Vishing Statistics 2026: Unmasking the Voice Phishing Trends

Vishing or voice phishing is a deceptive practice where fraudsters use voice communication, primarily phone calls, to trick unsuspecting individuals into divulging personal and often financial information. Unlike the more commonly known email phishing, vishing leverages the trust we inherently place in voice interactions, making it a potent tool in a scammer's arsenal. Although not a new concept, vishing has recently become resurgent, with scammers employing increasingly sophisticated methods to ensnare their victims.

Understanding the significance of vishing statistics is not just about numbers; it's about recognizing the scale and impact of the threat. In 2021 alone, more than 59.4 million Americans fell victim to voice phishing. These aren't just faceless statistics; they represent individuals who've faced financial losses, identity theft, and the emotional trauma accompanying such violations.

Voice phishing, or vishing, has emerged as a significant cybersecurity threat in 2026, leading to substantial financial losses, operational disruptions, and reputational damage for organizations.

Security awareness training is our strongest weapon. Recognizing the significance of vishing and its prevalence is the first step in safeguarding ourselves against it. As we delve deeper into this topic, we'll explore the intricacies of vishing, its global impact, and the measures we can take to protect ourselves in 2026.

Read our guide to learn more about vishing and how to protect yourself against it.

Key Vishing Statistics for 2025: The Voice Behind the Scam

2025 brought forth numerous conveniences, but with these advancements come new threats. Vishing scam is one such peril that significantly increased in 2025.

Here are some important statistics that shed light on the magnitude of this issue:

1. Breach-risk indicator: According to the 2024 Voice Phishing (Vishing) Response Report by Keepnet, a total of 6.5% of people fell for vishing by sharing sensitive information during fake vishing calls.

2. Industry—highest risk: Manufacturing & Engineering has the highest vishing vulnerability rate with 19.2%, suggesting these sectors need focused education and training on vishing, according to the 2024 Voice Phishing (Vishing) Response Report.

3. Department—highest risk: According to Keepnet, Customer Support departments have the highest vishing susceptibility rate with 11.5%, largely because their roles involve extensive external communications that make them prime targets for vishing attacks.

4. Overall Vishing Susceptibility: Keepnet found that 70% of businesses tend to share sensitive information during fake vishing calls.

5. Vishing Simulations: Implementing AI-powered vishing simulations reduced their vishing risk score by 80% within three months, according to Keepnet. Companies that incorporate regular vishing simulations into their cybersecurity training programs can help employees recognize and respond to voice phishing attacks with up to 90% success rate, according to Keepnet.

6. Security Awareness Training: According to Keepnet, employee reporting of fraudulent calls can increase by as much as 178% with proper training.

7. The Growing Menace in America: Over 59.4 million people in the U.S. fell victim to vishing fraud in 2021. This alarming number underscores the increasing threat of voice phishing in the country

8. Financial Impact: Americans lost 29.8 billion USD to vishing scams in 2021, a 49.7% increase from the 19.7 billion USD in 2020. The average loss per individual was 502 USD in 2021, up 43% from 2020.

9: COVID-19 and Vishing: The pandemic has affected our health and paved the way for scammers. Approximately 59% of Americans received scam calls related to COVID-19 in 2021, a rise from 44% in 2020.

10. Demographics and Vishing: Youngsters, particularly those aged 18-44, are more susceptible to vishing attacks. Interestingly, men seem more vulnerable, with 59.4% of vishing victims in 2021 being male.

11. The Preferred Medium: Smartphones are the primary channel for vishing attacks. In 2021, scam calls on mobile phones increased to 85%, while those on landlines decreased to 20%.

12. Global Perspective: Vishing scam is not just an American problem. For instance, Brazil has been the most spammed country for four consecutive years. In October 2021 alone, Peru recorded over 12 million spam calls, and Mexico witnessed over 3.2 million.

13. The Indian Scenario: A single scammer in India made over 202 million spam calls in 2021. Most of these calls were related to sales or telemarketing, with the KYC scam being the most prevalent.

14. Spoofing and Deception: Approximately 70% of scam calls in the U.S. use number spoofing to deceive victims. This method involves masking the caller ID to make it appear that the call is coming from a trusted source.

15. Awareness and Response: The average duration of a spam call in 2021 was just 12 seconds, indicating that people are becoming more aware and are quick to disconnect suspicious calls.

16. The Need for Vigilance: Scammers often possess essential personal information about their targets before making the scam call. In 2019, 75% of victims who lost 1,000 USD or more stated that the scammer already had some of their details.

17. Rising Trend: In 2021, 59.49 million Americans (23%) lost money to voice phishing scams. This is an increase from 56 million in 2020 and 43 million in 2019, highlighting the growing trend of vishing attacks.

