Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security Communications IT

A Simple Telephony Honeypot Received 1.5 Million Robocalls Across 11 Months (zdnet.com) 65

Posted by msmash from the no-mercy dept.
An anonymous reader shares a report: In an award-winning paper presented at the USENIX security conference this week, a team of academics from North Carolina State University presented a list of findings from operating a massive telephony honeypot for 11 months for the sole purpose of tracking, identifying, and analyzing the robocalling phenomenon in the US. NCSU researchers said they ran 66,606 telephone lines between March 2019 and January 2020, during which time they said to have received 1,481,201 unsolicited calls -- even if they never made their phone numbers public via any source.

The research team said they usually received an unsolicited call every 8.42 days, but most of the robocall traffic came in sudden surges they called "storms" that happened at regular intervals, suggesting that robocallers operated using a tactic of short-burst and well-organized campaigns. In total, the NCSU team said it tracked 650 storms over 11 months, with most storms being of the same size.
This discussion has been archived. No new comments can be posted.

A Simple Telephony Honeypot Received 1.5 Million Robocalls Across 11 Months More

A Simple Telephony Honeypot Received 1.5 Million Robocalls Across 11 Months

Comments Filter:

  • Phone number doesn't need too be public (Score:5, Interesting)

    by Registered Coward v2 ( 447531 ) on Saturday August 15, 2020 @08:36AM (#60403629)

    All someone needs to d ois dial every possible number in an area code and you'll reach any active number. Since it is automated getting noy in servi ce replies are easily dealt with.

    It can be a real problem when a business has a number that increases by 1 for all their lines. they get a rolling set of robocalls until all their lines are called; so for example if a hospital has in room phonesd that can be direct dialed every room phone rings.

    • Re: (Score:3, Funny)

      by Rockoon ( 1252108 )

      It can be a real problem when a business has a number that increases by 1 for all their lines. they get a rolling set of robocalls until all their lines are called; so for example if a hospital has in room phonesd that can be direct dialed every room phone rings.

      1980 called and wants its war dialing strategy back.
      1990 called and is wondering why you missed the new strategy.
      2000 called and sold all its PBX's to the 1980s
      2010 called and is wondering why you are posing about your knowledge right now.

      • Re:Phone number doesn't need too be public (Score:4, Informative)

        by Registered Coward v2 ( 447531 ) on Saturday August 15, 2020 @09:01AM (#60403693)

        It can be a real problem when a business has a number that increases by 1 for all their lines. they get a rolling set of robocalls until all their lines are called; so for example if a hospital has in room phonesd that can be direct dialed every room phone rings.

        1980 called and wants its war dialing strategy back. 1990 called and is wondering why you missed the new strategy. 2000 called and sold all its PBX's to the 1980s 2010 called and is wondering why you are posing about your knowledge right now.

        2020 replied because people are still stupid, somethning that can be fixed only explained.

        • It was definitely still going down like that as of last year. Each phone down the hall started ringing a few seconds after the last, playing the same recorded message in Chinese.

          Plenty of businesses are still partying like it's 1989. We used some old DOS software on a daily basis that had a field for "car phone".

    • Simpsons did it years ago. Send one dollar to happy dude.

    • Re: (Score:2)

      by PPH ( 736903 )

      they get a rolling set of robocalls until all their lines are called

      So if you have 555-1000 through 555-1100, you just connect Lenny [youtube.com] to the first one.

    • i am curious about the term.
      simple telephone honey pot

      • simple: "uncomplicated", "easy", "effortless", "straightforward"

        telephone: A point-to-point device used for audio communication.

        honey pot: The girl you don't bring home to mother.

  • With all that data, it should be possible to get some idea of how to block them. It may not be easy if the robo-callers spoof source phone numbers. Though something should be able to be done.

    One thought I had was that each phone company should block external calls using it's own prefix / set of number. Unless it's a cell-phone roaming, their is no reason for accepting spoofed numbers that you can identify as spoofed.

    • Re:Now, can they block them? (Score:5, Insightful)

      by JaneTheIgnorantSlut ( 1265300 ) on Saturday August 15, 2020 @08:47AM (#60403659)
      This scourge will continue until carriers/providers can be held liable for delivering false caller id numbers or names. I'm sure they will say it's too hard or not technically possible, but when there is a financial incentive to solve a problem then it usually gets solved.

