Hey there, tech fans! Today, let’s talk about a sneaky voice phishing scam that targeted Cisco, but don’t worry, we’ve got the scoop on what went down.

Cisco reported that one of their representatives fell for a voice phishing attack, which let the bad guys download profile info from a third-party CRM system. Luckily, the stolen data mainly included basic info like names, addresses, emails, phone numbers, and user IDs, rather than sensitive passwords or confidential data, Cisco confirmed.

Importantly, Cisco stated there was no evidence that other CRM systems or their services were affected. Voice phishing—using calls, texts, and even emails—has become a popular method for cybercriminals to breach even the most secure organizations. These attackers often do their homework beforehand, making their attacks seem legitimate by mimicking real authentication steps.

Big names like Microsoft, Nvidia, and Twitter have also fallen victim to such schemes. To fend off these threats, experts recommend using multi-factor authentication that follows FIDO standards, which uses cryptographic keys bound to the target domain, making spoofing much harder. Also, MFA should be used in proximity mode, so attacks from distant locations are thwarted.

The U.S. Cybersecurity and Infrastructure Security Agency offers guidance on how to stay safe from phishing—check it out if you want to be prepared. Staying vigilant and adopting strong security measures is the best way to keep cyber predators at bay.