By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
10alert.com10alert.com
  • Threats
    • WordPress ThreatsDanger
    Threats
    A cyber or cybersecurity threat is a malicious act that seeks to damage data, steal data, or disrupt digital life in general. Cyber threats include…
    Show More
    Top News
    What is a Keylogger -Kaspersky Daily
    8 months ago
    An Interactive Map of Online Threats
    8 months ago
    Kaspersky Uncovers New Chthonic Zeus Banking Malware
    8 months ago
    Latest News
    Triangulation: Trojan for iOS | Kaspersky official blog
    2 days ago
    Wordfence Intelligence Weekly WordPress Vulnerability Report (May 22, 2023 to May 28, 2023)
    2 days ago
    Safeguards against firmware signed with stolen MSI keys
    4 days ago
    WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
    4 days ago
  • Fix
    Fix
    Troubleshooting guide you need when errors, bugs or technical glitches might ruin your digital experience.
    Show More
    Top News
    ✅How To Fix Error PS1 Can Not Be Loaded Because Running Scripts Is Disabled On This System
    8 months ago
    Windows 10 22H2 releases as a preview for testers
    8 months ago
    How to check for app updates on Windows 11
    8 months ago
    Latest News
    How automatically delete unused files from my Downloads folder?
    4 months ago
    Now you can speed up any video in your browser
    4 months ago
    How to restore access to a file after EFS or view it on another computer?
    4 months ago
    18 Proven Tips to Speed Up Your WordPress Site and Improve SEO | 2023 Guide
    5 months ago
  • How To
    How ToShow More
    Dynamic data collection with Zaraz Worker Variables
    Dynamic data collection with Zaraz Worker Variables
    1 day ago
    Reduce latency and increase cache hits with Regional Tiered Cache
    Reduce latency and increase cache hits with Regional Tiered Cache
    2 days ago
    Cloudflare is deprecating Railgun
    Cloudflare is deprecating Railgun
    2 days ago
    What is two-factor authentication | Kaspersky official blog
    5 days ago
    Acer refreshes Windows 11 PCs for work and play: Swift Edge 16 and Predator Triton 16
    7 days ago
  • News
    News
    This category of resources includes the latest technology news and updates, covering a wide range of topics and innovations in the tech industry. From new…
    Show More
    Top News
    Easter egg with Belarus flag
    8 months ago
    Game browser from Opera
    8 months ago
    How to check IP address leak via WebRTC?
    8 months ago
    Latest News
    How to add CPU, GPU, RAM widgets on Windows 11
    2 days ago
    How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
    5 days ago
    How to enable Taskbar End Task option to close apps on Windows 11
    5 days ago
    How to check USB4 devices specs from Settings on Windows 11
    5 days ago
  • Glossary
  • My Bookmarks
Reading: Phone scams and cutting-edge technology for speech synthesis
Share
Notification Show More
Aa
Aa
10alert.com10alert.com
  • Threats
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
  • Threats
    • WordPress ThreatsDanger
  • Fix
  • How To
  • News
  • Glossary
  • My Bookmarks
Follow US
Threats

Phone scams and cutting-edge technology for speech synthesis

Tom Grant
Last updated: 7 October
Tom Grant 4 years ago
Share
7 Min Read

Readers of this blog will already be familiar with phone scams — you’ve probably even received a shady call or two. But you don’t accept offers from strangers or give up personal info when speaking to them, so you’ll be fine, right?

Contents
Voice bankingSay nothingHow to deal with all of this

It turns out that the answer is no, not really. Not long ago, the Federal Communications Commission (FCC) issued a warning about an unusual phone scam. Fraudsters call their victims up and ask a seemingly innocent question: “Can you hear me?” The answer “Yes” is all they need. Replaying a recorded affirmative response lets them subscribe their victims to paid services, which will be included in the victims’ phone bill.

The type of scam where additional services are included in the bill of a subscriber without his or her consent (for example, daily messages with horoscopes or news) is called cramming.

Consider several alarming points about this type of scam. How is it that cramming is even possible? Why can’t law enforcement officials do something about it? Is it really possible to use a voice recording to subscribe someone to additional services?

Technically, cramming is possible because phone companies allow the inclusion of third-party services in subscribers’ bills.

The ruse itself is not that new: 800Notes.com, a website that lists suspicious telephone numbers, informed people about it as far back as 2008. Back then, the trick was used for imposing services on organizations. According to those who have taken the bait, the audio recordings were edited in such a way as to make it seem that victims agreed to adding paid services.

Authorities are trying to combat cramming; thus, in 2015, the FCC obliged telecom giants Verizon and Sprint to pay $158 million to settle the claims of customers who’d had services foisted on them. Still, fraud techniques like cramming may instead grow with the development of modern technologies.

Voice banking

With growing popularity of voice authentication, in the very near future something similar to cramming may become a problem in the banking sector. For example, one of the largest banks in the United Kingdom, Barclays, introduced voice authentication for all of its private customers in 2016.

Global finance corporation HSBC also lets its clients take advantage of voice authentication instead of using a password. Clients have to call up the bank, authenticate themselves using a code word, and say aloud, “My voice is my password.”

HBSC claims the system is protected against attempts to bypass it with voice recordings of customers. Purportedly, the Voice Biometrics technology creates a voiceprint that recognizes physical and behavioral nuances of one’s speech.

Besides, phone scammers will have to find a way to get a bank client to say the entire secret phrase. It hardly seems possible; however, they can attempt to get the client talking and tease out the words they need one by one over several phone calls.

