This is unlikely to surprise anybody who owns a phone: according to a new report, nearly 30% of all US calls placed in the first half of this year were garbage, as in, nuisance, scam or fraud calls. That puts the approximate volume of sludge coming into people’s phones at a mind-boggling 200 million unwanted calls per day.
The TNS 2019 Robocall Investigation Report comes from Transaction Network Services (TNS), which markets a big-data analytics engine that aims to suppress unwanted calls to consumers by applying machine learning, as well as an authentication hub to help carriers combat illegal spoofing and to help consumers fend off robocalls.
TNS’s analysis crunched approximately one billion daily calls, placed via hundreds of carriers. TNS defines “high-risk” robocalls – i.e., scam/fraudulent calls – as those that try to shake down targets for personal information and/or money. It defines “nuisance” robocalls as those that are, well, just nuisances that lack malicious intent and that don’t reflect negligent non-compliance.
“Nuisance” calls aren’t always defined to exclude scams, but we can look to the UK for what strikes me as an example of TNS’s definition…
A few years back, Home Logic, a UK firm that offers energy-saving solutions, was made £50,000 lighter thanks to a penalty issued by the Information Commissioner’s Office (ICO) for making marketing calls to people who had made it clear – via the free Telephone Preference Service (TPS) – that they didn’t want to be contacted in that way.
It was a tech glitch, Home Logic said at the time. What happened was that it licensed the numbers it used to make marketing calls from third-party providers. It then uploaded that data to an electronic dialer system that screened the numbers against the TPS register. One of the third-party providers left it up to Home Logic UK to ensure that the data supplied was screened against the TPS.
Technical issues knocked the system out for 90 days out of 220 between April 2015 and March 2016. That didn’t slow down Home Logic, though: the unsolicited marketing calls kept right on coming, but with no screening against the TPS register.
The rate of this type of non-malicious nuisance call is rising faster than the malicious type that tries to scam you, TNS found.
Here’s that plus more key findings from the report:
Nuisance calls are increasing at a faster rate than high-risk calls. Nuisance calls increased 38% from the third quarter of 2018 to the second quarter of 2019, while high-risk calls grew only 28% over that period.
Robocall hijacking of mobile numbers has more than doubled. “Hijacking” a number is TNS’s term for what we more frequently refer to as illegal spoofing of a caller ID. A year ago, the Federal Communications Commission (FCC) slapped (or proposed) some huge fines on robocallers for using spoofed numbers, one of which represented the first major enforcement action against a company that allegedly “commandeered” consumers’ phone numbers.
TNS reports that 1 in 1,700 mobile numbers are now being commandeered by robocall spoofers every month, which is more than double last year’s rate of 1 in 4,000 mobile numbers. As a result, TNS says, 2.5% of people whose phone numbers have been hijacked have disconnected their phone number.
When it proposed its fines last year, the FCC pointed to one of those people: a poor soul whose phone number was hijacked in order to plague people. The Arizona woman said she received more than five calls a day on her cell phone, all coming from irate people complaining about the telemarketing calls they got from “her” phone number. In fact, the calls were coming from Affordable Enterprises, whose shtick was to sic its robots on unsuspecting people in order to telemarket home improvement and remodeling services.
TNS noted that in one extreme case, the company witnessed a spoofer that used a legitimate mobile number to place over 36,000 calls in a three-day period.
TNS notes that the faster growth rate of nuisance calls, as opposed to high-risk calls, may have to do with the fact that, due to regulatory action from the FCC, carriers have begun to block illegal calls.
Robocallers may shift focus to smaller, regional carrier networks. TNS reports that the top six US carriers represent 70% of total calls for the time period it analyzed, but only 12% of high-risk calls were placed from numbers owned by these carriers.
Robocallers are shifting from spoofing VoIP numbers to toll-free numbers. TNS found that the share of Voice over IP (VoIP) number spoofing dropped, but that the percentage of calls originating from toll-free numbers more than doubled from 12% last year to 25% in the first half of the year. That means that more than 8 in 10 calls from the top 10 toll-free numbers are either nuisance or high-risk calls – what TNS calls “a challenge to leading brands whose legitimate numbers are being spoofed in an attempt to trick consumers.”
Neighbor spoofing and “snowshoe spamming” are growing more sophisticated. Neighbor spoofing – that’s when robocallers display a phone number similar to your own on your caller ID, to increase the likelihood that you’ll pick up – now accounts for 25% of all bad calls. We learned about a particularly pernicious form of this a few months ago: hospitals are being suffocated by robocalls, with spam callers spoofing phone numbers to place calls to hospitals that look for all the world like the calls were placed internally.
Hospitals are also suffering from vishing attacks from voice phishers: spearphishers who pose as employees at government agencies and demand to speak to a specific, named physician as they try to finagle confidential information out of the doctors, such as medical license numbers and Drug Enforcement Agency (DEA) numbers – information with which fraudsters can illegally procure drugs to then sell on the black market.
The new twist noted by TNS: “snowshoe spamming.” That’s when spammers spoof calls over several telephone numbers in low volume, and then rapidly churn through them to evade detection.
Bill Versen, chief product officer at TNS, said in a press release about the report that while the top six US carriers – AT&T, CenturyLink, Comcast, Sprint, T-Mobile and Verizon – are getting better at identifying these calls, the focus now has to shift to the same place that the perpetrators are now targeting: smaller networks.
The report suggests the need for diligence as the battlefront may shift to smaller regional and rural carriers.
In May 2019, the US Senate passed an anti-robocalling bill. That bill, the TRACED Act, would have created an interagency task force to address robocalls and extend the FCC’s statute of limitations for going after the fraudsters.
In July, the House passed its own version, the Stopping Bad Robocalls Act (HR 946). Sen. Ed Markey said at the time that both the House and Senate bills would be headed to conference and combined into one piece of legislation for the president’s consideration and possible signature.
If President Trump does sign it into law, the House bill would make it easier for the government to impose tougher penalties on illegal robocallers and demand that carriers deploy call authentication protocols such as SHAKEN/STIR at a faster pace.
But as the carriers have pointed out, SHAKEN/STIR isn’t a robocalling panacea. It’s expensive, for one thing. Nor does it signify which calls are illegal or not. Plus, with so many of these calls coming from overseas, the universal adoption needed to make SHAKEN/STIR really work is hard to imagine.