We recently examined how robocall scams are a serious threat to privacy, alongside the astonishing rate at which their volume continues to increase. Forty-three billion calls in 2019 with an average of 131 calls per person in the US alone is not something to be sniffed at. No matter how careful you are with your number, no matter which security measures you take, it can all be undone with one leaked database—then you’re on another list, forever.
Despite all precautions, it’s sadly inevitable that you’ll eventually wind up on a robocalling list or two. Then it’s a case of limiting damage and endless number blocking. Automated dialing ensures they’ll never, ever get tired of calling you unless you take some preventative action.
This week, we’re going to look at some specific examples of robocalls, the types of threats they present, and what’s at stake, including loss of privacy, finances, or even both simultaneously.
Can we listen to some robocall recordings?
You sure can.
A writer for Marketplace decided to take some of these robocalls instead of simply hanging up to see what kind of scam was on offer, and recorded portions of the calls. If you ever wanted to hear an authentic Chinese robocall scam in action, then today’s your lucky day.
Some of the call introductions are quite inventive. As always, there’s the faintest whiff that you may have done something wrong…maybe…and even if you didn’t, your details may be in the hands of criminals. You’d want to get that sorted out as soon as possible, especially if the nice person at the bank is telling you to do so. Right?
As far as specifics go, tactics involve:
Claiming your information was on debit cards sold illegally
Claiming your identity has been stolen
Claiming irregular activity has been flagged on your bank account
As with many similar scams, fraudsters are hoping potential victims are so rattled by these claims that they won’t notice they’re being primed for information. Why would a bank or similar institution ask you to confirm your name without volunteering it themselves? The answer, of course, is that they don’t have it and can’t address you unless you tell them first.
It’s a basic slice of cold reading, frequently deployed by con artists and tricksters who’d rather you just hand over what they need so they can turn it back on you.
Robocall scams targeting Chinese students
As demonstrated in the Marketplace article, there’s a solid wave of Chinese language robocalls right now, something which seems to have begun in earnest around two years ago. While the calls emulate the most common robocall tactics—fake caller ID, spoofing a trusted business entity, leaving a short automated message hoping you’ll press a specific number on your phone—they deploy some additional measures designed to bait, harass, and worry Chinese targets as much as possible.
Last month, I looked at how mainland China–based scammers are targeting Chinese students in the UK with threats of deportation. Focusing on immigration status, alongside mentions of embassies and potential legal trouble all make an unwelcome reappearance in US robocalls. Students once again have become popular targets, whether resident in the United States or simply visiting. Fraudsters even make use of text and send potential victims sensitive information about themselves, such as passport scans—just like the international student attacks in the UK.
It’s not just happening in the US; the same tactics exploded into life in Australia in May 2018, with threatening calls supposedly coming from the Chinese embassy in Canberra.
Press 1 to perform a fake kidnapping
Possibly the most extreme version of robocall scams involves staged kidnappings. After the standard “You’re in trouble” robocall messages, things take a sharp turn into the surreal as scammers convince people to take photos of themselves as if they’ve been kidnapped, before sending said imagery to other relatives who’ll be told they need to pay a ransom. People don’t want their relatives falling foul to terrible kidnappers, so of course it’s pretty much game over in the “will they, won’t they” pay up stakes.
Is that really Apple robocalling you?
Another popular robocall tactic involves spoofing the geniuses at Apple. On October 31, Missouri Attorney General Eric Schmitt put out an alert regarding robocalls where the scammers pretend to be Apple support. You know all those endless, awful fake Apple emails clogging up your inbox on a daily basis? They’re down the other end of your telephone now, hunting for personal information and money.
The recorded message plays out like this:
This is Molly from Apple Support. We have found some suspicious activity in your iCloud account, that your iCloud account has been breached. Before using any Apple device please contact an apple support advisor
They even leave a phone number you can dial later if you don’t have time to process the robocall when they ring you.
Robocall SSN scams
It seems there’s something in the air at the moment, because the IRS warned of Social Security Number robocall scams making the rounds on October 24. These aren’t people pretending to be embassies; they’re more akin to those Facebook viral chain hoaxes where talented hackers will delete your profile by a certain date unless you repost their message.
Here, they’re threatening to wipe your SSN unless you address a fictitious unpaid tax bill. As per their own advice, neither the IRS nor their collection agencies will ever:
Call to demand immediate payment using a specific payment method such as a prepaid debit card, iTunes gift card or wire transfer. The IRS does not use these methods for tax payments.
Ask a taxpayer to make a payment to a person or organization other than the U.S. Treasury.
Threaten to immediately bring in local police or other law-enforcement groups to have the taxpayer arrested for not paying.
Demand taxes be paid without giving the taxpayer the opportunity to question or appeal the amount owed.
Internet and offline scams have a long history of flagging themselves as fake by throwing decidedly unofficial payment methods (iTunes vouchers, Steam gift cards) into supposedly official routines. These would appear to be no different.
The other social security scam
The Social Security Administration (SSA) scam became prominent in September 2019, but hasn’t really gone away. The pattern is familiar: There are claims of benefits being suspended, with the only way out being money wires, or cash being placed onto gift cards.
Attacks along these lines can take terrifying amounts of money away from their victims. And they don’t just focus on the elderly: Anyone and everyone, including millennials, can be a target as far as robocallers are concerned.
A problem for everybody
While the majority of robocall articles focus on calls coming from China, the problem isn’t confined to that region. Indeed, the US has more than its fair share of robocall-related issues, with five US states contributing to the top locations for robocall origination. Mexico, the Philippines, Costa Rica, Guatemala, and India complete the list, according to the Federal Trade Commission (FTC).
Alex Quilici, CEO of robocall-blocking app YouMail, told USA Today that he estimates “hundreds of millions” of calls originated from inside the US. In June 2019, the FTC cracked down on US-based robocalls, and reported that the majority of scams they shut down were based in California and Florida.
What can we do about it?
As robocalling has been such a common problem over the years, we already have a full rundown on what you can do to avoid these attacks as best as possible. The people behind them will continue to slather us with their nonsense pressure, fictitious time limits, and bizarre fake kidnapping requests. But there’s one simple way to ensure they never win: Just don’t pick up the phone.
Avoid all that chaos by resisting the temptation to press buttons or pick up and yell. Robocall scammers have been known to ensnare even the most savvy users. Simply let unknown numbers ring into the void forevermore. When your identity and bank account are safe and sound, you’ll be glad you did.
The post Here are the most popular robocall scams and how to avoid them appeared first on Malwarebytes Labs.
Powered by WPeMatico