Whenever someone invents a way to trick people, someone else will look for a way to avoid being tricked. For example, Pindrop created technology that takes a variety of factors — including location — into account when evaluating the authenticity of a remote person. A call from the wrong side of the planet will alert the system, for example. Banks use this type of technology for antifraud purposes as well.

Another sign — although not a sure sign — is the chosen communication channel. According to Pindrop’s statistics, scammers use VoIP in 53% of cases, whereas for genuine clients the proportion is quite different, with only 7% using VoIP to contact their banks. For that reason the system automatically notes VoIP calls.

Naturally, fraudsters take countermeasures — for example, by simulating a low-quality connection, which theoretically makes it harder for the system to identify the caller. Evidently, phone scammers will expand their arsenals with new and powerful tools soon.

Say nothing

Project VoCo, outright called “Photoshop-for-voice,” was demonstrated at the Adobe MAX conference in 2016.

After analyzing a speech fragment, the system generates a sample of that person’s voice, including spoken words that were not in the source recording. The invention, according to BBC reports, has caused concern among information security experts. VoCo, just like its graphical ancestor, may become a tool for compromising people, or a method for bypassing speech-authentication systems.

Adobe’s not the only one. Google announced its own project for realistic speech synthesis in 2016, and a Canada-based start-up called Lyrebird announced its technology for speech generation in April 2017. A 1-minute speech recording is sufficient for training the system to say random phrases with the voice of a person who has been recorded (you can listen to a synthesized discussion between American politicians here). Even the developers have admitted that the capability to synthesize speech is potentially dangerous, especially for players in the political arena.

Lyrebird’s founders have settled their technology’s ethical problem with the following statement: “We hope that everyone will soon be aware that such technology exists and that copying the voice of someone else is possible.”

How to deal with all of this

  1. The specifics of the attack in which a victim is coaxed into saying just one word (“yes”) calls for a radical solution. The FCC recommends not answering calls from unknown numbers at all. If someone really wants to contact you, he or she will leave a message.
  2. Do not reveal personal data at all.
  3. Always check all invoices and bills for unexpected items.
  4. An individual method that offers some protection against some phone spam is listing your contact information on the national registry of numbers that telemarketers have to exclude from their lists. Of course, that’s an option only for countries that have such registries — the United States, for example. In the European Union it’s a bit trickier: there’s no All-European registry, although there are national do-not-call lists.

Source: kaspersky.com

Translate this article

TAGGED: Authentication, SASE, Security, Split tunneling, Threats
Tom Grant October 7, 2022 September 30, 2019
Share this Article
Facebook Twitter Reddit Telegram Email Copy Link Print

STAY CONECTED

24.8k Followers Like
253.9k Followers Follow
33.7k Subscribers Subscribe
124.8k Members Follow

LAST 10 ALERT

Dynamic data collection with Zaraz Worker Variables
Dynamic data collection with Zaraz Worker Variables
Apps 1 day ago
How to add CPU, GPU, RAM widgets on Windows 11
News 2 days ago
Reduce latency and increase cache hits with Regional Tiered Cache
Reduce latency and increase cache hits with Regional Tiered Cache
Apps 2 days ago
Cloudflare is deprecating Railgun
Cloudflare is deprecating Railgun
Apps 2 days ago
Triangulation: Trojan for iOS | Kaspersky official blog
Threats 2 days ago

Recent Posts

  • Dynamic data collection with Zaraz Worker Variables
  • How to add CPU, GPU, RAM widgets on Windows 11
  • Reduce latency and increase cache hits with Regional Tiered Cache
  • Cloudflare is deprecating Railgun
  • Triangulation: Trojan for iOS | Kaspersky official blog

You Might Also Like

Dynamic data collection with Zaraz Worker Variables
Apps

Dynamic data collection with Zaraz Worker Variables

1 day ago
Cloudflare is deprecating Railgun
Apps

Cloudflare is deprecating Railgun

2 days ago
Threats

Triangulation: Trojan for iOS | Kaspersky official blog

2 days ago
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 22, 2023 to May 28, 2023)
Wordpress Threats

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 22, 2023 to May 28, 2023)

2 days ago
Show More

Related stories

How to Use Cloudflare to Secure Your WordPress Site
How To Starting Chrome from the command line
How to fix error 0x80070057 in Chrome?
Windows 10 How To Disable Slide to Shutdown
Windows search not working (FIX)
How to watch movies and TV series for free on Kinopoisk?
Previous Next

10 New Stories

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 22, 2023 to May 28, 2023)
Safeguards against firmware signed with stolen MSI keys
WPDeveloper Addresses Privilege Escalation Vulnerability in ReviewX WordPress Plugin
How to create virtual drive (VHD, VHDX, Dev Drive) on Windows 11
How to enable Taskbar End Task option to close apps on Windows 11
How to check USB4 devices specs from Settings on Windows 11
Previous Next
Hot News
Dynamic data collection with Zaraz Worker Variables
How to add CPU, GPU, RAM widgets on Windows 11
Reduce latency and increase cache hits with Regional Tiered Cache
Cloudflare is deprecating Railgun
Triangulation: Trojan for iOS | Kaspersky official blog
10alert.com10alert.com
Follow US

© 10 Alert Network. All Rights Reserved.

  • Privacy Policy
  • Contact
  • Customize Interests
  • My Bookmarks
  • Glossary
Go to mobile version
adbanner
AdBlock Detected
Our site is an advertising supported site. Please whitelist to support our site.
Okay, I'll Whitelist
Welcome Back!

Sign in to your account

Lost your password?