[VoiceOps] [External] Re: Calls coming up as spam on mobile carriers

Hunter Fuller hf0002+nanog at uah.edu
Fri Jul 8 14:57:36 EDT 2022

I feel like it's going to be automated reminders. If so:

1. Don't use your normal clid to do it (as was stated).
2. Originate the reminders from a pool of numbers and spread them out
among the pool at random
3. Never ever ever initiate a stack of calls within the same second.
Your system needs to perform the calls over a couple of hours, not all
at 9am or whatever

That should help.

Hunter Fuller (they)
Router Jockey
+1 256 824 5331

Office of Information Technology
The University of Alabama in Huntsville
Network Engineering

On Fri, Jul 8, 2022 at 1:49 PM Jay Hennigan <jay at west.net> wrote:
> On 7/8/22 10:00, Shawn L wrote:
> > We're having a strange one at $dayjob.  When one of our customers (in
> > this case a hospital) calls a patient back on a cell phone, the calls
> > are coming up with SPAM? in the caller id.  It seems to be happening
> > with both Verizon and AT&T.
> Many things can trigger this. Does the hospital use this ANI for batches
> of automated calls such as billing and/or appointment reminders?
> Algorithms detecting large numbers of calls in batches can trigger it.
> I've personally received a reverse-911 call marked as "Spam Risk" by AT&T.
> > We've checked the the DIDs in question have and are sending the proper
> > caller id, checked the Neustar database, etc. and can't find anything
> > that's missing.  These are TDM calls.  They come in over multiple TDM
> > PRIs and leave toward an AT&T tandem on a legacy TDM trunk group, so
> > there's really no way to do STIR/SHAKEN call attesting.
> It's the terminating cellular carrier marking it based on their own
> proprietary algorithms. Typically the call goes through as normal with
> CNAM changed to "Spam Risk" or similar.
> > Our switch vendor (Ribbon / Genband / Nortel)  also mentioned that
> > they've had other clients with the issue and it seems to be limited to
> > calls placed to mobile carriers.  Another telco was able to find an AT&T
> > portal to register the numbers as legitimate, but it only lasted for
> > about a month before they had to do it again.
> >
> > I haven't researched where at AT&T they might have entered the numbers,
> > but that doesn't seem like a valid option for a hospital with a thousand
> > numbers.
> Is the hospital placing calls originating from all of those thousand
> numbers, or just from one?
> > Just wondering if others have seen this, and if anyone knows of a way to
> > resolve it.
> Don't use the same originating number for both bulk automated calls,
> particularly collection calls, and individual callbacks originated by a
> human.
> Expect bulk automated calls to be marked as spam, even if they are
> legitimate appointment reminders, etc. If you place such calls, program
> your dialer to detect a voicemail greeting/beep and leave voicemail if
> possible. In most cases the calls will delivered and the only thing
> changed is the CNAM display.
> It may be that a bad actor is spoofing your number for spam calls and
> you're getting listed that way. Spammers spoofing a hospital may result
> in a higher answer rate as people are more likely to pick up thinking
> that a friend or relative may have been injured.
> Encourage those expecting such calls to add the hospital number to the
> contact list on their phone.
> Also, if any of your customers are in the business of selling extended
> car warranties, lose those customers. /s
> --
> Jay Hennigan - jay at west.net
> Network Engineering - CCIE #7880
> 503 897-8550 - WB6RDV
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops

More information about the VoiceOps mailing list