[VoiceOps] Confusing Spoofing Customers

Markus universe at truemetal.org
Sun Nov 8 03:19:07 EST 2020 

PS: Nice side-effect: the scam calls never make it your customer so 
they'll be annoyance-free from that moment on. You will be their human 
filter for the time being. :-) And if the scammers continue to call you 
have more leverage, can capture RTP, and maybe you can get your inbound 
"upstream" provider to eventually get to the real source (in cooperation 
with their upstream, and so on).


Am 08.11.2020 um 09:14 schrieb Markus:
> Is your customer a large company? If not, or even if so, maybe they are 
> flexible enough for the following: agree with them that while the 
> problem persists calls with "unknown" CLI will get routed to you instead 
> of them. You pick up those calls and answer in the name of your 
> customer's company. If the caller is legit, you just pass the call on to 
> your customer's real line. If the caller is the scammer, you talk with 
> them and use your best social engineering skills to find out who is 
> behind it and what they really want and then work from there.
> 
> Good luck.
> 
> 
> Am 06.11.2020 um 20:15 schrieb Christopher Aloi:
>> Thanks Karl,
>>
>> We only get the consumer (who is clueless) on our network, so a 
>> traceback I can't open a ticket on that call.  I would need to see the 
>> bad-actor traffic, which I do not.
>>
>> On Fri, Nov 6, 2020 at 11:38 AM Karl Douthit <karl at piratel.com 
>> <mailto:karl at piratel.com>> wrote:
>>
>>     Sounds like you have either:
>>
>>     A)  The group making the calls are trying to get live people, and
>>     when they leave a message they are leaving a "real" call back number
>>     in an attempt to play at being legitimate, even if that number does
>>     not go back to them.
>>
>>     or
>>
>>     B)  The group making the calls were giving a random / bad /
>>     incorrect number to use.
>>
>>     Either way, I'd request a traceback from your inbound trunks that
>>     the call came in on and see if the process can work its way back to
>>     the originator of the call.  You can also file a complaint with the
>>     FCC but that will take longer to get processed.  Or do both.
>>
>>     In the meantime if this is becoming an issue, you could perhaps put
>>     a rule for your customer that "unknown" gets routed into an IVR or
>>     voicemail bucket for validation later on.
>>
>>     On Fri, Nov 6, 2020 at 8:30 AM Christopher Aloi <ctaloi at gmail.com
>>     <mailto:ctaloi at gmail.com>> wrote:
>>
>>         Hey All,
>>
>>         We have observed multiple reports of our business customer
>>         telephone numbers being used by a bad actor leaving messages for
>>         consumers.  The consumers receiving the call do not have a
>>         direct relationship with us.  The bad actor presents “unknown”
>>         as the caller-id and leaves a harsh message asking for personal
>>         information and demanding a call back (illegal sounding
>>         collector call).  The number the bad actor leaves to be called
>>         back (in a verbal message) is owned by one of our business
>>         customers.  So, the response to the “bad” call goes back to the
>>         legit company.  The consumer calls our business customer back
>>         and explains the message, the business customer has no record of
>>         an outbound call to the consumer and is perplexed by the call.
>>
>>         We have a few customers impacted by this and in every instance
>>         we have no record of the outbound (bad actor) call leaving our
>>         network.  I can’t figure out the scam here, they aren’t pumping
>>         traffic and the call goes back to the legit business, leaving no
>>         opportunity for the bad actor to engage with the consumer. 
>>         Anyone have any thoughts?
>>         _______________________________________________
>>         VoiceOps mailing list
>>         VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
>>         https://puck.nether.net/mailman/listinfo/voiceops
>>         <https://puck.nether.net/mailman/listinfo/voiceops>
>>
>>
>>
>>     --
>>     Karl Douthit____
>>
>>     ____
>>
>>     10572 Calle Lee  #123____
>>
>>     Los Alamitos Ca. 90720____
>>
>>     (562) 257-3590 <tel:%28562%29%20257-3590> (Desk)____
>>
>>     (562) 824-0757 <tel:%28562%29%20827-0757> (Mobile)____
>>
>>     _www.piratel.com <http://www.piratel.com/>_
>>
>>
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops
>>
> 
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops

More information about the VoiceOps mailing list