Voice scammers are getting smarter: how to set up your phone’s defenses


It’s always satisfying to see scammers failing dozens of times, trying to reach you but constantly getting their calls blocked. However, many people still haven’t enabled the filtering feature on their phones.

Social engineering is a numbers game, so the fewer scam calls, the fewer potential victims. However, with data breaches constantly occurring, your phone number may sooner or later get into the wrong hands.

I was pleasantly surprised to find my Samsung phone successfully dealing with a sudden increase in potentially fraudulent calls, which came in by the dozen every week, often originating from foreign countries.

ADVERTISEMENT
scammer-calls

With the latest updates, Phone apps on various Android devices can already screen unknown callers and filter out detected robocalls or scammers before the phone even rings. And Google's alternative already use AI to fight AI calls.

However, I also found that many colleagues and relatives still hadn’t enabled useful filtering features on their phones. Moreover, some phones don’t even have that option, requiring them to update or download a different app for managing calls, such as Phone by Google.

The vishing (voice phishing) situation is worse than ever. Voice security company Hyia calculated 6.5 billion instances of phone spam calls worldwide in a single quarter. Each American received 12 scam calls every month on average, with one out of every four calls being unwanted, the Q2 report revealed. In some places, scam calls are more frequent than any other calls.

And now the scammers are using a new trick – recording their victims’ voices and replicating them using AI in vishing (voice phishing) attacks.

“With the advancement of generative AI text-to-speech technology, fraud techniques will become significantly more sophisticated. When combined with leaked data, attackers can pose as someone familiar with their victim and add in personal details to increase the believability of the scam,” warns Josh Amishav, Founder and CEO at Breachsense.

This makes even talking to scammers dangerous.

“In terms of defense, cross-referencing several apps will improve overall prevention. If a call does get through, hang up without providing information. It's helpful to report the number to the relevant apps. In general, be cautious about sharing personal numbers and consider using virtual numbers or secondary lines for public or one-time uses,” he said.

ADVERTISEMENT

How to set your phone defenses

Have you enabled “Caller ID and spam protection” on your Samsung phone?

To do that, you need to go into the Phone app, tap on the three dots in the top right corner, and go to Settings. Here, enable “Caller ID and spam protection.” Tap for further options if you want to choose between blocking all spam and scam calls, or only high-risk ones. In Samsung phones, those features are provided by Hiya company.

Caller ID and spam protection

Your Android phone doesn’t have that option yet?

As an alternative to your phone manufacturer's app, on your Android device, you can use Phone by Google, which includes spam filtering. It’s free and already has more than 1 billion downloads.

If this phone app is your default, open it, tap on the three dots in the top right corner, and go to Settings. Here, the feature is called Caller ID & spam. Open it and choose to Filter spam calls. It may also be helpful to enable See Caller and Spam ID. However, don’t always trust the caller ID, as scammers can even fake that by using a genuine agency or company name.

How do you detect and block spam phone calls on your iPhone?

Apple’s iPhones offer the use of its ‘Silence Unknown Callers’ feature with a third-party app to block spam calls.

However, the Silence Unknown Callers feature will block all calls from numbers not included in your contacts list. Therefore, ensure that you have essential contacts saved, or you could miss a phone call you don’t want to miss.

ADVERTISEMENT

The Call Blocking & Identification feature is also available with certain carriers to silence calls identified as potential spam or fraud.

For call identification and blocking, Apple suggests using third-party apps. To set up these features, go to Settings, then Phone.

Third-party options include paid and free alternatives, such as the ones offered by carriers, as well as Hiya, RoboKiller, Call Control, and others.

Note that false positives are also likely – these features can sometimes silence wanted calls, such as from your doctor, for example. However, the apps usually allow you to check your call history to see which calls were blocked.

stop-unwanted-calls

AI scammers more believable than ever

Steve Grobman, Chief Technology Officer at McAfee, warns that AI voice mimickers are making scamming phone calls more believable than ever. Globally, about a quarter of people have either experienced an AI voice scam or know someone who has, according to the company’s Beware the Artificial Imposter report. The sad truth is that 77% of voice scam targets ended up losing money as a result.

Scammers can obtain voice samples on social media, where half of adults share clips at least once a week on average. This means that a scam can seem very convincing to the average person, especially with a spoofed phone number and a familiar voice.

“One of the most effective tools these scam calls use is a sense of urgency and fear, telling you that there’s a problem right now and they need your information immediately to resolve whatever bogus issue they’ve come up with. That right there is a sign that you should take pause and determine what’s really happening before responding or taking any action,” Grobman suggests.

Even with the best technologies, not all scam calls will get flagged. In this changing environment, Grobman advises people not to pick up unknown calls, and even if you do – don’t say “yes,” as scammers could use your voice in other scams, including trying to access your financial accounts.

ADVERTISEMENT

“Three seconds of audio is all it takes in some cases to clone a voice with up to 70% accuracy,” Grobman said.

Returning calls from unknown numbers is also no longer a good idea, even if the message in the voicemail sounds intriguing or worrying. Confirming the phone number directly with your bank or other service provider’s website is always better.

Grobman isn’t too excited about third-party call-blocker apps, especially the free ones, as they might bring their own privacy issues.

“How are they making their money? There’s a fair chance that data harvesting and sale might generate their profits. At some expense to your privacy.”

According to the Australian National Anti-Scam Centre, the most dangerous scam category by far is investment scams. Here, losses amounted to more than dating and romance, false billing, phishing, employment, remote access, identity thefts, and other scams combined.

Google fights AI calls with AI screening

Google recently announced a next-generation Call Screen with improved AI.

“With these AI improvements, Call Screen now helps users receive 50% fewer spam calls on average compared to the previous version of Call Screen, which was already quite effective at blocking spam,“ Google spokesperson's comment reads.

According to the spokesperson’s comment to Cybernews, users may see an increase in spam calls for a number of reasons:

  • Seasonal spam calls
  • Phone numbers unknowingly sold, shared, or leaked by a company to affiliates or underground markets
  • A recent engagement with a scammer or spam caller can give them an indication that your phone is active and can be reached again
ADVERTISEMENT

Phone by Google provides multiple user protections – like built-in caller ID and spam protection and Call Screen, which helps determine if a call is spam or not based on information that the caller shares with Google Assistant when the screening is happening.

The spokesperson noted that spam protections can vary in effectiveness across regions based on spam type, frequency, intensity, and social engineering tactics.

Google encourages all countries to adopt the STIR/SHAKEN protocol (the Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using Tokens (SHAKEN) standards), which has proven successful at reducing spam calls in the US and Canada.

It helps others if you report a scammer

Reporting suspected scammers helps tech companies to identify and flag the numbers quicker.

Phone apps usually have a simple reporting feature, allowing you to select the recent call and tap Block or Report Spam. Also, if a call from someone you know gets marked as spam, you can report the mistake and get your future calls unblocked.

“We are always improving our Phone by Google spam protections. Our protections take into account various signals, including reports from users. Users can report or block spam calls in the Phone by Google app,” Google’s spokesperson said.

US residents still receiving unwanted calls can submit a complaint to the Federal Trade Commission (FTC) via www.donotcall.gov or call 1-888-382-1222. Similar do-not-call registries are also provided in Canada, the UK, and other countries.

Also, look after your data.

“One reason that contributes to the surge in fraudulent calls is data breaches. Malicious users exploit these to both find victims as well as to leverage leaked data as part of their social engineering efforts,” Amishav said.

ADVERTISEMENT