AI generated voice scam hits southern Ontario
Published March 29, 2024 at 1:01 pm
A sophisticated AI scam aimed at defrauding individuals by using voice clones to mimic loved ones or businesses and steal personal information or money is now circulating in southern Ontario.
Vishing is a scam in which fraudsters call victims, pretending to be family members or employees from legitimate companies and trick them into giving away personal information. They use special technology to change their phone numbers and voices, making it hard to tell they’re fake.
This technology also allows them to place many calls quickly and hide where they’re calling from, making these scams tough to stop.
The Canadian Anti-Fraud Centre (CAFC) recognized for informing the public about new scams, cautions that fraudsters will collect phone numbers to make these random calls or dig up details about specific people or companies for more targeted scams.
Some ways fraudsters collect this information are:
- Dumpster diving— scammers obtain lists of phone numbers thrown in the trash by banks or organizations.
- War dialling— a technique used to automatically call every number in a specific area code to look for active phone numbers.
- Internet search: Scammers will scour websites like YouTube and social media to find voice clips of important people, such as company CEOs.
- Data breach—fraudsters obtain stolen phone number lists sold by other scammers from a data breach.
- Voice manipulation—In a more sophisticated ploy, fraudsters will use AI (artificial intelligence) technology to clone voices, impersonating trusted individuals like family members or bosses to make the scam more convincing.
- Fraudulent Calls—scammers will fake their caller ID to make calls and leave a pre-recorded voicemail for callbacks. In more complicated attacks, they use voice synthesis software to change their identity or manipulate the cloned voice of a high-profile target during the call.
The CAFC says vishing scams are designed to trick you into giving away private information like PINs, Social Insurance Numbers, credit card details or passwords, leading to identity theft or unauthorized transactions. Here are common vishing tactics:
- Credential Vishing: Scammers pretend to need banking or credit card info to access and steal from your accounts.
- Government Impersonation: Impersonating tax officials, scammers intimidate victims into paying non-existent taxes with threats of legal action. They might also pose as law enforcement to gather personal information for identity theft.
- Corporate Extortion: Impersonating a boss or CEO, they trick employees into transferring funds or granting them access to sensitive information.
- Telemarketing Scams: Fake telemarketers claim you’ve won a prize, then ask for a fee or your credit card information.
- Technical Support Scams: Pretending to be tech support, they ask for personal info or access to your device to install malware, resulting in financial losses and more scam calls.
Additionally, the CAFC offers the following steps to take in case victims fall into vishing scams:
- Alert Your Banks: Immediately contact any banks linked to the compromised accounts. Inquire about reversing fraudulent transactions and blocking future unauthorized charges.
- Update Passwords: Change the passwords for all affected accounts. If the same password was used elsewhere, change those too.
- Monitor Accounts: Keep an eye on your financial statements. Consider enrolling in a credit monitoring service to detect any suspicious activity, particularly if you suspect identity theft.
- Report to CAFC: Inform the Canadian Anti-Fraud Centre about the scam. Note the scammer’s phone number and any websites they directed you to, and share this information with the CAFC.
- Inform Your Workplace: If corporate information was disclosed, notify your organization’s IT department and follow the internal reporting procedures for security breaches.