As of August 2025, the networking company Cisco let people know about a new threat. The company confirmed it is looking into a well-planned voice phishing campaign.
Soon after, Cisco quickly put up a security alert on its official blog. However, the total amount of lost data has not been figured out yet.
A Cisco spokesperson spoke up about the situation. They said the company's main network systems are safe. This suggests the attack works by tricking people. Instead, it relies on human trust and not on breaking into the company's own computer systems.
To pull this off, the attackers make the situation seem very urgent. As a result, they push customers to give away private login details during the phone calls.
What Is Voice Phishing and How Did It Work?
First of all, voice phishing, or vishing, is a type of cyber attack. It uses telephone calls to trick people into sharing important information. Vishing is different from email phishing in a key way.
Specifically, it takes advantage of the trust that comes from talking directly to another person. Because of this, it can be much more convincing to someone who does not see the scam coming. The SilentWhisper campaign is a well thought-out example of this method.
The Attack Process
The attackers followed a clear and repeatable process to take advantage of customer trust:
- First, Gathering Information: To start off, attackers dig up simple details about people. They get this information from public records or past data breaches. For instance, this can include a person's name and finding out that they are a Cisco customer.
- Making the Call: Next, they call up the person. They also make up a fake phone number. This makes the call look like it is coming from a real Cisco support line.
- Creating Panic: Then, the scammer points out a serious security problem. They say it affects the person's account or device. They demand the person act on it right away. They claim this is to stop data from being lost or to keep a network from being broken into.
- Taking Information: Finally, feeling this pressure, the person is convinced to give away their login details. They may also share multi-factor authentication (MFA) codes. In some cases, they might also be talked into allowing remote control of their computer.
The Broad Effects on Customers and Trust in the Brand
Depending on what data was stolen, the results for customers can be serious. In fact, these results can range from having money stolen to having a person's whole identity stolen.
Once attackers have the right login details, they can get into email, bank websites, and private company systems. As a result, this can cause harm that is hard to sort out.
For this campaign, the amount of money lost has not been officially figured out.
But that said, according to the FBI’s Internet Crime Complaint Center (IC3), phishing attacks which include vishing led to victims losing over $50 million last year. In short, this shows the huge financial danger of these scams.
How to Protect Against Advanced Vishing Attacks
Attacker methods are always changing. However, the main defense is still based on being doubtful. It also involves following set security rules.
In addition, Identity and Access Management software like Infisign helps shield users from these kinds of data leaks.
Overall, the best way to stand up to vishing is to use several layers of defense. This means teaching users about threats. It also means strictly following steps to check up on identities.
- Never Trust, Always Check: If you get an unexpected call, always be careful. This is true even if the person is claiming to be from a large company like Cisco, Microsoft, or your bank.
- Guard Your Login Details: Always keep in mind that a real support agent will never ask you for your full password. They will not ask for MFA codes or private passphrases over the phone either.
- Step Up Your Digital Security: Use tools like password managers to set up new, complex passwords for every account.
- Report Suspicious Activity: If you come across a vishing attempt, you should report it right away.
Want to find out how Infisign can help with this? Book a free demo!
