Exploring Call Fraud

Since Telephone operators were replaced by dial phones, call fraud has been a problem, today it is a huge global industry. We explore how and why this problem remains so difficult to eradicate.

March 8, 2023
Research

The Increasing Threat of Call Fraud

In recent years, call fraud has emerged as one of the fastest-growing forms of cybercrime, evolving into a multi-billion-dollar industry. While email phishing and online hacking attempts often dominate the headlines, fraud conducted via phone calls—commonly referred to as voice phishing or "vishing"—has become equally sophisticated and damaging. This type of fraud generally involves criminals impersonating legitimate institutions, such as banks or government agencies, to deceive individuals into disclosing sensitive information.

The proliferation of call fraud can be attributed to several factors: technological advances, human vulnerability, and the rise of interconnected digital identities. As fraudsters become more adept at exploiting phone networks and leveraging personal data, the scale and effectiveness of their scams continue to rise. This blog will break down the driving forces behind the rapid growth of call fraud and explore why it has become so difficult to combat.

Technological Advances: The Engine of Call Fraud Growth

The technological developments that have benefited society in many ways have also given criminals more tools to exploit. One of the major factors driving the rise of call fraud is Voice over Internet Protocol (VoIP) technology. VoIP allows scammers to mask their real numbers and spoof legitimate ones, making it nearly impossible for the average person to distinguish between a real and fake call. In fact, phone number spoofing has become one of the most common tools used in these attacks. According to the Federal Communications Commission (FCC), phone number spoofing allows fraudsters to manipulate caller ID systems, leading victims to believe that they are receiving calls from trusted organizations1.

Moreover, advancements in Artificial Intelligence (AI) and deepfake technology have enabled fraudsters to mimic voices with stunning accuracy. AI-driven voice cloning allows scammers to impersonate family members, colleagues, or corporate executives, enhancing the believability of their schemes2. For example, in 2020, a bank was defrauded of $35 million by scammers using AI to impersonate the voice of a company director3. This demonstrates the increasing sophistication of the technology being used to deceive individuals and institutions alike.

Finally, the availability of robocalling systems has enabled call fraud at an unprecedented scale. These automated systems allow scammers to send millions of calls per day, casting a wide net for potential victims. The ease of launching a robocall campaign, combined with low operational costs, has made call fraud highly lucrative for cybercriminals.

Human Vulnerabilities: Why We Are Easy Targets

While technology facilitates the mechanics of call fraud, human behavior and psychological vulnerabilities play a crucial role in its success. Fraudsters often use social engineering tactics to exploit fear, trust, or urgency. This manipulation preys on individuals' emotions, making them more likely to disclose sensitive information.

For instance, many call fraud schemes involve threats of legal action or financial penalties. Victims may receive a call from someone claiming to be from the Internal Revenue Service (IRS) or law enforcement, pressuring them into paying "back taxes" immediately. According to the IRS, this form of impersonation scam is extremely common, especially during tax season4. Fraudsters exploit people’s fear of government authorities, inducing panic and coercing them into compliance.

Beyond fear, scammers also prey on trust. A tactic known as "smishing"—where criminals send fraudulent SMS messages to lure victims into providing personal information—often pairs with vishing attempts to deceive targets5. When individuals trust the legitimacy of the caller based on the information presented via text or phone, they are more likely to follow instructions or share sensitive data.

Finally, the COVID-19 pandemic created new opportunities for fraudsters. As governments distributed financial aid and stimulus checks, fraudsters adapted their tactics to include pandemic-related scams. The chaos and uncertainty surrounding COVID-19 allowed criminals to exploit people’s anxiety, offering fake vaccines, loans, or financial support in exchange for personal details6. This intersection of technological manipulation and emotional vulnerability continues to fuel the rise of call fraud.

The Rise of Interconnected Identities and Data Breaches

The rapid growth in data breaches over the past decade has also significantly contributed to the rise of call fraud. Each data breach provides criminals with sensitive information about millions of individuals, allowing them to create detailed profiles of potential victims. Once a hacker gains access to personal details—such as full names, addresses, Social Security numbers, and phone numbers—they can conduct highly targeted fraud schemes.

