Patent attributes
Devices, systems, and methods of detecting a vishing attack, in which an attacker provides to a victim step-by-step over-the-phone instructions that command the victim to log-in to his bank account and to perform a dictated banking transaction. The system monitors transactions, online operations, user interactions, gestures performed via input units, speed and timing of data entry, and user engagement with User Interface elements. The system detects that the operations performed by the victim, follow a pre-defined playbook of a vishing attack. The system detects that the victim operates under duress or under dictated instructions, as exhibited in irregular doodling activity, data entry rhythm, typographical error introduction rhythm, unique posture of the user, alternating pattern of listening to phone instructions and performing online operations via a computer, and device orientation changes or spatial changes that characterize a device being used to perform an online transaction while also talking on the phone.