Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Fraud & Identity Theft

Enterprises See 30 Percent Rise in Phone Fraud: Report

86 Million Scam Calls Made to US Consumers Every Month, Says Pindrop Security

Based on data from its “telephony honeypot,” anti-fraud company Pindrop Security has determined that the number of scam calls aimed at enterprises has increased by 30 percent since 2013.

86 Million Scam Calls Made to US Consumers Every Month, Says Pindrop Security

Based on data from its “telephony honeypot,” anti-fraud company Pindrop Security has determined that the number of scam calls aimed at enterprises has increased by 30 percent since 2013.

According to the State of Phone Fraud 2014-2015 report published by Pindrop on Wednesday, financial institutions are the most attractive target for fraudsters.

The company says card issuers are the most impacted, with a fraud call rate of 1 in every 900 calls. Banks and brokerages report a fraud call rate of 1 in every 2,650, respectively 1 in every 3,000 calls.

“The higher rate of phone fraud for card issuers can be attributed to the fact that credit cards are one of the most common ways for the public to complete transactions, and thus card numbers are at greater risk for theft,” Pindrop noted in its report. “Compared to credit card numbers, banking or brokerage account numbers are less widely distributed. The less an account number is distributed across channels, the less likely it is to be at risk for fraud.”

Financial institutions risk exposing an average of $7-15 million to phone fraud every year, the report shows.

Retailers, including online retailers, are also targeted by scammers. The average fraud call rate in the case of retailers is 1 in 1,000 calls, but the rate increases for products that are easy to resell, Pindrop Security noted.

Consumers are an attractive target for phone scammers. In the United States, consumers receive 86.2 million scam calls every month, with 2.5 percent getting at least one robocall each week. Pindrop says 36 million of the scam calls made to US consumers can be traced to one of the 25 most common schemes, such as technical support and IRS scams.

According to Pindrop Security, phone fraud rates are similar in all economically developed countries. For example, strict privacy and security regulations in the United Kingdom don’t seem to have a positive effect on fraud rates compared to the United States.

Pindrop has determined that 64 percent of fraud calls originate in a country other than the victim’s country. The attackers can use spoofing technology to mask their real phone number and make it appear as if they are calling from the target’s country. However, it’s worth noting that international fraudsters mainly target English-speaking countries.

Voice over IP (VoIP) is an important factor in the increase of international fraud calls. Scammers can use free, cheap or stolen VoIP accounts to carry out their operations. Pindrop has determined that while only 7.8 percent of the general public uses VoIP to make phone calls, fraudsters use it for 53 percent of their calls.

While VoIP is the attackers’ favorite calling method, mobile devices, particularly so-called “burner phones,” are increasingly used, surpassing landlines.

“These attackers are sophisticated, using a variety of tactics, including automation, working in criminal rings and using both the phone and cyber channel to make tracking their actions more difficult,” said Matt Garland, vice president of research at Pindrop Security and head of Pindrop Labs. “As major data breaches such as Anthem and Target have occurred, attackers have found the phone channel to be the vulnerable underbelly for corporations and consumers, allowing them to monetize the breaches through social engineering and account takeovers.”

The complete State of Phone Fraud 2014-2015 report is available online.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Application Security

Software maker Adobe on Tuesday released security patches for 29 documented vulnerabilities across multiple enterprise-facing products and warned that hackers could exploit these bugs...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Application Security

Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...

Application Security

Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a...

Application Security

Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.The vulnerabilities, in...