You may not have heard of Atlanta-based Pindrop Labs. They have developed an innovative way to detect fraudulent phone calls called a "phone print", and their solutions reduce fraud losses and authentication expense for some of the largest call centers in the world.
Pindrop Labs collected phone scam data using their proprietary Phoneypot tool. The Phoneypot is the largest telephony honeypot in the world, and it allows researchers to collect data from millions of calls to unlisted numbers. Pindrop uses the phoneypot to analyze phoneprints and detect calling patterns for unwanted callers, such as robocallers, debt collectors and telemarketers. This provides researchers with new insights into telephony abuse and attack patterns.
They recently published the results of their very interesting research that you need to be aware of, because some of these scams target consumers, and others directly target businesses using a variety of schemes according to Pindrop Labs’ analysis of some 100,000 calls from 2016’s first half.
“A bigger problem with these consumer phone scams is that often they are just the first step in a larger attack. Scammers are looking for more than quick money from a consumer,” Pindrop warned. They are also phishing for personal information in order to steal an identity and enable an account-takeover attack at a financial institution, retailer, insurance provider, or other organization. “Businesses must be aware of the role that consumer fraud plays in the larger threat landscape.”
Pindrop also found that 30,000 of the total calls studied were robocalls.
Robocalls, which involve a recorded message instead of a live person, are legal. However, if the recording is a sales message and the call recipient has not given written permission to get calls from the company on the other end, the call is illegal and many times part of a con.
Here is a look at Pindrop Labs Top 10 Scams so far in 2016:
1. Google/business listing scams. Businesses learn their business listings on Google are not up to date, or at risk of losing their ranking. So-called consultants, phishing for credit card information and not affiliated with Google, offer to help the business owner in exchange for a fee. The scam first appeared in 2015 but has grown in popularity this year.
2. Loan-related scams. Who doesn't want to lower interest rates? Fraudsters claim they can do just that, some threaten that loans are past due and a payment needs to be made immediately. This type of fraud has been a favorite among criminals over the past year and a half could be related emerging trend around payday loans. They use information acquired from actual online loan applications to appear legitimate.
3. Free Holidays. Callers tell receivers they have won a free vacation, hotel stay, or trip. Criminals then use high-pressure sales tactics in the hopes that victims will give their credit card information to pay a comparatively lower cost for tax or additional fees.
4. Political calls. With the forthcoming Presidential election, fraudsters are using politically geared robocalls to arouse consumer interest. They ask for donations and phish for personal information, all under the guise of supporting their candidate of choice. Some even claim they can take your vote over the phone.
5. Local maps verification. This asks businesses to confirm personal information in order to be included in an online maps verification program. When fraudsters get personal information this way, fraudsters are able to access accounts across multiple channels.
6. Lower an electricity bill. Consumers who want to lower their monthly electricity bill are presented with what is usually a limited time offer to do so, creating a sense of urgency to reveal personal information.
7. Important personal business. This scam vaguely states that the caller has an urgent message concerning important personal business and prompts the victim to press 1. When 1 is pressed, victims hear a message claiming they owe money.
8. Credit card related scams. This scheme has dropped in popularity this year due to stricter surveillance and many shutdowns by the FTC. The hook here is a claim to help pay off credit card debt faster or lower interest rates. Criminals will try to confirm personal and financial information, including existing credit card numbers in order to process a rate reduction.
9. Free home security system. The second most popular 2014 scam is warns callers of a crime increase in their neighborhood and a friend or neighbor suggested they would be interested in a free security system. The 'free system' includes an expensive monitoring contract, many thieves are successful in getting victim credit card data at that stage.
10. Elderly scams. Senior citizens have been long-time targets of fraudsters, one because they are thought of as being easier to trick, and two they often have large sums of money in their accounts or retirement funds. Popular frauds include Medicare, health insurance, faulty anti-aging products and even funeral and cemetery plots.
The full phone scam report includes links to examples of each of these types of scams so you can hear them for yourself. With the sheer volume of these scams it is likely that you will recieve a call or message with one of the above tactics.
Here are some tips to help keep you safe when getting an unexpected call:
1. First make sure you have registered all of your phone numbers with the National Do Not Call Registry. Once registered, be especially wary of any unwanted calls as they are most likely from fraudsters breaking the law. You can also use the website to submit a complaint if you've received an unwanted call after being registered for 31 days.
2. DO NOT WIRE MONEY! In November of 2015 the FTC banned wire transfers as a payment method over the phone. If someone asks you to do this, they are definitely a scam artist.
3. Don't interact. Don't answer your phone if you don't recognize the number. If you do happen to pick up do not follow the prompts, don't enter anything on your keypad and don't request to be removed. A lot of times they will leave a voicemail and it's pretty easy to tell which ones are scams.
4. Consider using a call-blocking app. They are designed to check incoming calls against databases of known scam numbers. You can also manually block numbers when you know it's from an illegal robocaller.
5. If one of the scams involves personal information and you think it could be legitimate, you still should not interact with the caller. Ask to call them back, if they say you can't it's most likely a fraud attempt. Get a case number and look up the phone number for the organization yourself.
Vishing, or voice phishing, is only becoming more prominent every year. Protect yourself and your organization with KnowBe4's integrated security awareness training and phishing platform. Vishing tests are now part of the training!
See it for yourself and get a live, one-on-one demo.
