What’s Scarier Than Halloween Night? The Rise of Scammers and Security Breaches in 2019

The horror stories of scammers targeting landline phone numbers and the elderly continue to pile up. Here are the steps that phone companies and governments could take to stop the madness.

• By Tyler Reguly
• Oct 31, 2019

It’s that time of year again, when something spooky is waiting just around the corner. Soon, ghosts and goblins and witches and warlocks will take to the streets, knocking on the doors of strangers and asking for treats in order to avoid a trick. Kids of all ages head out without a care in the world, eager to fill their plastic pumpkin or pillowcase with a king’s ransom worth of candy.

I love this time of year. Halloween was always my favorite when I was a kid and, as an adult, I still have a sweet tooth. It marks the end of the warm months, which means cooler weather and, if you’re lucky, snow. It’s the start of the new TV season and it brings on great horror movies, like this year’s latest slasher flick, Trick.

This year, however, I’ve noticed another trend, and, unfortunately, slasher flicks and scream queens aren’t the only things we need to worry about. Scammers seem to be using new and old tricks in order to treat themselves to your hard-earned cash.

At the start of October, a scam caught my attention in the local news. A couple was taken advantage of because of a flaw in how landline telephone systems work. They were conned into thinking there was a security breach at their bank and that they needed to call the bank back to transfer their money. The scam is that, unlike cell phones, when one person hangs up a landline call, the call is not terminated, the line remains open until both ends hang up. When the victim picks up and dials a number, they are greeted by a person claiming to be their bank and, because they just picked up and dialed, they see this as their reality. The couple is now out $33,500 because of these scammers and a flaw in the traditional telephone system.

More recently, in Canada, we’ve had scammers obtaining people’s Social Insurance Numbers (think Social Security Numbers in the United States) by simply calling and asking them to confirm their number or leading them with personal information. This has become so prevalent that the police in Regina had to put out a notice regarding the scam.

I see these stories frequently, but like a really cheesy horror film, they usually don’t scare me. I’m overly cautious on the phone, I don’t have a landline tied to any of my accounts, and I try to ensure I use two factor authentication and online services to avoid the human element whenever possible.

I tend to get the usual robocall scams that everyone else gets, “Hello, this is the Visa/Mastercard fraud alert service.” (I bet they’d have better results if they dropped either Visa or Mastercard from that intro) or “<HORN SOUND> You’ve just won a cruise!” Recently, however, most people just want to clean my air ducts.

With those calls, I found that if you ask them if they have a chicken cleaning service instead, they tend to hang up pretty quickly. The other day, I did receive a call from someone claiming to be from Microsoft asking if they could confirm my email address in order to send me a document to open. This was a weird call for a few reasons: Why would Microsoft call and ask me to open a document they were sending and why would they have a random incorrect email address? They seem to have guessed at a format and just went with it. I was rather surprised by how adamant they were that I simply needed to tell them my proper email address and open the document sent to it. I wonder if this method works on many people.

Recently, I did have a scare from a scam, and it wasn’t even targeting me. This wasn’t a someone jumping out and yelling ‘Boo!” type scare either, but a full blown “that girl just crawled out of the TV set in The Ring” type scare. My mom called to say that she’d been getting calls that had mentioned fines and, if I recall correctly, possible jail time. I’ve gotten these calls myself and talked to others about them. The automated system that tells you that there’s an outstanding warrant and that you need to pay them money or you’ll be arrested. I was worried that my mother had responded to this scam and that was a scary thought. Thankfully, however, she called me first and I was able to dissuade her from calling them back. Still, it was definitely a moment of terror when I first thought she had been scammed.

I’ve thought about this for quite a bit. We have fact-checking websites popping up online – some are new and designed to fight fake news – but others, like Snopes, have been around forever. We also have websites that track active scams and provide details where people can do research. We have people like Kitboga on Twitch and YouTube raising awareness with people that frequent those platforms.

What we don’t have is a service for someone like my mother, one that can replace her calling me or other people out there that don’t have someone like me to call. There needs to be a way that people can verify these phone calls.

There are definitely steps the phone companies could take. Changes to how call display works to eliminate phone call spoofing, closing the connection on the landline as soon as one end terminates the call (like how cell phones work, even though movies often want us to believe otherwise), and even introducing a verification system for phone calls from trusted services and vendors.

It’s highly unlikely that these changes will happen because the existing system isn’t designed to work that way and, with more and more businesses moving their services online without any human interaction, there’s no need to change it. That’s also one of the key reasons why these scams work: there’s a sense of urgency that’s created in the rare situation where you speak to a real person.

I’m not sure exactly what the answer is, but I think I’d feel much less fearful if my mom could pick up the phone and call a number that would tell her if a call was a known scam. When a horror movie freaks me out too much, I can hit pause or cover my eyes, but this isn’t a movie, and there’s definitely no treat with these tricks, at least not for the victim. Without more regulation from government and commitment – maybe in the form of liability – from involved institutions, it’s unlikely that we’ll see things improve.

Until then, if a call doesn’t feel right, hang up. That’s the best advice. If it feels like they’re trying to scare you or make you nervous, it’s probably worth hanging up. Sleep on it and follow-up with your vendor or financial institution the next day.

A great key point is that generic typically means scam. Scammers may also have personal information, so don’t assume that means you can trust them. But if you hear phrases like “Visa and Mastercard” or “Hello Resident,” terminate those calls. When you hang up, reward yourself with a Reese’s Peanut Butter Cup. It is, after all, the best of the Halloween candies.