FBI, CISA warn of ‘voice phishing’ campaigns

Vishing has been rampant in the last month.
phone mobile cell scam fraud wireless
(Getty Images)

The FBI and the U.S. Cybersecurity and Infrastructure Security Agency on Thursday warned the private sector of a “voice phishing” campaign in which cybercriminals call up corporate employees to get them to hand over login credentials.

In a campaign that began in mid-July, unidentified attackers used stolen credentials to scour corporate databases for personal information they could monetize and use in other attacks, the FBI and CISA alert said. In some cases, the attackers “posed as members of the victim company’s IT help desk, using their knowledge of the employee’s personally identifiable information…to gain the trust of the targeted employee,” the advisory says.

The warning caps a month in which cybercriminals have been rampantly employing “vishing,” as the voice phishing technique is known, to try to steal money. The attackers who took over celebrity Twitter accounts in July to mine bitcoin did so through “vishing.” Florida police arrested a 17-year-old and charged two others in connection with the hacking.

In the last month, dozens of companies, from cryptocurrency exchanges to banks, have been targeted through vishing, Wired reported. The attackers appear to be young and English-speaking and conferring with themselves on forums, according to the report. That activity appears to have prompted the federal advisory Thursday.


The advisory describes an intricate level of planning by the perpetrators: They are not only calling their victims, but also setting up mock virtual private network login pages — exploiting the fact that corporate employees continue to work from home because of the coronavirus.

The FBI and CISA told companies to consider instituting a formal process for validating the identity of employees who call each other.

ZDNet was first to report on the alert.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts