What is vishing: voice attacks against business in 2026

Vishing, short for voice phishing, is the use of the phone channel to obtain credentials, operational approvals or any action an attacker could not get through more auditable channels. What in the 2000s was a minor variant of email phishing, tied mostly to consumer banking fraud, has moved back to the front line of enterprise threats between 2023 and 2026. The phone has proved to be the channel with the least friction when attackers want to bypass modern MFA controls, move money fast or get a credential reset from a busy help desk. Cases such as MGM Resorts 2023 are now mandatory material in serious awareness programmes.

The essentials

• Vishing is the use of the phone channel to impersonate identity and push the victim to hand over credentials or bypass procedures.
• Its resurgence between 2023 and 2026 is explained by AI voice cloning, MFA fatigue that pushes attackers toward help desk fraud and remote work that has reduced in-person verification.
• Cases like MGM, Caesars, Twilio and Cisco show the pattern is repeatable and very profitable.
• The typical Scattered Spider chain goes from OSINT on LinkedIn to vishing to the help desk, MFA reset, corporate access and ransomware.
• Robust defence combines technical controls (STIR/SHAKEN, voice biometrics, lookup APIs) with help desk policy and out-of-band verification mandatory for critical actions.

Why vishing is growing in 2026

Incident response teams report sustained growth in vishing, especially the targeted variant aimed at employees with privileged access. Three structural factors explain it.

The first is the democratisation of AI voice cloning. ElevenLabs, Resemble AI or equivalent open source engines allow a convincing voice to be generated from short audio samples. The attacker obtains public material (earnings call, conference, interview), processes it in a commercial tool and gets a synthetic voice that the average listener identifies with the target executive.

The second is MFA fatigue and the push toward help desk fraud. As organisations have deployed multifactor authentication, attackers have redirected effort toward the human link that can reset that second factor. A well-built call can trigger an MFA reset and the handover of a temporary code that opens the door to the corporate network.

The third is the reduction of in-person verification tied to remote work. In an office, a suspicious request could be verified by crossing paths with the person in a corridor. With distributed staff, that implicit verification has disappeared and the voice on the other side of the phone often becomes the only signal available. A tactical consideration adds: the phone leaves less forensic trail than email.

Types of enterprise vishing

The modalities observed regularly group into fairly stable families.

• CEO voice fraud. The attacker calls a person with financial authorisation power, impersonating a senior executive, and requests an urgent transfer under cover of confidentiality. The cloned voice removes the friction a questioned email would generate, and hierarchical pressure pushes the victim to skip usual verification steps.
• Help desk impersonation. The flagship modality from 2023 to 2026 in large-scale intrusions. The attacker calls the internal IT desk posing as an employee, with basic data obtained on LinkedIn (role, manager, office). They request a password, MFA or trusted device reset. Without robust verification, the attacker obtains initial access without exploiting any technical vulnerability.
• Simulated bank fraud. A call that appears to come from the company's bank asks to verify suspicious movements and confirm credentials or codes. Common in SME treasury operations, where the finance lead is often also the transfer signatory.
• Tech support scam. The attacker proactively contacts an employee claiming a technical incident and requests remote access using legitimate tools (AnyDesk, TeamViewer, Quick Assist). Once inside, they install persistence or exfiltrate browser credentials.
• Fake recruiter with deepfake interview. Relevant in infiltration operations by state actors or specialised groups. The real operator participates by video call with a deepfake avatar, passes the interview and, once onboarded remotely, operates as a planted insider.

These families are not mutually exclusive: in complex operations, attackers chain vishing to the help desk for initial access, CEO voice fraud to move funds and support impersonation to maintain persistence.

Documented public cases

It is worth looking at concrete cases to understand how theory meets practice, without glamorising the attacker.

The most cited is MGM Resorts, September 2023. The Scattered Spider group (UNC3944 in Mandiant reports) obtained initial access via vishing to the corporate help desk: they identified an employee on LinkedIn, called the IT service posing as that employee and obtained a credential and MFA reset. The access led to a ransomware deployment (with ALPHV/BlackCat affiliates) that took hotel, casino and digital operations systems offline for days. MGM put the financial impact at around 100 million dollars and chose not to pay.

Weeks earlier, Caesars Entertainment suffered an incident attributed to the same group, with a very similar vector. According to disclosures, the company chose to pay close to 15 million dollars to accelerate containment.

