Latest news with #vishing
Gulf Business
5 days ago
- Business
- Gulf Business
New Kaspersky module targets voice phishing
Image: Getty Images Kaspersky has expanded its cybersecurity training portfolio with the launch of a new vishing (voice phishing) module on its Automated Security Awareness Platform (ASAP). The move comes amid a surge in voice-based scams targeting corporate employees, with attackers using increasingly manipulative tactics to gain access to sensitive data and financial assets. The newly introduced module aims to help organisations strengthen their first line of defence by teaching staff how to recognise and respond to vishing attempts—fraudulent schemes in which attackers use phone calls to extract personal information, banking details, or login credentials. 'As social engineering evolves, so must the way we educate people about it. Vishing is no longer just a threat to individuals – it's increasingly being used to target organisations, leading to financial losses, data leaks, and reputational damage,' said Tatyana Shumaylova, senior product marketing manager at Kaspersky Security Awareness. 'Our new vishing module equips users with the knowledge to defend themselves against voice-based deception – a threat that is becoming increasingly sophisticated and personal. We help companies prepare their employees to recognise and resist this type of attack. Since vishing is often a gateway to more serious breaches, it's vital to build awareness across a wide range of related topics.' Read: Vishing attacks are often launched through urgent emails asking recipients to call a listed phone number. Unlike email-based phishing, which allows victims time to assess suspicious links or content, vishing relies on high-pressure tactics over the phone. Attackers commonly use fear and urgency to pressure employees into revealing confidential information. Kaspersky cited recent cases highlighting the scale of the threat. Irish bank AIB reported a 79 per cent year-on-year increase in vishing incidents in early 2025, including one scam in which a business customer nearly lost $47,000. In another high-profile case, attackers identified by Google as group UNC6040 used vishing tactics to target Salesforce users at around 20 organisations. Victims were tricked into installing a malicious application, granting attackers full access to corporate systems. To counter these evolving threats, the new Kaspersky ASAP module features real-world case studies, interactive lessons, and simulated scenarios. The platform, which now supports over 30 languages, is designed to be accessible and scalable for global enterprises. Kaspersky's latest training initiative reflects a broader industry focus on strengthening cyber hygiene through continuous employee education, particularly in response to the growing sophistication of social engineering attacks targeting businesses of all sizes.
Zawya
5 days ago
- Business
- Zawya
Vishing awareness now live in Kaspersky ASAP portfolio
Dubai, United Arab Emirates – Kaspersky has introduced a new module on vishing (voice phishing) to its ASAP (Automated Security Awareness Platform), continuing its mission to build practical cyber-hygiene skills among employees across industries. The latest update addresses one of the most manipulative and growing types of social engineering, and teaches users how to recognize and respond to voice-based scams. Vishing has become a major vector for corporate fraud. For example, AIB saw a 79% year-on-year increase in vishing attacks in early 2025, including a case where a business customer nearly lost €41,000 during a scam call. Additionally, in a notable case disclosed by Google and labeled UNC6040, attackers targeted Salesforce users at around 20 organizations via voice phishing, tricking employees into installing a fake app giving full access to corporate data. Vishing is the fraudulent practice of convincing individuals to reveal personal information and bank details over the phone. The fraudulent scheme might start with an unusual e-mail, and while regular phishing emails ask the victim to follow a link, vishing emails ask that they urgently call the number provided in the email. Kaspersky experts emphasize that this method is used by cybercriminals because when people look at a phishing site, they have the time to think about their actions or notice signs that the page is not legitimate. But when victims talk on the phone, they are usually distracted and find it more difficult to focus. Under these circumstances, attackers do everything they can to further throw people off balance: rushing them, intimidating them and demanding that they urgently provide the needed information that helps them to steal money. The new module within Kaspersky Automated Security Awareness Platform provides real-world case studies, interactive lessons, and practical scenarios to help users identify red flags and adopt safer communication habits. Alongside this release, Kaspersky ASAP now supports over 30 languages across all user interfaces and training materials, making cybersecurity awareness more accessible to global teams. 'As social engineering evolves, so must the way we educate people about it. Vishing is no longer just a threat to individuals – it's increasingly being used to target organizations, leading to financial losses, data leaks, and reputational damage. Our new vishing module equips users with the knowledge to defend themselves against voice-based deception – a threat that is becoming increasingly sophisticated and personal. We help companies prepare their employees to recognize and resist this type of attack. Since vishing is often a gateway to more serious breaches, it's vital to build awareness across a wide range of related topics,' said Tatyana Shumaylova, Senior Product Marketing Manager at Kaspersky Security Awareness. To learn more about Kaspersky ASAP, please follow the link. About Kaspersky Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky's deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect individuals, businesses, critical infrastructure, and governments around the globe. The company's comprehensive security portfolio includes leading digital life protection for personal devices, specialized security products and services for companies, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help millions of individuals and over 200,000 corporate clients protect what matters most to them. Learn more at
