Cybercriminals are constantly finding new ways to trick people, and one of the latest scams on the rise is called vishing, short for voice phishing. Unlike email scams (also known as phishing), vishing occurs over the phone. Recent studies have highlighted a dramatic escalation in vishing attacks.
See: https://redskyalliance.org/xindustry/let-s-talk-about-vishing
The 2025 CrowdStrike Global Threat Report documented a 442% surge in vishing incidents from the first to the second half of 2024. Additionally, research from Enea indicates that vishing, smishing, and phishing attacks have increased by 1,265% since the launch of ChatGPT.
John McLoughlin, cybersecurity expert and CEO of J2 Software, says this type of scam is becoming more common - and more convincing. “Here's how it usually works: a scammer calls you, pretending to be from your bank or another trusted company. They’ll say your account has been hacked and then ask you to ‘verify’ your identity by giving them private information like your PIN or password. Because the call feels urgent and sounds real, people often fall for it,” he warns. The Oxford Dictionary defines vishing as a scam in which someone pretends to be from a trusted company and tricks someone into giving out personal details, such as bank or credit card information.
“While both vishing and phishing aim to steal your private info, the big difference is how they do it. Phishing usually comes through fake emails or websites. Vishing uses voice calls or voicemails to create a sense of urgency and pressure, encouraging you to act quickly. This voice approach can feel more personal - and more convincing,” he explains. Scammers are also getting smarter. They now use spoofing technology to make it appear that they're calling from a legitimate company, which makes these calls even harder to spot. That’s why it’s more important than ever for both people and businesses to update their security measures and focus on education and awareness.
How to protect yourself from Vishing:
• Don’t give out personal info over the phone, especially if the call was unexpected.
• Hang up if something feels off. Trust your gut.
• Double-check who’s calling. Instead of trusting the caller ID, call the company back using their official number.
• Use spam call blockers. Many phones and apps can help block scam calls before they reach you.
Fighting cybercrime isn’t just about having the right technology, it is also about being aware and cautious. Whether you are at home or work, being informed about scams like vishing helps keep your personal and company data safe. “The bottom line? Stay alert, ask questions, and don’t let a phone call rush you into sharing sensitive information. That’s how we can all stay one step ahead of the scammers,” McLoughlin concludes.
This article is shared at no charge for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
• Reporting: https://www.redskyalliance.org/
• Website: https://www.redskyalliance.com/
• LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5207428251321676122
Comments