Congratulations are in order if you’ve never had to experience the pleasure of being robocalled. The rampant growth of the underground phone fraud world is affecting consumers and enterprises alike. As consumers, we may experience calls telling us we are being sued by the IRS (just one of the many scams) and for enterprises, the call centers are a point of entry for costly phone phishing attacks. This shockingly small group of fraudsters are causing explosive amounts of damage, costing Americans about $7.4 billion annually, as noted by the Harris poll.
We can try to register for the Do Not Call lists and be more aware of the unfamiliar numbers calling us, but cyber criminals can easily access our data through social engineering, spoofing and inexpensive data downloads. Enterprises face a bigger challenge. Some have fraud ops teams to help deter or mitigate the risks. However, more and more fraudsters are targeting unprotected call centers. The advancement and rollout of EMV cards are partially to blame, coupled with the amount of consumer data that is readily available.
Our data scientist, Aude Marzuoli, presented at this year’s Black Hat conference on phone fraud scams and the phoneprinting technology to prevent such attacks. Marzouli and the research team reviewed millions of calls, while leveraging the Pindrop honeypot and online comments in combination with machine learning and were able to determine that of the 100,000 call recordings, 51% of the robocalls recorded were placed by 38 distinct telephony infrastructures which could be uniquely identified with more than 85% true detection rate (TDR) on average. So what does this all really mean? Fraudsters are getting more creative, more quickly, and within a small network have an exceptional, growing presence that makes protection from this abuse more challenging.
To learn more about the findings, check out the full Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud presentation.