- La colaboración entre Seguridad y FinOps puede generar beneficios ocultos en la nube
- El papel del CIO en 2024: una retrospectiva del año en clave TI
- How control rooms help organizations and security management
- ITDM 2025 전망 | “효율경영 시대의 핵심 동력 ‘데이터 조직’··· 내년도 활약 무대 더 커진다” 쏘카 김상우 본부장
- 세일포인트 기고 | 2025년을 맞이하며… 머신 아이덴티티의 부상이 울리는 경종
Voice phishing attacks reach all-time high
A study conducted by Agari and PhishLabs found a five-times increase in attempted vishing attacks from the beginning of 2021 to Q1 of 2022.
Cases of voice phishing or vishing have been reported to have risen a whopping 550% over the past 12 months alone, according to the Quarterly Threat Trends & Intelligence Report co-authored by Agari and PhishLabs. In March 2022, the amount of vishing attacks experienced by organizations reached its highest level ever reported, passing the previous record set in September of 2021.
As part of the study, it was found that the two companies had “detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands”.
“Hybrid vishing campaigns continue to generate stunning numbers, representing 26.1% of total share in volume so far in 2022,” said John LaCour, principal strategist at HelpSystems. “We are seeing an increase in threat actors moving away from standard voice phishing campaigns to initiating multi-stage malicious email attacks. In these campaigns, actors use a callback number within the body of the email as a lure, then rely on social engineering and impersonation to trick the victim into calling and interacting with a fake representative.”
Why vishing is on the rise
Per the report, the explosion in the rate of vishing attacks has overtaken business email compromise (BEC) as the second most reported response-based email threat since the third quarter of 2021. The growing amount of two-pronged vishing reported in the study shows that cybercriminals are increasingly relying on various attack vectors when it comes to their campaigns.
The number of malicious emails targeting individuals’ inboxes continues to increase quarter-over-quarter as well, following a brief regression in the final quarter of 2021. This escalation in the rate at which employees receive harmful emails attempting cyberattacks signals a growing need for increased training for employees, as emails can still find ways to bypass spam folders and into a user’s inbox.
SEE: Mobile device security policy (TechRepublic Premium)
Types of harmful emails received
According to the study, emails that were deemed potentially harmful received by employees rose to a rate of 18.3% from 2021 to 2022.
These harmful emails were broken down into the following threat vectors by percentage:
- Attempted credential theft (58.7%)
- Response-based attacks (37.5%)
- Malware delivery attempts (3.7%)
Eighty percent of the credential theft attempts were delivered via a phishing link, while 20% came to inboxes via an email attachment. Credential theft is consistently the top threat to employees quarter-over-quarter, according to the study and should be a priority for the workforce to identify, avoid and report to security teams.
Vishing fell under the umbrella of response-based attacks, second only to 419 (Nigerian Prince) types of attacks. These 419 attacks made up a majority of those logged as response-based schemes at 54.1% of malicious emails received, and BEC coming in third behind vishing attempts at 12.8% of emails received.
In the realm of malware delivery, Qbot malware was dominant among the category, making up 75% of all activity in this sector in Q1 of 2022. This represents an increase of 15.1% in these types of attacks.
“As the variety of digital channels organizations use to conduct operations and communicate with consumers expands, bad actors are provided with multiple vectors to exploit their victims,” said LaCour. “Most attack campaigns are not built from scratch; they are based on reshaping traditional tactics and incorporating multiple platforms. Therefore, to remain secure, it’s no longer effective for organizations to only look within the network perimeter. They must also have visibility into a variety of external channels to proactively gather intelligence and monitor for threats.”