The 2025 CrowdStrike Global Threat Report reveals a staggering 442% increase in voice phishing (vishing) attacks between H1 and H2 2024. Malicious actors are exploiting techniques like callback phishing and social engineering at help desks to infiltrate networks. By obtaining credentials, these actors can navigate through organizations undetected. Security expert Boris Cipot emphasizes the importance of preparing employees to handle vishing with skepticism and clear communication protocols. Organizations must equip employees with knowledge on safeguarding sensitive information and having reporting mechanisms in place to combat this rising threat.
Vishing is a dangerous attack, especially if an organization is not prepared to counter it. It's less about having technical gizmos and gadgets to help combat the attack, but more about preparing employees how to act when encountering a voice phishing attack.
It's important for organizations to ensure their employees cannot be pressured into a corner. Organizations must have clear instructions on how information can be passed on and what information can and cannot be given over phone or in other forms of communication.
Passing on information should only be done in official ways that comply with the processes in place within an organization. Once this is established and understood, attackers are much less likely to pressure their target into giving them sensitive information.
Collection
[
|
...
]