Telephone banking scams are on the rise and are becoming more sophisticated as criminals look at new and inventive ways to trick their victims into disclosing sensitive information.
According to research from Econmia, fraudulent activity costs the UK £190bn annually and telephone banking scams have risen by 178% in the last year.
The reason for this massive rise in telephone banking fraud is because it’s such a lucrative business. Total losses due to these scams came to £236million in 2017, with 43,875 cases relating to a total of 42,837 victims.
These statistics are truly worrying and highlight the need for a greater awareness around this type of fraud. The reality is that many people’s lives have been destroyed by these scams and some victims have had their entire life savings cleared out within the space of 15 minutes.
The professional con artists behind these attacks will spend a lot of time making sure their call is as polished and professional as possible, and by using a range of different technologies and tactics, they will successfully con their victim into transferring money or disclosing personal information.
Telephone scams are a targeted attempt to manipulate someone into performing certain actions or divulging confidential information. This practice is commonly known as vishing. Vishing is a combination of the word voice and phishing and refers to phishing scams that take place over the phone.
A typical scenario will involve a scammer posing as a bank employee to flag up suspicious behaviour on your account. This will normally be something security related such as; someone trying to access your account or steal your identity.
The caller will often create a sense of urgency to get you to act as quickly as possible. The fraudster may tell you to “act fast to resolve the situation” or “we want to get this sorted for you as quickly as possible, so if you can follow these instructions immediately”.
One of the main ways they will make the call appear genuine is by using a tactic known as ‘number spoofing’. Using sophisticated technology, the fraudsters can alter the phone number from which they are calling so that it matches your bank’s official telephone number. They may even ask you to check your handset display to verify the call is authentic.
Another tactic is to play background noise, so it sounds like the call is being made from a call centre or a busy office environment.
The caller may already have some of your personal information such as a name, address or telephone number and once they have gained your trust, they will attempt to wrap up the scam as quickly as possible.
They may ask you to transfer money into a safe account while the issue is being resolved, hand over personal information such as login details, passwords and pin, or they may install spyware on your computer to steal other personal information.
Victims will often come off the call with a feeling of relief that a crisis has just been averted, but unfortunately they will find out soon enough that their bank account has been cleared out.
The money will quickly be transferred to other bank accounts across the world and it can be very difficult to ever get the money back. According to UK Finance, in 2017, three quarters of the money could not be returned to the victims.
Banks are often reluctant to reimburse customers that have fallen for the scams as they have directly authorised the transfer of money themselves. This means the banks are not liable to pay any compensation.
The level of sophistication used in the scams is truly worrying and victims often say the only reason they believed the call was genuine was because the number matched their banks and they had no idea that criminals could spoof an official number.
Despite the increasing sophistication of these phone scams there a number of ways you can protect yourself from falling victim:
MetaPhish has been designed to provide the first line of defence against phishing and ransomware attacks. Contact us for further information on how we can help protect your business from this growing threat.