Always On Means
Mobile Customers Are Always At Risk

By: Dan Carella

Today, mobile devices are where consumers bank, shop, work, socialize, and manage their most personal information. As a result, telecom providers find themselves in a unique position of digital trust — and that responsibility is shifting in a critical way. While device- and network-level security has never been stronger, fraudsters are sidestepping these defenses to target the weakest link: human behavior.

This pivot in fraud strategy is one telecom leaders should monitor because it has the potential to have an outsized impact on consumer trust and loyalty. Understanding the mechanics of attacks designed to manipulate customers and devastate operations is critical for providers looking to develop the next generation of risk management and consumer engagement.

Constant connection to attack surfaces

Recent data concerning Americans’ use of mobile devices and networks clearly illustrates why it has become a preferred attack vector. Consider this:

• Nearly all (98%) Americans now own a smartphone
• They average more than five hours a day on their devices
• More than half (53%) of consumers report being targeted with email, text, phone or online scams — all of which are mobile channels  

Cybercriminals now have an ever-expanding attack surface with a highly engaged user base—offering a steady stream of personal data that can be weaponized for fraud. Unlike other telecom security challenges, such as SIM swaps or number port-out fraud, today’s new attacks don’t require breaching a network’s cybersecurity defenses at all. Instead, they rely on social engineering techniques designed to manipulate mobile users into willingly handing over data or granting approvals. 

This change in tactics marks a significant shift. It means the most sophisticated security protocols and fraud detection solutions can potentially be bypassed by a single, well-crafted text message or convincingly spoofed call. For telecom providers, it raises significant questions about how to protect customers when the threats are social and psychological in nature — rather than technical.

Current mobile scams to watch

While scams targeting mobile users aren’t new, the tools used by today’s criminals are, and they’re alarmingly effective. Fraudsters are leveraging advances in AI, automation, and data mining to launch attacks that are frighteningly personalized, realistic, and scalable — and often indistinguishable from legitimate communications.

The result? Anyone can fall victim to these increasingly complex and convincing scams.

There are behavioral reasons that make mobile users particularly attractive targets. Mobile engagement is frequently quick and driven by impulse. Compounding the issue, consumers often check their phones while on the go or multitasking, making them more likely to open a link or respond to a message with less scrutiny. And because mobile devices are increasingly used to approve financial transactions, reset passwords, and complete multi-factor authentication, if a fraudster successfully gains access, they typically have “the keys to the kingdom” of the victim’s entire digital life.

The following are some of the new twists on mobile scam trends telecom professionals should monitor this year.

Voice cloning and deepfake vishing: Fraudsters can now use off-the-shelf, AI-powered deepfake technology to replicate a family member or other trusted figure’s voice. Known as voice cloning, the fake audio can be used to trick targets into