[
{
  "content": {
    "html": "<h2 >Successful attackers focus on the psychological manipulation of human emotions, which is why anyone, even a tech-savvy person, can become a victim.</h2><p>It started with a phone call around 10:30 a.m. on a Tuesday from an unknown mobile number. I was working on my computer at home and usually don&rsquo;t answer phone calls from people I don&rsquo;t know. For some reason, I decided to stop what I was doing and take that call.</p><p>That was my first mistake in a series of several I would make over the next four hours, during which I was the victim of a vishing, or voice-phishing campaign. By the end of the ordeal, I had transferred nearly €5,000 (EUR) in funds from my bank account and in Bitcoin to the scammers. My bank was able to cancel most of the transfers; however, I lost €1,000 (EUR) that I had sent to the attackers&rsquo; Bitcoin wallet.</p><p>Experts say it doesn&rsquo;t matter how much expertise you have in knowing the tactics attackers use or experience in spotting scams. The key to the attackers&rsquo; success is something older than technology, as it lies in manipulating the very thing that makes us human: our emotions.</p><p>“Because we are so tech-centric, we forget that actually these scam tactics are old — predating even Internet scams — and very proven,” says Richard Werner, cybersecurity advisor at Trend Micro. “They work with emotions. When they put us in the right mood and trigger anger or fear, we forget all the advice. In those cases, we lose common sense, and there&rsquo;s where [attackers] get us.”</p><p>As a result, even a cybersecurity expert can fall for a scam, as Werner himself — a 20-year IT cybersecurity veteran — did. A phishing email with a Windows-support themed message arrived in his email just as he was struggling with the operating system not working properly on his machine. Luckily, it was a phishing training exercise that came from an internal source at his company, not one with high stakes.</p><p>But as someone who has written phishing exercises for employee training, Werner knows that everyone — from the IT department to human resources — has a trigger that makes them susceptible to a scam under the right set of circumstances...</p>"
  },
  "date": "2024-03-20T21:00:00-05:00",
  "featured": false,
  "headline": "Don’t Answer the Phone: Inside a Real-Life Vishing Attack",
  "id": "1710968400",
  "imageFilename": "dont-answer-the-phone",
  "slug":"inside-a-real-life-vishing-attack",
  "sourceName": "Dark Reading",
  "sourceArticleUrl": "https://www.darkreading.com/cyberattacks-data-breaches/dont-answer-phone-inside-real-life-vishing-attack",
  "tags": ["Impostor Scam", "Vishing"]
},
{
  "content": {
    "html": "<h2 >Steve Kramer and two Texas companies spoofed president&rsquo;s voice to suppress turnout in New Hampshire</h2><p>A political operative and two companies that facilitated a fake robocall using AI to impersonate Joe Biden should be required to pay thousands of dollars in damages and should be barred from taking similar future actions, a group of New Hampshire voters and a civic action group said in a federal lawsuit filed on Thursday.</p><p>The suit comes weeks after Steve Kramer, a political operative, admitted that he was behind the robocall that spoofed Biden&rsquo;s voice on the eve of the New Hampshire primary and urged Democrats in the state not to vote. Kramer was working for Biden&rsquo;s challenger Dean Phillips, but Phillips&rsquo;s campaign said he had nothing to do with the call and Kramer has said he did it as an act of civil disobedience to draw attention to the dangers of AI in elections. The incident may have been the first time AI was used to interfere in a US election.</p><p>Lawyers for the plaintiffs – three New Hampshire voters who received the calls and the League of Women Voters, a voting rights group – said they believed it was the first lawsuit of its kind seeking redress for using AI in robocalls in elections. The New Hampshire attorney general&rsquo;s office is investigating the matter.</p><p>Two Texas companies, Life Corporation and Lingo Telecom, also helped facilitate the calls.</p><p>“If Defendants are not permanently enjoined from deploying AI-generated robocalls, there is a strong likelihood that it will happen again,” the lawsuit says...</p>"
  },
  "date": "2024-03-14T10:49:40-05:00",
  "featured": false,
  "headline": "Political operative and firms behind Biden AI robocall sued for thousands",
  "id": "1710413380",
  "imageFilename": "fraudulent-ai-biden-robocalls",
  "slug":"pol-op-and-firms-behind-biden-ai-robocall-sued",
  "sourceName": "The Guardian",
  "sourceArticleUrl": "https://www.theguardian.com/us-news/2024/mar/14/ai-biden-robocall-lawsuit",
  "tags": ["AI", "Deepfake", "Impostor Scam", "Robocalls"]
},
{
  "content": {
    "html": "<h2 >One South Korean victim gave up $3 million to cybercriminals, thanks to convincing law-enforcement impersonation scams that combine both psychology and technology.</h2><p>Voice phishing, or vishing, is having a moment right now, with numerous active campaigns across the world that are ensnaring even savvy victims who might seem likely to know better, defrauding them in some cases of millions of dollars.</p><p>South Korea is one of the global regions being hit hard by the attack vector; in fact, a scam in August 2022 caused the largest amount ever stolen in a single vishing case in the country. That occurred when a doctor sent 4.1 billion won, or $3 million, in cash, insurance, stocks, and cryptocurrencies to criminals, demonstrating just how much financial damage one vishing scam can inflict.</p><p>Sophisticated social engineering tactics of recent scams that are leading them to success include impersonating regional law-enforcement officials, giving them an authority that is highly convincing, according to Sojun Ryu, lead of the Threat Analysis Team at South Korean cybersecurity firm S2W Inc. Ryu is giving a session on the trend, “Voice Phishing Syndicates Unmasked: An In-Depth Investigation and Exposure,” at the upcoming Black Hat Asia 2024 conference in Singapore. Vishing campaigns in South Korea in particular take advantage of culture-specific aspects that allow even those who don&rsquo;t seem like they would fall for such a scam to be victimized, he says...</p>"
  },
  "date": "2024-03-11T10:00:00-05:00",
  "featured": false,
  "headline": "Sophisticated Vishing Campaigns Take World by Storm",
  "id": "1710151200",
  "imageFilename": "sophisticated-vishing-campaigns",
  "slug":"vishing-campaigns-take-world-by-storm",
  "sourceName": "Dark Reading",
  "sourceArticleUrl": "https://www.darkreading.com/endpoint-security/sophisticated-vishing-campaigns-take-world-by-storm",
  "tags": ["Impostor Scam", "Spoofing & Impersonation", "Vishing"]
},
{
  "content": {
    "html": "<h2 >As phishing is often just the beginning of the chain of compromise it should get more attention</h2><p>In its early stages, phishing attacks were often very simplistic and relied on impersonating reputable sources via written communication, i.e. emails and letters, to gain access to sensitive data, now adversaries have adapted their techniques in the wake of the AI evolution. With the growing popularity of GenAI tools, voice-based phishing attacks - also known as &lsquo;vishing&rsquo; - have become the new norm and organizations have to combat this evolution by modernizing their IT security.</p><h2 >Phishing as the reconnaissance phase of a bigger attack</h2><p>We have to look at the anatomy of an attack to understand the role that phishing is playing in the malware industry. While ransomware typically gets all the headlines once intruders are able to monetize their efforts after successfully delivering the payload at the end of an infection cycle, there is less coverage on the overall infection cycle, which often starts with something as simple as phishing. The reconnaissance phase at the beginning of an attack plays an even more important role in the defense strategy.</p><p>When attackers are figuring out what an organization&rsquo;s attack surface looks like, they use phishing as a mechanism to harvest confidential personal information, such as credentials, or attempt to download a zero-day malware to gain access to a particular machine. As adversaries are using the latest trends like AI to trick users, organizations should put more focus on reducing their attack surface and applying advanced behavioral analysis mechanisms...</p>"
  },
  "date": "2024-03-06T09:00:00-06:00",
  "featured": false,
  "headline": "The evolution of phishing: vishing & quishing",
  "id": "1709715600",
  "imageFilename": "phishing-vishing-quishing",
  "slug":"evolution-of-phishing-vishing-quishing",
  "sourceName": "Tech Radar",
  "sourceArticleUrl": "https://www.techradar.com/pro/the-evolution-of-phishing-vishing-and-quishing",
  "tags": ["Phishing", "Quishing", "Vishing"]
},
{
  "content": {
    "html": "<h2 >76% of enterprises lack sufficient voice and messaging fraud protection as AI-powered vishing and smishing skyrocket following the launch of ChatGPT, according to Enea.</h2><p>61% of enterprises still suffer significant losses to mobile fraud, with smishing (SMS phishing) and vishing (voice phishing) being the most prevalent and costly.</p><p>Enterprises account for a significant share of communication service provider (CSP) subscribers and an even greater share of their revenues. They depend on their CSP to protect them from telecom-related fraud, with 85% saying security is important or extremely important for their telecoms buying decisions.</p><p>Since the launch of ChatGPT in November 2022, vishing, smishing, and phishing attacks have increased by a staggering 1,265%...</p>"
  },
  "date": "2024-02-29T09:00:00-06:00",
  "featured": false,
  "headline": "Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT",
  "id": "1709197200",
  "imageFilename": "vishing-smishing-phishing-skyrocket-post-chatgpt",
  "slug":"vishing-smishing-phishing-skyrocket-post-chatgpt",
  "sourceName": "HelpNet Security",
