"Nearly Half of Organizations Experienced a Vishing or Social Engineering Attack in the Last Year"
Mutare reported that 47 percent of organizations had experienced a voice phishing (vishing) or social engineering attack in 2021. Most organizations have been found to be unaware of the volume of unwanted voice traffic crossing their networks, as well as the significance of threats in unwanted traffic, such as robocalls, spoof and spam calls, spam storms, vishing, smishing, and social engineering. According to Mutare's survey, 9 percent of all business calls are unwanted in all industries. Furthermore, 45 percent of all unwanted traffic is associated with malicious activity, while 55 percent is associated with nuisance activity, according to the survey. More than one-third of the respondents say their organizations do not collect data on the amount of inbound, unwanted, and potentially malicious voice traffic that hits their organizations. The main reason phishing scams are so convincing is that they often look exactly like a brand or a credible person, according to Ryan McCurdy, vice president of marketing at Bolster, Inc. Such scams also prey on human action bias, with a call-to-action implying that immediate attention is required. Smishing campaigns employ the same tactics as phishing campaigns. McCurdy outlined specific techniques to look for to determine whether the text is a scam. For example, when smishing messages are sent from an email address or a web-based service, the sender's phone number appears as a shortened phone number, also known as a short code. This article continues to discuss key findings from Mutare's 2022 Voice Network Threat Survey.