T1566.004 and T1598.004) and compliance framework controls that organizations should include in their security programs.Vishing is accelerating faster than any other social engineering vector. According to the CrowdStrike 2025 Global Threat Report, voice phishing attacks surged 442% between the first and second halves of 2024 — and the first half of 2025 already exceeded all of 2024. Meanwhile, Cisco Talos reported that vishing accounted for over 60% of all phishing-related incident response engagements in Q1 2025, making it the most common phishing type their team encountered. For security teams still treating vishing as a consumer nuisance, the data tells a different story. Enterprise-grade campaigns — powered by AI voice cloning, social engineering playbooks, and coordinated threat actor alliances — now target SSO credentials, CRM platforms, and executive identities at scale.
Vishing is a form of phishing that uses voice communication — phone calls, VoIP, or voice messages — to manipulate targets into revealing sensitive information, installing remote access tools, or transferring funds. The term combines "voice" and "phishing," placing it alongside smishing (SMS phishing) and spear phishing (targeted email phishing) in the broader social engineering taxonomy.
What makes vishing uniquely dangerous is the voice channel itself. A live phone call conveys urgency and authority more convincingly than text. Attackers exploit this by impersonating trusted figures — IT help desk staff, bank representatives, government officials, or even executives whose voices have been cloned using AI. The result is a social engineering attack that bypasses email filters, link scanners, and many of the text-based controls organizations rely on.
The scale of the problem is significant. The CrowdStrike 2025 Global Threat Report documented a 442% increase in vishing attacks between H1 and H2 2024. Cisco Talos confirmed the trend from the incident response side, finding that vishing was the most common phishing type in Q1 2025, accounting for over 60% of all phishing-related engagements. Seventy percent of organizations have fallen victim to a voice phishing attack, according to Keepnet Labs.
Understanding how vishing fits within the phishing family helps security teams map the right controls to the right vectors.
How phishing, vishing, and smishing compare across delivery channel, typical lures, and defensive requirements:
The critical distinction for defenders: vishing operates outside the channels most security tools monitor. Email and SMS phishing leave digital artifacts — URLs, sender headers, message metadata — that detection systems can analyze. Vishing leaves a phone call and whatever the human on the other end decides to do next.
A typical vishing attack follows a structured chain that combines technical preparation with psychological manipulation.
Vishing attackers typically seek credentials (SSO passwords, MFA codes), remote system access (through tool installation), financial information (bank details, wire transfer authorizations), and personal data that supports further social engineering.
AI has transformed vishing from a manual, low-scale operation into an industrial threat. Voice cloning technology now needs just three seconds of audio to produce a convincing replica of someone's voice, based on Microsoft's VALL-E research cited in voice phishing statistics compiled by Programs.com. According to Fortune's 2026 deepfake outlook, AI-generated voice has crossed the "indistinguishable threshold" — meaning the average listener cannot reliably distinguish a cloned voice from a real one.
The implications are severe. In May 2025, the FBI issued PSA250515 warning that malicious actors were using AI-generated voice messages to impersonate senior U.S. government officials, targeting current and former federal and state officials for credential harvesting and account takeover. Deepfake-enabled fraud losses are projected to reach $40 billion by 2027, according to Deloitte estimates cited in Programs.com. This is the AI phishing evolution that security teams must prepare for.
Callback phishing — also known as telephone-oriented attack delivery (TOAD) — represents a hybrid attack chain that combines email and voice channels. The pattern, documented extensively by Cisco Talos in their Q1 2025 IR trends report, works like this: attackers first flood the target's inbox with spam or send a convincing notification email (fake subscription confirmation, invoice, or security alert). The email includes a phone number for "support." When the target calls, a live attacker walks them through installing remote access software like Quick Assist, granting the attacker direct system access.
This technique is particularly dangerous because the victim initiates the call, which feels safer than an incoming call from an unknown number. BazarCall campaigns pioneered this approach, and it has become a dominant pattern in enterprise vishing operations.
Vishing attacks range from mass automated campaigns to highly targeted operations. Each type presents distinct challenges for detection and prevention.
Vishing attack types ranked by sophistication and enterprise risk:
Organizations with 70% reporting victimization according to Keepnet Labs face an estimated $14 million in average annual costs from vishing attacks, though this vendor-sourced figure should be interpreted cautiously given unclear methodology. The key insight is that vishing is no longer a consumer problem — it is a systematic enterprise social engineering vector that threat actors treat as a professional service.