  "sourceArticleUrl": "https://www.helpnetsecurity.com/2024/02/29/mobile-fraud-losses/",
  "tags": ["Call Authentication", "Phishing", "Smishing", "Vishing"]
},
{
  "content": {
    "html": "<p>Federal Trade Commissioner Chair Lina Khan warned the public about scammers after a New York Magazine financial advice columnist revealed she handed over $50,000 to a mystery man who claimed to be an agency investigator.</p><p>“Being the victim of a scam can be devastating” Khan posted on X.</p><p>“Nobody from the FTC will ever give you a badge number, ask you to confirm your Social Security number, ask how much money you have in your bank account, transfer you to a CIA agent, or send you texts out of the blue.”</p><p>Khan said Americans lost $2.7 billion last year because of vishing, or voice phishing — where scammers impersonate government agents over the phone…</p>"
  },
  "date": "2024-02-16T10:34:34-06:00",
  "featured": false,
  "headline": "FTC warns of scammers after NY Mag finance columnist lost $50K in voice phishing hoax",
  "id": "1708079674",
  "imageFilename": "ftc-warns-of-scammers",
  "slug":"ftc-warns-of-scammers-after-columnist-lost-50k-vishing-hoax",
  "sourceName": "New York Post",
  "sourceArticleUrl": "https://nypost.com/2024/02/16/business/ftc-warns-of-scammers-after-ny-mag-finance-columnist-lost-50k-in-vishing-hoax/",
  "tags": ["FTC", "Impostor Scam", "Vishing"]
},
{
  "content": {
    "html": "<p>When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of protection against breaches. However, it&rsquo;s important to remember that MFA isn&rsquo;t foolproof. It can be bypassed, and it often is.</p><p>If a password is compromised, there are several options available to hackers looking to circumvent the added protection of MFA. We&rsquo;ll explore four social engineering tactics hackers successfully use to breach MFA and emphasize the importance of having a strong password as part of a layered defense...</p>"
  },
  "date": "2024-02-12T21:00:00-06:00",
  "featured": false,
  "headline": "4 Ways Hackers use Social Engineering to Bypass MFA",
  "id": "1707771600",
  "imageFilename": "ways-hackers-use-social-engineering",
  "slug":"hackers-use-social-engineering-to-bypass-mfa",
  "sourceName": "The Hacker News",
  "sourceArticleUrl": "https://thehackernews.com/2024/02/4-ways-hackers-use-social-engineering.html",
  "tags": ["Call Center Fraud", "MFA", "Sim Swapping", "Social Engineering", "Spoofing & Impersonation"]
},
{
  "content": {
    "html": "<p>The phone rings and a recording says you owe the IRS back taxes and have to share your credit card number to settle the balance. Or it&rsquo;s the bank, warning you that your account has been compromised.</p><p>These are just two examples of “vishing,” or voice phishing, a popular scam that can take place over a mobile phone or landline. The perpetrator will often pretend to be from a recognizable company or government agency and ask for your credit card, bank account info, Social Security number or other sensitive data.</p><p>These attacks are particularly effective because the scammers sound authoritative and urgent. In 2022, victims of vishing scams reported median losses of $1,400, according to the Federal Trade Commission (FTC).</p><p>Below, CNBC Select explains how to identify, avoid and recover from vishing attacks...</p>"
  },
  "date": "2024-02-05T12:00:00-06:00",
  "featured": false,
  "headline": "How to recognize a vishing scam and protect yourself from attack",
  "id": "1707134400",
  "imageFilename": "vishing-protect-yourself",
  "slug":"recognize-a-vishing-scam-and-protect-yourself",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://www.cnbc.com/select/what-is-vishing-and-how-to-prevent/",
  "tags": ["Financial Fraud", "Impostor Scam", "Vishing"]
},
{
  "content": {
    "html": "<p>As we look back at the cyber threat environment over the last year, stolen credentials were a driving factor, leading to disrupted lives, stolen data, business shutdowns, and billions of dollars in financial losses. The 2023 Verizon Data Breach Investigations Report found that of the 83% of all breaches that involved external actors, 49% of those leveraged the use of stolen credentials.</p><p>Millions of sets of credentials were compromised last year, through third-party breaches, infostealer malware infections, network intrusions or other methods before making their way to forums, dark web marketplaces, or other sites. Regardless of their source, the massive number of stolen legitimate credentials available underscores the pervasive nature of the threat...</p>"
  },
  "date": "2024-01-29T10:00:00-06:00",
  "featured": false,
  "headline": "Three trends to watch for in the looming ‘credentials crisis’",
  "id": "1706522400",
  "imageFilename": "three-trends-in-looming-credential-crisis",
  "slug":"trends-to-watch-in-looming-credentials-crisis",
  "sourceName": "SC Media",
  "sourceArticleUrl": "https://www.scmagazine.com/perspective/three-trends-to-watch-for-in-the-looming-credentials-crisis",
  "tags": ["Data Breach", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>If you&rsquo;ve been getting more robocalls lately, you are not alone. Phone call scams have increased a whopping 118% in the past year, according to First Orion, and millions of Americans have fallen victim to phone scammers using AI voice scams looking to steal their money and identities.</p><p>Hopefully, you&rsquo;ve already learned not to answer calls from these area codes and know how to tell if the “iPhone virus warning” is a scam. But now there&rsquo;s another common phone scam trick to watch out for. Experts are warning about a robocall that starts with the simple four-word phrase “Can you hear me?” in hopes of recording your response and using it to commit fraud...</p>"
  },
  "date": "2024-01-21T09:00:00-06:00",
  "featured": false,
  "headline": "If You Hear This 4-Word Phrase When You Pick Up the Phone, Hang Up Immediately",
  "id": "1705827600",
  "imageFilename": "waveform",
  "slug":"hang-up-if-you-hear-this-four-word-phrase",
  "sourceName": "Reader's Digest",
  "sourceArticleUrl": "https://www.rd.com/article/four-word-phone-scam/",
  "tags": ["AI", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>The AHA has been made aware of a validated IT help desk social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other sensitive financial roles. The scheme involves what is presumably a foreign-based threat actor calling IT help desks and leveraging stolen personally identifiable information of employees to answer security questions posed by the IT help desk. The threat actor then requests a password reset and requests to enroll a new device, such as a cell phone, to receive multi-factor authentication codes. This new device will often have a local area code. This effectively defeats multi-factor authentication, including SMS text and higher level “phishing-resistant” MFA, to provide full access to the compromised employee&rsquo;s email account and other applications. The threat actor has reportedly used the compromised employee&rsquo;s email account to change payment instructions with payment processors and divert legitimate payments to fraudulent U.S. bank accounts. As with other payment diversion schemes, it is believed the funds are ultimately transferred overseas...</p>"
  },
  "date": "2024-01-12T14:00:00-06:00",
  "featured": false,
  "headline": "Hospital IT help desks targeted by sophisticated social engineering schemes",
  "id": "1705068000",
  "imageFilename": "hospital-help-desks-targeted",
  "slug":"hospital-help-desks-targeted-sophisticated-social-engineering",
  "sourceName": "American Hospital Association",
  "sourceArticleUrl": "https://www.aha.org/news/headline/2024-01-12-hospital-it-help-desks-targeted-sophisticated-social-engineering-schemes",
  "tags": ["Authentication", "Financial Fraud", "Healthcare and Hospitals", "Social Engineering"]
},
{
  "content": {
    "html": "<p>It&rsquo;s unfortunately become an all-to-common scenario: you&rsquo;re waiting for a package to be delivered—but then you receive an SMS text message that seems to be from the carrier, demanding payment before delivery can be completed. If you follow the link in the message, a look-alike website will be reached where you can enter your credit card information—and promptly have it stolen, along with your money. You&rsquo;ve just become the latest victim of smishing.</p><p>Smishing is the name given to phishing scams run through SMS texting (the name being a portmanteau of SMS and phishing). This exact scenario played out for many Canadian customers awaiting package delivery from UPS during 2022 and 2023. Cybercriminals cracked an online package lookup tool and gained access to recipients&rsquo; data, including phone numbers, and began sending fraudulent SMS messages to the unaware victims...</p>"
  },
  "date": "2024-01-03T21:00:00-06:00",
  "featured": false,
  "headline": "The Complete Guide to Smishing (SMS Phishing)",
  "id": "1704315600",
  "imageFilename": "the-complete-guide-to-smishing",
  "slug":"the-complete-guide-to-smishing-sms-phishing",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2024/01/the-complete-guide-to-smishing-sms-phishing/",
  "tags": ["Impostor Scam", "Phishing", "Smishing", "Spear Phishing", "Whaling"]
},
{
  "content": {
    "html": "<p>WASHINGTON, Jan 2 (Reuters) - U.S. regulators and XCast Labs have agreed on a proposed settlement of charges that the company facilitated billions of illegal robocalls, the Federal Trade Commission (FTC) said on Tuesday.</p><p>The FTC also ordered the Voice over Internet Protocol (VoIP) provider to pay a $10 million civil penalty but suspended the fine “based on its inability to pay,” it said in a statement.</p><p>The penalty will be due immediately if XCast “misrepresented its financial condition,” and XCast must cut ties with firms that do not follow telemarketing rules, it added...</p>"
  },
  "date": "2024-01-02T18:35:00-06:00",
  "featured": false,
  "headline": "FTC reaches settlement with XCast Labs over illegal robocalls",
