Australian researchers have used machine-learning techniques to identify the typical four stages of fraudulent money-taking phone calls.
These are the calls that entice and threaten people to pay bogus “fines” or download malicious software that leads to their bank accounts being hijacked.
The researchers from Macquarie University’s Cyber Security Hub, according to an in-house report, “analysed the content of more than 100 hours of scam phone calls to identify clear call ‘stages’ and pinpoint the social engineering techniques scammers use on their victims”.
What’s the damage?
In 2021, phone scammers talked trusting Australians out of more than $100 million.
That money was ripped off during 144,000 calls that were reported to the ACCC’s Scamwatch service.
Allowing for the shame factor – where victims blame their gullible selves and are too embarrassed to report their loss to authorities – and it’s a safe bet that the real figure is much higher.
How the researchers are fighting back
The research, led by Professor Dali Kaafar, uses machine-learning techniques and natural language processing “to uncover scam ‘scripts’ that use various topics and emotions”.
Natural language processing is a branch of AI that gives computers the ability to understand text and spoken words. You will have encountered this technology in automated assistants on commercial websites.
The researchers transcribed more than 300 scam calls published on YouTube, “most recorded by people who pretend to fall for a scam, then eventually reveal their ploy and chastise the scammer”.
Selected samples of these conversations were put through ‘sentiment analysis’, a process that determines the emotional tone behind a series of words.
Machine-learning models were also used to find patterns in the scam calls.
These included “particular phrases and keywords, and common transitions between topics that might reflect steps in a scam script”.
These findings will help develop better ways to detect and prevent scams, which account for the human element that is critical to scammers’ success.
Why we need this kind of response
Professor Kaafar said that “while a range of technology fixes have been developed, such as blocking known bad numbers and using pattern recognition on outgoing calls, these capture only a small portion of the vast influx of scam calls”.
He said it was harder to combat the social engineering techniques “that scammers use to manipulate their victims into revealing personal and account details, purchasing online vouchers or transferring funds to bank accounts controlled by the scammer”.
“Ours is one of the only studies to unpack the content of scam calls and the psychological tricks used by attackers in depth,” he said.
The Macquarie research, he said, “is one of the only studies to unpack the content of scam calls and the psychological tricks used by attackers in depth”.
It also remains a work in progress.
The stages of the scam
The team found that scripts used by scammers contain multiple paths, which can be simplified into four different stages:
Stage 1 – Introduction
The scammer establishes themselves as credible and in a position of authority, then talks about a serious threat to the recipient in a matter-of-fact way – with the threat supposedly from a higher authority, such as the tax office or law enforcement.
Stage 2 – Assistance
The scammer poses as a helpful instructor, using rapport-building conversations, ostensibly helping the recipient to resolve the supposed problem, giving step-by-step guidance to navigate to a website, install software or fill out online forms.
Stage 3 – Threat
Emotions can ramp up at this stage, as the scammer reinforces threats for non-compliance, citing police, court orders, arrest warrants, jail and other negative consequences, using legal-sounding terms, talking over the victim to defer questions and introducing time pressure to prevent the victim thinking it through.
Stage 4 – Payment
Once the scammer gets what they want – like a credit card payment or enticing the victim to download malicious software – the conversation becomes less organised, and scammers finish the call, sometimes promising to call back with confirmation.