Security Experts:

Noticing More Robocalls? Governments, Service Providers and Consumers Take Action

Robocalls are an incessant headache from which we all suffer. In fact, they have become so frequent (Americans received 5 billion robocalls during the month of November 2019 alone) that most people have simply stopped answering calls from unknown numbers altogether. It is not only frustrating to receive robocalls multiple times a week, but it can sometimes lead to the rejection of a real and important call because people assumed it to be a scammer. 

Different countries have varying levels of power and mechanisms to quell the robocall epidemic we are currently experiencing. For example, in the UK, the telephone regulator Ofcom can levy hefty fines. However, the challenge remains in being able to identify where the calls originate. Plus, the cost/return model for robocalls is so significant that even a large fine is merely a tiny setback against potential profits, meaning scammers see the benefits as outweighing the risks.

In an effort to combat this expansive problem in the U.S., we recently saw a bipartisan bill called the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act pass, which will likely become law in 2020. This bill enables government regulators to more aggressively pursue and prosecute scammers perpetrating robocalls. If successful, other countries and regions will hopefully follow with their own versions.

Government action is an important step in protecting consumers from illegal robocalls. Even better, U.S. legislation is coming at a time when service providers have already started to take more aggressive steps to prevent robocalls from getting through to end users.

However, neither service providers nor legislation will be able to prevent these calls altogether. Unfortunately, some will continue to circumvent preventative measures or scammers will eventually find new ways to reach consumers. Most robocalls are made internationally and use VoIP technology to inexpensively impersonate human voices to scam consumers. Using a broadband internet connection instead of a regular phone line makes the costs of these calls next to nothing – meaning that a robocall campaign can literally call millions of devices easily. 

At the least, these calls are a nuisance and annoying for consumers. However, they can be much more than a small inconvenience. Many robocall campaigns use basic voice-recognition to engage with consumers and keep people on the phone. While most of us know to hang up immediately, there will always be people who fall prey to these scams, especially as attackers become more sophisticated and adopt mechanisms to exploit human psychology. Victims who engage with robocalls run the risk of losing money, either directly or by having their identities breached.

While government action is critical to reducing the number and impact of robocalls, there are areas where service providers and consumers carry responsibility and can make a real difference. For service providers, launching consumer awareness campaigns against robocalls – and the types of scams frequently associated with them – would be a positive step. We are used to receiving emails from our bank explaining how to avoid financial threats – so why not receive regular updates from our phone provider on how to avoid the latest mobile and phone-based scams?

There is also an important role for the consumer to play to avoid robocalls. To help with this, here are some basic recommendations:

• If you receive a call that comes up as “unknown” and it is unexpected, do not answer. Consider why someone would call but not want to share a telephone number with you. 

• Calls from telephone numbers not in your contacts may be valid but be cautious and treat these as you would deal with any in-person approach from a total stranger. 

Top Tip: When you answer the phone, pause for one to two seconds before saying anything. If it is an automated call, or a call center junk call, you will hear a click as it goes online. You should then hang up.

• Never give out personal details on a call unless you can validate the caller and calling number with complete certainty and trust. If you receive an unexpected call but are unable to 100 percent verify the caller, hang up, get the contact details from the website and call back on an official number.

• Some robocalls will redirect you to high-rate international premium telephone numbers. If you are awoken in the night (or interrupted at any other time) by a telephone call that drops as soon as you answer, do not call back.  

In addition to these practical tips, there are also tools available at the device level to help reduce the number of robocalls and scams:

• In the U.S., many service providers offer “premium caller ID” services. These are chargeable but offer the ability to identify and automatically reject many robo calls.

• In the UK, it is possible to register with Telephone Preferences Service, which is a free opt-out service to reduce scam calls. In addition to this, several providers also offer premium caller ID services, like in the U.S.

• Apple and Android operating systems can automatically reject junk calls (although neither is perfect), as well as offer third-party applications and extensions to extend this functionality.

Note: This is not an endorsement for a specific provider, application or security service. Please take the time to visit your phone manufacturer or contract provider to discover specific service offerings.

Although robocalls are a pain for many of us, action is being taken to bring the problem under control. One final piece of advice I would offer is to please share this information. Awareness is key in keeping people safe. The more people that learn– and understand how to be safe – the faster robocalls will become less profitable schemes for scammers. 

view counter
Laurence Pitt is Global Security Strategy Director at Juniper Networks. He joined Juniper in 2016 and is the security subject matter expert for the corporate marketing team. He has over twenty years of cyber security experience, having started out in systems design and moved through product management in areas from endpoint security to managed networks. In his role at Juniper, he articulates security clearly to business and across the business, creating and having conversations to provoke careful thought about process, policy and solutions. Security throughout the network is a key area where Juniper can help as business moves to the cloud and undertakes the challenge of digital transformation.