  "id": "1704220500",
  "imageFilename": "ftc-xcast-settlement-robocalls",
  "slug":"ftc-xcast-settlement-robocalls",
  "sourceName": "Reuters",
  "sourceArticleUrl": "https://www.reuters.com/legal/ftc-reaches-settlement-with-xcast-labs-over-illegal-robocalls-2024-01-02/",
  "tags": ["Phishing", "Robocalls"]
},
{
  "content": {
    "html": "<p>Telephone scams, often referred to as vishing--a contraction of voice and phishing--are gaining steam among cyber spoofers, as witnessed by the $1.2 billion lost to the swindles last year, according to Federal Trade Commission (FTC) figures.</p><p>Overall, consumers lost $8.8 billion to fraud in 2022, the agency said. Number one on the list of fraud schemes was imposter trickery. Reported losses to business imposters was $660 million in 2022.</p><p>Losses to phone scams yielded the highest reported loss per person with a median of $1,400.</p><p>Vishers are high volume hackers that use social engineering tactics to lure victims to interact with them mostly using an email, text message, phone call, or direct-chat messages. Indeed, a recent study by endpoint security cyber defender Trellix found vishing spiked 142% from Q3 2022 to Q4 2022. Some 85% of vishing attacks were tied to free email services...</p>"
  },
  "date": "2023-12-19T09:00:00-06:00",
  "featured": false,
  "headline": "Vishing Attacks Crest $1B: How MSSPs Can Help",
  "id": "1702976400",
  "imageFilename": "vishing-attacks-crest-1B",
  "slug":"vishing-attacks-crest-1b",
  "sourceName": "MSSP Alert",
  "sourceArticleUrl": "https://www.msspalert.com/news/vishing-attacks-crest-1b-can-mssps-slow-down-the-scammers",
  "tags": ["Call Center Security", "Impostor Scam", "Ransom", "Vishing"]
},
{
  "content": {
    "html": "<h2 >Interpol increasingly concerned as abject abuse of victims scales far beyond Asia origins</h2><p>Human trafficking for the purposes of populating cyber scam call centers is expanding beyond southeast Asia, where the crime was previously isolated.</p><p>Interpol revealed this week that an ongoing investigation has discovered evidence of abuse emanating from South America and also the Middle East.</p><p>Cambodia, Laos, and Myanmar have typically been the hotspots of this type of crime since 2021 when it was first tracked by Interpol. </p><p>The latest five-month operation discovered that victims from Malaysia were being trafficked to work in Peruvian call centers and Ugandan victims were being trafficked to Dubai for the same reason, only to be diverted to Thailand and then Myanmar...</p>"
  },
  "date": "2023-12-08T11:25:00-06:00",
  "featured": false,
  "headline": "That call center tech scammer could be a human trafficking victim",
  "id": "1702034700",
  "imageFilename": "that-scammer-could-be-a-human-trafficking-victim",
  "slug":"that-scammer-could-be-a-human-trafficking-victim",
  "sourceName": "The Register",
  "sourceArticleUrl": "https://www.theregister.com/2023/12/08/human_trafficking_for_cyber_scam/",
  "tags": ["Call Center Fraud"]
},
{
  "content": {
    "html": "<h2 >A ChatGPT feature allowing users to easily build their own artificial-intelligence assistants can be used to create tools for cyber-crime, a BBC News investigation has revealed.</h2><p>OpenAI launched it last month, so users could build customised versions of ChatGPT “for almost anything”.</p><p>Now, BBC News has used it to create a generative pre-trained transformer that crafts convincing emails, texts and social-media posts for scams and hacks.</p><p>It follows warnings about AI tools.</p><p>BBC News signed up for the paid version of ChatGPT, at £20 a month, created a private bespoke AI bot called Crafty Emails and told it to write text using “techniques to make people click on links or and download things sent to them”...</p>"
  },
  "date": "2023-12-06T09:00:00-06:00",
  "featured": false,
  "headline": "ChatGPT tool could be abused by scammers and hackers",
  "id": "1701853200",
  "imageFilename": "chatgpt-tool-could-be-abused-by-scammers",
  "slug":"chatgpt-tool-could-be-abused-by-scammers",
  "sourceName": "BBC",
  "sourceArticleUrl": "https://www.bbc.com/news/technology-67614065",
  "tags": ["AI", "Smishing"]
},
{
  "content": {
    "html": "<h2 >U.S. Sen. Kirsten Gililbrand announced on Thursday that she is re-introducing legislation which aims to crack down on robocalls, robo texts and artificial intelligence scams.</h2><p>(TNS) — U.S. Sen. Kirsten Gililbrand announced on Thursday that she is re-introducing legislation which aims to crack down on robocalls, robo texts and artificial intelligence scams.</p><p>Speaking during a virtual press conference, Gillibrand said Americans receive about 4 billion robocalls each month nationwide and, as artificial intelligence (AI) grows more sophisticated, so do phone scams.</p><p>The Deter Obnoxious, Nefarious, and Outrageous Telephone Calls Act — also known as the DO NOT Call Act — would strengthen criminal penalties for violating telemarketing regulations, including up to three years in prison for repeated violations. The bill would also double the fine for falsifying caller ID information from $10,000 to $20,000...</p>"
  },
  "date": "2023-12-01T12:00:00-06:00",
  "featured": false,
  "headline": "Senator Introduces Legislation Targeting AI Phone Scams",
  "id": "1701432000",
  "imageFilename": "senator-introduces-legislation-targeting-ai-phone-scams",
  "slug":"senator-introduces-legislation-targeting-ai-phone-scams",
  "sourceName": "Government Technology",
  "sourceArticleUrl": "https://www.govtech.com/artificial-intelligence/senator-introduces-legislation-targeting-ai-phone-scams",
  "tags": ["AI", "Do Not Call", "Elder Fraud", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>Police in Ukraine and Czechia claim to have disrupted a multimillion-dollar fraud gang who called victims impersonating bank staff, using classic voice phishing (vishing) techniques.</p><p>Europol claimed that the group may have made tens of millions of euros by defrauding victims across the region. It said the cost to Czech victims alone is estimated to be €8m ($9m).</p><p>Ten suspects were arrested in April this year, six in Ukraine and four in Czechia. Homes, vehicles and call centers in Czechia (Domazlice, Rokycany and Plzen) and Ukraine (Dnipropetrovsk) were searched by local investigators supported by Europol, the policing group said.</p><p>Mobile phones, SIM cards and computer equipment were seized during the operation...</p>"
  },
  "date": "2023-11-16T09:00:00-06:00",
  "featured": false,
  "headline": "European Police Take Down $9m Vishing Gang",
  "id": "1700125200",
  "imageFilename": "european-police-take-down-vishing-gang",
  "slug":"european-police-take-down-9m-vishing-gang",
  "sourceName": "Info-Security Group",
  "sourceArticleUrl": "https://www.infosecurity-magazine.com/news/european-police-take-down-9m/",
  "tags": ["Caller-ID Spoofing", "Financial Fraud", "Vishing"]
},
{
  "content": {
    "html": "<p>At the 22nd Canadian Telecom Summit, Seattle-based Hiya unpacked the state of phone fraud in Canada, and how the rise of generative AI is exacerbating the issue.</p><p>The company&rsquo;s senior director of business development, Tony Janusky, kicked off the discussion highlighting the 2021 findings from the Canadian Anti Fraud Center, which indicate that voice-related phone scams accounted for 30 per cent of the 106,000 fraud reports received that year. Only 15 per cent stemmed from emails, and another 10 per cent from social media.</p><p>And, as a result, scammers are using an arsenal of tools to capitalize on the use of voice calls, which, Janusky said, continue to be the preferred medium of interaction for Canadians...</p>"
  },
  "date": "2023-11-13T09:00:00-06:00",
  "featured": false,
  "headline": "Canadian Telecom Summit: AI taking phone fraud to new heights",
  "id": "1699866000",
  "imageFilename": "ai-taking-phone-fraud-to-new-heights",
  "slug":"ai-taking-phone-fraud-to-new-heights",
  "sourceName": "IT World Canada",
  "sourceArticleUrl": "https://www.itworldcanada.com/article/canadian-telecom-summit-ai-taking-phone-fraud-to-new-heights/552628",
  "tags": ["AI", "Robocalls", "Vishing"]
},
{
  "content": {
    "html": "<h2 >Relying on passwords to secure user accounts is a gamble that never pays off.</h2><p>The cyberattacks on MGM Resorts International and Caesars Entertainment exposed the widespread effects data breaches can have on an organization — operationally, reputationally, and financially. Although many questions around the specific attack remain, reports say that hackers found enough of an MGM&rsquo;s employee&rsquo;s data on LinkedIn to arm themselves with the right knowledge to call the help desk and impersonate the employee, convincing MGM&rsquo;s IT help desk to obtain that employee&rsquo;s sign-in credentials.<br><br>What is the root cause of this breach? This attack, as well as so many other high-profile breaches over the past few years, happened because of our continued reliance on legacy sign-in credentials like passwords and SMS one-time passcodes that can be easily given away and reused...</p>"
  },
  "date": "2023-11-08T09:00:00-06:00",
  "featured": false,
  "headline": "MGM and Caesars Attacks Highlight Social Engineering Risks",
  "id": "1699434000",
  "imageFilename": "mgm-caesars-attacks-highlight-social-engineering-risks",
  "slug":"mgm-caesars-attacks-highlight-social-engineering-risks",
  "sourceName": "Dark Reading",
  "sourceArticleUrl": "https://www.darkreading.com/endpoint/mgm-and-caesars-attacks-highlight-social-engineering-risks",
  "tags": ["Call Center Fraud", "Impostor Scam", "MFA", "Phishing", "Vishing"]
},
{
  "content": {
