Glossary
What is vishing?
Vishing is phishing carried out over a phone call. An attacker impersonates IT support, a bank, a supplier or an executive and uses urgency and authority to pressure you into sharing passwords, codes or payments — often spoofing a trusted caller ID.
How vishing works
A vishing call opens with a believable pretext — fraud on your account, an IT issue, an overdue invoice — and applies pressure so you act before you think. Attackers may spoof a real number and even reference details gathered from earlier breaches.
Increasingly, attackers pair vishing with other channels: a text or email first, then a call to 'confirm', which makes the scam feel legitimate.
Vishing and AI voice cloning
AI now lets attackers clone a familiar voice from a short sample, so a call that sounds like your CEO or a colleague may be fake. Treat urgent voice requests for money or access with the same suspicion as email.
How to prevent vishing
- Hang up and call back on a known, official number — never the one the caller gives you.
- Never share passwords, MFA codes or payment details over the phone.
- Be wary of urgency and secrecy, even from a familiar-sounding voice.
- Verify unusual requests through a second channel before acting.
How HookPhish helps
HookPhish trains employees to recognize voice and multi-channel social engineering, so a convincing phone call doesn't bypass everything else you've put in place.
Frequently asked questions
What is the difference between vishing and phishing?+
Vishing is phishing carried out by voice phone call, while phishing more broadly covers email, SMS and other channels.
Can attackers fake a caller ID?+
Yes. Caller ID spoofing lets attackers display a trusted number, so never trust a call based on the number alone.
How do I defend against vishing?+
Call back on a known official number, never share codes or passwords by phone, and verify urgent requests through a second channel.
Security training designed for people. Built for enterprise.
Learn how HookPhish can effortlessly transform your security program and reduce your human cyber-risk.
Fill out the form to schedule a 30-minute chat with a product expert. We'll discuss the challenges you want to solve, walk through HookPhish, and answer any questions.
Book a personalized demo
Looking to become a partner? Use this form instead.