[VoiceOps] Confusing Spoofing Customers

Markus universe at truemetal.org
Sun Nov 8 03:24:21 EST 2020 

PPS: Oh crap, I misunderstood. You are not in charge of the DIDs that 
are being called. Sorry, ignore my suggestions, don't make sense. :(


Am 08.11.2020 um 09:19 schrieb Markus:
> PS: Nice side-effect: the scam calls never make it your customer so 
> they'll be annoyance-free from that moment on. You will be their human 
> filter for the time being. :-) And if the scammers continue to call you 
> have more leverage, can capture RTP, and maybe you can get your inbound 
> "upstream" provider to eventually get to the real source (in cooperation 
> with their upstream, and so on).
> 
> 
> Am 08.11.2020 um 09:14 schrieb Markus:
>> Is your customer a large company? If not, or even if so, maybe they 
>> are flexible enough for the following: agree with them that while the 
>> problem persists calls with "unknown" CLI will get routed to you 
>> instead of them. You pick up those calls and answer in the name of 
>> your customer's company. If the caller is legit, you just pass the 
>> call on to your customer's real line. If the caller is the scammer, 
>> you talk with them and use your best social engineering skills to find 
>> out who is behind it and what they really want and then work from there.
>>
>> Good luck.
>>
>>
>> Am 06.11.2020 um 20:15 schrieb Christopher Aloi:
>>> Thanks Karl,
>>>
>>> We only get the consumer (who is clueless) on our network, so a 
>>> traceback I can't open a ticket on that call.  I would need to see 
>>> the bad-actor traffic, which I do not.
>>>
>>> On Fri, Nov 6, 2020 at 11:38 AM Karl Douthit <karl at piratel.com 
>>> <mailto:karl at piratel.com>> wrote:
>>>
>>>     Sounds like you have either:
>>>
>>>     A)  The group making the calls are trying to get live people, and
>>>     when they leave a message they are leaving a "real" call back number
>>>     in an attempt to play at being legitimate, even if that number does
>>>     not go back to them.
>>>
>>>     or
>>>
>>>     B)  The group making the calls were giving a random / bad /
>>>     incorrect number to use.
>>>
>>>     Either way, I'd request a traceback from your inbound trunks that
>>>     the call came in on and see if the process can work its way back to
>>>     the originator of the call.  You can also file a complaint with the
>>>     FCC but that will take longer to get processed.  Or do both.
>>>
>>>     In the meantime if this is becoming an issue, you could perhaps put
>>>     a rule for your customer that "unknown" gets routed into an IVR or
>>>     voicemail bucket for validation later on.
>>>
>>>     On Fri, Nov 6, 2020 at 8:30 AM Christopher Aloi <ctaloi at gmail.com
>>>     <mailto:ctaloi at gmail.com>> wrote:
>>>
>>>         Hey All,
>>>
>>>         We have observed multiple reports of our business customer
>>>         telephone numbers being used by a bad actor leaving messages for
>>>         consumers.  The consumers receiving the call do not have a
>>>         direct relationship with us.  The bad actor presents “unknown”
>>>         as the caller-id and leaves a harsh message asking for personal
>>>         information and demanding a call back (illegal sounding
>>>         collector call).  The number the bad actor leaves to be called
>>>         back (in a verbal message) is owned by one of our business
>>>         customers.  So, the response to the “bad” call goes back to the
>>>         legit company.  The consumer calls our business customer back
>>>         and explains the message, the business customer has no record of
>>>         an outbound call to the consumer and is perplexed by the call.
>>>
>>>         We have a few customers impacted by this and in every instance
>>>         we have no record of the outbound (bad actor) call leaving our
>>>         network.  I can’t figure out the scam here, they aren’t pumping
>>>         traffic and the call goes back to the legit business, leaving no
>>>         opportunity for the bad actor to engage with the consumer. 
>>>         Anyone have any thoughts?
>>>         _______________________________________________
>>>         VoiceOps mailing list
>>>         VoiceOps at voiceops.org <mailto:VoiceOps at voiceops.org>
>>>         https://puck.nether.net/mailman/listinfo/voiceops
>>>         <https://puck.nether.net/mailman/listinfo/voiceops>
>>>
>>>
>>>
>>>     --
>>>     Karl Douthit____
>>>
>>>     ____
>>>
>>>     10572 Calle Lee  #123____
>>>
>>>     Los Alamitos Ca. 90720____
>>>
>>>     (562) 257-3590 <tel:%28562%29%20257-3590> (Desk)____
>>>
>>>     (562) 824-0757 <tel:%28562%29%20827-0757> (Mobile)____
>>>
>>>     _www.piratel.com <http://www.piratel.com/>_
>>>
>>>
>>> _______________________________________________
>>> VoiceOps mailing list
>>> VoiceOps at voiceops.org
>>> https://puck.nether.net/mailman/listinfo/voiceops
>>>
>>
>> _______________________________________________
>> VoiceOps mailing list
>> VoiceOps at voiceops.org
>> https://puck.nether.net/mailman/listinfo/voiceops
> 
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops

More information about the VoiceOps mailing list