Scam callers. How do they keep finding me?
Phone scams are on the rise, with no signs of stopping. Almost 45 million people in the UK were targeted by scam phone calls or text messages over the summer of 2021. About half reported getting a scam call or text at least once a week.
Scammers keep calling, even though you haven't shared your phone number with strangers. Why so?
Here are five sources where spammers can get your personally identifiable information. Surprisingly enough, in some cases, it is you who provide scammers with your personal data.
Scammers buy phone numbers in bulk on the dark web. There're numerous websites selling databases with numbers on the dark web. Purchasing a database is not an issue nowadays. Unscrupulous officials (including bank ones) sell customers' personal data. Such databases may contain phone numbers, your full name, gender, age, city of residence, income level, interests or profession, marital status, and even your bank card number.
Personal data can be taken from ad websites. Contacts, including phone number and email, are available to everyone on some resources. Even inaccessible data can be leaked, though.
Scammers use auto-dialers that generate and call random phone numbers. Sooner or later, it may be your turn.
Phone numbers and emails are often indicated in social networks' profiles and forums. Having hacked a poorly protected account, a scammer gets your personal data.
There're various phishing websites that are explicitly created to collect personal and payment data (See 'Phishing methods' post). And some unsuspecting users lap it up.
Scammers often get the necessary information through companies that provide you with standard household services – ordering a taxi, buying a phone, sending a parcel, etc. You leave contact information everywhere, and not all organizations store it for their only use. A company or service collects information about its customers and asks them to give personal data processing consent. But how many people read legal agreements in full? Their loss! Many contain a point that gives the company the right to transfer its customers' data to its 'partners.' And 'partners' can be any third parties.
Now suppose you got a call or received an email, and the caller or sender tells you that you won a lottery or any other suspicious information. In that case, hang up and don't follow the links in the email.
Unfortunately, anonymity does not exist in 2022. The good news is that you can minimize the risk of getting into scammers' databases.
First of all, protect all your profiles with complex passwords.
Secondly, it makes sense to have two phone numbers. One of them should be for personal use only, and the other — for websites and online stores. Of course, the risk that the second one will get into the fraudulent databases is great. However, if it happens, you'll easily say goodbye to it.
Finally, you should use different and preferrably anonymous emails for different services that you use. In this case, if scammers get one of your emails, it wouldn’t be your main one.
Subscribe to our newsletter to receive a quick overview of the latest news on human risk and the ever-changing landscape of phishing threats.