    "html": "<h2 >VP Harris announced virtual hackathons to combat phone scams that target the elderly, among other US initiatives, at Rishi Sunak&rsquo;s AI Summit.</h2><p>Vice President Kamala Harris announced a swath of new initiatives at the United Kingdom&rsquo;s Global Summit on AI Safety Wednesday, including the establishment of the United States AI Safety Institute. One of the initiatives outlined by the White House is to combat fraudulent robocalls using artificial intelligence.</p><p>The White House will host virtual hackathons to fight fraudulent spam callers, particularly those using novel AI-generated voice models. VP Harris invites technology experts around the country to build artificial intelligence-based solutions to fend off the scams that particularly target the elderly. This initiative, among others announced by VP Harris Wednesday, expands on Joe Biden&rsquo;s executive order calling on Congress to regulate artificial intelligence...</p>"
  },
  "date": "2023-11-01T09:00:00-05:00",
  "featured": false,
  "headline": "The White House Wants to Wield the Terrifying Power of AI Against Robocalls",
  "id": "1698829200",
  "imageFilename": "white-house-wants-to-wield-ai-against-robocalls",
  "slug":"white-house-wants-to-wield-ai-against-robocalls",
  "sourceName": "Gizmodo",
  "sourceArticleUrl": "https://gizmodo.com/white-house-wants-use-ai-against-robocalls-1850979868",
  "tags": ["AI", "Deepfake", "Robocalls"]
},
{
  "content": {
    "html": "<p>According to a recent report from cybersecurity firm CloudSEK, cybercriminals are integrating &rsquo;vishing&rsquo; techniques (voice phishing) with emerging OTP grabber services to escalate their malicious activities. Cybercriminals are using these techniques to manipulate the users into revealing their one-time passwords.</p><p>Here&rsquo;s everything you need to know about this online scam technique...</p>"
  },
  "date": "2023-10-26T04:56:00-05:00",
  "featured": false,
  "headline": "Vishing: How hackers and cybercriminals use voice calls to steal money from your bank account",
  "id": "1698296160",
  "imageFilename": "vishing-how-cybercriminals-use-voice-calls",
  "slug":"vishing-how-cybercriminals-use-voice-calls-to-steal-money",
  "sourceName": "The Times of India",
  "sourceArticleUrl": "https://timesofindia.indiatimes.com/gadgets-news/vishing-how-hackers-and-cybercriminals-use-voice-calls-to-steal-money-from-your-bank-account/articleshow/104531320.cms",
  "tags": ["Financial Fraud", "Vishing"]
},
{
  "content": {
    "html": "<h2 >FCC received blank pages, a Windows Printer Test, and an “indiscernible object.”</h2><p>Twenty phone companies may soon have all their voice calls blocked by US carriers because they didn&rsquo;t submit real plans for preventing robocalls on their networks.</p><p>The 20 carriers include a mix of US-based and foreign voice service providers that submitted required “robocall mitigation” plans to the Federal Communications Commission about two years ago. The problem is that some of the carriers&rsquo; submissions were blank pages and others were bizarre images or documents that had no relation to robocalls.</p><p>The strange submissions, according to FCC enforcement orders issued yesterday, included “a .PNG file depicting an indiscernible object,” a document titled “Windows Printer Test Page,” an image “that depicted the filer&rsquo;s &rsquo;Taxpayer Profile&rsquo; on a Pakistani government website,” and “a letter that stated: &rsquo;Unfortunately, we do not have such a documents.&rsquo;”</p><p>Yesterday&rsquo;s FCC announcement said the agency&rsquo;s Enforcement Bureau issued orders demanding that “20 non-compliant companies show cause within 14 days as to why the FCC should not remove them from the database for deficient filings.” The orders focus on the certification requirements and do not indicate whether these companies carry large amounts of robocall traffic...</p>"
  },
  "date": "2023-10-17T15:59:00-05:00",
  "featured": false,
  "headline": "The most insane “robocall mitigation plans” that telcos filed with the FCC",
  "id": "1697558340",
  "imageFilename": "most-insane-robocall-mitigation-plans",
  "slug":"most-insane-robocall-mitigation-plans",
  "sourceName": "ars Technica",
  "sourceArticleUrl": "https://arstechnica.com/tech-policy/2023/10/telcos-filed-blank-robocall-plans-with-fcc-and-got-away-with-it-for-2-years/",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>The manager of a Florida call center has been convicted by a federal jury in Ft. Pierce, FL, for his role in a $67 million fraudulent genetic testing scheme.</p><p>According to a statement released by the U.S. Department of Justice, Jose Goyos, of West Palm Beach, along with co-conspirators, made telemarketing calls to the primary care physicians of Medicare beneficiaries to get the providers to order medically unnecessary tests based on falsified paperwork.</p><p>In some of the calls, Goyos and his employees misrepresented themselves as providers and claimed that the Medicare beneficiaries were mutual patients who had genetic conditions that justified the testing...</p>"
  },
  "date": "2023-10-11T09:00:00-05:00",
  "featured": false,
  "headline": "Fla. call center manager convicted in $67M fraudulent testing scheme",
  "id": "1697014800",
  "imageFilename": "fraudulent-testing-scheme",
  "slug":"fla-call-center-manager-convicted",
  "sourceName": "LabPulse.com",
  "sourceArticleUrl": "https://www.labpulse.com/business-insights/trends-and-finance/kickback/article/15636301/fla-call-center-manager-convicted-in-67m-fraudulent-testing-scheme",
  "tags": ["Healthcare and Hospitals", "Impostor Scam"]
},
{
  "content": {
    "html": "<h2 >Researchers found 164 domains connected to a single threat actor located in Tehran.</h2><p>A cyber campaign by threat actors targeting the US Postal Service (USPS) using smishing and phishing tactics is cresting, with close to 200 different domains used as infrastructure for the attacks.</p><p>While using tactics such as these is common in the cyber world, the volume of these campaigns has increased significantly in recent weeks. This prompted an investigation by DomainTools, which looked into the domain included at the end of one of the smishing messages and found that it was a unique email address — mehdi.kh021@yahoo[.]com — that included a backslash, a feature tied to 71 other domains.</p><p>Another email with a similar naming convention — mehdi.k1989@yahoo[.]com, only differing from the first domain in the five characters after the period — was tied to an additional 63 domains. That tally combined with a further 30 domains found through an email missing a backslash, the researchers at DomainTools have found 164 domains at present being used in the campaign...</p>"
  },
  "date": "2023-10-03T09:00:00-05:00",
  "featured": false,
  "headline": "USPS Anchors Snowballing Smishing Campaigns",
  "id": "1696323600",
  "imageFilename": "usps-anchors-snowballing-smishing-campaigns",
  "slug":"usps-anchors-snowballing-smishing-campaigns",
  "sourceName": "Dark Reading",
  "sourceArticleUrl": "https://www.darkreading.com/threat-intelligence/usps-smishing-campaigns",
  "tags": ["Impostor Scam", "Smishing"]
},
{
  "content": {
    "html": "<p>Effective communication is the lifeblood of any business, crucial for building and maintaining trust with customers and clients. Yet, a growing issue threatens this vital aspect of communication: the mislabeling and misidentification of caller names in Caller ID. This problem is particularly frustrating for consumers who are hesitant to answer unidentified calls, especially when they could be important, like a doctor&rsquo;s office or an airline with flight updates. The erosion of trust and confidence in the public communications network has also become a top concern for the FCC.</p><p>Unified Office, like many other service providers, became aware of this issue when their customers started complaining. Business names that had always been displayed to customers were suddenly reduced to just a CITY and STATE name or even worse, labeled as a SPAM risk. Unified Office&rsquo;s CEO, Ray Pasquale, emphasized the importance of this problem, stating, “We work tirelessly to support our customers, providing them with the connectivity, intelligence, and automations that enhance their operations and customer service while safeguarding their brand in the marketplace. This issue with Caller ID is a step back. We&rsquo;ve implemented solutions to correct mislabeled telephone numbers for some of our customers, but the problem persists and appears to be on the rise...”</p>"
  },
  "date": "2023-09-27T09:00:00-05:00",
  "featured": false,
  "headline": "The Caller ID Conundrum: The Challenge and Solution in Restoring Trust in the Public Telephone Network",
  "id": "1695805200",
  "imageFilename": "the-caller-id-conundrum",
  "slug":"the-caller-id-conundrum",
  "sourceName": "Telecom Reseller",
  "sourceArticleUrl": "https://telecomreseller.com/2023/09/27/the-caller-id-conundrum-the-challenge-and-solution-in-restoring-trust-in-the-public-telephone-network/",
  "tags": ["Call Branding", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>People don&rsquo;t answer calls from unknown callers. Unsurprisingly, according to insideARM, the generally-regarded top reason established customers and new customers don&rsquo;t answer calls is because they come from an unknown caller. Collectors report that roughly two-thirds of both new and existing customers don&rsquo;t answer the phone because the call&rsquo;s coming from an unknown caller. In fact, the answer rate for collections calls is sometimes as low as .5%.</p><p>But calling is still critical to a well-rounded, diverse collections strategy.</p><p>“It would be a very aggressive strategy change [to stop dialing],” says Mitchell Young, vice president, Diversified Markets, at TransUnion, adding, “I haven&rsquo;t seen anyone doing that...”</p>"
  },
  "date": "2023-09-11T10:00:00-05:00",
  "featured": false,
  "headline": "Who’s Calling?: Augment Your Collections Strategy by Telling Consumers Who’s on the Line",
  "id": "1694426400",
  "imageFilename": "augment-your-collections-strategy",
  "slug":"whos-calling-augment-your-collections-strategy",
  "sourceName": "Inside ARM",
  "sourceArticleUrl": "https://www.insidearm.com/news/00049368-whos-calling-augment-your-collections-str/",
  "tags": ["Call Branding"]
},
{
  "content": {
