Scammers are constantly adapting and have developed new strategies to take advantage of consumers this holiday season.
A new study by First Orion identifies "enterprise spoofing" as one of the major trends. That scheme involves the use of stolen data, obtained from the countless data breaches, to impersonate trusted businesses or charities.
You’ve probably seen an example in your email inbox. More likely, one of these scammers has called you on the phone. But instead of a robocaller trying to sell you worthless health insurance, enterprise spoofing scams are likely to be much more personal, which makes them dangerous. First Orion found that more than 15 percent of consumers it surveyed received a personalized scam call.
‘Onslaught of data breaches’
When the field was narrowed down to just those consumers who lost money to a scammer, three-quarters said the criminal knew some personal information about them when they made the call.
"The onslaught of data breaches armed scammers with enough stolen information to fabricate intricate and personalized scam calls," said Scott Hambuchen, chief information officer at First Orion. "With stolen personal data leaked in mass, consumers are being targeted by much more sophisticated and effective personalized scam calls.”
Not only do the scammers mine data breaches for personal tidbits about individual consumers, but they then spoof a business or organization’s Caller ID to trick consumers into thinking the call is legitimate.
But then, legitimate calls are becoming a rare thing. More than half the consumers in the survey said that they receive more spam calls than real calls on any given day.
The personal information about intended victims comes from the data breaches that have almost become a weekly occurrence. As we reported last week, this incomplete information is also being harnessed by scammers to create “synthetic identifies” that allow them to carry out fraud.
Impersonating charitable organizations
At this time of year, enterprise spoofers are stepping up their efforts to impersonate charitable organizations. These schemes are very effective, especially when the scammer might have some personal information about the potential victim.
In the study, 24 percent of the consumers who received a call from a phony charity fell for it, with scammers often using the American Red Cross, Salvation Army, and UNICEF as cover for their schemes.
Consumers who want to give to one of these charities should go directly to the organizations’ websites and not click on email links or respond to telephone solicitations.