The Australian Communications and Media Authority (ACMA) has new data showing 214 million phone scam calls blocked since December 2020, when the Federal Government legislated that telcos must detect, trace and block phone scam calls.
Yes, it is working, but it is a never-ending battle to ‘whack-a-mole’ as new phone scam call technologies emerge. We explore two of the latest phone scam calls.
Spoofing or caller line ID overstamping
Scammers use fake numbers, so you can’t tell who’s calling or texting. They purport to be from trusted organisations like the ATO, your bank, police, local hospital and more recently from AfterPay, PayPal and now COVID tracking.
ACMA advises that if you don’t recognise the number, don’t answer. Let it go to the message bank. You can assess if it’s a phone scam later.
At the low-end criminal callers use Spoofcard, a freemium app (now removed from Google Play but still in the Apple App Store) that allows callers to show any caller ID they want, record calls, disguise their voice, and add background sound effects. Spoofcard says its app protects your privacy, but it and nearly 250 clones are widely used by scammers and worse – bullies.
At the cybercrime end, phone scam calls use the internet to call through +375 (Belarus), +257 (Burundi, Africa) or +245 (Guinea-Bissau, West Africa) and many more countries. Typically, you hear a robovoice first (to confirm you are there) until a human takes over. Once they have your attention, they have a huge array of scams to reel you in.
Wangiri – one ring and drop
Victims receive a missed call. When they call back, the call is at premium rates. Telcos stopped over 159 million phone scam calls between March and June 2021. More than 75 million were spoofing, and 23 million were Wangiri.
What can you do to avoid phone scam calls?
- Be vigilant. Let the call go to voice mail or an answering machine first.
- Never give out details like name, address, credit card over the phone to someone who has called. If you have to give out details, ask the caller’s name and then call back using the real phone number from White Pages.
- Consider getting a dual SIM phone with a ‘public’ number you can ignore, and a private number you can answer.
- If you are a victim, immediately call the bank, police and report it to ScamWatch. If you need help, a not-for-profit organisation, IDCARE, may be able to assist.
You can read more GadgetGuy scam warnings here.
As a single woman, I’ve used SpoofCard to protect myself when online dating and now working from home due to Covid so I can show my office line instead of my home phone. Love their app
SpoofCard appears to be unavailable to people with iPhones using Australian telcos.
This problem will continue to worsen as more and more call centres shift their focus to easy targets like Australia (with our meaningless legislation that only impacts local businesses, rather than the source of the majority of spam and scam callers).
The USA has taken the proactive step of requiring all telcos to use STIR/SHAKEN is a framework of interconnected standards. STIR/SHAKEN are acronyms for the Secure Telephone Identity Revisited (STIR) and Signature-based Handling of Asserted Information Using toKENs (SHAKEN) standards. This means that calls traveling through interconnected phone networks would have their caller ID “signed” as legitimate by originating carriers and validated by other carriers before reaching consumers. STIR/SHAKEN – a system that authenticates (digitally validates) the handoff of every phonecall passing through their networks, allowing the phone company of the consumer receiving the call to verify that a call is in fact from the number displayed on Caller ID, a similar system could apply to SMS messages.
Until Canberra / MP Paul Fletcher pulls his finger out of his ar@$hole and fixes it, millions more Australians will continue lose precious data and their life savings to robocallers and other scams.