Slashdot Mirror
86.2 Million Phone Scam Calls Delivered Each Month In the US
An anonymous reader writes with a report from Help Net Security which assigns some numbers to the lucrative fraud-by-phone business in the U.S. -- and it's not just the most naive who are vulnerable. "Phone fraud continues to threaten enterprises across industries and borders, with the leading financial institutions' call centers exposed to more than $9 million to potential fraud each year," says the article. "Pindrop analyzed several million calls for threats, and found a 30 percent rise in enterprise attacks and more than 86.2 million attacks per month on U.S. consumers. Credit card issuers receive the highest rate of fraud attempts, with one in every 900 calls being fraudulent."
What's been your experience with fraudulent robocalls? I've been getting them on a near-daily basis -- fake credit card alerts, "computer support" malware-install attempts, and more -- for a few years now, which makes whitelisting seem attractive. ("Bridget from account services" has been robo-calling a lot lately, and each time she says it is my final notice.) My biggest worry is that the people behind these scams, like spammers, will hire copywriters who can fool many more people.
What's been your experience with fraudulent robocalls? I've been getting them on a near-daily basis -- fake credit card alerts, "computer support" malware-install attempts, and more -- for a few years now, which makes whitelisting seem attractive. ("Bridget from account services" has been robo-calling a lot lately, and each time she says it is my final notice.) My biggest worry is that the people behind these scams, like spammers, will hire copywriters who can fool many more people.
I have a simple but very effective screener for robo calls, built around the ObiHai 110. I connect the device between my incoming telephone line and my telephone. I then re-program it to send incoming calls to the Automatic Attendant, which I program to challenge the caller to press a key on his telephone keypad. If he doesn't he is a robo caller and doesn't get through. My phone doesn't even ring for robo calls.
Someday the robo callers will become intelligent enough to press a key when challenged, but until then my defense is adequate.
The plain old telephone system evolved in an earlier era, security by obscurity was the norm. There were using simple whistling tones added/removed to regular conversation for data communication between exchanges. All analog. Blind phone phreaks were stealing just long distance minutes from the phone companies. But now the phone companies feel they have no liability to detect spoofed caller id. If some courts hold the phone companies liable for transmitting false phone numbers, using some lawyerly language like "aiding and abetting" "knowingly providing false information" "negligent" etc, then there could be some relief.
Phone companies most definitely know which of their resources are being employed to make calls with. They BILL for those resources and each and every call gets logged. Those logs are also required to be available for (allegedly) authorized law enforcement agencies and they're one reason why the old movie trope of "keep them on the line while we trace this call" is bogus. If the connection was made at all, no matter how briefly, there's a record constructed by automated equipment.
Naturally, if the true origin of the call is coming in from some other source, the phone company can only trust whatever ID came in from that source, but they definitely know where the call itself came from and that means that law enforcement can then track back until such point where they cannot gain any sort of co-operation. Even spoofing via Internet phone can be tracked if you're determined enough.