In 2022, Twilio acknowledged an intrusion combining smishing and targeted vishing to employees, as part of the campaign known as 0ktapus, affecting in cascade several customers relying on Twilio for authentication. Also in 2022, Cisco reported an intrusion initiated by theft of personal credentials, vishing and MFA fatigue, publishing a detailed technical analysis. In the same period, Cloudflare detected and blocked a similar attempt: the public post-mortem showed FIDO2 hardware, conditional access and cross-team verification stopped the attack early, in contrast to organisations relying only on TOTP.

The common pattern is not a novel technique, but the disciplined use of channels with low traceability and the systematic exploitation of help desk processes designed to resolve incidents quickly, not to resist expert social engineering.

Typical Scattered Spider attack chain

The sequence that appears repeatedly in public investigations has a recognisable structure. The initial phase is reconnaissance over open sources, especially LinkedIn: the attacker identifies employees with relevant roles, reporting structure, location and recent events (role change, travel) that can serve as a pretext. Complementary information comes from prior breaches and directories obtained in previous intrusions.

Next comes the phone contact to the help desk. The attacker calls posing as the selected employee, combining urgency (trip, immediate presentation) with a plausible technical argument (MFA device loss, recent number change). If the procedure allows verification with publicly available data, the attacker passes the filter. The help desk resets the MFA factor, registering a new attacker device as authenticator. With the employee's credentials and the new second factor, the operator authenticates and enters the corporate network.

From that point, the operation follows familiar lines: internal enumeration, privilege escalation, search for critical assets (AD, identity platforms, hypervisors, backup), exfiltration and, depending on motivation, ransomware deployment. No CVE vulnerability appears in this chain as initial vector: the whole attack depends on a phone call and an insufficient verification procedure.

AI voice cloning in detail

Current commercial tools allow a voice to be cloned from short samples. ElevenLabs advertises instant cloning with audio of a few seconds in favourable conditions; Resemble AI and equivalent engines offer similar capabilities. The entry barrier is low in cost and technical knowledge.

Training material for a public CEO is practically unlimited: quarterly earnings calls, conferences, podcasts, interviews, corporate videos. The more exposed the person, the easier to build a convincing synthetic voice and tune it to specific styles (formal presentation, relaxed conversation, pressure situation).

Real-time biometric detection is a useful but limited layer. Pindrop or NICE Actimize analyse acoustic features that distinguish natural voice from synthesised. Accuracy is better on controlled telephone lines and degrades with noise, compression or speaker playback. A consideration often underestimated is live interaction: current tools support generation with latency compatible with conversation, allowing a bidirectional call answering questions. The assumption that a voice deepfake only works for pre-recorded messages is no longer valid.

Technical defences

The set of available technical controls has matured and is worth deploying with judgement.

• Caller ID verification with STIR/SHAKEN. Standards for cryptographic signing of call identification, deployed at carriers in several countries. They do not eliminate spoofing but reduce the ease of forging the origin number and let the carrier classify calls with partial or no attestation.
• Voice biometrics for high-value authentication. Pindrop, NICE, Nuance and similar providers verify the speaker against an enrolled template. Useful in private banking, high-value customer service and authorisation of critical operations, always as a layer within a multifactor scheme.
• Strict MFA reset procedure at the help desk. No shortcuts: verification through an independent second channel, callback to the employee's known number registered in HR, and line manager approval for resetting trusted devices.
• Mandatory in-person verification for Tier 0 actions. Credential resets for accounts with access to AD, identity platforms or critical systems are not executed remotely: physical presence, videoconference with document verification or robust equivalent.
• Number lookup APIs. Twilio Lookup, Vonage Number Insight and similar classify incoming numbers and detect patterns associated with spoofing (recently activated numbers, VoIP lines not assigned to legitimate carriers, lines with fraud history).
• Continuous vishing simulation programme. Email phishing simulation is standard; vishing simulation, much less so. Programmes that periodically call employees with realistic scenarios, measuring response and providing on-the-spot training, significantly reduce success rates of real attempts.

Organisational defences

Technical controls do not replace process design. Effective defences share a pattern: removing the possibility that a single person, under pressure and with partial information, can authorise a critical action.

