Phone Scams - Vishing

ASSA ALLIANCE / VISHING

What is a Phone Scam?  A phone scam is a confidence trick (synonyms include con, confidence game, confidence scheme, ripoff, scam, and stratagem)  and is an attempt to defraud a person or group after first gaining their confidence on the phone, used in the classical sense of trust. Confidence tricks exploit characteristics of the human psyche, such as credulity, naïveté, compassion, vanity, irresponsibility, and greed.

ASSA ALLIANCE / VISHING

PHONE SCAMS (Vishing)

Reading this, you’ve probably experienced a shady call or two, phone scams are nothing new from boiler room boys promising the next hot stock (financial fraud) to paid-for horoscope subscriptions (cramming), technological advances have always been a useful weapon in any conman’s arsenal.

Vishing – a play on Voice Phishing is a staple from the tele-scammer playbook currently experiencing a new lease of life. Like email phishing scams, the aim of the game is to dupe unsuspecting victims into handing over confidential information.

The new wave of Vishing scams is a more sophisticated twist on the last – an old sleight of hand trick, deceiving you into coughing up credit card details and personal information.

Today, a simple “Yes” can lead to unwanted call charges, subscriptions and signups to applications being billed on your next monthly statement – the cramming scam for the digital age has arrived: the “Can You Hear Me?” Phone Scam.

An urgent afternoon call from your ‘bank’ saying that your account has been hacked or your credit card stolen, inevitably panic sets in and your heart rate rises into a frenzy.

Luckily for you, the helpful service assistant on the line is on hand to help. She tells you to jot down a free phone number and to speak to your bank directly to resolve this issue. Frantic, you recite the phone number to memory and make the call. Typically, there is now a verification procedure. They simply need to you to punch in your credit card numbers, expiry date, and CVV code – not too much to ask for a security check.

Hurriedly you rummage through your wallet or purse and grab your credit card and willingly hand over your credit card information to the “bank assistant” on the other end of the line. Unluckily for you, this is not your bank, but a syndicate of organized criminals who proceed to empty your bank account, maxing your credit card or selling your personal information. A scary thought indeed.

This scam is more common than one would think, especially in Europe and America. Due to its lower success rate, it is not as commonly perpetrated although factors such as gender and age impact the results greatly – with the older generation more susceptible to vishing scams. Good mobile device and internet security hygiene is essential in stopping these criminals and it is wise to educate your elderly family members about potential problems.

ASSA ALLIANCE / VISHING

The Can You Hear Me? Phone Scam

The Can You Hear Me Scam, made possible by the inclusion of third-party services in subscribers’ bills combined with the growing popularity of voice identification and voice synthesis in many sectors, including banking.

Authorities are trying to combat this “cramming” craze; telecom giants Verizon have recently settled $158 million in damages on claims by customers who’d had third-party services fraudulently added to their bills.

But this is just scraping the surface. Businesses lost on average $43,000 per account and individuals targeted through impersonation lost $4200. The vishing con is real and here to stay.

HSBC is just one of several banks that uses this voice recognition technology to allow voice authentication as a password. However, clients must authenticate themselves initially through a “code word” followed by saying aloud “my voice is my password”. HSBC claims that the system is full-proof as the voiceprint created has the physical and behavioral nuances of one’s speech, which is recognized by their system.

For an HSBC account security breach, it would be troublesome for scammers to initially get your code word, but the phrase “my voice is my password” could be teased out over several phone calls. Voice-authentication systems don’t seem to be going away with Google and Adobe both developing their own realistic speech synthesis programs: Lyrebird is another high-profile company developing this technology.

Scams like this are commonplace not just to dupe unsuspecting citizens, but as a location for foreigners to perpetrate this activity.

Vishing

© Copyright 2019-2020 ASSA - All Rights Reserved
Some information about Scamming/Phishing gleaned from Wikipedia