There is a new social engineering fraud that has recently become quite widespread. The scammers use the latest fraud modes and techniques to con their victims into believing their tricks.
New Fraud Techniques
When social engineering is combined with technology, it will result in new fraud techniques. Here are some of the ‘new techniques’ used by fraudsters.
By using a voice similar to that of a customer service operator machine, the victim might not feel suspicious, and believe that it is from an official call center. Moreover, after being directed to press the number 1 (or other numbers) to connect to a ‘customer service officer’. When the victim hears a (human) voice claiming to be a customer service or call center agent, the victim is more likely to believe it.
To further convince the victim, the fake customer service officer asks the victim not to mention his/her data directly, but by pressing numbers (for example PIN, OTP, etc.) through the victim’s phone keyboard, pretending that it is confidential.
In fact, everything the victim does will be recorded and stored properly in the scammer’s system. The scammer will then have all the victim’s data, from the ATM number, CVV/CVC, PIN to OTP to access and carry out banking transactions. When the victim finishes inputting all his/her data, the scammer starts to break into the victim’s account to take the money.
Some also use APK files. So, after the phone call, under the pretext of data confidentiality, the fake customer service officer said that data verification should not be mentioned via telephone, but by filling in personal data on a link sent to the victim’s WhatsApp number/email. In fact, the link contains an APK file which, if installed, can pull all data on the victim’s phone.
To anticipate this, it is important to know what kind of scam mode is most commonly used. Then, find the right way to address and counteract the scam.
Some of the Most Common Call Center Machine Fraud Modes
The scammers use fake call center operator machines, but the fraud modes vary. They use the name of a bank, Telco provider company, and even an electricity provider company.
1. Hacked bank account
If it purports to be a bank call center operator, it usually says that the victim’s account number has been hacked. Then, the fake operator will offer to block the account to secure it.
For account blocking assistance, the call center machine will direct the victim to “press 1 to speak to customer service”.
The machine also threatens that if the victim does not press 1, the balance of the victim’s account will be drained. When the victim is connected to the fake ‘fake customer service’, they will ask for the victim’s data as described above.
2. Telco Outstanding Payment
If the call center operator machine is purporting to be from a Telco provider company, it usually informs that there are arrears in bill payments, and customers must immediately verify their data.
They threaten to block the victim’s number and telecommunication services if they don’t verify the data.
3. Unpaid Electricity Bills
Scammers can also pretend to be call center operators from an electricity company. The call center machine will inform you that there are arrears in electricity payments for more than one month.
The bill amount is often extremely high, making the victim even more panicked. They threaten to cut off their electricity if they don’t verify their data.
Tips to Stay Safe from This Scam
Staying calm is the best way to respond to cases like this. Follow these security tips to avoid being scammed by a call center operator machine:
- If you receive a call from a number that resembles an official call center number, remember that the official call center would never actively contact customers and asks for private data such as PIN, OTP, CVV/CVC, etc. Disregard the caller asking for such data.
- If there is indeed a suspicious transaction in your BCA account, try to confirm your finding directly to Halo BCA di 1500888.
- If it is true, you can block the account through BCA mobile.
- If you are informed that you have telephone/electricity arrears, try checking the bill on the official channel of the service provider.
- If there are unpaid bills, only make payments at official payment points or those designated by the provider. Avoid making payments via transfer to the account provided by the caller claiming to be a call center agent.
- If you have been scammed and given your banking data, immediately contact Halo BCA at 1500888 (without any prefix) or via the HaloBCA app which can be downloaded on the App Store or Play Store.
Remain cautious of all scam modes out there. Do not forget to always protect your banking data and not share it with anyone.
Share these security tips with your family and friends.