      • Re: (Score:3, Insightful)

        by Anonymous Coward

        The financial incentive swings both ways. The carriers dole out huge sums to politicians as part of lobbying efforts. They apparently feel like it's cheaper to do this than to actually provide a technical solution to the problem. How else can you explain the continued existence of a phenomenon that annoys the vast majority of the populace? Follow the $$$.

      • Re:Now, can they block them? (Score:5, Interesting)

        by markdavis ( 642305 ) on Saturday August 15, 2020 @09:48AM (#60403787)

        >"This scourge will continue until carriers/providers can be held liable for delivering false caller id numbers or names. "

        Although a start, that is actually not enough. Even if the caller ID is accurate (which I imagine many of the spam calls are), that doesn't stop the calls. My forever-unlisted and secret (I NEVER give it out) land line number that I have had for over 27 years doesn't even have caller ID, and I get spam human and robo calls every week. I am annoyed by the call, whether it is answered or not. I even changed my answering machine greeting to help combat their stupid-ass systems from leaving messages (and at least that has been mostly successful).

        What I would like to see is some way to answer, hang up, and then dial some code that automatically and immediately reports the preceding spam call to a central repository that can then investigate/block/filter/prosecute/whatever. Very similar in concept to the way I forward spam Email to SpamCop.

        • Re:Now, can they block them? (Score:5, Funny)

          by Lady Galadriel ( 4942909 ) on Saturday August 15, 2020 @10:37AM (#60403875)
          I vote for *666 as the method to both block the number locally, and report it as spam.

        • >"This scourge will continue until carriers/providers can be held liable for delivering false caller id numbers or names. "

          Although a start, that is actually not enough. Even if the caller ID is accurate (which I imagine many of the spam calls are), that doesn't stop the calls. My forever-unlisted and secret (I NEVER give it out) land line number that I have had for over 27 years doesn't even have caller ID, and I get spam human and robo calls every week. I am annoyed by the call, whether it is answered or not. I even changed my answering machine greeting to help combat their stupid-ass systems from leaving messages (and at least that has been mostly successful).

          What I would like to see is some way to answer, hang up, and then dial some code that automatically and immediately reports the preceding spam call to a central repository that can then investigate/block/filter/prosecute/whatever. Very similar in concept to the way I forward spam Email to SpamCop.

          Get rid of the land line. Use a cell phone. Turn on do not disturb. Fixed.

          • >"Get rid of the land line. Use a cell phone. Turn on do not disturb. Fixed."

            I keep a land line for emergencies and for an alternate means of contact for family and friends. Unlike cell service, it has *never* gone down or had technical problems. Getting rid of it might solve one problem and cause another. Also, I prefer land-line communications because the call clarity is consistent and always good. (That has NOT been the case with cell, especially in past years).

            On my cell phone, I do have all unk

          • How does that fix anything? You can put a landline into do not disturb mode too - just turn off the ringer. You're still getting junk calls. You still have to look through the call history to see if anything was important. You still have to delete garbage voice mails or messages on the answering machine.

            The issue isn't fixed until my phone stops getting junk calls, and people responsible for this mess are sitting in prison.

        • The companies that hire the robocallers and the robocalling companies should both be prosecuted for the laws they are breaking. Academic studies like this one should out the perpetrators, not just count the number of unsolicited calls.

      • Re: (Score:2)

        by Chozabu ( 974192 )
        It is a technical challenge - but sure can be done.

        1. Get some simple legislation in place, either banning spoofed number, or "Caller must be able to publicly verify they own the number being spoofed, and provide real number" - if we really need spoofed numbers....
        2. If a carrier does not provide this info, the call is not connected.

        Another approach could be for carriers to track which other carriers spam/scam calls are coming from, then let them know they will be blocked unless the stop forwardin

      • This scourge will continue until carriers/providers can be held liable for delivering false caller id numbers or names. I'm sure they will say it's too hard or not technically possible, but when there is a financial incentive to solve a problem then it usually gets solved.

        This scourge will continue until people stop answering calls from numbers they don't recognize.

        Either that or some other technology replaces this one.

    • There is no good reason not to identify owners of telephone numbers and make them liable for unwanted calls. However I think this runs deeper: on Android, each time they would call for a time I would have to deny a location request from a third party app I did not install. Also the calls come in storms for me when I am off work for a few days and traveling. I think the calls are related to hacking, location tracking and more shadowy stuff, so it may be hard for phone companies to get on top.

