Telephone banking scams are on the rise and are becoming more sophisticated as criminals look at new and inventive ways to trick their victims into disclosing sensitive information.
According to research from Econmia, fraudulent activity costs the UK £190bn annually and telephone banking scams have risen by 178% in the last year.
The reason for this massive rise in telephone banking fraud is because it’s such a lucrative business. Total losses due to these scams came to £236million in 2017, with 43,875 cases relating to a total of 42,837 victims.
These statistics are truly worrying and highlight the need for a greater awareness around this type of fraud. The reality is that many people’s lives have been destroyed by these scams and some victims have had their entire life savings cleared out within the space of 15 minutes.
The professional con artists behind these attacks will spend a lot of time making sure their call is as polished and professional as possible, and by using a range of different technologies and tactics, they will successfully con their victim into transferring money or disclosing personal information.
How the scams work
Telephone scams are a targeted attempt to manipulate someone into performing certain actions or divulging confidential information. This practice is commonly known as vishing. Vishing is a combination of the word voice and phishing and refers to phishing scams that take place over the phone.
A typical scenario will involve a scammer posing as a bank employee to flag up suspicious behaviour on your account. This will normally be something security related such as; someone trying to access your account or steal your identity.
The caller will often create a sense of urgency to get you to act as quickly as possible. The fraudster may tell you to “act fast to resolve the situation” or “we want to get this sorted for you as quickly as possible, so if you can follow these instructions immediately”.
One of the main ways they will make the call appear genuine is by using a tactic known as ‘number spoofing’. Using sophisticated technology, the fraudsters can alter the phone number from which they are calling so that it matches your bank’s official telephone number. They may even ask you to check your handset display to verify the call is authentic.
Another tactic is to play background noise, so it sounds like the call is being made from a call centre or a busy office environment.
The caller may already have some of your personal information such as a name, address or telephone number and once they have gained your trust, they will attempt to wrap up the scam as quickly as possible.
They may ask you to transfer money into a safe account while the issue is being resolved, hand over personal information such as login details, passwords and pin, or they may install spyware on your computer to steal other personal information.
The scam is complete
Victims will often come off the call with a feeling of relief that a crisis has just been averted, but unfortunately they will find out soon enough that their bank account has been cleared out.
The money will quickly be transferred to other bank accounts across the world and it can be very difficult to ever get the money back. According to UK Finance, in 2017, three quarters of the money could not be returned to the victims.
Banks are often reluctant to reimburse customers that have fallen for the scams as they have directly authorised the transfer of money themselves. This means the banks are not liable to pay any compensation.
The level of sophistication used in the scams is truly worrying and victims often say the only reason they believed the call was genuine was because the number matched their banks and they had no idea that criminals could spoof an official number.
How to avoid being scammed
Despite the increasing sophistication of these phone scams there a number of ways you can protect yourself from falling victim:
- Be wary of phone spoofing – criminals have access to sophisticated technology that can make a telephone number appear genuine, not their actual caller ID.
- Be wary of phone calls from unknown numbers – If a call comes out of the blue from a number you’re not familiar with then treat the call as suspicious.
- Never give out personal information over the phone – Legitimate organisations will never ask you to give out personal information such as a password, pin, activation codes or bank account details over the phone.
- Hang up – If you’re feeling intimidated or harassed by a call then don’t be afraid to hang up immediately. A common tactic is to create a sense of urgency to pressurise the victim into handing over their details.
- Ring the organisation directly – If you think the phone call is a scam then hang up the phone and ring the organisation directly. Source the official number yourself and never call back using the number the caller has given you.
- Call blocking device – If you’re getting pestered with calls from unknown numbers, it may we wise to invest in a call blocking device to filter out unwanted calls.
MetaPhish has been designed to provide the first line of defence against phishing and ransomware attacks. Contact us for further information on how we can help protect your business from this growing threat.