With Cybersecurity Awareness Month here, we’re ready to help.


Human error is one of the leading barriers to effective cybersecurity. Casual security mistakes can lead to career-threatening results. Putting the right technology in place to improve your cybersecurity is important. However, an educated workforce that’s aware of the threats and knows how to prevent them is the last piece of the puzzle.

You can teach employees what they need to know to keep your organization secure, and we’re here to help.

As part of Cybersecurity Awareness Month in October, we’re bringing you a weekly series on common threats to strengthen your cyber resilience strategy.

This week, we’re tackling the issue of how to avoid voice phishing (vishing). You can learn about other similar threats—and how to prevent vishing by downloading our cybersecurity awareness training kit.

What is Vishing?

In vishing, a cybercriminal contacts you by phone, impersonating someone in a position of authority. Vishing is similar to phishing, but the attack is delivered by phone instead of via email.

Examples of Vishing

The caller might pretend to be from the company’s IT or finance department, impersonate an executive or business partner, or claim to be from a software company such as Microsoft. The caller attempts to convince you to provide private information or take an action that can be used to compromise the company’s systems, or to steal from you personally.

How to Prevent Vishing

  1. Verify unexpected phone requests in ways that aren’t connected to the incoming phone call. For example, use an official directory and another phone to call the company’s main office and ask to speak with the caller who is making the request.
  2. Be very suspicious of any caller who asks you to share login information over the phone.
  3. If a caller asks you to provide account data or personally identifiable information, refuse to do so — and report the contact to security.
  4. Security won’t call you to request that you change logins, passwords, or network settings. Any caller who makes this type of request is probably a scammer. Refuse the request and notify security.

Wil je nog meer geweldige artikelen zoals deze? Schrijf je dan in op onze blog.

Krijg al het laatste nieuws, tips en artikelen direct in uw inbox afgeleverd

Misschien vind je dit ook leuk:

Fear Doesn’t Train Employees to be Cybersafe, Creativity and Trust Do

Scaring employees is an ineffective way …

Scaring employees is an ineffective way to make them cyber-v… Read More >

Miranda Nolan

by Miranda Nolan

Security Writer

Posted Jan 05, 2021

Q&A: Best Practices for Building a Culture of Cybersecurity

With cybercriminals increasingly well or…

With cybercriminals increasingly well organized, companies m… Read More >

Mercedes Cardona

via Mercedes Cardona

Bijdragende Schrijver

Posted Jan 07, 2021

9 Ways to Build a Robust Cybersecurity Culture

Effective cybersecurity requires a perva…

Effective cybersecurity requires a pervasive organizational … Read More >

Bill Camarda

via Bill Camarda

Bijdragende Schrijver

Posted Dec 01, 2020