The use of AI to orchestrate these attacks has led to an increase in both their frequency and sophistication.
Additionally, legal and compliance challenges often block the implementation of vishing simulation tests, complicating efforts to combat this attack.
The Vishing Response Report is the first of its kind to demonstrate the feasibility of complying with FCC, GDPR, CCPA, and similar legal requirements while conducting voice phishing (vishing) tests. The Vishing Response Report analyzed data from over 3,000 calls made from Keepnet's Vishing Simulation platform and found that:
- Manufacturing & Engineering and Entertainment & Media industries were the two most vulnerable due to factors including less focused cybersecurity training and resources.
- Customer Support was the most vulnerable department across all industries due to their roles that involve a lot of communication with outside parties. This made them more vulnerable to vishing attacks.
- The study found that 6.5% of users were deceived by vishing calls, suggesting a need for improved security training. Additionally, 40.3% did not answer these calls, which could either reflect a cautious avoidance of fraud or a troubling unavailability, potentially leaving the organization vulnerable to unnoticed criminal exploits.
- Companies with the lowest vishing rate typically use sophisticated simulation software.
Oliver Rochford, Independent Industry Analyst, commented: "It is encouraging to discover that over half of the participants in the study recognized and resisted vishing attempts." demonstrating the effectiveness of anti-vishing training. But with 6.5% of employees still vulnerable to such scams, it is obvious that our work is never truly complete. Even a single lapse can be the catalyst for a significant breach, so ongoing vigilance is essential, especially given the impending rise in sophisticated vishing attacks powered by AI video tools.
Vishing Research Report provides a strategic blueprint for CISOs, enabling them to tailor strategies that effectively reduce human risk from voice phishing attacks while providing actionable insights. In addition, we provide a compliance roadmap for risk and compliance teams to guide them in conducting legal and secure vishing simulations. The report also helps executive and leadership teams facilitate communication, secure their support for budgeting, legal, and HR planning, streamline the implementation process, and build a robust cybersecurity culture.
"As vishing continues to pose a risk amplified by AI technology, dramatically affecting organizations of all sizes. Keepnet's Research Report has revealed ongoing, applicable, and immediate solutions for security and risk managers to minimize vishing risks, reduce potential breaches, and save on organizational costs."- Ozan Ucar, CEO, Keepnet.
Download our 2024 Vishing Response Report: https://keepnetlabs.com/reports/2024-voice-phishing-response-report
About Keepnet
Keepnet is a unified social engineering platform that addresses the human aspect of security threats, using AI to combine behavior-based training and phishing simulations across various communication channels (email, voice, SMS, QR). This approach educates employees to effectively identify and respond to threats. Our solutions significantly decrease high-risk behaviors by up to 90%, enable SOC teams to analyze phishing threats 168 times faster, and respond 48 times quicker. Features are fully automated, which enhances FTE utilization, optimizing team efficiency.
Keepnet supports SMEs to large enterprises and thousands of customers through our MSP/MSSPs, Keepnet is a leader in preventing social engineering threats through innovative security solutions.
Photo - https://mma.prnewswire.com/media/2406740/Keepnet.jpg
Logo - https://mma.prnewswire.com/media/2404396/4686803/Keepnet_Logo.jpg
SOURCE Keepnet
Share this article