Entrepreneur
7 days ago
- Business
- Entrepreneur
Cisco Hit With Data Breach Caused By a Voice Phishing Attack
IT giant Cisco, which makes networking hardware, software, and telecommunications equipment, recently faced a major data breach, the company disclosed on Friday. A Cisco representative fell victim to a voice phishing or "vishing" attack, when a caller pretends to be a legitimate individual or organization, and tricked the employee over the phone to obtain the personal information of users. Related: 'Largest Data Breach in History': Apple, Google, and Meta Passwords Reportedly Among 16 Billion Stolen in Massive Hack The bad actor was able to access and export a subsection of profile information from Cisco's cloud customer management system. They stole data from individuals who had registered for a account, including customer names, organization names, addresses, email addresses, and phone numbers. Cisco discovered the breach on July 24. The company stated that the data breach did not affect passwords or impact any of its products or services. It added that it notified affected customers where required by law and talked to data protection authorities. "We are implementing further security measures to mitigate the risk of similar incidents occurring in the future, including re-educating personnel on how to identify and protect against potential vishing attacks," Cisco stated in the disclosure. Cisco declined to provide details of the breach to TechCrunch, including how many users were impacted by it. The company has more than 300,000 global customers. Cisco had a market value of $268 billion at the time of writing, with its stock up over 14% year-to-date. Related: AT&T Customers Are Eligible for Up to $5,000 in a New Settlement. Here's What to Know. Cisco uses Salesforce to manage customer relationship data, and this incident was one in a series of recent attacks that impacted Salesforce customers. For example, U.S. insurance company Allianz Life uncovered a data breach last month that exposed the personally identifiable information of the majority of its 1.4 million customers, including addresses, dates of birth, and Social Security numbers. Two of the company's customers, Cheryl Marotta and David Werner, filed a class action lawsuit on Tuesday related to the breach, alleging that Allianz failed to safeguard their personal information because the data was unencrypted and stored in one database. Another company, Australian airline giant Qantas, also underwent a data breach on June 30, which impacted the personal information of more than six million customers. The bad actor called one of the company's call centers and used the call to steal information like names, phone numbers, and dates of birth.
Yahoo
05-08-2025
- Business
- Yahoo
Hacker used a voice phishing attack to steal Cisco customers' personal information
A cybercriminal tricked a Cisco representative into granting them access to steal the personal information of users, the company said on Tuesday. Cisco said it discovered the breach on July 24, blaming the incident on a voice phishing or 'vishing' call. The hackers accessed and exported 'a subset of basic profile information' from the database of a third party cloud-based customer relationship management (CRM) system, according to the company's disclosure. Cisco said that the stolen data included the customer's 'name, organization name, address, Cisco assigned user ID, email address, phone number, and account-related metadata,' such as the account creation date. The networking tech giant did not specify how many users were affected by the breach, and company spokespeople did not respond to that question when TechCrunch reached out on Tuesday. As Bleeping Computer noted, this breach could be another one in a string of attacks that targeted companies' Salesforce data, including U.S. insurance giant Allianz Life, luxury retailer Tiffany and Co., Australian airline Qantas, and others. Cisco is a known customer of Salesforce, according to the cloud giant. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
TechCrunch
05-08-2025
- Business
- TechCrunch
Hacker used a voice phishing attack to steal Cisco customers' personal information
A cybercriminal tricked a Cisco representative into granting them access to steal the personal information of users, the company said on Tuesday. Cisco said it discovered the breach on July 24, blaming the incident on a voice phishing or 'vishing' call. The hackers accessed and exported 'a subset of basic profile information' from the database of a third party cloud-based customer relationship management (CRM) system, according to the company's disclosure. Cisco said that the stolen data included the customer's 'name, organization name, address, Cisco assigned user ID, email address, phone number, and account-related metadata,' such as the account creation date. The networking tech giant did not specify how many users were affected by the breach, and company spokespeople did not respond to that question when TechCrunch reached out on Tuesday. As Bleeping Computer noted, this breach could be another one in a string of attacks that targeted companies' Salesforce data, including U.S. insurance giant Allianz Life, luxury retailer Tiffany and Co., Australian airline Qantas, and others. Cisco is a known customer of Salesforce, according to the cloud giant.