For example, by using the personal information obtained in a data breach, a scammer can easily convince an individual that they are calling from their bank. The scammer might reference the victim's recent transactions or account details, which makes the fraud more convincing7. Data breaches from large institutions, such as the Equifax breach in 2017, have provided scammers with treasure troves of personal information, which are often sold on the dark web8.

Compounding this issue is the increasing use of interconnected digital identities. With the rise of online services, from banking apps to social media accounts, individuals often reuse the same personal information across platforms. This interconnectedness makes it easier for fraudsters to exploit weak points in one system to gain access to others. For instance, if a hacker obtains your phone number through a breached online account, they can use that information to execute a call fraud scheme posing as your bank.

The sheer volume of personal information available to criminals has made call fraud more precise and difficult to detect. As individuals become more reliant on their phones for business, communication, and financial transactions, the risk of falling victim to call fraud grows.

Conclusion: Combating the Rise of Call Fraud

The rise of call fraud can be attributed to a perfect storm of technological advancements, human vulnerabilities, and the increasing availability of personal data. As criminals continue to leverage VoIP technology, AI-driven voice cloning, and social engineering tactics, the threat of call fraud is expected to increase. To combat this growing issue, individuals and organizations must remain vigilant, employing best practices such as call-blocking technology and educating the public on the signs of potential fraud.

Moreover, policymakers and tech companies need to prioritize stronger regulatory measures, such as enforcing stricter penalties for phone number spoofing and requiring better verification systems for sensitive transactions. While call fraud is unlikely to disappear entirely, a multi-pronged approach—combining technology, regulation, and public awareness—can help mitigate its impact and protect potential victims.

Footnotes

  1. Federal Communications Commission (FCC), “Spoofing and Caller ID,” https://www.fcc.gov/consumers/guides/spoofing-and-caller-id. ↩
  2. Future Crime Labs, "AI-Driven Call Fraud: How Deepfakes Are Changing Cybercrime," https://www.futurecrimelabs.com/articles/deepfake-voice-cloning. ↩
  3. Franceschi-Bicchierai, Lorenzo. “Scammers Cloned Company Director’s Voice in $35 Million Bank Heist,” Vice, August 2020. https://www.vice.com/en/article/akzg9k/scammers-cloned-directors-voice-35-million-bank-heist. ↩
  4. IRS, “Tax Scams/Consumer Alerts,” https://www.irs.gov/newsroom/tax-scams-consumer-alerts. ↩
  5. National Cybersecurity Centre, “Smishing: How to Spot a Scam Text Message,” https://www.ncsc.gov.uk/collection/smishing-text-messages. ↩
  6. Federal Trade Commission (FTC), "Coronavirus Scams: What the FTC Is Doing," https://www.ftc.gov/news-events/coronavirus-scams-what-ftc-doing. ↩
  7. Lemos, Robert. "Call Fraud and Data Breaches: How Criminals Exploit Leaked Data," Security Week, September 2021. https://www.securityweek.com/call-fraud-and-data-breaches. ↩
  8. Zetter, Kim. "The Full Story of the Massive Equifax Data Breach," Wired, September 2018. https://www.wired.com/story/equifax-breach-no-excuse. ↩

Author
Self Group
Identity is not a product
The increasing trend among governmental and corporate entities to conceptualise and manage human identity as a product is fundamentally flawed. The approach is not only morally problematic, but also technically unsound.
Exploring Call Fraud
Since Telephone operators were replaced by dial phones, call fraud has been a problem, today it is a huge global industry. We explore how and why this problem remains so difficult to eradicate.
Your security problem is an identity problem
It’s only going to get more difficult for organisations to protect themselves, their customers and their data as the technology the hackers use gets better. In many cases organisations simply aren’t ready for today's challenges, let alone those which are coming
© Copyright Self Group Limited 2019-2025 All Rights Reserved