[danduma]

My mother fell for exactly this scam, thankfully was able to cancel the transaction just in time and gave evidence to the police. Funny to see on HN something that touches one so close.

The most fascinating thing here is the lack of sophistication of the approach. No fake images or audio or anything.

I'm worried about the new wave of impersonation scams that's coming thanks to voice cloning.

[EnigmaFlare]

I wish there was more promotion of the simple way to protect yourself from most scams - if someone initiates contact with you, contact them back through a channel you found independently in a way you already trust. My bank keeps warning me of scams and has a list of ways to protect yourself, but they're stupid things like check if the message is from a mobile number, and does it sound too good to be true? They don't mention the more robust and simple technique of calling back using the number on the back of your bank card. This will nip voice impersonation scams in the bud too.

I hired a lawyer who did advise that. Telling me not to pay any invoices they send me without first contacting them to confirm.

On the other hand, my doctor sends text messages asking for bills to be paid to an account number in the message itself. Training people to trust scam techniques!

[WhyNotHugo]

I got a call once where the guy said he was from a bank. He said he wanted to verify who I was, so was going to ask me some personal details. I replied "you're the one calling me, how do I know you're really from the bank?".

He sounded amused by my reply, commented that my stance was quite uncommon, but I had made a fair point. He said I'd get a message via the bank's webapp, with a phone number where I could call him back.

It turned out that it was a legitimate call from the bank. But they clearly aren't training their customers to follow secure practices. The personal information that he was asking for is _exactly_ what a scammer would need to ask me too.

[RileyJames]

Exactly. They have the capability to push notification to the app to request you call them. They should do that BEFORE. And if they do outbound, immediately state were pushing a notification and you should call us back as we have something important to discuss.

[nicolas_t]

I’ve had a similar experience except that the person was clearly irritated at my response. He cut the call and I was only able to confirm that the call was legitimate because I asked my relationship manager at the bank.

[afavour]

> I'm worried about the new wave of impersonation scams that's coming thanks to voice cloning.

That at least isn’t replicable at mass scale. You’d need to have a training set for each relative you’re pretending to be.

But in general, yes, it’s going to be a mess.

[abrookewood]

Luckily for the scammers we keep posting videos to Facebook, Instagram and any other social media app you can think of. It's going to be a nightmare.

[mewpmewp2]

Latest tools can clone from under 15s etc.

[zlefgram]

You only need a few seconds. If you can access whatsapp shared filed of the victim this may be enough.