Highlights –
- According to the survey, nearly half (47%) of firms were the victims of a vishing (voice phishing) or social engineering attack in the last year.
- Only 10% of respondents identified their voice networks and telephone systems as the biggest source of security risk for their companies, confirming the general lack of awareness of this drawback.
A recent analysis by Mutare uncovers serious weaknesses in business security defenses against voice network attacks. According to the survey, nearly half (47%) of firms were the victims of a vishing (voice phishing) or social engineering attack in the previous year. Because legacy voice networks are occasionally disregarded as a degree of egress, the difficulty of those assaults is generally underreported. The dangers are often not acknowledged, especially with the rapid uptake of unified collaboration tools like Microsoft Groups and Slack, where voice and data networks intersect.
Most businesses are completely unaware of the volume of unwanted voice visitors (telephone calls) that pass through their voice community or the significance of threats lurking in undesirable visitors, including robocalls, spoof calls, rip-off calls, spam calls, spam storms, vishing, smishing, and social engineering. Nearly one-third (32%) of the businesses that experienced voice attacks last year were targeted by SMS/text message scams, which were adopted by attacks on collaboration platforms like Cisco WebEx and Microsoft Groups (16%) and voice networks (14%).
According to Mutare’s Index of Unwanted Voice Traffic research, across the industry, nine per cent of all calls (or voice visitors) that businesses obtain are unwanted. Furthermore, 45% of all unwanted visitors were linked to criminal activities, while nuisance activity accounted for 55%.
According to 43% of survey respondents, worker errors are likely the primary source of safety concerns. That was followed by the threat posed by email (36%), endpoints (35%), knowledge networks (17%), knowledge storage (12%), and functions/core approaches (9%).
Only 10% of respondents identified their voice networks and telephone techniques as the most significant source of security risk for their companies, confirming the general lack of awareness of this drawback. Even though these risks are known, more than one-third of businesses are unaware of the types of unwanted voice visitors they receive, which seriously threatens employee safety and productivity.
Usually, businesses rarely invest in voice community safety. Around 36% of respondents named safety awareness training the best defense against voice phishing (vishing) and SMS phishing (smishing) attacks. Twenty-six per cent of the survey participants were unsure of the tools used to protect their voice networks, and nine per cent said their firms had no protection measures in place. Despite this, 81% of respondents agreed or strongly agreed that their firms regarded robocalls, social engineering, phishing, and vishing as the primary security concerns.
Over 150 onsite participants completed the poll in June 2022 at the RSA and Cisco Stay tech industry trade shows.