    "html": "<h2 >AI phone scams are on the rise, with scammers cloning voices with only a few seconds of audio.</h2><p>PHOENIX — Nancy Cooke&rsquo;s daughter was kidnapped by a drug dealer, and he wanted money.</p><p>At least, that&rsquo;s what her daughter&rsquo;s voice on the other end of the phone said.</p><p>“It was her voice exactly,” Cooke said. “She said mom, they&rsquo;re going to ask you for money again. I&rsquo;m sorry I really messed up, I&rsquo;ll pay you back, please give it to them.”</p><p>But while it was her daughter&rsquo;s voice, it wasn&rsquo;t her daughter. It was a scammer who had somehow cloned her voice and was making it say whatever he wanted...</p>"
  },
  "date": "2023-09-06T17:07:00-05:00",
  "featured": false,
  "headline": "Think you can spot an AI phone scam? Think again.",
  "id": "1694020020",
  "imageFilename": "think-you-can-spot-an-ai-phone-scam",
  "slug":"think-you-can-spot-an-ai-phone-scam",
  "sourceName": "12 News",
  "sourceArticleUrl": "https://www.12news.com/article/news/local/valley/think-you-can-spot-ai-phone-scam-think-again/75-64dcf4a9-7a90-42bd-88f4-be7c10884d0a",
  "tags": ["AI", "Financial Fraud", "Ransom"]
},
{
  "content": {
    "html": "<h2 >The UK&rsquo;s financial regulator has warned of an increasing number of scammers pretending to be the watchdog.</h2><p>The Financial Conduct Authority (FCA) said its impersonators aim to get people to hand over money or sensitive information, such as bank account PINs and passwords.</p><p>The public reported more than 7,700 instances of this type of scam to the FCA&rsquo;s contact centre so far this year.</p><p>Reports of this type of scam have more than doubled since 2021, the FCA said.</p><p>It added that a common tactic used by fraudsters was to tell people they were owed compensation, and then ask for bank details or a processing fee to arrange “payment”...</p>"
  },
  "date": "2023-08-30T12:00:00-05:00",
  "featured": false,
  "headline": "Thousands of scammers impersonate finance watchdog",
  "id": "1693396800",
  "imageFilename": "thousands-of-scammers-impersonate-finance-watchdog",
  "slug":"scammers-impersonate-finance-watchdog",
  "sourceName": "BBC",
  "sourceArticleUrl": "https://www.bbc.com/news/business-66650783",
  "tags": ["Financial Fraud", "Impostor Scam", "Spoofing & Impersonation"]
},
{
  "content": {
    "html": "<p>A man who operated a telemarketing call center located in Las Vegas was indicted recently following a federal inquiry into fraudulent fundraising operations.</p><p>Richard Zeitlin, 53, of Las Vegas, was apprehended at his home on Thursday by federal agents, according to Las Vegas TV station <em>KLAS</em>.</p><p>He later was charged with a count of conspiracy to commit wire fraud in connection with telemarketing, and a count of wire fraud in connection with telemarketing, according to Damian Williams, U.S. attorney for the Southern District of New York. He was also charged with conspiracy to obstruct justice and obstruction of justice...</p>"
  },
  "date": "2023-08-22T11:48:00-05:00",
  "featured": false,
  "headline": "Las Vegas Call Center Owner Charged After Fraud, Feds Reveal",
  "id": "1692704880",
  "imageFilename": "las-vegas-call-center-owner-charged",
  "slug":"las-vegas-call-center-owner-charged",
  "sourceName": "casino.org",
  "sourceArticleUrl": "https://www.casino.org/news/las-vegas-call-center-owner-charged-after-fraud-feds-reveal/",
  "tags": ["Financial Fraud", "Impostor Scam"]
},
{
  "content": {
    "html": "<p>HYDERABAD: Authorities have successfully dismantled a fraudulent international call center in Hyderabad, resulting in the arrest of 115 individuals belonging to an interstate gang.</p><p>This group allegedly engaged in scamming US citizens by posing as representatives of a prominent e-commerce company, as reported by the Cyberabad Police on Friday.</p><p>Acting on credible intelligence, law enforcement teams executed raids on the illicit call center premises, apprehending 115 cyber criminals who had been operating a scheme targeting American nationals through Voice over Internet Protocol (VoIP) calls. Over a span of two and a half years, these “fraudsters” had reportedly swindled unsuspecting victims, Cyberabad police commissioner M Stephen Raveendra said...</p>"
  },
  "date": "2023-08-11T10:49:00-05:00",
  "featured": false,
  "headline": "Fake call center ‘duping’ US citizens raided in Hyderabad, 115 Fraudsters Held",
  "id": "1691750940",
  "imageFilename": "fake-call-center-raided-in-hyderabad",
  "slug":"fake-call-center-raided-in-hyderabad",
  "sourceName": "The Times of India",
  "sourceArticleUrl": "https://timesofindia.indiatimes.com/city/hyderabad/fake-call-center-duping-us-citizens-raided-in-hyderabad-115-cyber-fraudsters-held/articleshow/102656202.cms?from=mdr",
  "tags": ["Call Center Fraud", "VoIP"]
},
{
  "content": {
    "html": "<ul><li>Russia accused Ukraine of inciting elderly Russians into attacks on military recruitment offices.</li><li>The country said Ukrainian fraudsters are scamming Russian elders by threatening their finances.</li><li>Russia offered no evidence of the alleged phone scam scheme and Ukraine has not yet responded to the allegations.</li></ul><p>Russia is blaming Ukraine for a recent spate of arson attacks at military recruitment centers, accusing the country of overseeing a scheme to trick elderly Russian citizens into setting the offices on fire.</p><p>The Prosecutor General&rsquo;s Office of Russia said Tuesday that Ukrainian fraudsters are calling up Russian elders and inciting them to set fire to military recruitment centers in the country by pretending to be police officers or bank employees and gaining access to their finances. </p><p>The country offered no evidence of the alleged phone scam scheme and Ukraine has not yet responded to the allegations. </p><p>More than three dozen military registration and enlistment offices have been attacked since the end of July, Russian independent news outlet Meduza reported. The Institute for the Study of War also noted in a July 31 update that Russian civilians were increasingly conducting arson attacks against enlistment offices in both Russia and occupied Ukraine...</p>"
  },
  "date": "2023-08-08T20:40:00-05:00",
  "featured": false,
  "headline": "Russia accuses Ukraine of orchestrating a phone scam scheme to trick elderly Russians into setting military recruitment offices on fire amid string of arson attacks",
  "id": "1691527200",
  "imageFilename": "russia-accuses-ukraine",
  "slug":"russia-accuses-ukraine-of-orchestrating-a-phone-scam",
  "sourceName": "Business Insider",
  "sourceArticleUrl": "https://www.businessinsider.com/russia-accuses-ukraine-phone-scam-plot-military-recruitment-center-attacks-2023-8",
  "tags": ["Elder Fraud", "Impostor Scam", "Phone Scam"]
},
{
  "content": {
    "html": "<p>SMS has become a popular channel to engage customers, verify identities, and offer promotions. Unfortunately, this growing reliance on SMS services has attracted a new breed of automated threats: SMS fraud.</p><p>As a $10 billion fraud scheme, SMS fraud is taking its toll on businesses.</p><p>Let&rsquo;s dive into the inner workings of SMS fraud along with key steps to stop these attacks.</p><h2 >The role bots play in SMS pumping and toll fraud</h2><p>The perpetrators behind SMS fraud are part of highly organized criminal groups. Their goal is to generate as much revenue as possible without getting caught. As a result, pervasive forms of SMS fraud fly under the radar. Businesses don&rsquo;t realize they are a target until it&rsquo;s too late...</p>"
  },
  "date": "2023-07-31T09:00:00-05:00",
  "featured": false,
  "headline": "SMS Fraud Takes A Toll: The Evolving Threat of SMS Pumping and Toll Fraud",
  "id": "1690794000",
  "imageFilename": "sms-fraud-takes-a-toll",
  "slug":"sms-fraud-takes-a-toll",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2023/07/sms-fraud-takes-a-toll-the-evolving-threat-of-sms-pumping-and-toll-fraud/",
  "tags": ["SMS Fraud", "SMS Pumping", "Toll Fraud & Call Pumping"]
},
{
  "content": {
    "html": "<p>The Justice Department, Federal Trade Commission (FTC), and Federal Communications Commission (FCC) announced today a crackdown on telemarketing operations responsible for billions of illegal calls to U.S. consumers. The U.S. Postal Inspection Service, Social Security Administration Office of the Inspector General and other law enforcement partners, including attorneys general from all 50 states and the District of Columbia, joined the announcement.</p><p>Today&rsquo;s announcement caps approximately a year of enforcement actions taken by federal and state agencies to combat the scourge of illegal telemarketing, including robocalls and scam calls. In the last year, the department has pursued approximately 90 cases against illegal telemarketing operations and those who facilitate those illegal calls. This initiative, “Operation Stop Scam Calls,” targets telemarketers, including those who use telephone calls to commit fraud, as well as those who facilitate illegal telephone calls. Enforcement actions targeted lead generators who deceptively collect consumers&rsquo; telephone numbers and then provide those telephone numbers to robocallers and others (falsely representing that these consumers have consented to receive calls), as well as Voice over Internet Protocol (VoIP) service providers who facilitate tens of billions of illegal robocalls every year. Significant actions also were taken against individuals and entities who unjustly profited by facilitating the movement of money from scam call victims to fraudsters.</p><p>“Illegal telephone calls interrupt cherished time with family and friends and, when they are used to commit fraud, can be financially and emotionally devastating,” said Deputy Assistant Attorney General Arun G. Rao of the Justice Department&rsquo;s Civil Division, Consumer Protection Branch, who appeared at a press conference in Chicago announcing the initiative. “The department and its partners are committed to pursuing those who make and facilitate these calls...”</p>"