The 2025-2026 period has produced the most significant enterprise vishing campaigns on record. These examples demonstrate that voice phishing is now a primary initial access vector for advanced threat actors.
ShinyHunters/Scattered Spider campaign (2025-2026). The most impactful vishing campaign of this period targeted over 760 companies, according to ReliaQuest and Computer Weekly. The ShinyHunters collective, with initial access provided by Scattered Spider operators, used custom vishing kits to target SSO environments (Google, Microsoft, Okta). Confirmed victims include Google, Cisco, Wynn Resorts (800,000+ employee records), CarGurus (12.5 million records), and Harvard University. Picus Security characterized the alliance as one of the most dangerous cybercrime supergroups of 2025. The campaign demonstrated that vishing is now delivered as a professional service, with operators recruited at $500-$1,000 per call using pre-written scripts targeting IT help desks.
Cisco CRM breach (July 2025). A single Cisco employee was socially engineered via a vishing call, resulting in the attacker accessing and exporting profile information from a third-party cloud-based CRM system. Cisco's own security advisory confirmed the data breach, underscoring that even security-conscious organizations are vulnerable when one employee is compromised.
FBI IC3 warning on AI voice impersonation (May 2025). The FBI issued PSA250515 after discovering that malicious actors had been using AI-generated voice messages and texts to impersonate senior U.S. government officials since at least April 2025. The campaign targeted current and former federal and state officials for credential harvesting. According to Google Cloud/Mandiant's tracking, these techniques continue to evolve and expand in scope.
Harvard University breach (November 2025). Harvard's Alumni Affairs and Development systems were compromised through a vishing attack. The breach exposed alumni data and development relationships in what analysts estimated could carry significant long-term impact for the institution.
These cases share a common thread: vishing served as the initial access vector that enabled downstream compromise — credential theft, data exfiltration, and in several cases, ransom demands.
Effective vishing defense goes beyond telling employees not to answer unknown calls. It requires correlating voice channel activity with authentication events and building SOC detection capabilities that identify post-vishing compromise behavior.
Because the vishing call itself occurs outside most security monitoring, SOC teams must focus on detecting the behavioral patterns that follow a successful vishing attack.
Enterprise SOC detection signals for post-vishing compromise activity:
This detection approach aligns with MITRE ATT&CK T1566.004 guidance, which recommends monitoring corporate device call logs for unusual numbers and correlating MFA push attempts with voice call activity.
If a vishing attack compromises credentials or grants remote access, security teams should immediately rotate affected credentials, revoke active sessions, audit the compromised account for data access and changes, check for new MFA device enrollments, scan endpoints for remote access tools, and initiate a forensic investigation to determine the scope of access. Speed matters — the window between initial compromise and data exfiltration is often measured in minutes.
Vishing maps to specific controls across major compliance frameworks — a connection that no competitor in the top search results currently makes. GRC teams should include these mappings in their audit evidence and risk assessments.
Compliance framework controls applicable to vishing risk management:
Compliance frameworks provide the structure, but they only work when organizations actually map specific threats like vishing to specific controls. CISA's social engineering guidance provides additional context for organizations building their vishing defense programs.
The security industry is responding to the vishing surge with solutions that span prevention, detection, and response. Key categories include network detection and response (NDR) for post-vishing behavioral detection, identity threat detection and response (ITDR) for credential abuse monitoring, security awareness training platforms with vishing simulation capabilities, and emerging voice deepfake detection tools.
On the deepfake detection front, isVerified emerged from stealth in January 2026 with applications designed to identify AI-generated voice in real time. The market need is clear — more than $200 million was lost to deepfake scams in Q1 2025 alone. SecurityWeek's Cyber Insights 2026 report predicts that social engineering will evolve toward "relationship operations" — sustained, AI-assisted psychological manipulation campaigns that combine voice, text, and video channels over weeks or months rather than single calls.
Vishing is an initial access vector. The phone call itself is difficult to prevent — but what happens after a successful vishing attack produces detectable behavioral patterns. Attack Signal Intelligence focuses on identifying the post-compromise behaviors that follow a successful vishing call: remote access tool installation, anomalous identity usage, unusual data access patterns, and lateral movement across the network. This assume-compromise philosophy means defenders gain coverage even when the voice-based social engineering succeeds, because attackers still need to act within the network to achieve their objectives — and those actions generate signal.
The vishing landscape will continue evolving rapidly over the next 12-24 months. Several developments deserve attention from security leaders.
