What is “Vishing?” Voice Cloning Scams Are on the Rise

You’re busy with your workday when you get an unexpected call from a familiar voice: it sounds just like your boss. They are asking you for some sensitive information, and something seems off. What do you do? 

According to a global threat report from a leading cybersecurity firm, voice phishing or “vishing” attacks increased by 442 percent last year. In a vishing attack, a scammer mimics the voice of an authorized person in a company or organization and uses that fake voice to steal information, money or whatever they can access. 1,2

It’s not just a problem in the workplace; the same voice-cloning technology is used to attack private citizens, too. Even the U.S. government is not immune, with vishers posing as senior officials in order to obtain access to sensitive information.3,4

It’s important to remember that vishing scams extend beyond traditional phone calls. You might receive a fake audio or video chat through a messaging app, social media app, or even via text or other audio-based services. And, thanks to so-called “deepfake” technology, which can allow a scammer to take on the face of a familiar or trusted person, video phishing is also possible.5

Imposter scams are on the rise overall in the United States. The following chart shows which states are reporting the most fraud per capita.

Fight the Vishers – 6 Sound Security Practices

Phishing scams have been around for a long time. Many of the standard practices employed to combat malicious emails and texts can also be adapted to apply to vishing attacks. Here’s a refresher. 

  1. First, confirm you’re talking to the right person. A simple thing to do with a visher is to hang up and dial or contact the person directly, independently verifying their contact information.
  2. Don’t share sensitive data like contact information in a call unless you have independently verified their information (i.e. you are calling them, not them calling you).
  3. Look for the telltale signs of vishing:
    1. Overly formal language
    2. Unusual requests (especially for money or information)
    3. Audio or visual inconsistencies (as seen with deepfake technology)
    4. Requests for payment through unusual means  
  4. Don’t engage with a suspected scammer or act on suspicious requests.
  5. If you have already engaged, take steps immediately to secure any related accounts (change passwords, set up fraud alerts, etc).
  6. Report vishing and similar scams to the Federal Trade Commission or call a local consumer protection agency.

While there is no need for fear, it is wise to be on your guard and listen to your instincts if you get a strange call. While scammers may get creative and evolve their tactics over time, these general security practices can help you navigate any unfortunate encounters.

  1. Security Magazine, March 5, 2025.
  2. CrowdStrike.com, February 27, 2025.
  3. FBI, May 15, 2025.
  4. Federal Trade Commission, April 8, 2024.
  5. National Council on Aging, October 31, 2024.
Muhammad Dahnoun- Wealth Advisor at Crescent Private Wealth

Muhammad Dahnoun
muhammad.dahnoun@crescentpw.com
(984) 250-6640
Crescent Private Wealth
Wealth Advisor
http://www.crescentpw.com

GDPR

  • Financial Disclosures

Financial Disclosures

Check the background of your financial professional on FINRA’s BrokerCheck.

All investing involves risk, including loss of principal. There is no guarantee the investment process will lead to profits. Past performance of any security or strategy is no guarantee or indication of future results or performance. Market conditions change continuously.

Securities offered by Registered Representatives through Private Client Services. Member FINRA / SIPC. Advisory services offered by Investment Advisory Representatives of RFG Advisory, LLC (“RFG Advisory” or “RFG”), a registered investment advisor. Private Client Services, Crescent Private Wealth and RFG Advisory are unaffiliated entities. Advisory services are only offered to clients or prospective clients where RFG Advisory and its representatives are properly licensed or exempt from licensure. No advisory services may be rendered by RFG Advisory unless a client agreement is in place.

RFG Advisory is an SEC-registered investment adviser. SEC registration does not constitute an endorsement of RFG by the Commission, nor does it indicate that RFG or any associated investment advisory representative has attained a particular level of skill or ability.

RFG Advisory Part 3, Form CRS, RFG Advisory Form ADV, Part 2A, Investment Advisor Public Disclosure, RFG Advisory Privacy Policy.

The Registered Representative(s) of PCS referenced on this website may only conduct securities business in the states in which they are currently registered. For a list of a Registered Representative’s current registered states, please visit FINRA’s BrokerCheck.