As part of the Adaware Malware Lab team, we are continually looking for ways to keep our clients secure online. As part of our processes, we put ourselves in harm’s way (not physical injury), but we purposely set traps for scammers so that we can become their victims and thus gain insights of their techniques in order to eliminate them from victimizing you next. In the security industry setting traps like this is called a “honey pot” and these honey pots can be anything from creating fictitious email accounts and trolling spammers to creating false telephone numbers in order to learn the techniques of telephone scammers.
We all can become victims of telephone scams
Whenever you speak to a victim of this type of crime, they always tell you how stupid they feel. Well, believe me, ANYONE can become a victim of a telephone scam. Grandparent, teachers, business professionals, and even people whose job it is to prevent telephone scams can all be counted as victims.
In this article, we will look at some scenarios and common techniques that scammers use on the telephone (Robocalls) and how you can avoid being a victim of them.
If you have been feeling that you have been getting more robocalls now than before, you are actually right. According to the Federal Communications Commission, robocalls are the number one complaint that they receive (over 200,000 complaints per year). The number of robocalls increased by 57% in 2018.
What are Robocalls, and why are they on the rise?
Robocalls are any call where you hear a recording or a robot voice or when a machine automatically dials your telephone number followed by a live person. While there is a small percentage of these types of calls that are legitimate like school closings or emergencies, the vast majority of these calls range from the irritating to the illegal.
And why is this so? Over the last few years with the advent of VoIP, communicating has become virtually free, and technology advancements allow scammers to place massive amounts of telephone calls faster.
What about the do not call list?
The “do not call” list does still exist, and on the rare occasion a large company will be fined for violating it, but the problem is that the “do not call” list only applies to “sales” calls. Additionally, the list does not physically block callers from calling you; it is only a list that companies are supposed to refer to prior to calling you, and scammers generally will just ignore the list completely.
Spoofing – staying in the shadows
One of the leading tricks that scammers use is caller ID spoofing. Spoofing enables scammers to display a phone number that is different than the actual number from which the telephone call was placed.
With spoofing, scammers can pretend to be from a government organization, or within your area. Resulting in that you would be more likely to pick up the call. Individual scammers can even pretend to be someone that you know.
Below are some real-life examples of robocalls:
“The reason behind this call is to notify you that we have registered a criminal case against your name concerning a tax evasion and tax fraud in the federal courthouse. So if you want any further information about this case, please make sure you give us a call back as quick as possible to our direct hotline number to the Canada Revenue Agency Headquarters. That is 613-927-9919, I will please repeat the number, it is 613-927-9919. If we don’t receive a call from your side, please be prepared to face the legal consequences, as the issue of tax is extremely serious and time-sensitive. So have a blessed time.”
“…at hand is extremely time-sensitive. I am officer Nicky Johnson from the Canada Revenue Agency, and the hot-line to my division is 613-665-0503. I repeat, it’s 613-665-0503. Don’t disregard this message, and do return the call before we take any action against you. Goodbye and take care.”
“…So in next 24 hours we will be marking a lien on your assets and your bank accounts due to your inability to settle your dues with the CRA. A bill collection officer will visit you soon to complete the paper works. If you have any questions then call our tax default line. 888-745-0433, I repeat it’s, 888-745-0433. If you don’t call immediately, or if we don’t hear from your attorney either, then you will be solely responsible for all legal consequences. Goodbye.”
Why this type of scam has been effective
- The telephone scammer calls you with a sense of urgency, pretending to be an authority figure putting you automatically into a vulnerable state.
- The scammer use threats to intimidate and bully you into paying.
- The scammer uses employee titles and even fake badge numbers to appear legitimate.
- They demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer, and by the time the victim realizes that they have been scammed, it is too late.
According to the IRS in the United States, over 12,716 victims have collectively paid over $63 million as a result of this type of phone scams since October 2013.
How to protect yourself from unknown calls
Here are a few tips from the Adaware Malware Labs Team to defend yourself against robocalls
- If your phone rings and it’s an unknown number, don’t answer.
- If you do, and it’s a computer talking to you, hang up.
- Make sure you are signed up with the do not call list in your country. That will block a few calls.
- Keep your telephone number private. Don’t offer it anywhere unless it’s required.
- Download an app (free or subscription) that can minimize those annoying calls
- Never engage in any way with scammers it may be dangerous, and it lets them know they’ve reached a live phone number and your number is added to a hot list.
In our next article, we will discuss how to protect yourself from unknown emails.