Scam callers are now using stolen personal information to tailor calls to specific consumers, posing as trusted companies to swindle money, according to a new report that analyzed 40 billion calls made this year.
Criminals are leveraging the massive data breaches that have rocked major companies by using the exposed customer information to target consumers directly, according to First Orion, an Arkansas call-management company. In addition, fraudsters are “spoofing” the companies’ main outbound calling numbers to make the scam calls even more convincing.
Caller ID spoofing is when callers falsify the information transmitted to a caller ID display to mask their identity. The combination of knowing consumers’ personal information and posing as a trusted company is giving scammers an edge over their victims, First Orion found.
Twenty-eight percent of all scam calls targeted victims using personal data, the firm reported. Three-fourths of victims said scammers already had some of their personal information and used that insight to extract more data, leading to a financial loss.
First Orion, which works with major phone companies such as T-Mobile and Sprint, analyzed more than 40 billion calls made to customers so far this year and commissioned a blind study of 5,000 U.S. mobile phone subscribers who spoke to scam callers.
Last year, First Orion predicted that half of all mobile calls would be fraudulent this year. While scam call volume remains high, so far this year, the firm said such calls constitute about 40% of all calls as scammers shift to a quality-over-quantity approach for the first time.
Nearly four in 10 victims said scammers knew their home address, and 17% said criminals were able to verify all or part of their Social Security numbers, the report said. Nearly one in three people who experienced a loss of at least $1,000 thought they were answering a call from a business they knew.
The technique of impersonating a business — dubbed “enterprise spoofing” — comes as consumers stop answering their phones
“Victims see a number they trust and are presented with personal information that is credible, which equates to a scam designed just for them,” the report said.
The report was released ahead of the Federal Communications Commission’s Robocall Summit in Washington. The summit will examine the phone industry’s progress in implementing technology.