The Phone Call Is the New Phishing Email

The 2025 Mandiant M‑Trends report highlights a decisive pivot from cheap, mass‑mail phishing to labor‑intensive voice‑based attacks. Threat actors are allocating more resources to perfecting caller impersonation, often targeting IT help desks where credentials can be extracted in real time. This evolution mirrors a broader cyber‑crime trend: attackers prioritize higher‑value payouts over volume, leveraging the trust humans place in phone conversations to bypass technical controls that readily catch email scams.

For security teams, the rise of vishing demands a recalibration of defensive playbooks. Traditional email gateways and URL filters no longer constitute the primary barrier; organizations must embed voice authentication checks, enforce strict verification protocols, and conduct regular social‑engineering drills that include phone scenarios. Integrating AI‑driven call analytics can flag anomalous patterns, while robust multi‑factor authentication (MFA) reduces the payoff of stolen credentials, even if a call succeeds. Training programs should emphasize the subtle cues of impersonation, such as tone and urgency, to empower employees to challenge unsolicited requests.

Despite the spotlight on social engineering, exploited software flaws remain the leading foothold, appearing in nearly a third of incidents. This underscores the continued necessity of rigorous patch management, especially for high‑risk platforms like SAP NetWeaver, Oracle E‑Business Suite, and Microsoft SharePoint. Companies that blend proactive vulnerability remediation with heightened human awareness are better positioned to thwart both technical and human‑centric attack vectors, safeguarding critical data in an increasingly sophisticated threat landscape.