Phoenix 24
A few seconds of conversation can reveal an active number, personal details and the emotional weaknesses scammers need.
Madrid, June 2026
Calls from hidden or unidentified numbers have evolved from an everyday annoyance into a potential cybersecurity threat. Criminal networks increasingly use telephone conversations to confirm active numbers, collect fragments of personal information and pressure victims into revealing banking credentials or transferring money. Although answering a call does not automatically compromise a phone or bank account, remaining on the line can provide scammers with the opportunity they need to begin a more sophisticated fraud.
The first warning sign is the caller’s refusal or inability to identify a legitimate organization clearly. Authentic banks, insurance companies, hospitals and public institutions generally explain who is calling and why. A hidden number does not prove that the call is fraudulent, since medical services, courts or corporate switchboards may sometimes conceal their outgoing number, but it removes one of the basic elements a recipient can use to verify the contact.
Some fraudulent calls begin with silence. Automated systems dial thousands of numbers and wait for a person to answer before transferring the call to an operator or recording that the line is active. Even without a conversation, the response may indicate that the number belongs to a real person and is likely to be answered again. That information can increase future spam, phishing attempts and the commercial value of the number within illegal databases.
Other calls use apparently harmless questions to encourage the recipient to speak. The caller may ask whether the person can hear clearly, confirm a name or identify the owner of the number. Security specialists advise avoiding unnecessary affirmative responses and refusing to confirm personal information before the caller’s identity has been independently verified.
Concerns have increased over the possible recording and manipulation of voices. Artificial intelligence can reproduce speech patterns from short audio samples, although creating a convincing impersonation usually requires more than a single word and additional contextual information. The more realistic risk is that a conversation provides criminals with material that can later support social-engineering attacks against relatives, employers or financial institutions.
Voice cloning has made emergency scams more persuasive. A criminal may contact a parent or grandparent using audio that resembles a relative and claim that an accident, arrest or robbery has occurred. The objective is to generate panic before the victim has time to verify the story. Requests for immediate transfers, secrecy or payment through unusual methods are strong indications of fraud.
Hidden calls are also used in vishing, the telephone version of phishing. A caller may impersonate a bank employee, government official, telecommunications provider or technical-support agent. The person often refers to a suspicious transaction, expiring service or security breach and then asks for passwords, card information or one-time verification codes.
The sense of urgency is deliberate. Criminals understand that fear can suppress critical judgment, particularly when the alleged problem involves money, legal consequences or the safety of a family member. Legitimate organizations do not normally demand confidential credentials or immediate transfers during an unsolicited call.
Possessing accurate personal information does not make the caller trustworthy. Data breaches, social networks and commercially available databases can reveal names, addresses, relatives, employers and partial account details. Scammers combine those fragments to create a convincing narrative and encourage the victim to disclose the information still missing.
Caller identification is also unreliable because numbers can be spoofed. The screen may display a local number or even the official contact details of a recognized institution while the call originates elsewhere. For this reason, users should not rely exclusively on what appears on the phone when deciding whether a request is legitimate.
The safest response to an unexpected call involving money or personal information is to end the conversation and contact the institution independently. The number should be taken from a bank card, official application, statement or verified website rather than from information provided by the caller. Calling back through a trusted channel transfers control of the communication to the potential victim.
Users should never share passwords, card security codes, personal identification numbers or temporary authentication codes over the telephone. These codes are designed to authorize access or transactions and should remain private even when the caller claims to work for the institution that issued them.
Scammers may also instruct victims to install remote-access applications so that a supposed technician can resolve a problem. Once installed, that software may allow the criminal to view the screen, access banking applications or control the device. No unsolicited caller should be permitted to direct the installation of software or request access to a personal computer or phone.
Another common scheme involves missed calls from unfamiliar international numbers. The caller disconnects quickly, hoping that curiosity will lead the recipient to return the call. Some returned calls connect to premium-rate services that generate unusually high charges. Users should avoid calling back unfamiliar numbers unless they are expecting an international contact and can verify the origin.
Modern smartphones provide several layers of protection. Users can activate spam detection, silence unknown callers and block repeated numbers. Mobile operators may also identify suspicious traffic, although these tools are imperfect because fraudulent numbers change frequently and legitimate calls can occasionally be filtered.
People who answer a suspicious call should not panic. Simply speaking to a caller does not usually provide direct access to a device or account. The priority is to end the conversation, block the number and monitor bank statements, email accounts and telephone activity for unusual changes.
Anyone who shared financial information should contact the relevant bank immediately. Cards may need to be frozen, passwords changed and recent transactions reviewed. Evidence such as call times, messages, payment details and screenshots should be preserved in case a report must be filed with law enforcement or the telecommunications provider.
Families can also create a private verification word for emergencies. When someone calls claiming that a relative is in danger, asking for the agreed word can help expose an impersonation. The recipient should still end the call and contact the family member directly through a known number.
Older adults and people unfamiliar with digital fraud are frequent targets, but technical experience does not eliminate vulnerability. Effective scams are designed around emotion, authority and urgency rather than a lack of intelligence. Discussing suspicious calls openly can prevent isolation and reduce the embarrassment that sometimes stops victims from seeking help.
A hidden number should therefore be treated with caution rather than automatic fear. Some calls may be legitimate, but the person receiving them has no obligation to continue a conversation that feels unclear, urgent or invasive. Allowing the call to reach voicemail often provides enough information to decide whether responding is necessary.
The central defense is verification. Scammers benefit when the recipient reacts immediately, while legitimate institutions can tolerate a pause. Ending the call, checking independently and refusing to disclose private information can interrupt the fraud before it develops.
La mejor respuesta ante una llamada sospechosa puede ser el silencio. / The best response to a suspicious call may be silence.