GRF Outlines Threat from Vishing in Fourth Bimonthly Report

RESTON, VA – March 15, 2018 – Global Resilience Federation has released its fourth bimonthly report in a series that covers trending threats in cyber and physical security.

The fourth report outlines and analyzes risks associated with "vishing" activity, detailing the tactic, threat campaigns, and best practices. This is the latest report from Global Resilience Federation, a provider of support to ISACs and ISAOs which work to protect organizations against cyber and physical risks.

Vishing is a tactic used by malicious actors with the intent of tricking an unsuspecting target into revealing sensitive information over the phone. In order to carry out this attack, a threat actor will typically employ a technique called “caller ID spoofing,” which makes an incoming call appear to be coming from a trusted or known phone number. Information from vishing attacks can be used in more advanced vishing attempts, leveraged in phishing campaigns, or even used for immediate financial gain.

GRF affiliated communities receive detailed information and analysis on timely topics in the bimonthly TLP Amber reports. When a report topic is selected, GRF staff investigate significant open source events, provide custom analysis, and compile detailed data and intelligence from member communities. The final product offers a unique set of industry perspectives on a trending security issue.

Outside organizations interested in this report may request a redacted TLP White copy through the contact page on Please request using a business email address.


Global Resilience Federation (GRF) is a non-profit hub for support, analysis, and multi-industry intelligence exchange between ISACs and ISAOs, each of which facilitates cyber and/or physical intelligence sharing. GRF’s mission is to help assure the resilience of critical and vital infrastructure against threats that could significantly impact the orderly functioning of the global economy. GRF members include Financial Services ISAC, Legal Services ISAO, and Energy Analytic Security Exchange, among others. GRF is also engaged with CERTs and other bodies around the world that seek to protect certain regions and industries. Formerly the Sector Services division of FS-ISAC, GRF was created as a standalone non-profit organization in May 2017. Learn more at or by visiting @GRFederation on Twitter. Inquiries may be directed to Patrick McGlone at

Chad McAuslin