Australians have reported being swamp scam with calls that appear to come from a legitimate agency or even from their phone number.
It’s known as “call spoofing,” and it’s the latest tactic cybercriminals use to persuade mobile phone users to accept a call.
According to Telstra, call spoofing has increased considerably during the pandemic, as Australians spend more time on their phones and more time looking for official communication from their service providers.
Scammers know that users are less likely to respond to unknown numbers or numbers that appear to come from a country where they have no business.
To overcome this, they utilize call spoofing, which “overstamps” a valid number. The call appears to come from a legitimate entity like Telstra or the ATO on the recipient’s phone.
Scammers will sometimes overstamp a phone number that is one digit different from the receiver’s number. This social engineering technique is used to build trust and get the person to accept a call, as people are more likely to pick up a call from a familiar number.
According to Telstra Senior Specialist Writer Luke Hopewell, most spoofed calls are automated messages once a call is answered, although some have people answering the calls.
The Australian Competition and Consumer Commission’s (ACCC) Scamwatch reported another new trick involving telephones getting instant messages about missed calls or voice messages.
The text messages ask the user to download an app to hear the voice message, which is a malicious software called Flubot, and since early August 2021, there are over 5500 reports of Flubot attempts.