  },
  "date": "2023-07-19T09:00:00-05:00",
  "featured": false,
  "headline": "Feds announce results of their crackdown on telemarketers",
  "id": "1689757200",
  "imageFilename": "feds-announce-results-crackdown-telemarketers",
  "slug":"feds-results-crackdown-on-telemarketers",
  "sourceName": "New Santa Ana",
  "sourceArticleUrl": "https://newsantaana.com/feds-announce-results-of-their-crackdown-on-telemarketers/",
  "tags": ["Elder Fraud", "FCC", "Financial Fraud", "Impostor Scam", "Robocalls", "Vishing"]
},
{
  "content": {
    "html": "<p>Modern communication is largely dominated by mobile devices and cybercriminals have devised new ways to exploit unsuspecting users. One such method that has gained significant attention is smishing—a malicious practice that aims to deceive and defraud people through text messages. Short for “SMS phishing,” smishing utilizes persuasive messages to trick recipients into revealing sensitive information or downloading harmful content.</p><p>This article delves into the world of smishing, shedding light on its definition, providing real-life examples and equipping readers with essential protection measures. By understanding the intricacies of smishing and staying vigilant, you can fortify against this evolving cyber threat and safeguard your personal and financial well-being...</p>"
  },
  "date": "2023-07-17T09:34:00-05:00",
  "featured": false,
  "headline": "What Is Smishing? Definition, Examples & Protection",
  "id": "1689586440",
  "imageFilename": "what-is-smishing",
  "slug":"what-is-smishing",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/advisor/business/what-is-smishing/",
  "tags": ["Financial Fraud", "Smishing", "Spoofing & Impersonation"]
},
{
  "content": {
    "html": "<h2 >Providers need to be vigilant about protecting themselves and patients against different forms of phishing.</h2><p>While clinicians, staff members and patients have been conditioned to be skeptical of unusual messages that land in email inboxes, suspicious calls and texts present another vulnerability.</p><p>People often avoid unknown numbers trying to contact them, but it only takes one unwitting victim to undermine the security of an entire organization. Health systems now find themselves on the receiving end of these phone attacks, which are similar to phishing.</p><p>Vishing, or voice phishing, involves the use of fraudulent phone numbers, voice-altering software and social engineering tactics to trick a person into divulging sensitive information over a phone call. Smishing leverages SMS to deceive and manipulate victims using text messages. Both tactics have gained traction in recent years, posing a significant challenge to the security and privacy of healthcare providers and their patients...</p>"
  },
  "date": "2023-07-06T21:00:00-05:00",
  "featured": false,
  "headline": "3 Tips for Healthcare Organizations to Guard Against Vishing and Smishing",
  "id": "1688677200",
  "imageFilename": "three-tips-for-healthcare-organizations",
  "slug":"3-tips-for-healthcare-organizations",
  "sourceName": "",
  "sourceArticleUrl": "https://healthtechmagazine.net/article/2023/07/3-tips-healthcare-organizations-guard-against-vishing-and-smishing",
  "tags": ["Healthcare and Hospitals", "Smishing", "Vishing"]
},
{
  "content": {
    "html": "<p>Imagine you&rsquo;re in sales and you discover a magic phone number that guarantees a prospect&rsquo;s unwavering attention and an extended conversation on the other end of the line. Sounds like a pretty nifty setup, right? That is, essentially, what a contact center is to someone in the business of scamming. Any time, any day, bad actors can prey on contact centers, where agents are expected to be accommodating, engaging and helpful. A 2020 study by Neustar found that 45% of unwanted calls are scams.</p><p>Contact center employees can be trained to look out for suspicious behavior, and policies can be set to try to prevent sensitive information from being released. At the end of the day, however, the fundamental aspect of the agent&rsquo;s job is to be available to answer calls and do their best to help callers, leaving them vulnerable to those who seek to take advantage of the situation. This makes them ideal targets for bad actors who want to exploit the circumstances through vishing, or voice phishing...</p>"
  },
  "date": "2023-07-03T09:15:00-05:00",
  "featured": false,
  "headline": "Captive Audience: Why Contact Center Employees Make Ideal Vishing Targets",
  "id": "1688375700",
  "imageFilename": "captive-audience",
  "slug":"why-contact-center-employees-make-ideal-vishing-targets",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/forbestechcouncil/2023/07/03/captive-audience-why-contact-center-employees-make-ideal-vishing-targets/?sh=42e7948c2725",
  "tags": ["AI", "Call Center Fraud", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>SMS toll fraud is spiking. I learned all about the nuances of deploying – and defending – these insidious attacks in a recent visit with Arkose Labs CEO, Kevin Gosschalk, who explained how the perpetrators victimize businesses that use text messages to validate phone users signing up for a new account.</p><p>The fraudsters set themselves up as “affiliates” of phone companies in Indonesia, Thailand and Vietnam and then use bots to apply for online accounts, en masse, at a targeted business. The con: each text message the business then sends in return — to validate the applicant — generates a fee for the phone company which it shares with the affiliate...</p>"
  },
  "date": "2023-06-30T10:00:00-05:00",
  "featured": false,
  "headline": "FIRESIDE CHAT: Outrageous phone bills stun businesses targeted for ‘SMS toll fraud’",
  "id": "1688119200",
  "imageFilename": "outrageous-phone-bills-sms-toll-fraud",
  "slug":"outrageous-phone-bills-sms-toll-fraud",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2023/06/fireside-chat-outrageous-phone-bills-stun-businesses-targeted-for-sms-toll-fraud/",
  "tags": ["Toll Fraud & Call Pumping"]
},
{
  "content": {
    "html": "<h2 >If someone you know calls you from an unknown number asking for money, watch out, it could be an AI-generated voice imitating them.</h2><p>Eddie Cumberbatch was sitting in his Chicago apartment in April when he received a frantic call from his father. As soon as he heard his dad&rsquo;s voice, Eddie, a 19-year-old TikToker, knew something was up. His dad asked whether Eddie was at home and if everything was all right. “That was a really weird way for him to start off the call,” Eddie told me.</p><p>After Eddie said he was safe at home, his father asked whether he had been in a car accident. Eddie was baffled — not only had he not been in a wreck, but he hadn&rsquo;t driven in six months. His father was relieved, but Eddie was confused: Why did he think he had been in a car accident?</p><p>His dad explained that someone had called his house phone from a foreign number. When Eddie&rsquo;s grandfather picked up, it sounded like Eddie on the phone. This “Eddie” said he had been in a car accident and needed money immediately. Fortunately for Eddie&rsquo;s family, his father was immediately suspicious of the call. When his father found Eddie&rsquo;s grandfather on the phone and heard about the incident, he called Eddie to verify the story. He knew it was out of character for Eddie to ask for money — plus, Eddie didn&rsquo;t even have a car in Chicago. His dad&rsquo;s call to Eddie confirmed that it hadn&rsquo;t been Eddie on the phone. In truth, his family had been the target of a terrifying new scam: The fraudsters used an artificial rendering of Eddie&rsquo;s voice to try and bilk his loved ones out of cash...</p>"
  },
  "date": "2023-06-28T05:01:00-05:00",
  "featured": false,
  "headline": "The rise of AI phone scams",
  "id": "1687928460",
  "imageFilename": "the-rise-of-ai-phone-scams",
  "slug":"the-rise-of-ai-phone-scams",
  "sourceName": "Business Insider",
  "sourceArticleUrl": "https://www.businessinsider.com/ai-voice-generator-phone-scam-imposter-crime-money-cash-2023-6",
  "tags": ["AI", "Impostor Scam", "Vishing"]
},
{
  "content": {
    "html": "<p>It was a Monday in the middle of the day when Valeria Haedo got a phone call from a number she didn&rsquo;t recognize. She doesn&rsquo;t normally pick those up, but she did that day. The caller said his name was Officer Robert Daniels from U.S. Customs and Border Protection and he had a warrant for her arrest.</p><p>He told Haedo she could verify him by Googling his name and department. She did, and it checked out. But what Haedo didn&rsquo;t realize in that moment is she&rsquo;d just been targeted in an intricate scam. She was kept on the phone for more than three hours and eventually brought to tears.</p><p>The scam is known as an imposter scam and is the top fraud in the U.S. right now. It involves the perpetrator impersonating an authority figure and using scare tactics to reel in victims. While these scams have been around forever, they&rsquo;ve become more believable because con artists use real names of law enforcement officers that show up with caller ID from an actual office and even local accents...</p>"
  },
  "date": "2023-06-19T04:01:00-05:00",
  "featured": false,
  "headline": "A 3-hour phone call that brought her to tears: Imposter scams cost Americans billions",
  "id": "1687147260",
  "imageFilename": "imposter-scams-cost-americans-billions",
  "slug":"a-3-hour-phone-call-that-brought-her-to-tears-imposter-scams-cost-americans-billions",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://www.npr.org/2023/06/19/1182464826/scammer-phone-calls-imposter-fraud",
  "tags": ["Impostor Scam", "Spoofing", "Vishing"]
},
{
  "content": {
