ASRJam: Human-Friendly AI Speech Jamming to Prevent Automated Phone Scams
This addresses the security threat of scalable AI-driven phone scams for potential victims, offering a practical and human-friendly defense.
The paper tackles the problem of automated voice phishing scams by introducing ASRJam, a proactive defense framework that injects adversarial perturbations into audio to disrupt attackers' ASR without affecting human callers, with EchoGuard achieving the highest overall utility in a 39-person user study.
Large Language Models (LLMs), combined with Text-to-Speech (TTS) and Automatic Speech Recognition (ASR), are increasingly used to automate voice phishing (vishing) scams. These systems are scalable and convincing, posing a significant security threat. We identify the ASR transcription step as the most vulnerable link in the scam pipeline and introduce ASRJam, a proactive defence framework that injects adversarial perturbations into the victim's audio to disrupt the attacker's ASR. This breaks the scam's feedback loop without affecting human callers, who can still understand the conversation. While prior adversarial audio techniques are often unpleasant and impractical for real-time use, we also propose EchoGuard, a novel jammer that leverages natural distortions, such as reverberation and echo, that are disruptive to ASR but tolerable to humans. To evaluate EchoGuard's effectiveness and usability, we conducted a 39-person user study comparing it with three state-of-the-art attacks. Results show that EchoGuard achieved the highest overall utility, offering the best combination of ASR disruption and human listening experience.