// THREAT DETECTION AND DATA PRIVACY TERM
Vishing
Vishing, or 'voice phishing', is a scam where criminals use phone calls to trick people into revealing sensitive personal and financial information. They often create a sense of urgency by impersonating a trusted entity like a bank, tech support, or a government agency.
TECHNICAL DEFINITION
Vishing is a social engineering cyberattack where threat actors use voice communication (phone calls, VoIP) to impersonate a trustworthy entity to manipulate a victim into divulging sensitive data, such as credentials, PII, or financial account details. The attack leverages psychological tactics like urgency and authority to exploit human trust and circumvent technical security controls.
BACKGROUND
Phishing is a form of social engineering and a scam where attackers deceive people into revealing sensitive information or installing malware such as viruses, worms, adware, or ransomware. Phishing attacks have become increasingly sophisticated and often transparently mirror the site being targeted, allowing the attacker to observe everything while the victim navigates the site, and traverses any additional security boundaries. Phishing remains the most prevalent type of cybercrime globally. While the Federal Bureau of Investigation's Internet Crime Complaint Center historically ranked it at the top, the threat has intensified significantly due to the integration of generative AI, which enables attackers to launch highly convincing, automated, and hyper-targeted phishing campaigns at an unprecedented scale.
READ MORE ON WIKIPEDIASYNONYMS & ALIASES
- voice phishing
- phone phishing
- phone scam
- VoIP phishing
- social engineering call
- fraudulent call
USAGE NOTE
Vishing attacks often create a false sense of urgency and are frequently a precursor to account takeover or financial fraud.
DEVELOPERS
Organizations developing technology related to Vishing.
A leader in voice security and authentication. Pindrop's technology uses voice biometrics and 'Phoneprinting' to analyze calls in real-time, detecting fraudulent activity and authenticating legitimate callers for call centers, which directly combats vishing attacks.
NICE provides enterprise software solutions, including advanced authentication and fraud prevention for contact centers. Their platforms utilize voice biometrics and real-time analytics to identify and stop fraudsters attempting account takeover via vishing.
Hiya offers a voice performance platform used by mobile carriers and enterprises to protect against spam and fraud calls. Its technology provides real-time caller identification and reputation scoring, helping to block or flag vishing attempts before they reach the user.
A key player in trusted communications and identity resolution. Neustar is instrumental in implementing the STIR/SHAKEN framework, a technology standard that combats caller ID spoofing, a primary tactic used by vishing attackers.
Verint offers a suite of customer engagement solutions that includes identity authentication and fraud detection. They use voice biometrics to passively authenticate customers during calls, making it difficult for vishing perpetrators to impersonate others.
Specializes in call protection and branded communication solutions for telecommunication carriers. Their technology identifies and labels scam calls, including vishing, providing mobile users with warnings about potentially fraudulent incoming calls.
Develops a popular mobile application that provides real-time caller identification and spam blocking. It leverages a large, community-based database to identify and warn users about numbers associated with vishing, spam, and other fraudulent activities.