    "html": "<p>Generative AI has already lowered the bar for cybercriminals looking to clone someone&rsquo;s voice and use it in their schemes.</p><p>Why it matters: Cybercriminals now need as little as three seconds of someone&rsquo;s voice to successfully clone it and make it usable in a scam call thanks to generative AI tools, researchers at McAfee have found.</p><p>People are already losing money from these incidents: In a recent McAfee survey, 77% of victims in AI-enabled scam calls said they lost money. More than a third of those victims lost more than $1,000.</p><p><br>The big picture: Scam phone calls have often taken the form of mass robocalls pretending to be a health care provider, the Internal Revenue Service or even a provider looking to extend someone&rsquo;s auto warranty...</p>"
  },
  "date": "2023-06-13T09:00:00-05:00",
  "featured": false,
  "headline": "Generative AI is making voice scams easier to believe",
  "id": "1686646800",
  "imageFilename": "generative-ai-voice-scams",
  "slug":"generative-ai-is-making-voice-scams-easier-to-believe",
  "sourceName": "Axios",
  "sourceArticleUrl": "https://www.axios.com/2023/06/13/generative-ai-voice-scams-easier-identity-fraud",
  "tags": ["AI", "Spoofing & Impersonation", "Vishing"]
},
{
  "content": {
    "html": "<p>The Federal Communications Commission has issued a cease-and-desist letter to Avid Telecom, the same company sued by nearly all Attorneys General in the US for alleged robocall activities. In the letter (PDF) addressed to Avid CEO Michael Lansky, the FCC said it has determined that the company “is apparently originating illegal robocall traffic on behalf of one or more of its clients.” The commission explained that it worked with USTelecom&rsquo;s Industry Traceback Group, which investigated prerecorded telemarketing calls related to health insurance that the aforementioned state attorneys general identified as robocalls made without consent...</p>"
  },
  "date": "2023-06-08T13:44:00-05:00",
  "featured": false,
  "headline": "FCC orders Avid Telecom to stop health insurance-related robocalls",
  "id": "1686231840",
  "imageFilename": "fcc-orders-avid-telecom-to-stop",
  "slug":"fcc-orders-avid-telecom-to-stop-health-insurance-related-robocalls",
  "sourceName": "Engadget",
  "sourceArticleUrl": "https://www.engadget.com/fcc-orders-avid-telecom-to-stop-health-insurance-related-robocalls-064428940.html",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>Everybody in tech is talking about ChatGPT, the AI-based chatbot from Open AI that writes convincing prose and usable code.</p><p>The trouble is malicious cyber attackers can use generative AI tools like ChatGPT to craft convincing prose and usable code just like everybody else.</p><p>How does this powerful new category of tools affect the ability of criminals to launch cyberattacks, including social engineering attacks?</p>"
  },
  "date": "2023-05-30T09:00:00-05:00",
  "featured": false,
  "headline": "Now Social Engineering Attackers Have AI. Do You?",
  "id": "1685437200",
  "imageFilename": "attackers-have-ai",
  "slug":"now-social-engineering-attackers-have-ai-do-you",
  "sourceName": "SecurityIntelligence",
  "sourceArticleUrl": "https://securityintelligence.com/articles/now-social-engineering-attackers-have-ai-b/",
  "tags": ["AI", "Social Engineering", "Spoofing & Impersonation", "Vishing"]
},
{
  "content": {
    "html": "<p>The mastermind behind a criminal website that sold tools for scammers who defrauded victims globally of more than 115 million euros received a 13-year, four-month prison sentence in the United Kingdom just months after law enforcement seized the site.</p><p>Tejay Fletcher, 35, ran iSpoof, which made impersonating the telephone numbers of banks and government agencies easy for scammers with little technical ability. The site also sold tools for sending recorded messages and intercepting one-time passwords. Eurojust said iSpoof customers placed around 10 million fraudulent calls during the 12-month period ending in August 2022. Fletcher, a London citizen, pleaded guilty in April...</p>"
  },
  "date": "2023-05-22T09:00:00-05:00",
  "featured": false,
  "headline": "iSpoof Admin Gets Up to 13 Years in 115M Euro Vishing Fraud",
  "id": "1684746000",
  "imageFilename": "ispoof-admin-gets-up-to-13-years",
  "slug":"ispoof-admin-gets-up-to-13-years-in-115m-euro-vishing-fraud",
  "sourceName": "BankInfoSecurity",
  "sourceArticleUrl": "https://www.bankinfosecurity.com/ispoof-admin-gets-to-13-years-in-115m-euro-vishing-fraud-a-22137",
  "tags": ["Financial Fraud", "Robocalls", "Vishing"]
},
{
  "content": {
    "html": "<p>Social engineering is a type of cybersecurity attack that aims to manipulate victims into sharing personal information, revealing account login, or exposing sensitive information that compromises their personal and/or company&rsquo;s security, privacy, and finances.</p><p>While 2022 estimates are still being accounted for, it has been assessed that 6.9 billion was stolen through social engineering in 2021 alone.</p><p>Business executives are at a heightened risk of encountering aggressive and sophisticated social engineering attacks, not only because of their personal wealth and high-profile status, but because of the access and influence they possess within their company.</p><p>After all, when an executive&rsquo;s email or social accounts are compromised, it opens the door to numerous other lateral attacks that can penetrate nearly every facet of a company.</p><p>It is for that reason executive cyber protection against social engineering attacks is of paramount importance for CEOs and their organizations alike.</p><p>This is why cybersecurity experts at BlackCloak put together a guide on social engineering attacks: how to identify them, and how executives can remain protected...</p>"
  },
  "date": "2023-05-16T09:00:00-05:00",
  "featured": false,
  "headline": "How Social Engineering Attacks Target CEOs",
  "id": "1684227600",
  "imageFilename": "how-social-engineering-attacks-target-ceos",
  "slug":"how-social-engineering-attacks-target-ceos",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2023/05/how-social-engineering-attacks-target-ceos/",
  "tags": ["Phishing", "Smishing", "Social Engineering", "Spear Phishing"]
},
{
  "content": {
    "html": "<p>In the call center, effective management of customer data and other sensitive information is par for the course, so data protection is critical. Unfortunately, traditional consumer browsers used to access this data often lack necessary security controls, leaving the organization and its data significantly vulnerable to cyber threats.</p><p>This presents call centers with a difficult decision: continue with a legacy VPN which supports voice but undermines the user experience, or transition to a zero-trust network access approach that cannot support voice. In an attempt to solve this problem, organizations resort to adding multiple solutions like agents, proxies, gateways and virtual desktop infrastructure to their security stacks. But this only complicates administration and strains the user experience, and as a result, reduces productivity.</p><p>Furthermore, the complexity of the security stack can result in longer onboarding times for new agents, slow down processes and cause frustration. This can lead to decreased morale and job satisfaction among call center agents, resulting in high turnover and difficulties attracting new talent. Moreover, navigating multiple solutions can be challenging and confusing for call center agents, leading to mistakes that can further affect customer satisfaction...</p>"
  },
  "date": "2023-04-27T10:17:00-05:00",
  "featured": false,
  "headline": "Call Center Security Equals Customer Satisfaction",
  "id": "1682590620",
  "imageFilename": "call-center-security-equals-customer-satisfaction",
  "slug":"call-center-security-equals-customer-satisfaction",
  "sourceName": "",
  "sourceArticleUrl": "https://multichannelmerchant.com/operations/call-center-security-equals-customer-satisfaction/",
  "tags": ["Call Center Security", "Data Breach"]
},
{
  "content": {
    "html": "<p>Robocalls just keep coming … new numbers calling and calling. It&rsquo;s annoying, and no wonder, the spam calls are on the rise.</p><p>Americans received 4.9 billion robocalls in March. After staying flat for most of the year, the calls spiked 15% from the month before.</p><p>Despite efforts from the federal government, including new 2019 legislation allowing them to shut down more than 300 robocall campaigns, scammers just keep finding ways to get around it.</p><p>The founder of the robocall blocking app Youmail shared the methods used by scammers to reach unsuspecting targets. “Well the bad guys just went and got real numbers and it turns out when you have a real number, it&rsquo;s really good. It has a little green check mark on the phone and it may say it&rsquo;s the IRS. People think it&rsquo;s the IRS,” said Alex Quilici, CEO Youmail.</p><p>The FCC reported that advancements in technology make it cheap and easy to make massive numbers of robocalls and to “spoof” caller ID information to hide a caller&rsquo;s true identity...</p>"
  },
  "date": "2023-04-27T08:46:00-05:00",
  "featured": false,
  "headline": "Robocalls keep coming: Here’s how consumers can minimize the calls",
  "id": "1682585160",
  "imageFilename": "robocalls-keep-coming",
  "slug":"robocalls-keep-coming-heres-how-consumers-can-minimize-the-calls",
  "sourceName": "CBS News",
  "sourceArticleUrl": "https://www.cbsnews.com/losangeles/news/robocalls-keep-coming-how-consumers-can-minimize-and-stop-the-calls/",
  "tags": ["Caller-ID Spoofing", "Do Not Call", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>Those pretending to be from the IRS, the government, or a service provider, chances are you&rsquo;ve gotten a scam call. </p><p>Lucia Dunsmore received an offer to cut down her cable bill if only she paid over the phone right then and there. </p><p>“And as soon he said that I realized it was a scam. So, I hung up two days ago and the phone rings. This is spectrum. Same thing,” Dunsmore said. </p><p>And it&rsquo;s not the first time someone&rsquo;s called Dunsmore pretending to be someone they&rsquo;re not...</p>"
  },
  "date": "2023-04-17T22:46:00-05:00",
  "featured": false,
  "headline": "Scam Calls and New Technology",
  "id": "1681771560",
