{"id":227075,"date":"2026-03-23T11:00:00","date_gmt":"2026-03-23T15:00:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/03\/23\/voice-phishing-skyrockets-as-smooth-crims-talk-their-way-in-the-register\/"},"modified":"2026-03-24T10:55:16","modified_gmt":"2026-03-24T14:55:16","slug":"voice-phishing-skyrockets-as-smooth-crims-talk-their-way-in-the-register","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/03\/23\/voice-phishing-skyrockets-as-smooth-crims-talk-their-way-in-the-register\/","title":{"rendered":"Voice phishing skyrockets as smooth crims talk their way in \u2022 The Register"},"content":{"rendered":"<p><a href=\"https:\/\/www.theregister.com\/2026\/03\/23\/voice_phishing_skyrockets_as_smooth\/\">Voice phishing skyrockets as smooth crims talk their way in \u2022 The Register<\/a><\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2026\/03\/23\/voice_phishing_skyrockets_as_smooth\/\">https:\/\/www.theregister.com\/2026\/03\/23\/voice_phishing_skyrockets_as_smooth\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-23 11:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.theregister.com\">www.theregister.com<\/a><\/p>\n<p><span class=\"label\">RSAC 2026<\/span> Voice phishing surged last year to become the second most common method used by cybercriminals to gain initial access to their victims&#8217; IT estate \u2013 and the No. 1 tactic used when breaking into cloud environments.<\/p>\n<p>Groups like ShinyHunters and Scattered Lapsus$ Hunters increasingly used this and other types of interactive social engineering tactics that involve a human steering the conversation in real time in their 2025 attacks, according to Jurgen Kutscher, VP of Mandiant Consulting at Google Cloud.<\/p>\n<p>&#8220;It&#8217;s the interactive ones, the voice based ones, that are really creating a new challenge,&#8221; he told The Register in an interview about the security shop&#8217;s annual M-Trends report, based on data collected from Mandiant&#8217;s more than 500,000 hours of incident response engagements conducted around the world last year.<\/p>\n<p>The report found attackers used voice-based phishing as the initial infection vector in 11 percent of attacks last year, making it the second-most common method of gaining illicit access to systems. Exploiting vulnerabilities topped the charts for a sixth year, accounting for 32 percent of successful attacks.<\/p>\n<p>Non-interactive lures like phishing emails, however, declined, at just six percent of 2025 intrusions.<\/p>\n<p>&#8220;What we&#8217;ve seen in 2025 is certain threat actors calling IT help desks to, for example, register attacker-controlled devices for MFA to try and reset passwords,&#8221; Kutscher said. &#8220;They&#8217;re building a number of different scenarios to trick IT help desks, and an IT help desk, by default, tries to help. That&#8217;s part of the reason why the social engineering attacks that are interactive are so powerful.&#8221;<\/p>\n<h3 class=\"crosshead\">Don&#8217;t click the &#8216;fix&#8217;<\/h3>\n<p>Scammers aren&#8217;t only targeting IT help desks with interactive social engineering scams, as Google \u2013 along with other security researchers \u2013 also documented a spike in ClickFix attacks over the past year as&#8230;<\/p>\n<p><a href=\"https:\/\/www.theregister.com\/2026\/03\/23\/voice_phishing_skyrockets_as_smooth\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Voice phishing skyrockets as smooth crims talk their way in \u2022 The Register https:\/\/www.theregister.com\/2026\/03\/23\/voice_phishing_skyrockets_as_smooth\/ Publish&#8230;<\/p>\n","protected":false},"author":1,"featured_media":227076,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/regmedia.co.uk\/2022\/09\/28\/shutterstock_haha_business.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[25],"class_list":["post-227075","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-phishing"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227075"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=227075"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227075\/revisions"}],"predecessor-version":[{"id":227077,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/227075\/revisions\/227077"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/227076"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=227075"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=227075"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=227075"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}