I don't know anyone who hasn’t received at least one scam call already this year — I received two yesterday alone.  In the past two weeks, I've had scam phone calls from Belgium, Uganda, Senegal, Cuba, and Estonia and multiple from Australia.  It’s not surprising, then, that phone scams are receiving increased mainstream media coverage, and increased focus from regulatory bodies.

Voice phishing, also known as vishing, has been around for years. But cybercriminals have taken phone-based scams to a new level of sophistication — and it’s paying off.

By impersonating trusted officials, like customer service representatives at a bank, social engineers con unsuspecting victims out of millions of dollars every year. Vishing is surprisingly easy to fall for, catching even the most careful individuals off-guard. Well-crafted schemes carry all the signs of legitimacy, right down to the correct phone number of a victim’s personal bank.

Social engineering is one of the fastest growing threats to a business’s cyber security. In social engineering attacks, a fraudster works to gain the confidence of a victim and manipulate them to hand over or enter personal, confidential information that can then be used to commit fraud online. In 2016, 60% of enterprises were victims of social engineering attacks. And phishing, a form of social engineering, accounted for 90% to 95% of all successful cyberattacks worldwide in 2017.