What is happening with the plague of scam phone calls?

In recent weeks Ireland’s mobile phone networks have been flooded with calls purportedly coming from Irish mobile or landline numbers carrying dire warnings about compromised PPS numbers and imminent arrests.

The messages vary slightly and change regularly. Sometimes the voices on the other end of the line claim to be from the Department of Social Protection or the Office of the Attorney General.

Sometimes they claim to be Garda or Revenue. Sometimes they link the recipients to money laundering or drug trafficking or social welfare bonuses or tax rebates coming down the tracks.

Widely available open-source software means anyone with access to the internet can spoof calls with minimal costs and little effort

The telephone numbers change almost every single minute, but the purpose is always the same – to steal money, compromise personal information and exploit the vulnerable.

WFH, shopping local, posh takeaways: which Covid changes are here to stay?

---

Brown Thomas reopening: ‘It was like seeing old friends’

---

Customer experience in Ireland: The best and worst companies

---

Communications watchdog ComReg says there has been an “upsurge in such calls in recent weeks, with the organisers behind them operating anywhere in the world, even if they are purporting to be using Irish numbers”.

The explanation for the upsurge is simple. It is easy to do, and hard to stop. The organisers fool telephone networks into displaying a caller ID which is entirely different from the number actually placing the call.

The call may be coming from eastern Europe or the UK, but it will display on your phone with an O87 or an 083 prefix or as originating in the Office of the Attorney General as happened earlier this year.

Caller ID spoofing, as it is known, used to require deep knowledge of complex telephony, but now widely available open-source software means anyone with access to the internet can spoof calls with minimal costs and less effort.

Using robocall software, criminals can target thousands of numbers chosen at random simultaneously. Just a tiny percentage need to be fooled for the scam to work.

“Patterns in telecoms traffic from overseas indicate that the level of such calls has increased significantly in recent weeks,” said ComReg spokesman Tom Butler.

“These calls are annoying to the public and can lead to people becoming victims of fraud,” he said, adding that ComReg had issued warnings on its website and social media channels.

Cybercrimes of this nature are notoriously difficult to police and criminals are rarely apprehended either here or anywhere else

Others are issuing warnings, too; An Garda Síochána, Revenue, the National Cyber Security Centre and the Department of Social Protection; along with banks and mobile operators.

ComReg has been engaging with telecoms companies and the Garda National Economic Crime Bureau to find ways to combat these nuisance calls, but progress is slow.

If someone actually falls victim to fraud then it becomes a matter for the Garda who work with operators to identify the country of origin of the attacks so that criminals can be pursued through the Europol/Interpol network.

However, the reality is that cybercrimes of this nature are notoriously difficult to police and criminals are rarely apprehended either here or anywhere else. And it is a global problem.

Recent US research for telecom company TrueCaller revealed that as many as 59 million Americans lost money to phone scams over the past year with one in five admitting to have been taken in more than once.

The average loss was about $500 (€422) per person, up significantly from the average loss of $351 found by the same company when it looked in 2020. In all, $30 billion has been scammed.

It is the same story in Australia. People there lost Aus$851 million (€538 million) to scams in 2020, according to the Australian Competition and Consumer Commission’s (ACCC’s) latest Targeting Scams report.

That figure was a record breaker because fraudsters were able to prey on isolated and vulnerable people, who were even more likely to fall for cons because of the pressures on them caused by Covid-19.

Phones were by far the most common way scammers were contacting people, according to data from Scamwatch, which is run by the ACCC, with 48 per cent of reported scams taking place over a call and 15 per cent via text message.

There are no figures for the losses suffered in Ireland, but they are likely to be significant.

All the criminals have to do is tweak the numbers they are spoofing every five minutes and it becomes a game of cat and mouse

“Criminal gangs have stepped up the intensity of the attacks over the last 12 months,” said one high-level cybercrime source working with an Irish mobile operator.

“Everyone was at home and online, using devices more and more. People were also more anxious than ever, and afraid. Utterly heartless criminals are aware of this and look to exploit vulnerabilities,” she said.

“We saw businesses pivot but the criminals pivoted too. The nature of the scams change really frequently now and they are spreading all over the world and spreading really fast.

“Can it be stopped? That is the big question. It can be but it does require all the stakeholders, from the mobile companies and the regulator to the guards and individual consumers.

“It is complicated and it does require the establishment of a taskforce. But, ultimately, the weakest link in the chain is us, the individuals who get the messages or the scam emails.”

Mobile operators can act fast and block certain numbers “but all the criminals have to do is tweak the numbers they are spoofing every five minutes and it becomes a game of cat and mouse”, she said.

On Thursday in the United States the Federal Communications Commission (FCC) imposed anti-spoofing so-called Stir/Shaken standards on mobile operators to authenticate caller IDs and block fraudulent numbers.

“There is no silver bullet in the endless fight against scammers, Stir/Shaken will turbo-charge many of the tools we use in our fight against robocalls,” said acting FCC chairwoman Jessica Rosenworcel.

The changes would shut down the gateways used by international robocall campaigns, she said: “This is a good day for American consumers who – like all of us – are sick and tired of illegal spoofed robocalls.”

Such a good day is a long way off here. ComReg is watching the US move, but says action here would be best co-ordinated by the European Union. Talks so far, however, have yielded little. Expect the scam calls to keep on coming.

How to stay safe:

- Be wary of multiple calls or missed calls from unfamiliar numbers.

- If you call one back by mistake, hang up immediately on calls if no one answers, or if you are left on hold.

- Never give personal information to a cold caller. Ever.

- No bank, government authority or any other agency or reputable business will call you looking for bank details or your PPS number.

- If you get a call from Sierra Leone or Cuba and you don’t know anyone living there, don’t call back. It is a scam.

- If you get a message telling you the guards are on their way to arrest you, it is a scam.

- If you have shared private information, do not delay. If it is financial details, contact your bank immediately. Always contact the guards.