On Oct. 3, Lewis started getting voicemail from Liberty customers who had received the scam calls. He checked his VoIP system logs the next day and found that the hackers had made about 300 calls over the weekend -- not so many calls that it would normally have even been noticed.

Once the VoIP system is hacked, the criminals use it to perform phone-based phishing attacks, sometimes called vishing. Vishing attacks have been around for a few years now, but they've largely flown under the radar, because they often target smaller regional banks rather than high-profile national institutions. The scammers move from bank to bank each week after completing their campaigns.

According to Liberty Bank, other regional institutions have also been hit with vishing attacks from hacked VoIP systems in recent weeks.

Liberty did not name the other banks involved, but in recent weeks, and have reported similar scams.

Lewis was lucky that he didn't get hit with major phone charges. Depending on how their systems are configured, businesses can be held responsible for any phone charges -- international call charges, for example -- that arise from the incident.