As spam filters and machine learning get better by the day at hampering email fraud, cybercriminals are doing new, flourishing business in the less-protected ‘phone’ department. Numerous phone and SMS scams are actively being carried out across Australia, the United States and other countries, with governments doing little to stop them, according to one security researcher.
David Glance, director of the Centre for Software Practices at the University of Western Australia, warns that, while credit card fraud accounts for most money lost, a significant sum is still being lost each year on “regular scams.”
And while email fraud has had its day in the sun, phone and SMS scams are again surfacing as fertile ground for fraudsters impersonating tax officers, insurance companies, and the like.
“While scams that come in over email are increasingly being picked up by spam filters, around 45% of scams in Australia (and likely other countries) are by phone and text message,” writes Glance.
Glance says scammers have stuck to using the same number or area codes, even though people report these numbers to sites like reverseaustralia.
“…the number is still in operation and despite there being a government agency, the Australian Competition and Consumer Commission (ACCC), tasked with dealing with scams of this type, very little is done to tackle scammers directly.”
The situation is no different in the United States, where the Federal Trade Commission (FTC) receives thousands of complaints from scam victims. Often, these reports include highly detailed information about the scam, including the phone number that rang them up.
One iconic example of such a scheme is the “can you hear me” scam, which dupes unwary recipients to answer “yes,” and have their answer stitched into a different recording asking them to buy something. The final recording, made behind the victim’s back, is used to try to coerce the victim to pay.
And while governments are indeed striving to be an educational resource, Glance believes it would be trivial for them to report scams to technology giants, to incorporate the information in their software – much like malware signatures – and prevent scams from unfolding.
“Google and Apple should, however, be able to do more independently of these agencies. With the advent of machine learning techniques being used to analyse emails, it will be also possible to apply the same technology to phone calls,” the researcher says.
Phone scams range from the hype-inducing free vacations and prizes to the more intimidating IRS call and phony debt collectors. Others include fake charities, loan scams, medical alerts targeting unwary seniors and even warrant threats. Users should always be on guard for unsolicited calls from unknown numbers, and refrain from providing personal information to the caller, especially when they don’t expect such a call.