Vishing
Security+ 🏆 • Social Engineering 👥 • Threats ⚠️
•
Difficulty: free
Definition
Vishing is phishing carried out through voice communication, such as phone calls or voicemail. Attackers use social engineering to trick victims into revealing sensitive information, approving actions, installing software, or transferring money, often by impersonating trusted organizations or authority figures.
Examples
- A caller pretends to be from IT support and convinces an employee to share an MFA code to “fix a login issue.”
- A voice message claims to be from a bank’s fraud team and pressures the victim to confirm account details and PINs.
Discover 🔎
Voice calls create pressure. A real person can sound confident, urgent, and believable, and it can feel uncomfortable to challenge them. Vishing takes advantage of that human instinct. Attackers use phone calls to build trust quickly and push targets into sharing information or taking actions that would be safer to verify.
Remember: Vishing is phishing by voice. The attacker uses conversation to create urgency and trust, then asks for something risky.
Tip: The interactive version includes progress tracking, decks, and premium deep dives.