HomeTechnologyWhat is vishing, the latest scam that Cisco fell prey to? How to stay safe

What is vishing, the latest scam that Cisco fell prey to? How to stay safe

Vidhi Taparia
/2 min read

ADVERTISEMENT

Recently, Cisco fell victim to a vishing attack, compromising basic user profile information from a third-party CRM system. This incident underscores the growing threat of AI-enhanced vishing tactics and the importance of vigilance.
What is vishing, the latest scam that Cisco fell prey to? How to stay safe
Through this social engineering tactic, a bad actor was able to gain access to and export a subset of basic user profile information from a single instance of a third-party, cloud-based Customer Relationship Management (CRM) system used by Cisco. Credits: Narendra Bisht

Cybersecurity giant Cisco had fallen prey to a serious vishing attack on July 24. In a blog post on August 1, the company shared that the voice phishing attack targeted one of its representatives.

Through this social engineering tactic, a bad actor was able to gain access to and export a subset of basic user profile information from a single instance of a third-party, cloud-based Customer Relationship Management (CRM) system used by Cisco.

The compromised data included basic account details such as names, organisation names, addresses, Cisco-assigned user IDs, email addresses, phone numbers, and account metadata like creation dates. The company claims that the attacker did not access any sensitive information such as passwords, confidential customer data, or proprietary business information. Cisco also confirmed that the incident did not impact any of its products or services and no other CRM instances were affected.

Fortune India Latest Edition is Out Now!
India's Top 100 Billionaires

August 2025

As India continues to be the world’s fastest-growing major economy, Fortune India presents its special issue on the nation’s Top 100 Billionaires. Curated in partnership with Waterfield Advisors, this year’s list reflects a slight decline in the number of dollar billionaires—from 185 to 182—even as the entry threshold for the Top 100 rose to ₹24,283 crore, up from ₹22,739 crore last year. From stalwarts like Mukesh Ambani, Gautam Adani, and the Mistry family, who continue to lead the list, to major gainers such as Sunil Mittal and Kumar Mangalam Birla, the issue goes beyond the numbers to explore the resilience, ambition, and strategic foresight that define India’s wealth creators. Read their compelling stories in the latest issue of Fortune India. On stands now.

Read Now

Upon detecting the breach, Cisco immediately terminated the actor’s access and launched an internal investigation. The company also notified affected users where legally required and engaged with relevant data protection authorities.

While the company has not disclosed the volume of user data exposed or the financial costs involved in addressing the incident, the breach highlights a critical need for users to stay vigilant. With AI now enhancing the sophistication of digital frauds, voice impersonation tactics have become significantly more convincing than before, making it even harder to detect vishing attempts. Individuals and organisations might be on the radar of such attacks in the AI age and here is how you can safeguard yourself amid such rising vishing attacks.

Recommended Stories
Walmart doubles down on agentic AI with WIBEY
Mukesh Ambani and Sundar Pichai announce big AI push with renewed Reliance-Google Cloud partnership
At Reliance AGM, Akash Ambani unveils JioFrames, an AI-powered smart glass to rival Meta’s Ray-Ban wearables
AI agents to become invisible utilities in an AI-first world: Uber CEO on Nikhil Kamath’s podcast
Apple expands retail presence in India with 4th store in Pune

What is Vishing (Voice Phishing)?

Vishing is a type of cybercrime where attackers use phone calls to trick people into giving away personal or financial information. It is similar to phishing (email) and smishing (text), but happens over voice communication.

Attackers often impersonate trusted entities such as Banks or financial institutions, Police or government officials, IT support or service providers, and Employers or HR representatives. Social engineering tactics are used to create a sense of urgency or fear.

Victims to such attacks may be convinced to transfer funds voluntarily, share sensitive login or personal details, provide remote access to their devices.

How can users protect themselves from phishing?

  • Never share personal data over phone calls, especially OTPs, passwords, or PINs, bank account or card details, and MFA codes or authentication links

  • Verify caller identity by asking the caller for their name and organisation, hang up and call back using official contact numbers

  • Be cautious if they pressure you to act immediately and do not trust threats or urgent demands. Scammers may say you owe money or face arrest. Legitimate agencies don’t demand instant action or payment via phone

  • Avoid gift card payments given no real company asks for prepaid cards or vouchers as payment.

  • Never allow remote access to your computer unless you personally know and trust the person.

  • Report vishing attempts and notify your company’s cybersecurity team to help prevent further attacks.

Fortune India is now on WhatsApp! Get the latest updates from the world of business and economy delivered straight to your phone. Subscribe now.