News

DECEPTIVE ROBOCALLS EXPLOIT CONSUMERS WITH FAKE PURCHASE ALERT SCAMS

Written by Amy Ralls | Dec 1, 2023 4:50:51 PM

Holiday Shoppers Should Be on Guard Against Fraudulent Robocall Voice Messages

IRVINE, CA - November 30, 2023 - Americans are under threat from robocalls purporting to alert consumers about potential fraudulent purchases, according to a threat advisory issued today by YouMail. These vishing calls pretend to be from or related to major American brands and financial institutions, like Amazon, Apple, Visa, Chase Bank, and others. The calls generally defraud consumers by informing them that one or more transactions have taken place and that the consumer should press 1 or call them back if they didn't make those transactions. Consumers are then asked for information that leads to an account takeover at their financial institution.

One common class of robocalls impersonates Amazon and purports to notify the consumer that an expensive purchase, like an Apple Macbook Pro or iPhone, was charged to their credit card.

Hello, this is an automated message from Amazon. Your card has been charged of $2,253 for the purchase of an Apple MacBook Pro with Order ID312106. If you did not place this order, and would like to speak to one of our representatives, please press one or please call back.

Scammers then follow up the call by working to get information from the consumer that lets them take over the person's Amazon account, credit card, or bank account. These Amazon impersonation robocalls are rising in volume as the holidays approach, and they are happening despite Amazon having said they worked to shut down 15,000 phone numbers this year alone. The Amazon impersonation calls appear to be made somewhat randomly, but it's highly likely that a random call to a mobile phone number will hit an Amazon customer, given the sheer penetration of Amazon across the U.S.

Another common type of robocall now impersonates subscription service providers, such as consumer-oriented security companies like NortonLifelock or McAfee. These calls claim that an expensive renewal of the subscription has just happened.

If you have not authorized this charge, you have 48 hours to cancel and get an instant refund of your annual subscription. Please press one or call our Customer Care 1-810-643-1506. Thank you for your purchase of Norton antivirus.

Security company brand impersonation calls are often combined with numerous e-mails including similar messaging and a call back number. In all these cases, the call back numbers are legitimate phone numbers that the scammers use very briefly before rotating to a different number.

Finally, there is an increasing number of calls claiming to be directly from financial institutions about a suspicious or fraudulent charge on either a credit card or debit card.

One example is this brand impersonation call claiming to be Visa that implies there have been fraudulent transactions on your credit card.

Hello, this is a call from Visa Security Department. We have found two suspicious charges made on your card today this morning. First is for $400 to eBay and the other is for $1,300 for international gift cards. If you have made those charges, press one or else press two to speak to our representatives.

Another example is this call impersonating Chase Bank related to a made-up debit card charge.

This is the fraud department of Chase Bank. This is in regards to your debit card. Did you authorize a transaction in the amount of $155 at Diamond Store on your debit card? If you recognize the purchase then hang up. If not, then please call us back at 1-800-941-4803. Thank you.

What all of these calls have in common is that they are piggybacking on known brands, which increases the chance of fooling people into pressing a button or clicking through to a problematic website. Further, a significant number of these calls will hit iPhone users running Live Voicemail, where a recipient will see the transcription and feel a sense of urgency to press 1.

The damage from these calls may be considerable, since the FTC has reported that in 2022, imposter scams caused roughly $2.6 billion in losses to consumers, up more than 10 times the losses reported in 2020. Further, the median loss of a scam starting from a phone call is now $1,400.

"During the holidays, these vishing calls tend to increase in volume and have a good chance of reaching susceptible consumers," said Alex Quilici, CEO of YouMail. "Consumers should simply let these calls roll to voicemail, and then find the number of the business through its website if they are worried and want to contact them. It's also wise for consumers to run robocall blocking apps like YouMail to filter out many of these calls automatically because we work with authorities to help make it harder for these scammers to operate."

About YouMail, Inc.
YouMail protects consumers, enterprises, and carriers from harmful phone calls. YouMail provides U.S. and UK consumers with app-based call protection services through the YouMail, Another Number, and HulloMail apps. These solutions answer over a billion live calls per year across well over 10 million registered users, powering America's most robust telephone sensor network in identifying and providing zero-hour protection against illegal calling campaigns and cyberattacks. YouMail Protective Services leverages this sensor network to protect consumer-facing enterprises by detecting and helping shut down imposter traffic that can lead to financial or brand damage, as well as to protect carriers with robocall mitigation services that detect and help stop bad traffic originating, traversing, or terminating on their networks. This sensor network is also used to provide the  YouMail Robocall Index™ as the nation's definitive source on telephone network activity and attacks. YouMail, Inc. is privately funded and based in Irvine, California.