Alarming Surge in Vishing and AI Driven Attacks

Vishing and AI driven phishing operations are on the up, rising at dramatic levels, as cybercriminals deploy increasingly sophisticated social engineering tactics to deceive individuals and organisations alike.

442% Rise in Vishing Attacks

2024 saw unprecedented levels of vishing operations. The 2025 CrowdStrike Global Threat Report revealed a staggering 442% increase in vishing operations between the first and second halves of the year. Emerging as a significant threat, malicious actors use vishing to deceive innocent parties into performing actions detrimental to their security. By impersonating trusted entities over the phone, cybercriminals can manipulate their targets to divulge sensitive information, provide remote control to company systems and grant access to confidential data. What makes vishing so effective is that it exploits human error, putting the responsibility on individuals to recognise potential threats in real time.

Evolution of AI in Phishing Operations

The CrowdStrike report further highlighted that 79% of detections in 2024 were malware-free, indicating a significant shift towards identity-based attacks. Additionally, the report noted that generative AI was increasingly used to craft convincing phishing campaigns, with some threat actors leveraging AI-generated content to enhance the effectiveness and scale of their social engineering operations. A notable example of an AI-driven social engineering threat is the FAMOUS CHOLLIMA group, a North Korean nexus adversary, which used AI-generated profile images and deepfake technology during job interviews to infiltrate more than 100 companies, primarily in the technology sector. This demonstrates how AI is being leveraged not just for phishing emails, but across a spectrum of social engineering tactics.

How Can Echo Secure Help?

As a start-up specialising in Adversarial Phishing Simulations, these insights demonstrate the importance of what we can do for your organisation. We are dedicated to staying ahead of these evolving threats by integrating advanced AI capabilities into our simulations. Through understanding the tactics deployed by cybercriminals we can anticipate attacks and develop proactive measures. To this end, we provide robust testing campaigns to help prepare your organisation against sophisticated phishing attacks, turning your employees from potential targets into vigilant defenders.

The rapid evolution of these threats necessitates continuous innovation in detection and prevention strategies. Phishing isn’t just an old-school scam; it’s evolving swiftly, and the threats are only getting more sophisticated. This is not something businesses can afford to ignore, and tools like ours aren’t just supplementary; they are essential. The reality is, if organisations don’t stay ahead of these tactics, they’ll end up playing catch-up when it’s already too late.

Contact us today to learn how we can help your organisation proactively defend against these evolving threats.