Real-time deepfake voice during live calls. Current attacks often use pre-recorded AI-generated messages, but the technology for real-time voice conversion during live conversations is maturing. DEF CON's AI vishing competition has already demonstrated that AI can successfully social engineer targets in controlled environments, as IBM documented. As this capability becomes more accessible, the distinction between a "real" and "synthetic" caller will disappear entirely, increasing demand for behavioral detection over voice-based authentication.
Professionalization of vishing-as-a-service. The ShinyHunters/Scattered Spider alliance has demonstrated a service model where vishing operators are recruited, paid per call ($500-$1,000), and provided with pre-written scripts and targeting data. This professionalization lowers the skill barrier and increases volume. Expect vishing to follow the ransomware-as-a-service model, with specialized operators handling different stages of the attack chain.
Regulatory acceleration. New York's Department of Financial Services issued a vishing-specific advisory in February 2026 — the first state-level financial regulator to do so. As high-profile breaches accumulate, more regulators will likely mandate specific vishing controls, vishing simulation testing, and incident reporting requirements.
Device code authentication abuse. A novel technique combining vishing with OAuth 2.0 device authorization flow abuse emerged in late 2025, targeting Microsoft Entra environments. This technique bypasses traditional MFA by exploiting a legitimate authentication mechanism, and organizations should monitor for unexpected device code flow activity as a priority.
Organizations should invest in three areas: identity threat detection capabilities that correlate voice-channel activity with authentication events, phishing-resistant MFA (FIDO2 hardware keys), and regular vishing simulation programs that measure and improve employee resilience over time.
Vishing has evolved from a low-tech phone scam into one of the most effective initial access vectors in the enterprise threat landscape. The 442% surge in 2024, the dominance of voice phishing in incident response engagements, and the ShinyHunters/Scattered Spider campaign targeting 760+ organizations all point to the same conclusion: voice phishing demands the same level of defensive investment that email phishing has received for the past two decades.
The path forward combines three elements. First, process controls like callback verification that remove the attacker's control over the communication channel. Second, technical detection that correlates voice-channel activity with authentication events and post-compromise behavior. Third, security awareness programs that include regular vishing simulations while acknowledging that training alone cannot eliminate the risk.
For organizations ready to strengthen their vishing defense posture, explore how Vectra AI's platform detects the post-compromise behaviors that follow successful social engineering attacks — because assuming compromise is the first step toward resilience.
Vishing is a scam where attackers use phone calls or voice messages to trick people into sharing sensitive information like passwords, bank details, or MFA codes. The term combines "voice" and "phishing." Unlike email phishing, vishing exploits the trust and urgency that voice communication naturally carries. A caller might pretend to be your bank, your IT department, or even a government agency. The goal is always the same: manipulate you into taking an action that benefits the attacker, whether that means reading out a verification code, installing remote access software, or wiring money to a fraudulent account. Vishing is a form of social engineering, and according to CrowdStrike, it surged 442% in the second half of 2024.
A vishing attack typically follows seven stages: reconnaissance (gathering target information), pretext development (crafting a believable story), caller ID spoofing (making the call appear legitimate), initial contact and rapport building, psychological manipulation using urgency or authority, credential harvesting or remote tool installation, and post-compromise activity like lateral movement or data exfiltration. The attacker's success depends on convincing the target that the call is legitimate within the first 30-60 seconds. Modern vishing operations use VoIP technology for anonymous calling at scale, AI voice cloning for executive impersonation, and detailed reconnaissance data from LinkedIn and breached databases to make their pretexts convincing. The Cisco Talos Q1 2025 report found that callback phishing — where the victim is tricked into calling the attacker — was the dominant pattern.
Key warning signs include unsolicited calls demanding immediate action, requests for passwords or MFA codes over the phone, pressure to install software or grant remote access, caller ID that appears legitimate but the caller cannot be verified through an independent channel, threats of account suspension or legal consequences, and requests to bypass normal procedures due to "urgency." In an enterprise context, watch for calls impersonating IT help desk or security teams during off-hours, callers who reference specific internal details (to build credibility) but deflect verification requests, and any phone call followed immediately by an MFA push notification. The most sophisticated vishing attacks — like those using AI voice cloning — may have none of the traditional red flags, which is why technical detection controls are essential supplements to awareness training.