    • They have been able to identify and block these calls for years. This is why robocalls are not an issue in Canada and Europe - you get a couple per year because there are laws that require phone companies to block these calls and which mean authorities can crackdown on the callers.

      If you have a problem with robocalls in the US then it is not a technology problem but rather a legal one. Here in Canada we only get them a couple of times a year now. The only exception has been TELUS trying to push their exp

      • Re: (Score:2)

        by dryeo ( 100693 )

        I still get a robocall every couple of days on the land line, as well as Telus regularly trying to upgrade the land line to expensive cell I believe. The odd time that I answered them, I tried to get them to fix something and they go away for a while.
        Cell phone also gets regular spam calls, usually in Chinese where you recognize a few words such as CRA. These often seem to be spoofed to the same prefix I use, so look local.
        OTOH, my internet thingy (rural internet over LTE supplied by Telus) has a phone numb

      • They have been able to identify and block these calls for years. This is why robocalls are not an issue in Canada and Europe - you get a couple per year because there are laws that require phone companies to block these calls and which mean authorities can crackdown on the callers.

        In Europe (UK anyway) we get plenty of robotcalls, thanks. There is a widespread "Amazon Prime" scam going on at the moment for example. My phone company does not block these calls, and just how would the authorities crack down when most come from India and the Indian police don't give a shit? - even if somehow you know your way through the Indian police bureaucracy well enough to get to speak to the right person.

  • So can we nuke those robo call centers from orbit? It's the only way to be sure.

    Normally I ignore any calls to my cell phone from unrecognized numbers. Since I've been working from home and have my office phone forwarded to my cell, I often answer those calls now. Apparently a car I had 5 years ago has an expiring warranty.
  • Okay so I searched and surprisingly very few people at least according to Google seem to have wondered where all this robocalls ultimately come from. How many are domestic? How many are foreign? I would assume most of its from overseas but is most of it from hundreds or thousands of outfits or are a relative few causing most of the problems?
  • robocalls claiming to be about my automobile warranty, and they mention a newer ford van i owned but later i traded in earlier this year, so i think the ford motor company or the ford delership or the DMV sold my personal info to marketers

  • "Running phone lines" (Score:4, Informative)

    by PuddleBoy ( 544111 ) on Saturday August 15, 2020 @10:09AM (#60403825)

    Just being picky here...

    Nobody ran 66,606 phone lines. They probably got a couple dozen SIP Trunks and ran a group of (non-contiguous?) DIDs across them. (maybe into an Asterisk phone system) The SIP Trunks just run across their Internet connection.

    The SIP trunks enabled inbound call paths. You only need as many paths as you think are likely to carry simultaneous calls. (Some carriers will even provide a portal that allows you to turn trunks up and down at will) The DIDs could be activated or deactivated by the carrier as needed (at the soft switch).

    Write software for the Asterisk (or whatever) to do the analysis of the inbound flow.

    You could conceivably do the physical aspect of this study from home.

    • >"Just being picky here... Nobody ran 66,606 phone lines"

      Oh, most certainly not. But it doesn't matter- as long as there were 66,606 phone numbers available for call-in.

      Based on what Cox charges for DID, I imagine that was still expensive. There is a limited pool of numbers, so one confound in the study could be (and no, I didn't read it, I did read the article, however) that those numbers belonged to other people in the past... so these aren't "clean" phone numbers, they have a history. So it is not

  • Can anyone just call you without a phone number appearing in your display? Can phone numbers just be made up without the operator only accepting registered ones? Is there no central registry?

    And if yes, can't you just have a whitelist for private users? Like, say, your phone book ...

    Why is this a problem?

    • caller ID can be spoofed to show local area codes so you think it is somebody nearby calling you

    • Re: (Score:2)

      by v1 ( 525388 )

      Although caller id is being updated, the original design basically trusted the source to provide their caller id. (client-side security, ain't it just great! it's so easy to implement, lets stick with it!) Anyway, the caller can send any number they want to, or can send a "null" to display "private" on the receiver's caller id.

      Phone companies have been suspiciously little help, and with just a little inspection you realize they are making money off the telemarketers just like they're making money off their

      • Phone companies have been suspiciously little help,

        T-Mobile has been helpful in that they label a number of scam callers with the caller ID "Scam Likely".

        I wonder what it is about the calls that T-Mobile can figure out how to label them in that way, as I still get a number of calls per week that are scam calls that use local area codes... I wonder what it is abut those T-Mobile does not detect to label.

