I had a great podcast yesterday with a CEO from a well-established Cybersecurity firm based in the Bay Area. In it, we talked about what the Cybersecurity Threat Landscape could look like in the coming few years. He had mentioned that the oldie but the goodie – Phishing will still remain by far the biggest Threat Vector that is out there. One of the reasons cited for this is that is still an effective way for people to give up their PII.
Of course, though, the Cyberattacker has to stay one step ahead and keeping coming up with newer variants as the older mechanisms start to gain attention. But there is yet another old tactic that the Cyberattacker is using well in order to lure their bait – the traditional phone scam. Given the recent advancements in Smartphone and wireless technologies, it is getting easier to con unsuspecting victims into giving up their PII and financial information.
This has come to light once again with a recent market research report conducted by Truecaller. This company has developed and created numerous caller ID and spam phone call mobile apps. This is their fifth study, and here are some of the key findings of it:
*Almost 1 out of 6 Americans have lost some amount of money in the last twelve months:
Within this group, over 56% have claimed that they have victimized more than twice. The average cost to a victim is almost $300 and have cost $10.5 Billion in financial damages within the last year. This is depicted in the diagram below:
*There is a huge uptick in the total number of monthly spam calls that are received:
The average American has received at least 32 spam calls in a single month, which is a 39% increase from 2018. It is interesting to note that more than 72% of these were robocalls. This means that there are almost 100 Billion spam calls made in just one year!!! This is illustrated below:
*Cyberattackers are targeting mobile phones much more than the landline phones:
There shouldn’t be anything really new about this one, as most of the American population have ditched the landline in favor of using a Smartphone or their computer for placing and receiving calls. But the report discovered that 83% of spam calls take place over the wireless device, and only 22% of them have occurred over the landline. This can be seen in the illustration below:
*You “have won something” is the most popular scam messaging used:
Other types of scam messaging include the following:
*You’ve received a great deal;
*You have problems with your financial account;
*You owe money (especially to the IRS);
*Threatening political calls for you to vote for a certain candidate.
This is depicted below:
*Surprisingly, people are proactive after receiving a spam call:
Interestingly enough, many people are taking the right steps after they have received a spam phone call. According to the survey, this is what most Americans have done:
*Downloaded a caller ID mobile app;
*Have scrutinized their phone bill;
*Have changed phone number;
*Reported the phony call to law enforcement;
*Have signed up for the “Do Not Call Registry”.
Overall, 71% of the respondents simply do not respond to a call that they do not recognize, while 47% of them will block that call.
This is depicted below:
My thoughts on this?
Overall, the study discovered that most of the respondents would much rather use some form of Social Media, texting, or Email in order to communicate with others (at 55%). This number is much higher with the younger age group (18-34) at 73%.
However, it is the older generation that prefers to use the traditional landline phone for communications (ages 45-54) at 57%. Also, it was discovered that men in the age bracket of 18-34 were most prone to falling victim to a phone scam and suffering some sort of financial loss (at 40% of the respondents. Overall, 61% of Americans think that they will miss a legitimate call because they think they are receiving a spam call.
I’ve got to be honest, even I have witnessed a huge uptick in the number of spam calls I receive. I get all sorts of calls, ranging from phony debt collectors to the IRS is coming after to me, to even saying that I have qualified for a $100,000 business loan. I have also noticed that when I receive a spam phone call, it just rings once. This is to make you think that you have received a missed call, when in actuality, you receive a voice mail hours later from that same number.
So, what do I do? If it is a number I do not recognize, I just ignore it. If it is important enough, I figure that the caller will also take the time to leave a voice mail. If they do, and I do not recognize the caller even then, I just delete the message. But there, is one instance in which I keep getting a spam call about three times a month.
The number comes up as “unknown” on my caller ID, so I actually took the initiative and reported this to the FBI here in Chicago. Last update I got was that they are working on it. Just like Phishing Email, it can be very difficult at times to know when a call is real for real, especially when you are going through a hard time. This is especially true for job seekers, and those people that have been a victim of a natural disaster that has been well publicized.
Heck, I even get phony calls from the American Red Cross pressuring me to donate money. But you know what? Just hang up. If you really want to donate some money, just visit your local chapter, or send cash or even a check if you have to. But no matter what, under any circumstances, do not give away your credit card or debit card number to anybody over the phone unless you know that person or organization for a long period of time!!!
Finally, the report can be downloaded here: