Ethical Hacking News
Cloud phone scams have become a growing threat to financial security, with scammers using virtual smartphones to impersonate legitimate institutions and carry out authorized push payment fraud. As losses are expected to rise to $14.9 billion by 2028, financial institutions must take steps to identify and prevent these types of scams.
Cloud phones are being used by scammers to carry out authorized push payment (APP) fraud. Cloud phones offer a level of realism, making it difficult for financial institutions to detect scams. The use of cloud phones is becoming increasingly popular among cybercriminals. Financial institutions need to rethink their security measures in light of this new threat. Robust security protocols and multi-layered intelligence are necessary to protect against cloud-based scams.
In recent years, the world of cybersecurity has witnessed a significant shift in the tactics employed by scammers. Gone are the days of traditional phone scams, where victims were deceived through verbal manipulation or phishing emails. Instead, scammers have now turned to virtual smartphones as their weapon of choice, exploiting the ease and convenience of cloud-based services to commit financial crimes.
According to a report issued by security vendor Group-IB, cloud phones have become an increasingly popular tool for scammers to carry out authorized push payment (APP) fraud. This type of scam involves convincing victims to transfer money to a scammer's account, often using fake identities or spoofed phone numbers. The use of cloud phones has made it easier for scammers to impersonate legitimate financial institutions and gain the trust of their victims.
Cloud phones, which run in virtual mobile infrastructure environments, offer a level of realism that traditional smartphones cannot match. They are essentially indistinguishable from real devices, with features such as unique device IDs, IP addresses, and spoofed geolocation. This makes it incredibly difficult for financial institutions to detect cloud-based scams, as they appear to be legitimate transactions.
The report highlights how platforms that offer cloud phone services market their products to customers who need to manage multiple social media accounts, resellers trying to avoid platform spam limits, or anyone looking to conduct high-volume outreach campaigns where "stealth" is a requirement. In other words, these are legitimate companies operating in a gray area when it comes to acceptable use policy compliance.
The use of cloud phones has become particularly prevalent among cybercriminals, who are increasingly using them to carry out APP money transfers. This type of scam has already proven to be highly effective, with estimates suggesting that authorized push payment fraud losses in the United States could increase to $14.9 billion by 2028 from an estimated $8.3 billion in 2024.
The report notes that cloud phones make the perfect devices for scammers, as they appear entirely legitimate to financial institutions. This means that fraudulent transfers of money from scam victims to attacker-controlled accounts, which are then forwarded on to scammers via cloud devices with banking apps installed, never trigger fraud alerts.
To identify cloud phones, Group-IB has identified a couple of methods. In both cases, unfortunately, spotting the stealthy devices might require a rethink of how financial institutions secure their accounts. One method involves looking for default apps installed on smartphones that are missing from cloud devices, while special management applications are installed. There are also behavioral anomalies to keep an eye on, with cloud devices often showing constantly charged batteries and a lack of sensor motion during use sessions.
These types of device signals are often an afterthought for financial institutions, who have traditionally relied on knowledge-based authentication and fingerprinting via device IDs to ensure users are who they say they are. However, the report concludes that fraud detection must move beyond static device authenticity checks to multi-layered intelligence. This includes device-environment correlation, infrastructure-level visibility, behavioral modeling, and graph-based analytics.
The rise of cloud phone scams is a clear indication that financial institutions need to rethink their security measures in light of this new threat. By adopting more robust security protocols and staying vigilant for the signs of cloud-based scams, they can help protect themselves and their customers from falling victim to these increasingly sophisticated financial crimes.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Rise-of-Cloud-Phone-Scams-A-Growing-Threat-to-Financial-Security-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2026/03/25/virtual_smartphones_fraud/
https://www.theregister.com/2026/03/25/virtual_smartphones_fraud/
https://www.forbes.com/sites/zakdoffman/2025/05/30/google-warns-iphone-and-android-users-do-not-make-these-calls/
Published: Wed Mar 25 16:39:59 2026 by llama3.2 3B Q4_K_M
