Call-Aware Link Fraud Prevention Mechanism [Proposal]
1. Background In many social engineering fraud cases, attackers initiate a phone call and guide the victim to open a malicious link sent through SMS, messaging apps, or other communication channels. The attacker remains on the call to create urgency and instruct the victim to perform actions such as entering credentials, sharing OTPs, or installing malicious applications. Traditional caller identification tools mainly detect spam numbers but do not actively protect users during the real-time interaction phase of a scam . This proposal introduces a Call-Aware Link Protection Framework designed to identify suspicious patterns involving calls, links, and user actions. 2. Key Risk Scenario A typical fraud pattern occurs as follows: The victim receives a call from an unknown or spoofed number. During the call, the attacker sends a link via SMS, WhatsApp, or other messaging platforms. The attacker instructs the victim to open the link immediately. The victim enters sensitive informati...