[VoiceOps] Can't Figure This Scam Out
Brooks Bridges
brooks at firestormnetworks.net
Thu Nov 11 12:03:16 EST 2021
It's likely being done as a way to track searches. I was involved in a
company (that shall remain unnamed) that did something very similar.
They provision a DID that's forwarded to the "real" number, and display
that in the search results so they can track that a search resulted in a
call. It's data gathering.
On 11/11/2021 8:50 AM, Mark Wiles wrote:
>
> One of my co-workers is more so on the school side of our business…
> and she ran into something similar in the past… I still lean towards
> Google or BW.
>
> *From:* VoiceOps <voiceops-bounces at voiceops.org> *On Behalf Of *Carlos
> Alvarez
> *Sent:* Thursday, November 11, 2021 11:39 AM
> *To:* VoiceOps <voiceops at voiceops.org>
> *Subject:* Re: [VoiceOps] Can't Figure This Scam Out
>
> Pest control and locksmith services are very ripe for fraud, and in
> fact are often sold/advertised in a pretty sleazy way. Schools are
> confusing, unless they're trying to capture something to do with
> for-pay private schools.
>
> On Thu, Nov 11, 2021 at 9:35 AM Mark Wiles <mwiles at akabis.com> wrote:
>
> I’ve been seeing a similar issue in the past week or so with a
> pest control business we provide services for… they’re getting
> calls that were meant to be for other pest control businesses.
>
> It’s starting to look like it’s related to TNs seen in web
> searches… and in call cases, the TNs are not those of the primary
> business… but a Google number (owned by BW).
>
> It seems like maybe Google is having an issue?
>
> *From:* VoiceOps <voiceops-bounces at voiceops.org> *On Behalf Of
> *LICT VoiceOps via VoiceOps
> *Sent:* Thursday, November 11, 2021 11:02 AM
> *To:* VoiceOps <voiceops at voiceops.org>
> *Subject:* [VoiceOps] Can't Figure This Scam Out
>
> One of our clients is a small private school.
>
> For the past month, the school has been getting calls meant for
> other schools in the general area (within 20 miles or so)
>
> We have been able to get limited information from the caller like
> what number did they dial. They are definitely not dialing our
> client's DIDs.
>
> It seems that they are dialing a number that they found on an
> internet search, and the call is then forwarded to one of the DIDs
> at the school.
>
> We are seeing matching CDR records for our PBX and our carrier's
> CDR billing reports, so it does not look like a SIP hack.
>
> It seems that the number is forwarded for just a few minutes to
> our school, then goes dead, or rings busy, no longer forwarded to
> our client.
>
> The pattern here is that the caller obtained the number from an
> internet search of a school in the area. These are real people
> calling, as we have been able to call them back and verify. The
> callers who reached our client are as bewildered as we are.
>
> I am sure this is some sort of scam -- but I can't figure out what
> it is. Are the scammers recording the lines and seeing if they
> hear financial information? Seems like a longshot, but that is the
> only thing I can think of.
>
> I know there is little that can be done to prevent a call being
> forwarded to you upstream of the carrier, but would love to hear
> anyone's thoughts about this.
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
> <https://linkprotect.cudasvc.com/url?a=https%3a%2f%2fpuck.nether.net%2fmailman%2flistinfo%2fvoiceops&c=E,1,juZe4gK4TdlhGyqljNX3Zl9QjmiFQKVxXGINfsliNKhohPKmPChLTzZ19XXwWc6akUY94AJhwAEmchY1kPmjHpRO1uRgDvtPM40gc40BhKAM3HwBHQ,,&typo=1>
>
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/voiceops/attachments/20211111/dc26a12d/attachment.htm>
More information about the VoiceOps
mailing list