Vishing Statistics 2025: Unmasking the Voice Phishing Threat

Vishing or voice phishing is a deceptive practice where fraudsters use voice communication, primarily phone calls, to trick unsuspecting individuals into divulging personal and often financial information. Unlike the more commonly known email phishing, vishing leverages the trust we inherently place in voice interactions, making it a potent tool in a scammer's arsenal. Although not a new concept, vishing has recently become resurgent, with scammers employing increasingly sophisticated methods to ensnare their victims.

Understanding the significance of vishing statistics is not just about numbers; it's about recognizing the scale and impact of the threat. In 2021 alone, more than 59.4 million Americans fell victim to voice phishing. These aren't just faceless statistics; they represent individuals who've faced financial losses, identity theft, and the emotional trauma accompanying such violations.

Voice phishing, or vishing, has emerged as a significant cybersecurity threat in 2025, leading to substantial financial losses, operational disruptions, and reputational damage for organizations.

Security awareness training is our strongest weapon. Recognizing the significance of vishing and its prevalence is the first step in safeguarding ourselves against it. As we delve deeper into this topic, we'll explore the intricacies of vishing, its global impact, and the measures we can take to protect ourselves in 2025.

What is Vishing? Understanding the Voice Behind the Scam

Vishing, a portmanteau of "voice" and "phishing," is a form of cybercrime where fraudsters use voice communication, primarily telephone calls, to deceive individuals into providing sensitive personal or financial information. This deceptive practice capitalizes on the inherent trust many people place in voice interactions, making it a particularly insidious form of scamming.

Read our guide to learn more about vishing means and how to protect yourself against it.

The Rise of Vishing: A Historical Dive into Voice Deception

Historically, phone scams have always existed. Before the internet became a household staple, deceptive phone calls were a common method for fraudsters to exploit unsuspecting individuals. However, as email and the internet grew in popularity, cybercriminals shifted their focus to these new platforms, leading to the rise of traditional phishing.

But old tactics never truly disappear; they merely adapt. Vishing found its modern playground with the proliferation of smartphones and VoIP services, allowing for easy spoofing phone numbers.

The evolution of vishing is also intrinsically linked to the advancements in technology and the changing habits of consumers. As people became more wary of suspicious emails and links, scammers sought a more direct approach.

The immediacy and perceived authenticity of a phone call, especially one that appears to come from a known number or institution, provided the perfect avenue for this. Add to this the rise of voice-activated smart devices, and the potential for vishing attacks expanded even further.

This resurgence isn't just theoretical. The numbers speak volumes. As mentioned above 2022, a staggering 68.4 million Americans were ensnared by voice phishing scams. This figure isn't just a testament to the effectiveness of vishing but also an alarming indicator of its prevalence. Such a vast number underscores that vishing isn't a fringe threat but a mainstream concern that demands attention.

From its rudimentary beginnings to its modern-day sophistication, vishing has proven to be a resilient and adaptive threat, emphasizing the need for continuous vigilance in our interconnected world.

Key Vishing Statistics for 2025: The Voice Behind the Scam

2025 has brought forth numerous conveniences, but with these advancements come new threats. Vishing scam is one such peril that has significantly increased in recent years.

Here are some important statistics that shed light on the magnitude of this issue:

1. The Growing Menace in America: Over 59.4 million people in the U.S. fell victim to vishing fraud in 2021. This alarming number underscores the increasing threat of voice phishing in the country.
2. Financial Impact: Americans lost 29.8 billion USD to vishing scams in 2021, a 49.7% increase from the 19.7 billion USD in 2020. The average loss per individual was 502 USD in 2021, up 43% from 2020.

3. COVID-19 and Vishing: The pandemic has affected our health and paved the way for scammers. Approximately 59% of Americans received scam calls related to COVID-19 in 2021, a rise from 44% in 2020.

4. Demographics and Vishing: Youngsters, particularly those aged 18-44, are more susceptible to vishing attacks. Interestingly, men seem more vulnerable, with 59.4% of vishing victims in 2021 being male.

5. The Preferred Medium: Smartphones are the primary channel for vishing attacks. In 2021, scam calls on mobile phones increased to 85%, while those on landlines decreased to 20%.

6. Global Perspective: Vishing scam is not just an American problem. For instance, Brazil has been the most spammed country for four consecutive years. In October 2021 alone, Peru recorded over 12 million spam calls, and Mexico witnessed over 3.2 million.

7. The Indian Scenario: A single scammer in India made over 202 million spam calls in 2021. Most of these calls were related to sales or telemarketing, with the KYC scam being the most prevalent.

