Voice cloning with AI raises VISHING risks!

Written By Peter Vogel

DarkReding.com reported that “As vishing becomes more frequently used amongst threat actors, researchers have discovered that AI-generated voice clones from as little as five minutes of recorded audio are well on the rise.” The September 30, 2025 article entitled " AI-Powered Voice Cloning Raises Vishing Risks” (https://www.darkreading.com/cyberattacks-data-breaches/ai-voice-cloning-vishing-risks) included these comments:

NCC Group's research team has explored how voice impersonation using AI allows for classic social engineering attacks to become even more refined, blurring the lines of what is real and what is simulated. This could put enterprises, their employees, and everyday individuals at increased risk of voice phishing or vishing attacks from bad actors trying to gain access to their personal information, financial accounts, sensitive corporate data, and more. 

NCC Group's report includes a clip of a voice clone that researchers recorded in real-time, though the company declined to publish the technical details of their exploits to prevent attackers from making similar voice clones. 

"That said, it should be expected some threat actors have already developed these techniques themselves," NCC Group's Pablo Alobera, managing security consultant; Víctor Lasa, security consultant; and Mark Frost, principal security consultant, wrote in the report. 

Vishing attacks involve a threat actor using voice calls instead of emails or text messages to trick their target into giving up personal information. This could include a voicemail from a supposed family member asking for an account number, or IT personnel at a company asking for an employee's credentials or remote access to their device. 

Several of these attacks have already occurred this year alone. In August, Cisco disclosed that it suffered a data breach at the hands of a bad actor who targeted a Cisco representative in a vishing attack, allowing them to access and export information.

In June, a financially motivated threat group impersonated IT support staff in phone calls with Salesforce customer employees, prompting the latter to provide their access to the Salesforce environments.

And in May, 3AM ransomware group adopted the trend of combining email bombing with vishing to gain access to victims' systems before deploying their ransomware.

Bad news! What do you think?

Peter Vogel
Next

 How will the Oracle E-Business Suite Ransomware affect your business?