ASRJam Unveiled: New AI Tech Jams Vishing Scams by Disrupting Automated Voice Recognition
Do Son 
Researchers from Israel and India have unveiled a groundbreaking technology designed to counter fraudulent voice calls—commonly known as “vishing.” The system, dubbed ASRJam, is capable of distorting the caller’s speech in real time in such a way that it remains intelligible to the human ear, while rendering it incomprehensible to Automatic Speech Recognition (ASR) systems exploited by malicious actors.
At the heart of this innovation lies the EchoGuard algorithm, which subtly introduces audio perturbations into speech. These imperceptible distortions effectively disrupt machine recognition while preserving clarity for human listeners. The approach, detailed in the academic paper “ASRJam: Human-Friendly AI Speech Jamming to Prevent Automated Phone Scams,” is predicated on the notion that ASR modules within voice scam infrastructures represent the most vulnerable point of failure.
Fraudulent calls leveraging neural networks have surged alarmingly: according to CrowdStrike’s 2025 report, such incidents rose by 442% between the first and second halves of 2024. Modern scammers increasingly deploy synthesized speech and advanced ASR systems to conduct real-time conversations, aiming to extract sensitive personal information.
Unlike prior ASR disruption methods such as AdvDDoS, Kenku, or Kenansville, EchoGuard is tailored for interactive scenarios and avoids irritating the interlocutor. It employs three distinct forms of acoustic distortion: simulated reverberation, microphone modulation, and temporal suppression of select phonemes. The researchers contend that this combination offers the optimal balance between speech intelligibility and auditory comfort, in contrast to the crude distortions characteristic of earlier approaches.
The efficacy of ASRJam was rigorously tested across three public audio datasets—Tedlium, SPGISpeech, and LibriSpeech—as well as six widely used ASR models, including DeepSpeech, Vosk, OpenAI’s Whisper, Wav2Vec2, IBM Watson, and SpeechBrain. EchoGuard achieved superior performance across all models save one—SpeechBrain—which exhibited marginally higher resilience. However, the authors note that this model is infrequently employed in real-world attacks and is generally outperformed in quality.
Particular emphasis was placed on the robustness of OpenAI’s Whisper, whose resilience to noise stems from training on vast amounts of “noisy” data. Even so, EchoGuard was able to degrade recognition quality significantly—distorting one in six utterances to the extent of disrupting the conversational flow and impeding the logic of LLM-driven dialogue systems reliant on ASR inputs.
The study, led by Freddy Grabowski of Ben-Gurion University of the Negev, positions ASRJam as the first comprehensive and practical defense mechanism against automated voice phishing attacks. The software operates locally on the user’s device and remains invisible to attackers, making its evasion exceptionally difficult.
Amid the rapid ascent of voice recognition and synthesis technologies, innovations like ASRJam may prove pivotal in safeguarding against emerging forms of telephonic fraud—especially in an era where individuals increasingly converse not with human agents, but with artificial intelligence.
Donate