In today's digital landscape, online scams have become increasingly sophisticated, with cybercriminals exploiting voice calls and messaging apps to deceive unsuspecting victims.
Techniques like voice phishing (vishing) and SMS phishing (smishing) have turned into a lucrative industry, with fraudsters operating call centers that generate billions of dollars worldwide.
These scams require minimal technical skills, allowing even a single individual to target multiple victims simultaneously. Among the various tactics used are "pig butchering" (a scam where a fraudster builds a relationship with a victim to eventually extract large sums of money), cryptocurrency fraud, romance scams and tech support hoaxes. Each scam is designed with a convincing story and bait to lure victims.
Hello? Is this thing working?
Imagine receiving a phone call from someone claiming to be your bank, warning that your account has been compromised. The urgency in the caller's voice might compel you to share sensitive information, only to realize later that the caller was not from your bank at all. This type of fraud, though common, has become even more sophisticated with the use of AI-generated voice technology.
In 2019, cybercriminals used AI to impersonate a company executive’s voice, successfully stealing nearly $250,000 from a CEO. In another case, they stole $25 million from a company by mimicking a video call with a finance employee. AI-driven voice forgery and real-time translation have made vishing and smishing easier than ever, lowering the barriers for new malicious actors.
What's your name? What's your number?
According to a 2022 Consumer Reports survey, 75% of respondents expressed concerns about their data being collected online, including their phone numbers, which are crucial for identification and targeted advertising.
As traditional directories like the Yellow Pages have become obsolete, data collection through online tracking has increased. This has led to a thriving data trade industry, where personal information, including phone numbers, is collected and sold without the need for any hacking.
Data brokers gather personal information from public records, commercial sources and online tracking, then sell it to others, including malicious actors. Cybercriminals can obtain phone numbers from public social media profiles, stolen accounts, auto-dialers or even physical mail, and use them to launch targeted scams.
How to protect your phone number?
To protect your phone number from cybercriminals, cybersecurity experts recommend being cautious of phishing attacks. Avoid answering unexpected calls or messages from unknown numbers, and never click on random links in emails or SMS. If contacted by a bank or company, insist on calling back through their official number.
Additionally, enable two-factor authentication (2FA) for your accounts, preferably using security keys, authentication apps, or biometric methods rather than SMS, as SMS can be easily intercepted.
Governments also offer services like the "Do Not Call" registry to help reduce unwanted marketing calls. Lastly, be mindful of where you share your phone number online and consider alternative methods for account recovery, such as using an additional email address or an authentication app.