What is vishing in cyber security?

Vishing is phishing delivered through voice channels: phone calls, voicemail, or voice-over-IP. The 2024-2025 wave is characterised by helpdesk-impersonation attacks against IT support teams and by deepfake-voice attacks against finance teams and executives.

How big is the deepfake-voice vishing surge?

Hoxhunt 2026 measured a 1,633 percent increase in deepfake-enabled vishing in Q1 2025 alone, against the Q1 2024 baseline. The growth is driven by the commoditisation of voice-cloning tools that need only 60 seconds of source audio to produce a usable real-time clone.

What happened in the MGM Resorts vishing attack?

In September 2023 the Scattered Spider group called the MGM Resorts IT helpdesk and impersonated an employee whose details they had harvested from LinkedIn. The helpdesk reset the employee's MFA and granted access. Attackers then ransomwared major parts of MGM's environment. MGM disclosed approximately $100M in disruption cost in its subsequent SEC filing.

How much does a voice-clone toolkit cost an attacker?

Sub-$10 per month for consumer-grade tools that produce a usable real-time clone from 60 seconds of source audio. Open-weight models that run locally are free. The attacker economics for vishing collapsed from professionally-trained voice imitation to commodity software inside 18 months.

What controls work against helpdesk-impersonation vishing?

Mandatory video verification for any MFA reset request, combined with knowledge-based authentication that draws on facts not available in OSINT (e.g. recent internal-system events that only a real employee would know). Eliminating phone-based MFA reset entirely is the highest-leverage control.

Filing 02.04.00Field 27 APR 2026Classification PublicStatus Open

Vishing: voice-phishing cost, the helpdesk-impersonation pivot, and the 1,633% surge

Q: What is the cost of a vishing attack?

Average per successful vishing incident is $1.35M, dominated by MFA-bypass pivot containment, credential-reset cycles, and the customer-disruption cost when the attacker pivots into customer support or service-desk infrastructure. The MGM Resorts 2023 incident showed the upper bound at approximately $100M in disruption cost.

Average successful vishing incident: $1.35M. Q1 2025 deepfake-vishing volume up 1,633% year-on-year (Hoxhunt 2026). MGM Resorts 2023 helpdesk-impersonation case set the reference at approximately $100M in disclosed disruption cost.

Exhibit A

Vishing as a category in 2026

Vishing (voice phishing) is the phone-call variant of social-engineering attack. It pre-dates the email phishing era and was, for two decades, the lowest-leverage attack vector in the practitioner mind because the per-call effort was high and the conversion rate was low. The 2024-2025 wave inverted both variables. The MGM Resorts incident of September 2023 demonstrated that a single successful helpdesk call could yield 9-figure damage, and the commoditisation of voice-cloning software through 2024 collapsed the per-call effort to near zero. The category is now the fastest-growing phishing variant by year-on-year incident count.

The per-incident cost figure of $1.35M is the median across the 2026 vishing cohort tracked by IBM Cost of a Data Breach 2025 and IC3 2024 voice-channel categories. The distribution is bimodal: the typical helpdesk-impersonation event lands in the $400K to $800K band (credential reset, mailbox-takeover containment, modest data-exfil exposure), and the typical major-pivot event (Scattered Spider class, ransomware-handoff) lands in the $5M to $100M band. The median between the two modes sits at $1.35M.[IBM 2025 + IC3 2024 voice category + Hoxhunt 2026]

Exhibit B

MGM Resorts, September 2023: the canonical helpdesk-impersonation case

CASE FILE

On 7 September 2023, a member of the Scattered Spider threat group placed a call to the MGM Resorts IT helpdesk impersonating an employee whose name, role, and reporting line had been harvested from LinkedIn. The helpdesk technician, working from the standard service-desk runbook, performed the MFA reset that the caller requested. Attackers used the reset access to enter the MGM environment, escalate privileges, and deploy ransomware across major systems. The disruption forced MGM to take down hotel-room keycard systems, casino slot machines, restaurant point-of-sale terminals, and the central booking platform.

