RoboCalls—The Gateway to Ransomware Attacks

So the STIR/SHAKEN mechanism is in place as mandated by the Traced Act.

As we heard at the CFCA Conference in 2023, 90% of wireless calls are signed.

According to PIRG, a consumer watchdog, it breaks down this way:

• There were 8,336 total phone providers in the FCC Robocall Mitigate Database as of July 1, 2023.
• 2,745 completed STIR/SHAKEN, the robocall-fighting technology mandated by the federal law.
• 5,591 have not completed STIR/SHAKEN.

Starting with the banks, enterprises are working with the telco industry to “Unlock Trust in Communication and Build a Secure Framework to Curb Robocalls.”

Problem with STIR/SHAKEN

STIR/SHAKEN is exclusively implemented by telco carriers. Telco carriers are required to (KYC) Know Your Customer and decide whether those customers’ calls should be attested as A, B or C. Unfortunately, this system has latitude for abuse or inadvertent mistaken attestation. Robocallers, spammers and Scammers still get onto the PSTN.

So, What’s The Next Step?

Business enterprises must step up to be vetted, establish themselves as Bona Fida corporations or organizations and be brought into the circle of trust. Enterprises then control their own certificates to be tied to phone calls and the originating telco only must check the certificate with the CA and pass the call.

Starting with the banks, enterprises are working with the telco industry to “Unlock Trust in Communication and Build a Secure Framework to Curb Robocalls.”

This mechanism is standardized in CTIA’s BCID mechanism (Branded Calling ID).

For more information, see here.

Where Ransomware Attacks Begin

Robo Calls into your contact center are the gateway to ransomware fraud. Robo Callers cycle through your numbers until they reach an agent or employee who picks up. They then misrepresent themselves to persuade the agent or employee to divulge confidential information such as passwords, organization and infrastructure information. This is then used to hack your systems and cause the damage.

The MGM Casino Ransomware Scam which cost them $100 million started with a Robocall Vishing for password information which was divulged through social engineering.

Some wholesale operators are intentionally signing Robo Calls.

Protect Against Inbound Vishing—Protect Against Spoofed Calls which spell Fraud

The majority of scam calls spoof a Caller ID. Speak to us about how to detect spoofed calls coming into your network or enterprise. Being able to detect them allows you to give special treatment and route the call to your agents trained to combat Social Engineering and Vishing to compromise your business

As the telecommunications industry offers CTIA’s BCID more pervasively, enterprise will stand up to be vetted and On-boarded and trust will be restored to our phone network and the economy will prosper.

To learn how to be vetted and On-boarded, to control the Reputation of your phone calls and Restore your Answer rate:

Contact Us

Test a Sample of Your Out-pulsed Number: