Vishing Simulator

The Vishing Simulator allows you to create a realistic simulated vishing call that is sent to employees in order to assess their ability to recognize suspicious calls and their response to attacks that could compromise organizational data and systems. The product provides the capability to customize and target a vishing campaign suited to your organization and to evaluate the results.



Q: Is there a way to have Vishing Simulations call immediately instead of during a randomised time throughout the provided period?

A: The best way to do this would be to finite the campaign launch down to a 30-minute bracket. Currently, there is not a send test now option but you can preview the step and hear the voice AI you selected on the summary page

Q: How Is the Difficulty Level Determined?

A: The difficulty level for each vishing template is determined by several key factors that reflect the complexity and subtlety of the simulated attack. These include:

  • Complexity of the Scenario: More intricate scenarios that involve detailed background stories or require understanding of specific knowledge areas are considered more difficult.

  • Caller Identification and Spoofing Techniques: Templates that use advanced caller ID spoofing to appear more legitimate increase the difficulty level, as they are harder for individuals to immediately recognize as fraudulent.

  • Quality and Clarity of the Recording: The presence of background noise, the caller's tone, speed, and clarity of speech can affect how easily the call can be identified as a phishing attempt. Higher quality, clear, and persuasive recordings are classified as more difficult.

  • Use of Persuasion Techniques: The employment of psychological tactics, such as urgency, authority, or social proof, makes a template more challenging. Calls that effectively mimic legitimate authority figures or situations require a higher level of skepticism and awareness to identify.

  • Requested Action Complexity: The complexity of the action the caller requests from the target, such as transferring funds, providing sensitive information, or performing specific tasks, contributes to the template's difficulty rating. More complex and less obviously suspicious requests are rated as more difficult.

Criteria for Difficulty Levels

  • Easy: These calls might include obvious signs of phishing, such as poor quality recordings, unrealistic requests, or lack of specificity in the caller’s request. They are designed for users with basic awareness.

  • Medium: These examples are more advanced, with clearer sound and more realistic stories. However, there might still be small giveaways that show they are fake, especially if you know what to listen for.

  • Hard: These are highly sophisticated attempts that very closely mimic legitimate calls, employing advanced spoofing techniques, persuasive speech, and realistic requests. Recognizing these requires advanced awareness of identity voice phishing tactics.

Q: Is it possible to make identity spoofing and decide which name will appear on the screen?

In order to comply with laws and regulations, we utilize A2P-10DLC compliant phone numbers for our Vishing simulations. At present, we do not support spoofing since it could potentially violate these regulations. Our commitment to legal compliance ensures that our simulations are both ethical and effective, without compromising on security or integrity.

Last updated

Copyright © Keepnet Labs LTD. All rights reserved.