(Avast – October 15, 2025)
Earlier this year, two cybercriminal groups were able to trick dozens of companies into giving them vital customer data, including their users’ names, addresses, emails, phone numbers, and more. They did this using vishing, or “voice phishing”, and if multi-million dollar companies can fall for it, you could too. But there’s no need to fret, because we’re here to help.
What are vishing scams?
1. Vishing is a type of phone fraud that pressures people to reveal personal information or take risky actions.
2. Vishing scammers often impersonate trusted people or authority figures, like tech specialists or bank employees.
3. Vishers will often use leaked or publicly available data, like your address, to seem more authentic.
4. Al tools allow vishers to use fake voices that could even mimic someone you know.
Here’s what a visher might sound like…
“If you do not return this call, you maybe arrested…”
They use urgency to rush people into making unwise decisions.
“This is your tech support, we noticed there’s a problem with your computer…”
They make unsolicited calls pretending to be an authority figure or an employee of a company you trust.
“We need your account password and PIN to continue…”
They ask for vital information they would normally not need if they were real.
How can you help protect yourself?
Call back. If someone claims to be working for an organization you trust, ask for their employee ID, then hang up and call them back using the official numbers you find online. If they’re real, you’ll be able to reconnect.
Remain suspicious. If a caller claims that it’s urgent, pressures you to act quickly, or insists that it’s not possible to call back and the matter needs to be resolved now, that’s probably the biggest sign you’re dealing with vishing.
Look for mistakes. it’s not uncommon for vishers to use leaked data to try and sound authentic: if they’re operating with out-of-date information, that’s a reason to suspect they’re not who they say.
Don‘t pick up. lf you don’t recognize a phone number, it’s often safer to simply not pick up in the first place. Any authentic organization will find other ways to reach you if there’s an emergency.
Don‘t share sensltlve information. Companies will never ask for your passwords, PIN, or any other sensitive information over the phone. if they demand something like this, it’s almost certainly a scam.
Staying safer is a smart call
As technology evolves, it seems as if the “threat landscape” and the “digital landscape” are overlapping circles. Increasingly, there’s no safe harbor from the threats of the world, as every new advancement in communication and technology creates a new avenue for people to be exploited, or a new tool to make existing threats even harder to avoid-it’s reassuring, then, that despite the growing prevalence of attacks like vishing and the advanced new tools hackers can deploy, the advice we would have given 10 years ago still applies today. For all their new tricks and technology, cybercriminals remain powerless in the face of vigilance and caution. Awareness and attentiveness are every bit as useful now as they’ve ever been, which is why we always advocate for it.
In the meantime, you can always call on us to be the first line of defense for your cybersecurity needs.