AI has dramatically escalated the vishing threat in three ways. First, voice cloning technology can produce a convincing replica of someone's voice from just three seconds of audio, based on Microsoft VALL-E research. Attackers use recordings from earnings calls, conference presentations, social media, and voicemail greetings as source material. Second, AI enables real-time voice conversion during live phone calls, allowing an attacker to speak with the voice of a CEO or trusted colleague. Third, large language models help attackers generate more convincing scripts, adapt to targets in real time, and operate in multiple languages. The FBI warned in May 2025 that AI-generated voice messages were being used to impersonate senior U.S. officials. Deepfake-enabled fraud losses are projected to reach $40 billion by 2027 according to Deloitte.
Enterprise vishing prevention requires a layered approach combining people, process, and technology. The most critical process control is callback verification — requiring all sensitive requests received by phone to be verified by calling back on a pre-registered, independently verified number. Technical controls include restricting remote access tool installation (Quick Assist, AnyDesk, TeamViewer) through application allowlisting, deploying phishing-resistant MFA like FIDO2 hardware security keys, implementing STIR/SHAKEN caller authentication for VoIP systems, and monitoring identity provider logs for anomalous patterns that correlate with voice-initiated activity. On the people side, organizations should run regular vishing simulations — companies doing so achieve up to 90% attack recognition rates according to Keepnet Labs, though a residual 33% of trained employees still disclose information under pressure, demonstrating the need for technical backstops.
Callback phishing, also called telephone-oriented attack delivery (TOAD), is a hybrid attack that uses email as a lure to get the victim to make a phone call. The attacker sends an email — a fake subscription confirmation, invoice, or security alert — with a phone number for "customer support." When the victim calls, a live attacker impersonates support staff and walks them through actions that compromise their system, typically installing remote access software like Quick Assist. This technique is especially effective because the victim initiates the call, which feels safer than answering an unknown number. Cisco Talos identified callback phishing as the most common phishing pattern in their Q1 2025 incident response engagements. BazarCall campaigns pioneered this approach, and it has been adopted by multiple threat actor groups including those linked to Scattered Spider operations.
The most significant recent example is the 2025-2026 ShinyHunters/Scattered Spider vishing campaign, which targeted over 760 companies. Attackers called employees at target organizations, impersonated IT help desk staff, and directed victims to fake SSO login pages for Google, Microsoft, and Okta. Once they captured credentials and MFA codes, they accessed Salesforce CRM systems and exfiltrated customer data. Confirmed victims included Google, Cisco, Wynn Resorts (800,000+ employee records), and CarGurus (12.5 million records). In a separate incident in July 2025, a single Cisco employee was socially engineered via a vishing call, leading to the export of CRM profile information. These examples demonstrate that modern vishing targets enterprise infrastructure, not just individual bank accounts.
Report vishing attacks through multiple channels simultaneously. File a report with the FBI's Internet Crime Complaint Center (IC3) at ic3.gov, and report to the FTC at reportfraud.ftc.gov. Notify your organization's security or incident response team immediately — they need to assess whether credentials were compromised, whether remote access was granted, and what data may have been exposed. If financial information was compromised, contact your bank directly using the number on your card or statement (not a number provided by the attacker). Document everything you can remember about the call: the phone number displayed, the caller's claims, what information you provided, and any actions you took during or after the call. This documentation supports both the investigation and any required regulatory notifications.
The 2025-2026 campaign data reveals that technology, financial services, telecommunications, retail, and higher education are among the most targeted industries. The ShinyHunters/Scattered Spider campaign hit companies across sectors including tech (Google, Cisco, Optimizely), hospitality (Wynn Resorts), automotive (CarGurus), retail (Pandora, Adidas), telecom (Odido in the Netherlands, with 6.2-21 million records exposed), airlines (Qantas), and higher education (Harvard, UPenn). Financial services organizations face elevated risk because vishing directly targets financial authorization processes. Healthcare organizations are targeted for patient data. The common thread is not the industry itself but the value of the data or access the organization holds — particularly SSO credentials that unlock SaaS platforms containing customer data.
Yes. AI voice cloning technology can produce a realistic replica of a person's voice from as little as three seconds of recorded audio. The source material can come from earnings calls, conference presentations, YouTube videos, social media posts, or voicemail greetings — all publicly available for many business leaders. Current technology supports both pre-recorded deepfake audio and real-time voice conversion during live calls. Fortune reported in late 2025 that AI-generated voice has crossed the "indistinguishable threshold," meaning average listeners cannot reliably tell the difference. This has enabled attacks like the $25 million fraud in Hong Kong where an employee was deceived by a deepfake video call featuring cloned voices of company executives, and the FBI-documented campaign using AI-generated voice messages to impersonate senior U.S. government officials.