MGM disclosed the financial impact in its Q3 2023 10-Q filing as approximately $100M, comprising direct disruption cost, customer-refund exposure, and the cost of system rebuild. The figure does not include subsequent litigation or the reputation drag on the brand. Caesars Entertainment, hit by the same group in a parallel attack, reportedly paid approximately $15M in ransom and did not experience the same disruption profile because their incident response chose to settle rather than fight through the recovery. The contrast between the two outcomes drove an industry-wide reassessment of the ransomware-payment-versus-recovery cost calculus.

The MGM defender lesson is that the entire breach traced to a single phone call to a service-desk runbook that did not require video verification or out-of-band confirmation for an MFA reset. The runbook update across the casino-resort sector in the months following the incident was immediate and aggressive: every major operator added mandatory video-verification or in-person confirmation for any MFA reset by Q1 2024. Across the broader US enterprise market, the runbook update is still in progress; mid-market and SMB IT helpdesks frequently still perform phone-based MFA resets with no additional verification.[MGM 10-Q Q3 2023 + Scattered Spider attribution per Mandiant]

Exhibit C

The deepfake-voice tooling: a 60-second source-audio commodity

The technical inflection that drove the 2024-2025 vishing surge was the commoditisation of voice-cloning tools that need only 60 seconds of source audio to produce a usable real-time clone. Pre-2023, voice cloning required either a large source-audio corpus (hours) or a professionally-trained voice imitator. The 2023-2024 model wave compressed the requirement to a one-minute LinkedIn-video clip or a podcast appearance, and the inference latency dropped to near-real-time on consumer hardware.

The attacker cost picture: sub-$10 per month for consumer-grade hosted services that produce a real-time clone from 60 seconds of source audio. Free, for open-weight models that run locally on a gaming-tier GPU. Source audio is universally available for any named senior executive through earnings calls, conference recordings, podcast appearances, and corporate communications. The attacker can in practice produce a deepfake-voice clone of any executive at any public company in under one hour at zero meaningful marginal cost.

The defender implication is identical to the whaling case: in-channel verification (the legacy callback procedure that asks the caller to verify identity by stating non-public details) no longer works because the attacker can hold a voice conversation in real time with the cadence, pitch, and verbal mannerisms of the impersonated person. Verification has to operate through a different channel or through a knowledge-based challenge that the attacker cannot brute-force in conversation. The Ferrari procedural defence (asking about a recently-recommended book) is one example; the whaling page details the broader procedural-control library.[Hoxhunt 2026 + ENISA AI Threat Landscape 2024]

Exhibit D

Cost-line build-up against the $1.35M median

Vishing cost composition differs from BEC and whaling because the dominant pivot is not a wire transfer; it is a credential takeover that enables downstream pivot. The wire-loss line is typically small (or zero, for helpdesk-pivot events) and the IR and pivot-containment lines are large.

Cost line	Share of $1.35M	Dollar figure	Driver
Pivot containment + downstream IR	34%	$459K	Lateral-movement scope, cloud-control-plane reach
Credential-reset cycle (org-wide)	17%	$230K	Headcount, MFA enrolment friction
Forensic investigation	15%	$203K	Voice-call attribution work, runbook review
Customer-disruption cost	12%	$162K	Service-desk pivot impact on customer-facing systems
Notification + monitoring	9%	$122K	If exfil triggered notification thresholds
Legal + class-action exposure	7%	$95K	Lower than BEC because no wire loss
Runbook + service-desk control rebuild	6%	$81K	Mandatory; post-event regulator scrutiny

Composition extracted from the IBM 2025 voice-vector cohort with the customer-disruption line cross-referenced against the MGM and Scattered Spider event disclosures of 2023-2024.[IBM 2025 voice cohort + MGM Q3 2023 disclosure]

Exhibit E

Helpdesk and service-desk hardening: the actual control surface

The vishing control surface is the IT helpdesk runbook. The single most-pivotal procedural decision is whether MFA reset, password reset, and account-unlock can be performed via inbound phone call alone. Post-MGM, the right answer for any organisation with credible exposure is no. The control set below ranks by per-dollar reduction in modelled vishing loss.

#1No phone-based MFA reset, ever

~85% of helpdesk-pivot loss

Cost: $0 tooling, runbook rewrite

Mandatory video verification (with the employee turning on their camera and showing badge or ID) or in-person verification for any MFA reset. Eliminates the entire MGM attack pattern.

