Voice phishing attacks, commonly known as vishing, have increased dramatically in 2024, with a documented 442 percent rise between the first and second half of the year. The surge represents a broader shift toward human-interactive attack methods in the cybercrime landscape, following trends first identified in earlier FBI warnings about AI-powered phishing campaigns.
Data from CrowdStrike reveals a 40 percent compounded monthly growth rate in vishing operations throughout the year. These attacks typically involve threat actors impersonating IT support staff who convince targets to download malicious software or allow remote access to their systems. Once access is gained, attackers deploy persistence tools, conduct network reconnaissance, and extract sensitive data.
Three prominent vishing groups have been identified: CURLY SPIDER, CHATTY SPIDER, and PLUMP SPIDER, each employing distinct tactics and targeting different industry sectors. The technology sector remains the most frequently targeted industry for the seventh consecutive year, amid a 35 percent year-over-year increase in interactive intrusion campaigns.
The efficiency of these attacks has also improved significantly. The average breakout time for interactive eCrime intrusions decreased from 62 minutes in 2023 to 48 minutes in 2024, with the fastest recorded breakout taking just 51 seconds. The breakout time measures the period between initial access and lateral movement within a network.
Generative AI technology has become a significant factor in the evolution of vishing attacks. AI-generated phishing messages have demonstrated a 54 percent click-through rate, compared to 12 percent for human-written messages, showing increased sophistication in social engineering tactics. The development matches recent warnings from Ukraine’s Security Service about advanced AI-powered fraud schemes.
Security measures recommended by experts include implementing phishing-resistant multi-factor authentication, conducting regular employee awareness training, and deploying advanced threat detection systems. Organizations are advised to establish robust identity verification processes, particularly for help desk interactions, and use AI-powered solutions to detect AI-generated phishing attempts.
Cloud security has become increasingly critical, with recommendations focusing on Cloud Native Application Protection Platforms (CNAPPs) with Cloud Detection and Response capabilities. Real-time threat detection tools are also essential for identifying pre-attack behaviors, particularly given the rapid pace of modern intrusions. The recommendations support recent security enhancements implemented by major cloud providers, including AWS’s improved MFA features.
Sources: CrowdStrike 2025 Global Threat Report, LA-Cyber.com, CyberDB
Follow Us