Automated spam calls, or robocalls for short, plague the U.S. Billions of calls should have been prevented by new legislation. However, threat actors find new comms vectors to abuse.
The latest data shows staggering volumes of malicious calls surpassing 6.29 billion robocalls in August alone, the second-worst month since the pandemic began. That translates to 23 calls per every American, robocall prevention app RoboKiller reports.
Use of robocalling allows criminals to target millions of victims with relative easy of automation. Even if a few calls are successful, criminals see financial gains.
38% of all robocalls employed caller ID spoofing technology, signaling malicious intent. Since the end of June, the FCC has required telecoms to work under the STIR/SHAKEN protocol to identify every caller and prevent spoofing practices.
SIT/SHAKEN protocol is likely to have a broader effect once the two-year transitional period ends mid-2023. Foreshadowing a swift change use of ID spoofing dropped in July once the requirement came in place.
However, August data shows an increase of 5%, destroying recent gains.
However, an increased activity using a different point to malicious actors adapting to FCC's requirements. RoboKiller noted that the use of text messages to distribute scams grew by 20% in August.
"This is likely partly due to STIR/SHAKEN's rollout, as scammers seek workarounds to reach potential targets," reads the press release.
Recent months saw an increase in pandemic-related spam calls. Among the most popular are social security and COVID-19 related calls, reflecting fears over unemployment and the rapid spread of the Delta variant.
Costly endeavor
RoboKiller projects the level of growth to reach 55% by the end of the year, leading to a financial loss of over $100 million from text messages alone this year. The overall financial loss is expected to reach a whopping $615 million this year, outperforming last year by 40%.
Losses translate to $1,200 per robocall, making the activity a lucrative prospect for scammers looking for an automated way to scam victims out of their money.
RoboKiller reports that Texas receives the most robocall with a total of 779 million calls and an average of 33 calls per person. California ranks second with 623 million, followed by Florida (420 million), Ohio (274 million), and Georgia (261 million).
By far, the most popular robocall scam is about vehicle warranty, falsely warning potential victims of their ending warranty, prompting people to renew the service. Scammers made over 1.1 billion robocalls on vehicle warranties, which makes up close to 18% of total scam calls. Social security and student debt calls follow with 2.4% and 1.2% of total robocalls made.
Meanwhile, the most frequent text message scams pry on delivery services, with Amazon, UPS, and other delivery scams making up 24% of total scams or 1.8 billion spam texts.
Don't get duped: how to spot social engineering attacks
It is essential to understand that robocalls are a tool to social engineer victims' consent to give away funds, important data, or personal information.
With all that in mind, knowing how to spot a social engineering attempt is still vital for keeping your money and personal information safe. Here's how:
Don't answer calls from unknown numbers. If you do and someone you don't know starts asking you for personal information, hang up immediately.
Never give away personal data. This includes data like names, usernames, email addresses, passwords, PINs, or any information that scammers can use to identify you.
Take it slow. Scammers often try to create a false sense of urgency to pressure you into giving up your information. If someone is trying to coerce you into making a decision, hang up or tell them, you'll call back later. Then call the official number of the company they're purporting to represent.
Don't trust caller ID. Scammers can imitate a business or someone from your contact list, faking names and phone numbers. In fact, financial service providers never call their customers to confirm their personal information. In case of suspicious activity, they will simply block your account and expect you to contact the company via official channels to resolve the issue. As such, always stay alert, even if the caller ID on your phone screen looks genuine.
More from CyberNews:
Millions of Microsoft web servers powered by vulnerable legacy software
‘Amazon’s Choice’ best-selling TP-Link router ships with vulnerable firmware
In most cases, paying the ransom is the obvious way out - experts
Why does the U.S. want 'white hats' hacking satellites
The rise of digital currency and a world of e-money
Subscribe to our newsletter
Your email address will not be published. Required fields are markedmarked