There have been several articles about a bust of at least 70 people in India, who are behind some of the IRS scam phone scam.
Here are a couple of links to the Department of Homeland Security (DHS) Cyber Security Division (CSD) showcase earlier this year.
Here is a video from last years DefCon on how to use a burner cell phone to generate a bunch of calls for a Telephony Denial of Service (TDoS) attack. This allows an attacker to create a virtually untraceable and highly anonymous attack. Even with a single phone, you can generate enough calls for a long enough period, to affect a small target, such as a hospital ER/ICU, small business, a small PSAP, etc.
See the video in the link below. This is another case of robocalls, specifically automated debt collection calls, gaining significant national attention:
We all know that these calls are a big issue for consumers on their land lines. The robocallers, whether they are selling a product, harassing their victim, trying a scam, or attempting to get information (vishing), have traditionally targeted landlines because they have lists of numbers and because the targets can be especially vulnerable (elderly consumers).
However, we are all getting some of these calls on our cell phones. This is in violation of the Telephone Consumer Protection Act (TCPA). This document, while old, is a must read. Now it is also illegal to make robocalls to normal land lines, but I predict that robocalls to cell/smart phones will get more attention and make it likely that the victims will complain. As covered in the video, attorneys have started to notice and I predict will work to make their share off of this issue, which is only getting worse and more common. Now attorneys will only be able to go after "legitimate" robocallers. They will have equal challenges as law enforcement going after illicit robocallers or those outside the country, but there are a lot of attorneys, and between them, law enforcement, the FTC/FCC, we may see a growing civil and law enforcement response to the robocalling issue.
This will also be a boon for companies building smart phone applications to block these calls.
While this is going on, the robocallers are also increasing their call volume into businesses and enterprises. Land lines are slowly going away and the target base is getting saturated. It may be too risky to hammer away at consumers precious cell/smart phones (heaven forbid a call comes in in the middle of composing an Instagram or Snapchat message), so the logical next target will be businesses and enterprises.
Here is an interesting report on a variety of fraud issues. One thing that struck me is that voice has become the preferred channel for fraud. Voice SPAM, scams, vishing, social engineering into contact centers, etc. Voice used to be the most trusted communications medium, but now it has become the LEAST trusted. Public voice has a ton of issues - is it any wonder that users are moving to closed systems for voice and messaging???
The Communications Fraud Control Association (CFCA) release their 2013 global fraud report.
The FTC just fined and won a judgement against a group of companies who have been generating robocalls and voice SPAM, as part of a scam to defraud consumers. While a lot of the reason was due to the SCAM, it is also an additional indicator that the FTC is serious about dealing with the robocall issue. I would expect to see more fines and judgements, although there is no way it will stop the robocall issue. It might slow down "legitimate" and reachable companies, but not the hackers.
Here is a link to a recent presentation for an analysis of a massive scan of the entire IPV4 address range for SIP servers:
Brian Krebs, a well know security expert, experienced a SWATing attack.
Here is a link to a petition to the FCC, from a bit-time spammer, to request that service providers do not block political voice SPAM and texts.
There has been a fair amount of press about a fraud ring that was broken up by the FBI.
Most of us have known for a long time that caller ID has pretty much become worthless and unreliable as a means of identifying and authenticating a caller.