18. Gender Disparity: Among the victims of vishing in 2021, 59.4% were men, while 38.3% were women. The remaining 2.3% preferred not to disclose their gender.

19. Age Matters: Young men, especially those aged between 18-34 (40%) and 35-44 (46%), are more likely to fall victim to vishing attacks compared to older men aged 45 or more (28%).

20. Device Preference: Mobile phones are the primary medium for vishing attacks, with the number of scam calls on these devices increasing from 49% in 2014 to around 85% in 2021.

21. Global Hotspots: Brazil remains the most targeted country for vishing attacks, with 44.1% of vishing calls in 2021 originating from financial services. Peru, on the other hand, recorded a staggering 12 million spam calls in October 2021 alone.

22. British Targets: Yorkshire and Humber emerged as the most-targeted British locations for vishing attacks in 2021. 66% of individuals in these regions received cold calls frequently.

23. Financial Impact in India: In 2021, an Indian scammer made over 202 million spam calls. Most of these calls were sales or telemarketing-related, with the KYC scam particularly prevalent.

24. Spoofing Tactics: About 70% of scam calls in the U.S. use number spoofing, a technique where scammers mask their actual caller ID to appear as a trusted source.

25. Preparedness of Scammers: Around 39% of vishing victims claimed that the scammers knew their home addresses before initiating the call. In 17% of cases, scammers even had some or most of the victims' social security numbers.

26. Businesses in the Dark: 38% of businesses are unaware if customers flagged their calls as potential fraud.

27. Vishing on Business: 3 out of 4 businesses lost money to voice scams.

28. Vishing's Growing Threat: The financial consequences of vishing scams in 2023 have reached billions, affecting individuals and businesses globally.

29. Technological Shifts: Mobile phones have become the primary medium for voice phishing, with 85% of such scams occurring over mobile devices in 2021.

30. AI-Powered Vishing Attacks: There has been a rise in vishing and deepfake phishing, with attackers using AI-powered impersonation tools to mimic voices of trusted individuals (Source: ZSCALER).

31. Increase in Vishing and Smishing Attacks: Detection volumes for vishing and smishing grew by more than 30% compared to the previous quarter. ( Source: APWG DOCS).

32. Emergence of Hybrid Vishing Attacks: In the second quarter of 2023, hybrid vishing attacks accounted for 5% of response-based attacks. (Source:SPACELIFT)

33. Financial Impact of Phishing in the U.S.: The average cost of a data breach in the U.S. was $9.48 million, with phishing being a significant contributor. (Source: TECHOPEDIA)

34. Global Phishing Attack Trends: In the first quarter of 2024, nearly 964,000 phishing attacks were recorded, with a notable rise in vishing.

35. The Situation of working adults and IT professionals: According to Statista, conducted in 2023, almost 7 in 10 working adults and IT professionals reported having encountered vishing attacks.

2026: Top 30 Vishing Statistics and Trends

• Vishing attacks surged by 442% in 2025 due to AI deepfakes.
• U.S. tech support scam complaints increased to 37,560 in 2023, with losses of $924.5 million.
• Vishing incidents jumped 16% from Q3 to Q4 2023.
• Vishing was 260% higher in Q4 2023 compared to Q4 2022.
• There was a 442% surge in vishing from H1 to H2 2024.
• Global losses from deepfake-enabled scams are projected to reach $40 billion by 2027.
• Vishing scams increased by 442% in 2024.
• Vishing incidents surged globally with a 30% annual increase, leading to $1.2 billion in losses in 2023.
• In APAC, targeted email attacks increased by 26.9% from 2023 to 2024.
• Deepfake cases rose by 1,530% between 2022 and 2023.
• Impersonation scams in Thailand more than doubled from 2023 to 2024, reaching 168 million.
• AI-generated phishing performance improved by 55% from 2023 to 2025 compared to human-crafted lures.
• 68% of Americans receive scam phone calls, including vishing, at least weekly.
• Korea is projected to suffer $718 million in vishing losses in 2025.
• The 2025 State of Vishing Report analyzed over 88,000 calls from 2023, with 18,440 more added for 2025.
• Deepfake-enabled vishing surged by over 1,600% in Q1 2025 compared to Q4 2024.
• Deepfake activity increased by 680% year-over-year.
• The median loss per vishing victim is $1,400.
• The largest reported single vishing incident loss was $25 million.
• 70% of organizations were targeted by vishing attacks.
• 25% of users are fooled by deepfake voices in vishing attacks.
• The average recovery cost per major vishing incident is $1.5 million.
• Nearly half of CISOs faced deepfakes in 2025.
• Vishing attacks increased by 449% in 2025.
• There was a 70% increase in attacks sent from legitimate platforms in 2025.
• Attacks bypassing secure email gateways increased by 38% in 2025.
• There were 1,003,924 phishing attacks recorded in Q1 2025.
• Wire transfer BEC attacks increased by 33% in Q1 2025 compared to the previous quarter.
• Over 300,000 individuals fall prey to social engineering attacks annually in the US.
• Vishing attacks increased by 442% in the second half of 2024.

