Technology is providing new, more innovative ways to enhance our world. Scientists are constantly developing smarter, faster and more intelligent machines, systems and robots. There is no doubt that each of these has evolved beyond their clockwork origins.
Download Now
Woman vs Machine
Technology is providing new, more innovative ways to enhance our world. Scientists are constantly developing smarter, faster and more intelligent machines, systems and robots. There is no doubt that each of these has evolved beyond their clockwork origins.
Download Now
Vishing and Phishing Must Be Ongoing to Be Effective
Most companies have a security awareness program in one form or another. If they don’t, it should be on the short list of programs to start as soon as possible. In our experience, many of these programs take the form of computer-based training.
Download Now
Vishing and Phishing Must Be Ongoing to Be Effective
Most companies have a security awareness program in one form or another. If they don’t, it should be on the short list of programs to start as soon as possible. In our experience, many of these programs take the form of computer-based training.
Download Now
A Case Study in Vishing
Vishing (voice-based phishing) has been a problem for quite a long time. There are many vendors in the marketplace that offer vishing services. However they tend to use robo-callers or call centers for large volume engagements. If they are using trained humans to make calls, it is likely in very low numbers.
Download Now
A Case Study in Vishing
Vishing (voice-based phishing) has been a problem for quite a long time. There are many vendors in the marketplace that offer vishing services. However they tend to use robo-callers or call centers for large volume engagements. If they are using trained humans to make calls, it is likely in very low numbers.
Download Now
Benefits of a Social-Engineering Risk Assessment Engagement
Your company is important. Indeed, the data you hold for your clients or employees is very valuable and attackers seek to capitalize on that data any way they can. This is where a Social Engineering Risk Assessment (SERA) engagement can help uncover possible vulnerability to attackers.
Download Now
Benefits of a Social-Engineering Risk Assessment Engagement
Your company is important. Indeed, the data you hold for your clients or employees is very valuable and attackers seek to capitalize on that data any way they can. This is where a Social Engineering Risk Assessment (SERA) engagement can help uncover possible vulnerability to attackers.
Download Now
The Business Value of the Social-Engineer Phishing Service
Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an organization’s employees as the first point of entry. According to the 2021 Verizon DBIR report, of the 3,841 security breaches reported using social engineering, phishing was the key vector for over 80% of them.
Download Now
The Business Value of the Social-Engineer Phishing Service
Cybercriminals are targeting the human element of organizations. Additionally, they are developing techniques to use an organization’s employees as the first point of entry. According to the 2021 Verizon DBIR report, of the 3,841 security breaches reported using social engineering, phishing was the key vector for over 80% of them.
Download Now