8. Spoofing and Deception: Approximately 70% of scam calls in the U.S. use number spoofing to deceive victims. This method involves masking the caller ID to make it appear that the call is coming from a trusted source.

9. Awareness and Response: The average duration of a spam call in 2021 was just 12 seconds, indicating that people are becoming more aware and are quick to disconnect suspicious calls.

10. The Need for Vigilance: Scammers often possess essential personal information about their targets before making the scam call. In 2019, 75% of victims who lost 1,000 USD or more stated that the scammer already had some of their details.

11. Rising Trend: In 2021, 59.49 million Americans (23%) lost money to voice phishing scams. This is an increase from 56 million in 2020 and 43 million in 2019, highlighting the growing trend of vishing attacks.

12. Gender Disparity: Among the victims of vishing in 2021, 59.4% were men, while 38.3% were women. The remaining 2.3% preferred not to disclose their gender.

13. Age Matters: Young men, especially those aged between 18-34 (40%) and 35-44 (46%), are more likely to fall victim to vishing attacks compared to older men aged 45 or more (28%).

14. Device Preference: Mobile phones are the primary medium for vishing attacks, with the number of scam calls on these devices increasing from 49% in 2014 to around 85% in 2021.

15. Global Hotspots: Brazil remains the most targeted country for vishing attacks, with 44.1% of vishing calls in 2021 originating from financial services. Peru, on the other hand, recorded a staggering 12 million spam calls in October 2021 alone.

16. British Targets: Yorkshire and Humber emerged as the most-targeted British locations for vishing attacks in 2021. 66% of individuals in these regions received cold calls frequently.

17. Financial Impact in India: In 2021, an Indian scammer made over 202 million spam calls. Most of these calls were sales or telemarketing-related, with the KYC scam particularly prevalent.

18. Spoofing Tactics: About 70% of scam calls in the U.S. use number spoofing, a technique where scammers mask their actual caller ID to appear as a trusted source.

19. Preparedness of Scammers: Around 39% of vishing victims claimed that the scammers knew their home addresses before initiating the call. In 17% of cases, scammers even had some or most of the victims' social security numbers.

20. Businesses in the Dark: 38% of businesses are unaware if customers flagged their calls as potential fraud.

21. Vishing on Business: 3 out of 4 businesses lost money to voice scams.

22. Vishing's Growing Threat: The financial consequences of vishing scams in 2023 have reached billions, affecting individuals and businesses globally.

23. Technological Shifts: Mobile phones have become the primary medium for voice phishing, with 85% of such scams occurring over mobile devices in 2021.

24. AI-Powered Vishing Attacks: There has been a rise in vishing and deepfake phishing, with attackers using AI-powered impersonation tools to mimic voices of trusted individuals (Source: ZSCALER).

25. Increase in Vishing and Smishing Attacks: Detection volumes for vishing and smishing grew by more than 30% compared to the previous quarter. ( Source: APWG DOCS).

26. Emergence of Hybrid Vishing Attacks: In the second quarter of 2023, hybrid vishing attacks accounted for 5% of response-based attacks. (Source:SPACELIFT)

27. Financial Impact of Phishing in the U.S.: The average cost of a data breach in the U.S. was $9.48 million, with phishing being a significant contributor. (Source: TECHOPEDIA)

28. Global Phishing Attack Trends: In the first quarter of 2024, nearly 964,000 phishing attacks were recorded, with a notable rise in vishing.

29. The Situation of working adults and IT professionals: According to Statista, conducted in 2023, almost 7 in 10 working adults and IT professionals reported having encountered vishing attacks.

Vishing Around the World: A Global Perspective on Voice Phishing

Vishing, or "voice phishing," is a testament to this global menace. While the U.S. grapples with its vishing challenges, countries like Peru, Mexico, India, and Indonesia are not immune. Delving into the vishing statistics from these nations reveals unique tactics and trends, painting a comprehensive picture of this worldwide threat.

