Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    Nearly Half of Organizations Have Experienced Vishing

    Vishing ScamForty-seven percent of organizations have experienced voice phishing (vishing) attacks over the past year, according to researchers at Mutare. Additionally, the researchers found that nine percent of all phone calls received by organizations are unwanted, and nearly half of these are malicious.

    “45% of all unwanted traffic is tied to nefarious activity, while 55% is tied to nuisance activity. Remarkably, more than one-third of respondents to the Voice Network Threat Survey (38%) said their organizations do not collect any data on the amount of inbound, unwanted, and potentially malicious voice traffic hitting their organizations. Of those that do collect such data, 23% of respondents estimated that 5% to 10% of inbound calls were unwanted, followed by 15% of respondents who estimated that over 10% of inbound calls were unwanted, and 10% of respondents who estimated that over 20% of calls were unwanted.”

    Most respondents cited employee errors and email as the greatest risk to their organization, while just ten percent recognized the risk from phone calls.

    “The biggest source of security risk stems from employee errors, according to 43% of survey respondents,” the researchers write. “That ranking was followed by the risk from email (36%), endpoints (35%), data networks (17%), data storage (12%), and applications/core systems (9%). Only 10% of respondents cited their voice networks and phone systems as the biggest source of security risk in their organizations, reinforcing a widespread lack of awareness about this problem.”

    Respondents varied in their responses on how best to respond to the threat of phone-based social engineering.

    “More than one-third (36%) of respondents cited security awareness training as the top solution to protect voice networks from Vishing (voice vishing) and Smishing (SMS phishing) attacks,” Mutare says. “That approach was followed by traffic firewalls (34%), spam blockers (26%), training for vishing attacks (20%), training for social engineering (23%), and threat detection (13%). In addition, more than one-fourth of survey respondents (26%) were unsure about which tools were being used to protect their voice networks, and 9% said their organizations had no solutions in place whatsoever to protect their voice networks.”

    Note well: most of the calls aren’t just irritating, but they’re “nefarious,” potentially damaging. New-school security awareness training can give your organization an essential layer of defense by teaching your employees how to thwart social engineering attacks.

    Mutare has the story.

     

    Return To KnowBe4 Security Blog

    Free Phishing Security Test

    Would your users fall for convincing phishing attacks? Take the first step now and find out before bad actors do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

    PST ResultsHere's how it works:

    • Immediately start your test for up to 100 users (no need to talk to anyone)
    • Select from 20+ languages and customize the phishing test template based on your environment
    • Choose the landing page your users see after they click
    • Show users which red flags they missed, or a 404 page
    • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
    • See how your organization compares to others in your industry

    Go Phishing Now!

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/phishing-security-test-offer

    Topics: Social Engineering, Phishing

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews