Comment by chii
3 days ago
the easiest way to defeat phone fraud is to ahead of time decide on a verbal password between family (and close friends, if they're close enough that you'd lend them money).
In a real scenario, they'd know the verbal password and you can authenticate them. Drum it into them that this password will prevent other people from impersonating you in this brave new world of ai voices and even video.
That is more or less what i did with my parents, but this approach is still susceptible to active mitm attacks.
2 factor authentication through a secure app or a trusted family member is probably also needed though i haven't tackled this part with them yet.
> 2 factor authentication through a secure app
the problem is that the sort of emergency scenario in which family member would need the help is not often done or possible via a secured app. It's often just a telephone, with a number that you cannot recognize - imagine getting that phone call from a police station in the middle of nowhere when arrested, then you dont have access to any of your personal belongings as they're confiscated. The phone is a landline from the police station!
Therefore, a verbal password is needed, as this scenario is exactly how a scammer would present as the emergency that they need help (usually, wire some dollars to this account to bail out).
"Oh sorry son did we have a password? I totally forgot."
This is a HN fantasy solution.
Works for me and the family. No code-word, no transfer of funds.
Have your parents been targeted by convincing fraudsters? It doesn't work for you; you hope it will work.
1 reply →