        Of course now political calls are just coming online so they are semi-legitimate calls... time to just blo

  • Fascinating how you do not get that fixed.... (Score:5, Interesting)

    by gweihir ( 88907 ) on Saturday August 15, 2020 @11:46AM (#60404039)

    Robocalls are not even an issue in Europe. As to unsolicited calls, I got about 10 or so in the last 20 years. Of course, it is a $50'000 fine for the caller here and one pretty persistent one was just raided by the police within a few days and everybody got arrested. The "Indian MS support" gets blocked fast enough by the phone companies (or _they_ pay that fine, and if they refuse to cooperate that becomes a per call fine) that I only had 2 in those 20 years.

    _That_ is how you solve this problem. And you most certainly do not allow an exception for politicians.

    • Where in Europe?
      Cause here in Germany we get many scam calls. Not robocalls, always live people, but still enough of those, often several per week. Even when cold calling has been illegal explicitly for years. And most all by now falsify their caller ID.

      It's always a purely political problem especially since telcos make a profit from these calls.

      • Where in Europe?

        If the OP is in Europe he must be on a hermit island if he does not get robot or scam calls. The fact that he quotes a fine in $$ suggests that he does not live in Europe. I live in the UK and get plenty of scam calls, some robotic and some human.

        • To be honest, I've never received a robot call. I received some ms-support scam calls and a few unsolicited calls a year. I live in the Netherlands and don't take any special precautions except yelling at a person if he tries to sell me something.

    • Re: (Score:2)

      by MrL0G1C ( 867445 )

      Not true, I literally unplugged my landline because I was sick of cold calls and silent calls at all hours. Now I get the occasional call from Indian and Chinese sounding people to my mobile phones. Either they bought data from credit agencies (those fuckers know everything) or more likely they got my number from one of the fucktard companies that got pwned, which these days is just about all of them.

      Fines for callers are irrelevant when the callers are in Asia and are faking the caller ID.

  • Seems to me a relatively simple solution would be to make it cost a nominal fee to place a phone call. You could even make it so the first 100 calls a month are free. The economics of robocalls work because the calls basically cost nothing - if you get just one taker for your product (or your scam) you will come out ahead even if you have need to place thousands (maybe millions) of calls. Change the economics and robocalls will stop.
    • They won't stop since you cannot make foreign telcos pay US prices or fees. Not possible.
      The only way to stop them is making your local telcos liable for them. And these telcos lobby hard to prevent (read: bribe politicians) exactly that.

      • Re: (Score:2)

        by Nkwe ( 604125 )

        They won't stop since you cannot make foreign telcos pay US prices or fees. Not possible.

        Why not? Foreign calls have to terminate on US systems. Require a fee for terminating / delivering a call to a US system. Granted politics can come into play, but is there a technical reason it can't be done?

      • They won't stop since you cannot make foreign telcos pay US prices or fees. Not possible.

        BS. If the foreign telco does not pay the fee for the call as it comes in, the US telco should not put the call through. Simple. The foreign telco will charge this to their caller or otherwise they would be losing money. That should wreck the scammers' business model.

  • 1,481,201 calls to 66,606 lines in 10 months is about 2 calls per line per month. Which seems a bit low, to be honest, but is hardly a civilization shattering crisis. (And no business in the world is going to have to add another line because they get two extra calls a month.)

    In short, yet another "OH MY GOD!!! THE WORLD IS ENDING!!! GIVE US MORE MONEY OR HELLFIRE WILL RAIN DOWN FROM THE HEAVENS, DINGOS WILL EAT YOUR CHILDREN, AND CHARLES MANSON WILL KICK YOUR DOG!!!" snake oil pitch.

    • No-one is saying that scam calls shatter civilisations, although they have shattered many indivduals' lives. Most crimes are not civilisation shattering, but that does not mean you do nothing about them.

      • Re: (Score:2)

        by taustin ( 171655 )

        But the article does specifically say that businesses could be forced to add an additional line to handle the calls - for two extra calls a month .

        It's hysterical garbage, like nearly all "news" these days.

  • I can't read this thread without thinking of this. Every tool can also be a weapon. [albinoblacksheep.com]. Taliban!

  • they should get the funds to get a SS7 soft witch and peer with a carrier, then they can also know where the calls are coming from. Just like the telco's know and overnments know....

  • about their vehicle's extended warranty. Didn't you get our letters in the mail? Well, don't worry about that, just send us money so your car doesn't explode.

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close