What does the term 'vishing' refer to in cybersecurity?

The term 'vishing' specifically refers to voice phishing, where attackers use voice communications to trick individuals into revealing sensitive information such as personal data, financial details, or login credentials. This method typically involves phone calls, including those made through Voice over Internet Protocol (VoIP), where the attacker may impersonate a legitimate entity, such as a bank or a government agency, to gain the target's trust.

Vishing is a form of social engineering, utilizing the human element to exploit psychological factors, appealing to emotions like fear or urgency to elicit a response. Although it is related to social engineering, the distinct characteristic of vishing is its focus on voice communication rather than other methods, such as email, which is not applicable in this context. The term highlights how voice technologies can be manipulated for fraudulent purposes, representing a critical area of concern in cybersecurity.