<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /></head><body style='font-size: 10pt; font-family: Arial,Helvetica,sans-serif'>
<p>You certainly don't have to heed the cautions I recommended. Just know if you're on the list you have 14 days to respond to the FCC and you don't have to file the information publicly. You can submit the information that you don't want public confidentially.</p>
<p>As for the attack vector, I'm just telling people what happened because its a new scam that may not get picked up by your fraud detection software. In the situation I dealt with, the scammer used the information gleaned from the RMD to impersonate the target company's employees. They created an account that was one or two letters off the correct contact information provided on the RMD for that company. Then the scammer contacted the upstream provider and requested they make changes to the target company's IP addresses.</p>
<p>The scammers were also impersonating the target company's sales people. Offering products that are not legal in the US under the target company's name with an account that is one or two digits off the real contact information. So if someone has an upstream carrier that signs their calls with their token, you could be getting hit with trace backs that aren't really yours. </p>
<p>If there's one thing I know its that scammers are highly creative and persistent. If one door is closed, they'll create another.</p>
<p><br /></p>
<p><br /></p>
<p><br /></p>
<p> </p>
<div>
<p><span>MARY LOU CAREY </span><br /><span>BackUP Telecom Consulting </span><br /><span>Office: 615-791-9969 </span><br /><span>Cell: 615-796-1111</span></p>
</div>
<p><br /></p>
<p>On 2024-12-11 11:30 AM, Dave Russo via VoiceOps wrote:</p>
<blockquote type="cite" style="padding: 0 0.4em; border-left: #1010ff 2px solid; margin: 0"><!-- html ignored --><!-- head ignored --><!-- meta ignored -->
<div style="font-family: Arial;">I believe the concern about listing a company's upstream carriers is overstated. There simply aren't as many carriers as there used to be, and businesses have consolidated who they terminate calls to due to S/S. This simply isn't a commonly exploited attack vector. Even if someone tried, it would be noticed and addressed within a few hours. We work with a core set of about 10 carriers that legitimate providers and our competitors and other players in the market typically use, and this information isn't top secret. I understand you've seen this happen, but of all the risks we face as providers, I'd rank this one at the bottom of the list.</div>
<div style="font-family: Arial;"> </div>
<div style="font-family: Arial;">-dr</div>
<div style="font-family: Arial;"> </div>
<div style="font-family: Arial;"> </div>
<div>On Wed, Dec 11, 2024, at 10:11 AM, Mary Lou Carey via VoiceOps wrote:</div>
<blockquote id="qt" style="font-size: 10pt; font-family: Arial, Helvetica, sans-serif;">
<p>I am so sorry....I just realized that I said to file the 499 confidentially. Its not the 499. Its your Robocall Mitigation Plan that you need to file confidentially because they ARE asking for upstream carriers and additional contact information. That requirement was added this year.</p>
<div>
<p><br /></p>
<div><span>MARY LOU CAREY </span></div>
<div><span>BackUP Telecom Consulting </span></div>
<div><span>Office: 615-791-9969 </span></div>
<div><span>Cell: 615-796-1111</span></div>
<p><br /></p>
</div>
<p><br /></p>
</blockquote>
<div style="font-family: Arial;"> </div>
<!-- html ignored --><br />
<div class="pre" style="margin: 0; padding: 0; font-family: monospace">_______________________________________________<br /> VoiceOps mailing list<br /> <a href="mailto:VoiceOps@voiceops.org">VoiceOps@voiceops.org</a><br /> <a href="https://puck.nether.net/mailman/listinfo/voiceops" target="_blank" rel="noopener noreferrer">https://puck.nether.net/mailman/listinfo/voiceops</a></div>
</blockquote>
</body></html>