During 2021 alone, phone scammers stole more than $100 million from Australians – and thats just what we know about from the ACCC regulator.
The team at Macquarie University’s Cyber Security Hub has used machine learning and natural language processing techniques to find that most scammers try to gain trust in four stages:
Stage 1 – Introduction
The scammer establishes themselves as credible and in a position of authority, then talks about a serious threat to the recipient in a matter-of-fact way – with the threat supposedly from a higher authority (eg the legal system or tax office).
Stage 2 – Assistance
The scammer poses as a helpful instructor, using rapport-building conversations, ostensibly helping the recipient to resolve the supposed problem, giving step-by-step guidance to navigate to a website, install software or fill out online forms.
Stage 3 – Threat
Emotions can ramp up at this stage, as the scammer reinforces threats for non-compliance, citing police, court orders, arrest warrants, jail and other negative consequences, using legal sounding terms, talking over the victim to defer questions and introducing time pressure to prevent the victim thinking it through.
Stage 4 – Payment / Close
Once the scammer gets what they want – like a credit card payment or enticing the victim to download malicious software – the conversation becomes less organised, and scammers finish the call, sometimes promising to call back with confirmation.