#2Knowledge-based authentication on internal facts

~70% of voice-impersonation success

Cost: $5K to $20K integration work

Helpdesk asks for facts the caller cannot OSINT, such as a specific internal-system event in the last 7 days that only the real employee would have seen. The attacker cannot fake this without already being inside.

#3Caller-ID-spoofing defence + STIR/SHAKEN enforcement

~40% of caller-ID-based impersonation

Cost: Vendor-dependent

STIR/SHAKEN enforcement on inbound calls reduces but does not eliminate caller-ID-spoofed inbound. Many corporate phone systems still do not enforce STIR/SHAKEN on internal inbound.

#4Help-desk impersonation training program

~30% of social-engineering conversion

Cost: $10K to $40K per year

Targeted helpdesk training (not generic phishing-awareness) that drills the specific attack patterns: helpdesk-impersonation, escalation pressure, deepfake voice. Cofense and KnowBe4 both ship dedicated helpdesk-attack modules.

#5Mandatory call recording for service-desk MFA actions

~20% loss reduction via faster forensic attribution

Cost: Vendor-dependent ($20K to $80K)

Late-in-chain control. Reduces investigation time post-incident and supports rapid attribution work. Does not prevent the initial breach but materially compresses the recovery timeline.

#6FIDO2 / hardware-key MFA across the workforce

~95% of post-reset pivot value

Cost: ~$50 per user one-time

If the workforce uses FIDO2 hardware keys, even a successful helpdesk reset yields limited attacker value because the new credential still requires the hardware key to log in. Closes the MGM attack chain at the next step.

Exhibit F

The voice-channel threat-actor inventory

Three threat-actor groups dominate the 2024-2026 vishing landscape. Knowing the group helps size the likely pivot path.

Scattered Spider (UNC3944)

Pattern: Helpdesk impersonation + ransomware pivot

Notable: MGM, Caesars, Twilio (2022)

Predominantly English-speaking, native-accent operators. Helpdesk runbook attacks. Pivots to ransomware-as-a-service deployment (ALPHV/BlackCat historically, others currently). Per-event impact ranges from $5M (containment-only) to $100M (full disruption).

ShinyHunters

Pattern: Cloud-credential phishing + extortion

Notable: Snowflake-customer wave attribution (2024)

Mixed voice and email vectors. Frequently uses vishing to extract MFA codes from cloud-platform engineers as a follow-up to info-stealer credential theft. Per-event impact in the $1M to $10M band for the typical SaaS-customer victim.

Crypto-extortion clusters

Pattern: Voice + SMS combined; ransom-demand follow-up

Notable: Numerous lower-profile incidents

Decentralised, high-volume. Per-event impact typically under $500K but volume keeps the category alive in the IC3 docket. Frequent overlap with smishing campaigns (see /by-attack/smishing).

Exhibit G

Frequently filed questions

ON RECORD

What is the cost of a vishing attack?[open]

Median $1.35M per successful incident. Range from $400K (helpdesk-only containment) to $100M (MGM-class full disruption).

What is the deepfake-vishing growth rate?[open]

Hoxhunt 2026 measured a 1,633% surge in Q1 2025 versus Q1 2024 baseline. The growth is driven by voice-cloning toolchain commoditisation.

How much source audio does a voice clone need?[open]

60 seconds is the current minimum for consumer-grade real-time cloning. Most senior executives have hours of public audio available.

What stops a helpdesk-impersonation attack?[open]

A hard rule that MFA reset requires video verification or in-person confirmation. No phone-only resets, ever. This single control would have prevented the MGM breach.

Are call-recording controls useful?[open]

Modestly. They compress forensic attribution post-incident but do not prevent the initial compromise. Useful as a layer, not as a primary control.

Does FIDO2 MFA defend against vishing?[open]

Yes, against the pivot. The attacker can still socially-engineer a helpdesk reset, but the new credential cannot be used without the hardware key. Closes the attack chain at step two.

Is vishing covered by cyber insurance?[open]

Generally yes, under the broader cyber-event coverage. Sub-limits apply if the vishing event pivots to a BEC wire (see /by-attack/bec).

Exhibit H