Table 1: Vishing Around the World: A Global Perspective on Voice Phishing

• Peru's Vishing Predicament: In the heart of South America, Peru has emerged as a hotspot for vishing attacks. In October 2021 alone, the nation recorded over 12 million spam calls. What's alarming is the sophistication of these scams. Peruvian fraudsters often employ localized tactics, such as impersonating local banks or government agencies, capitalizing on the trust of their fellow citizens.
• Mexico's Mobile Menace: with its vast mobile phone user base, Mexico is a prime target for vishers. In 2021, the country witnessed over 3.2 million vishing attempts. The trend here leans heavily towards mobile-based attacks, with scammers exploiting the widespread use of mobile banking among Mexicans. The tactics? Fake bank alerts, fraudulent transaction warnings, and even faux lottery wins.
• India's Diverse Vishing Landscape: India, with its diverse linguistic and cultural tapestry, offers a unique challenge and opportunity for vishers. A single scammer made over 202 million spam calls in 2021. The most prevalent scam? In the KYC (Know Your Customer) scam, fraudsters pose as bank officials and ask for personal details to "update" the victim's KYC status. Given India's vast population and the rapid digitization of its economy, the scale and variety of vishing attacks are both vast and varied.
• Indonesia's Rising Threat: Indonesia, an archipelago of over 17,000 islands, has seen a surge in vishing attacks. With a growing digital economy and increased online transactions, Indonesians are often targeted with scams related to online purchases. Scammers pose as customer service representatives from popular e-commerce platforms, luring victims with fake discounts or warnings about compromised accounts.

With its unique socio-economic and cultural backdrop, each country experiences vishing differently. However, a common thread binds them: the human element. Whether it's exploiting trust, leveraging fear, or capitalizing on greed, vishers around the world rely on manipulating human emotions.

The Techniques Behind Vishing: Unmasking the Deceptive Tactics

From impersonating legitimate businesses to exploiting technological loopholes, vishers constantly refine their methods to ensnare unsuspecting victims.

• Impersonation of Legitimate Businesses: One of the most prevalent techniques in a scammer's playbook is the impersonation of legitimate businesses. Vishers meticulously research their target companies, understand their lingo and protocols, and even hold music. By mirroring these details, they craft convincing narratives. Whether it's posing as a bank representative warning of suspicious account activity or a tech support agent offering assistance, the goal is to create a facade of authenticity. This impersonation builds trust, making the victim more likely to divulge sensitive information.
• Number Spoofing: In the U.S., number spoofing has become a significant concern. This technique allows scammers to mask their phone numbers, making it appear they're calling from a trusted source. For instance, a visher might spoof the number of a well-known bank, making the call seem legitimate. This tactic increases the scam's success rate and makes tracing the call more challenging.
• SHAKEN/STIR - The Shield Against Spoofing: Recognizing the threat of number spoofing, the telecom industry introduced SHAKEN/STIR, a caller ID authentication system. This framework ensures that calls traveling through interconnected phone networks have their caller ID "signed" as legitimate by originating carriers and "validated" by other carriers before reaching the consumer. In essence, SHAKEN/STIR acts as a digital handshake between phone networks, verifying the authenticity of call origins and ensuring the caller ID is accurate. Its implementation is a significant step towards curbing vishing attempts, providing consumers with an added layer of security.

Protecting Yourself from Vishing

Here's a deep dive into safeguarding yourself from vishing and the significance of staying vigilant and informed.

1. The Power of Vishing Awareness Training: Awareness is the first defense against vishing. Recognizing the signs of a scam call, such as unsolicited requests for personal information or pressure to act immediately, can be instrumental in thwarting a vishing attempt.

2. Verify Before You Trust: If you receive a call from a purported business entity, always verify its legitimacy. Instead of using the contact details provided during the call, look up the official number and call back to confirm.

3. Use Keepnet Human Risk Management Platform: In the fight against vishing, tools like those offered by Keepnet play a significant role. As a leading name in the Human Risk Management domain, Keepnet provides products tailored to combat various cyber threats. Keepnet Vishing Simulator trains individuals to recognize and respond to voice phishing attempts. Similarly, the Smishing Simulator and Phishing Simulator equip users to identify and counter SMS and email phishing threats. Keepnet Security Awareness Training further reinforces this training, ensuring that individuals are aware and trained to act.

4. Caller ID Authentication with SHAKEN/STIR: In the U.S., the SHAKEN/STIR framework has been introduced as a countermeasure to number spoofing. This caller ID authentication system ensures that calls have their caller ID "signed" as legitimate by originating carriers, adding an extra layer of security against vishing.

5. Stay Updated: Cyber threats are ever-evolving. Regularly updating yourself on the latest vishing tactics and trends is crucial. Subscribing to Threat Intelligence Sharing platforms, can provide timely insights and updates.

Remember, in cybersecurity, knowledge is not just power; it's protection.

Additional Resources

• Vishing as a Service - Managed Vishing Test
• What is Vishing: Definition, Detection and Protection
• 2024 Voice Phishing (Vishing) Response Report
• Implementing Role-Based Security Awareness Training
• How Teknosa Fought Voice Phishing with Keepnet

Visit our vishing simulator page to learn how Keepnet protects businesses from voice scams.

Editor's Note: This article was updated on February 14, 2025.