• Strict help desk script. The operator never discloses account information to the caller. Every sensitive request is handled through callback to a registered number, not to the number the call came from. The operator has a clear matrix of which actions require which verification level.
• MFA reset policy with two verification factors. Two independent factors (callback plus documentary confirmation, for example) and, for critical roles, explicit line manager approval. Documented, signed and reviewed periodically.
• Rotating training with live drills. Beyond the generic annual module, concrete vishing scenarios executed in limited windows, with immediate feedback and traceable metrics. Particular attention to help desk staff and employees with privileged access.
• Out-of-band verification for transfers and supplier bank account changes. Every transfer above an agreed threshold, every change of supplier account and every change of payment instructions is confirmed through an independent channel: call to the known number, signed email, in-person meeting where applicable. No exceptions, especially when the requester invokes urgency.

A complementary practice is enabling a clear internal channel for any employee to escalate a suspicious call without penalty, with an explicit commitment not to retaliate against the person who stops a process on reasonable suspicion.

Regulatory fit

Vishing touches several European and sector-specific frameworks. Under GDPR, an incident leading to unauthorised access to personal data triggers notification to the supervisor within 72 hours and, depending on assessed risk, to affected data subjects. Incident traceability, documentation of containment measures and evidence of prior training are key parts of the file.

Under NIS2, essential and important entities must report significant incidents on staggered timelines (early warning within 24 hours, detailed notification within 72 hours, final report within one month). A compromise initiated by vishing to the help desk that leads to service interruption or relevant exfiltration typically falls within the significant incident threshold.

Under PCI DSS 4.0, chapter 8 obligations on authentication and training of personnel with access to cardholder data environments are directly relevant; insufficient help desk procedures are a recurring finding in recent assessments. Under DORA, applicable to financial entities and their critical ICT providers, requirements on resilient operations and incident management include social engineering scenarios, and TLPT exercises under TIBER-EU incorporate vishing vectors with growing frequency.

Frequently asked questions

Are voice biometrics really secure?

A useful layer within a multifactor scheme, not a stand-alone solution. Accuracy is good on controlled lines and against unsophisticated attempts, but degrades against recent AI voice cloning. Its main use is to raise friction and provide additional evidence combined with channel and behaviour verification.

How is an MGM-style scenario prevented?

By strengthening three pieces simultaneously: MFA reset procedure with an independent second verification factor and hierarchical approval for critical roles, segmentation that prevents compromise of an operational identity from leading to direct access to hypervisors and backup systems, and a vishing simulation programme targeted at the help desk with continuous metrics. Strengthening only one leaves the way open through the other two.

Are voice deepfakes 100% detectable?

No. The best tools achieve high accuracy under controlled conditions with known generator models, but accuracy drops against recent models, adversarial post-processing and telephone compression. Additional layer of evidence, never definitive proof.

Is it legal to simulate vishing against employees?

Yes, with proper framing: corporate training programme, well-documented legitimate interest basis, prior information to staff about the existence of the programme (without disclosing specific campaigns) and confidential treatment of individual results. Workers' legal representatives should ideally be informed in organisations where this applies.

Is callback mandatory always?

For critical actions, yes. A sensible policy defines thresholds and action categories that trigger mandatory verification: transfers above an agreed amount, supplier account changes, MFA resets, access to Tier 0 systems, changes to direct debit mandates. Below those thresholds, lighter verification may suffice. The key is to remove individual discretion in critical zones.

Is AI voice cloning legal?

It depends on jurisdiction, context and use. There are legitimate applications (dubbing, accessibility, multimedia production with consent). The use to impersonate without consent, for fraudulent or defamatory purpose, breaches data protection, intellectual property and, depending on the case, criminal law across much of Europe. Article 50 of the EU AI Act adds marking and disclosure obligations on synthetic content.

Related resources

• What is social engineering
• How to avoid phishing
• Types of phishing
• What is spoofing: types of attacks
• What is a deepfake: business threats in 2026
• What is credential stuffing: attack and defence

Anti-vishing programme with Secra

At Secra we help organisations assess their exposure to vishing and design controls that bring risk down to acceptable levels: review of help desk procedures and MFA reset policies, simulation programmes with traceable metrics, deployment of voice biometrics and incoming number lookup in high-value flows, out-of-band verification for treasury and fit with NIS2, DORA, PCI DSS and GDPR. We work from documented incidents such as MGM, Caesars, Twilio or Cisco to calibrate defences to real operations.

Request an initial assessment and plan with us the anti-vishing strategy adapted to your organisation.