Vishing Statistics in the US

Vishing remains a critical threat in the United States, with evolving tactics leveraging AI and impersonation to exploit trust. Below are key statistics focusing exclusively on US-specific data from recent years, highlighting growth, losses, and vulnerable demographics.

• In 2023, the FBI's Internet Crime Complaint Center (IC3) recorded 37,560 complaints related to tech support scams, a common vector for vishing attacks, representing a 15% increase from 32,538 complaints in 2022.
• Financial losses from tech support call scams in the US reached $924.5 million in 2023, up from $806.6 million in 2022.
• Vishing incidents in the US increased by 16% from the third quarter to the fourth quarter of 2023.
• In the fourth quarter of 2023, vishing activity in the US was 260% higher compared to the fourth quarter of 2022.
• Americans aged 60 and older accounted for 58% of total losses from tech support scams in the US and represented 40% of the victims in these incidents.
• In 2024, the FBI IC3 received 859,532 complaints for all suspected internet crimes, with reported losses exceeding $16 billion—a 33% increase from 2023—though vishing contributes significantly to categories like tech support and government impersonation scams.
• Phishing and spoofing, which often overlap with vishing techniques, were the top-reported cyber crimes in 2024 with 193,407 complaints to the FBI IC3.
• US individuals aged 60 or older reported the highest total losses from internet crimes in 2024, amounting to $4.8 billion, with vishing scams disproportionately affecting this group.
• Since April 2025, malicious actors have targeted current and former senior US government officials and their contacts through vishing, using AI-generated voices to impersonate officials and gain access to personal accounts.
• Business email compromise (BEC) attacks, which frequently incorporate vishing elements, resulted in 21,442 complaints and nearly $2.8 billion in losses in the US during 2024.

Voice Phishing Stats in the UK

Vishing continues to pose a growing threat in the United Kingdom, with attackers increasingly using AI and social engineering tactics to target individuals and businesses. Below are key statistics focusing exclusively on UK-specific data from recent years, highlighting prevalence, increases, and impacts.

• Vishing attacks on UK retailers rose by 449% in 2025 compared to the previous year, often using phone numbers as payloads in phishing emails.
• In 2025, phone numbers appeared as the sole payload in 5.5% of phishing emails targeting UK retailers, facilitating vishing attacks.
• 24% of financial phishing scam victims in Britain were targeted via phone calls in a 2025 survey, indicating significant vishing involvement.
• 11% of Brits reported being victims of financial phishing scams in 2025, with phone calls being a key method for 24% of those affected.
• In March 2025, a UK logistics firm was targeted by a deepfake vishing attack that used AI-generated voices to authorize ransomware deployment, disrupting operations nationwide.
• Several major UK retailers fell victim to vishing attacks in 2025 orchestrated by the Scattered Spider group, using voice phishing as the initial attack vector.
• The UK Information Commissioner's Office (ICO) received 44,404 complaints about nuisance calls in 2024, many of which involve vishing tactics.
• According to the UK Cyber Security Breaches Survey 2025, phishing remains the top attack vector, but smishing and vishing are growing rapidly among reported incidents.
• In the first six months of 2020, UK banks reported over 15,000 impersonation scams, many involving vishing, resulting in losses exceeding £58 million, highlighting ongoing trends into 2025.
• Telecom companies in the UK face fines up to 10% of revenue for failing to protect customers from cybercrimes like vishing, underscoring regulatory pressure in 2025.

Vishing Statistics Around the World: A Global Trend on Voice Phishing

Vishing, or "voice phishing," is a testament to this global menace. While the U.S. grapples with its vishing challenges, countries like Peru, Mexico, India, and Indonesia are not immune. Delving into the vishing statistics from these nations reveals unique tactics and trends, painting a comprehensive picture of this worldwide threat.

Table 1: Vishing Around the World: A Global Perspective on Voice Phishing

1. Peru's Vishing Predicament: In the heart of South America, Peru has emerged as a hotspot for vishing attacks. In October 2021 alone, the nation recorded over 12 million spam calls. What's alarming is the sophistication of these scams. Peruvian fraudsters often employ localized tactics, such as impersonating local banks or government agencies, capitalizing on the trust of their fellow citizens.
2. Mexico's Mobile Menace: with its vast mobile phone user base, Mexico is a prime target for vishers. In 2021, the country witnessed over 3.2 million vishing attempts. The trend here leans heavily towards mobile-based attacks, with scammers exploiting the widespread use of mobile banking among Mexicans. The tactics? Fake bank alerts, fraudulent transaction warnings, and even faux lottery wins.
3. India's Diverse Vishing Landscape: India, with its diverse linguistic and cultural tapestry, offers a unique challenge and opportunity for vishers. A single scammer made over 202 million spam calls in 2021. The most prevalent scam? In the KYC (Know Your Customer) scam, fraudsters pose as bank officials and ask for personal details to "update" the victim's KYC status. Given India's vast population and the rapid digitization of its economy, the scale and variety of vishing attacks are both vast and varied.
4. Indonesia's Rising Threat: Indonesia, an archipelago of over 17,000 islands, has seen a surge in vishing attacks. With a growing digital economy and increased online transactions, Indonesians are often targeted with scams related to online purchases. Scammers pose as customer service representatives from popular e-commerce platforms, luring victims with fake discounts or warnings about compromised accounts.

With its unique socio-economic and cultural backdrop, each country experiences vishing differently. However, a common thread binds them: the human element. Whether it's exploiting trust, leveraging fear, or capitalizing on greed, vishers around the world rely on manipulating human emotions.

Vishing Stats on the Techniques Behind Vishing: Unmasking the Deceptive Tactics

From impersonating legitimate businesses to exploiting technological loopholes, vishers constantly refine their methods to ensnare unsuspecting victims.

1. Impersonation of Legitimate Businesses: One of the most prevalent techniques in a scammer's playbook is the impersonation of legitimate businesses. Vishers meticulously research their target companies, understand their lingo and protocols, and even hold music. By mirroring these details, they craft convincing narratives. Whether it's posing as a bank representative warning of suspicious account activity or a tech support agent offering assistance, the goal is to create a facade of authenticity. This impersonation builds trust, making the victim more likely to divulge sensitive information.
2. Number Spoofing: In the U.S., number spoofing has become a significant concern. This technique allows scammers to mask their phone numbers, making it appear they're calling from a trusted source. For instance, a visher might spoof the number of a well-known bank, making the call seem legitimate. This tactic increases the scam's success rate and makes tracing the call more challenging.
3. SHAKEN/STIR - The Shield Against Spoofing: Recognizing the threat of number spoofing, the telecom industry introduced SHAKEN/STIR, a caller ID authentication system. This framework ensures that calls traveling through interconnected phone networks have their caller ID "signed" as legitimate by originating carriers and "validated" by other carriers before reaching the consumer. In essence, SHAKEN/STIR acts as a digital handshake between phone networks, verifying the authenticity of call origins and ensuring the caller ID is accurate. Its implementation is a significant step towards curbing vishing attempts, providing consumers with an added layer of security.

Protecting Yourself From Vishing

Here's a deep dive into safeguarding yourself from vishing and the significance of staying vigilant and informed.

1. The Power of Vishing Awareness Training: Awareness is the first defense against vishing. Recognizing the signs of a scam call, such as unsolicited requests for personal information or pressure to act immediately, can be instrumental in thwarting a vishing attempt.

2. Verify Before You Trust: If you receive a call from a purported business entity, always verify its legitimacy. Instead of using the contact details provided during the call, look up the official number and call back to confirm.

3. Use Keepnet Human Risk Management Platform: In the fight against vishing, tools like those offered by Keepnet play a significant role. As a leading name in the Human Risk Management domain, Keepnet provides products tailored to combat various cyber threats. Keepnet Vishing Simulator trains individuals to recognize and respond to voice phishing attempts. Similarly, the Smishing Simulator and Phishing Simulator equip users to identify and counter SMS and email phishing threats. Keepnet Security Awareness Training further reinforces this training, ensuring that individuals are aware and trained to act.

4. Caller ID Authentication with SHAKEN/STIR: In the U.S., the SHAKEN/STIR framework has been introduced as a countermeasure to number spoofing. This caller ID authentication system ensures that calls have their caller ID "signed" as legitimate by originating carriers, adding an extra layer of security against vishing.

5. Stay Updated: Cyber threats are ever-evolving. Regularly updating yourself on the latest vishing tactics and trends is crucial. Subscribing to Threat Intelligence Sharing platforms, can provide timely insights and updates.

Remember, in cybersecurity, knowledge is not just power; it's protection.

Additional Resources

• Vishing as a Service - Managed Vishing Test
• What is Vishing: Definition, Detection and Protection
• 2024 Voice Phishing (Vishing) Response Report
• Implementing Role-Based Security Awareness Training
• How Teknosa Fought Voice Phishing with Keepnet

Check our vishing simulation software to learn how Keepnet protects businesses from voice scams.

Editor's Note: This article was updated on February 2, 2026.