  "imageFilename": "scam-calls-and-new-technology",
  "slug":"scam-calls-and-new-technology",
  "sourceName": "Erie News Now",
  "sourceArticleUrl": "https://www.erienewsnow.com/story/48736939/scam-calls-and-new-technology",
  "tags": ["AI", "Spoofing & Impersonation", "Vishing"]
},
{
  "content": {
    "html": "<p>Permiso, a provider of a platform for correlating IT events to identities, today disclosed the discovery of an attack through which cybercriminals are employing text messages to steal credentials that enable them to access Amazon Web Services (AWS) infrastructure.</p><p>Nathan Eades, a threat researcher for Permiso, said cybercriminals are leveraging Simple Notification Service (SNS) to target Short Message Service (SMS) capabilities to launch a variation of a phishing campaign to gain access to AWS credentials. Known as a “smishing” attack, that goal is to steal the credentials of AWS administrators that use mobile devices to remotely log into AWS accounts, said Eades.</p><p>Once access is gained, cybercriminals can then use an SNS Publish action and send a message to any provided phone number or an application that can be used to access accounts. Cybercriminals can then either use those compromised credentials to plant malware or resell those credentials to another cybercriminal entity, he noted. They might also simply destroy the environment by exhausting available quotas to make an AWS service unusable, added Eades...</p>"
  },
  "date": "2023-04-14T09:00:00-05:00",
  "featured": false,
  "headline": "Permiso Discovers Smishing Attack to Steal AWS Credentials",
  "id": "1681462800",
  "imageFilename": "smishing-attack-to-steal-aws-credentials",
  "slug":"permiso-discovers-smishing-attack-to-steal-aws-credentials",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2023/04/permiso-discovers-smishing-attack-to-steal-aws-credentials/",
  "tags": ["Cybersecurity", "Smishing"]
},
{
  "content": {
    "html": "<p>When we think about network security for our business, it&rsquo;s easy to focus on the technical side of things. After all, focusing on what you can control tends to give the illusion that you can control it all. We know how to install firewalls and antivirus software; we know how to encrypt our communications. The problem is, security isn&rsquo;t just about technology—it&rsquo;s about people. And people can be both your greatest security advocates and your weakest security links (leadership included). One of the most insidious ways in which attackers exploit this vulnerability is through social engineering.</p><p>Social engineering is the art of manipulating people into divulging confidential information they might otherwise protect. It&rsquo;s a type of attack that relies on human psychology rather than technical exploits. Social engineering attacks can take many forms, but a few of the most common are phishing, pretexting and baiting.</p><p>Phishing is perhaps the most common form of social engineering. It involves sending an email, text or other message that appears to come from a trusted source, such as a bank or a social media site. The message typically contains a link that directs the victim to a fake website designed to look like the real thing. Once the victim enters their login credentials, the attacker can use those credentials to access the victim&rsquo;s account...</p>"
  },
  "date": "2023-04-10T09:00:00-05:00",
  "featured": false,
  "headline": "The Human Factor In Cybersecurity: Understanding Social Engineering",
  "id": "1681117200",
  "imageFilename": "the-human-factor-in-cybersecurity",
  "slug":"the-human-factor-in-cybersecurity-understanding-social-engineering",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/forbestechcouncil/2023/04/10/the-human-factor-in-cybersecurity-understanding-social-engineering/?sh=3af2dbfa6a02",
  "tags": ["AI", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>The FTC is sounding the alarm on artificial intelligence being used to simulate someone&rsquo;s voice in imposter scams, which was the most commonly reported fraud in 2022. NBC News&rsquo; Emilie Ikeda spoke to one father who got a call that sounded like his daughter and said she was being held hostage...</p>"
  },
  "date": "2023-03-29T09:00:00-05:00",
  "featured": false,
  "headline": "AI can replicate voices in high-tech phone call scams, FTC warns",
  "id": "1680080400",
  "imageFilename": "ai-replicate-voices-high-tech-phone-scams",
  "slug":"ai-can-replicate-voices-in-high-tech-phone-call-scams-ftc-warns",
  "sourceName": "NBC News",
  "sourceArticleUrl": "https://www.nbcnews.com/nightly-news/video/ai-can-replicate-voices-in-high-tech-phone-call-scams-ftc-warns-167092293563",
  "tags": ["AI", "Caller-ID Spoofing", "Impostor Scam", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<h2>New scam text message rules from the Federal Communications Commission (FCC) require carriers to block texts from bad numbers and protect consumers.</h2><p>Scam text messages were a big part of the $8.8 billion consumers lost to fraud in 2022 — an alarming 30% jump from 2021&rsquo;s total of $6.1 billion. Anyone who&rsquo;s ever gotten an “urgent” message from an unknown number knows the growing scourge presented by text fraud. Now the Federal Communications Commission(opens in new tab) (FCC) is taking important steps to address the nationwide problem.</p><h3>Scam text messages: A growing threat</h3><p>According to the FCC, consumer complaints about text message scams have multiplied by 500% in only a few years. And robotext complaints rose from around 3,300 in 2015 to 18,900 per year in 2022. </p><p>Robotexts pose a unique threat to consumers. You can&rsquo;t just ignore scam text messages as you can with robocalls. Scam texts are almost always read right away when you receive them. Robotexts can spread links to malware sites or to phishing sites, which then can allow criminals to access sensitive data on your phone...</p>"
  },
  "date": "2023-03-26T11:00:00-05:00",
  "featured": false,
  "headline": "Tired of Scam Text Messages? The FCC Cracks Down",
  "id": "1679828400",
  "imageFilename": "tired-of-scam-text-messages",
  "slug":"tired-of-scam-text-messages-the-fcc-cracks-down",
  "sourceName": "Kiplinger",
  "sourceArticleUrl": "https://www.kiplinger.com/personal-finance/tired-of-scam-text-messages-the-fcc-cracks-down",
  "tags": ["FCC", "IRS", "Smishing"]
},
{
  "content": {
    "html": "<p>The cost of fraudulent robocalls to victims will increase 9% from 2022 to reach $58bn globally this year, according to a new report from Juniper Research.</p><p>The market analyst revealed the news in a new report out today: Robocall Mitigation: Strategies, Business Models &amp; Market Forecasts 2023–2027.</p><p>Auto-dialling software that delivers pre-recorded messages is widely available and used by both legitimate marketers and scammers.</p><p>Although the tech can be used by healthcare providers, airline operators and the like to provide automate service updates and reminders for customers, robocalls are frequently viewed as a nuisance...</p>"
  },
  "date": "2023-03-20T08:30:00-05:00",
  "featured": false,
  "headline": "Scam Robocalls Forecast to Cost $58bn This Year",
  "id": "1679301000",
  "imageFilename": "scam-robocalls-forecast-to-cost-58-bn",
  "slug":"scam-robocalls-forecast-to-cost-58bn-this-year",
  "sourceName": "Info-Security Group",
  "sourceArticleUrl": "https://www.infosecurity-magazine.com/news/scam-robocalls-forecast-cost-58bn/",
  "tags": ["Fraud Prevention", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Phishing, the theft of users&rsquo; credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet – and continues to plague organizations today, accounting for more than 30% of all known breaches. And with the mass migration to remote working during the pandemic, hackers have ramped up their efforts to steal login credentials as they take advantage of the chaos and lack of in-person user verification.</p><p>This has led to the revival of the old-school technique of vishing, which, like phishing online, involves using social engineering over the phone to steal sensitive information. Vishing attacks have been on the rise as a result, with 69% of companies experiencing them in 2021, up from 54% in 2020. These attacks often take the form of job or tech support scams and can be incredibly convincing. In August 2020, the FBI along with the CISA issued a warning regarding remote users being targeted by attackers spoofing organizations&rsquo; business numbers and impersonating the IT service desk...</p>"
  },
  "date": "2023-03-09T09:00:00-06:00",
  "featured": false,
  "headline": "Does Your Help Desk Know Who’s Calling?",
  "id": "1678352400",
  "imageFilename": "does-your-help-desk-know",
  "slug":"does-your-help-desk-know-whos-calling",
  "sourceName": "The Hacker News",
  "sourceArticleUrl": "https://thehackernews.com/2023/03/does-your-help-desk-know-whos-calling.html",
  "tags": ["Social Engineering", "Spoofing & Impersonation", "Vishing"]
},
{
  "content": {
    "html": "<h2>47% of organizations reported experiencing a vishing or social engineering attack in 2021 — let&rsquo;s explore how artificial intelligence can catch your employees off guard and what you can do to avoid it.</h2><p><em>Editor&rsquo;s Note: This is a guest blog contribution from Keven Knight, Co-Founder and Chief Operating Officer (COO) at Talion. Knight shares his expert perspective on some of the ways cybercriminals are using vishing attacks to target organizations and what you can do to fight back.</em></p><p>With more than 3 billion domain spoofing (fake) emails sent worldwide every day, it&rsquo;s no news that cybercriminals continue to rely on human intervention to access sensitive information and infiltrate networks. Social engineering banks on instinctual human traits and emotions to catch employees off guard when they least expect it, and it&rsquo;s a tactic commonly used in voice phishing (vishing) attacks. Voice phishing is where cybercriminals use phone calls to trick or coerce targets into doing something they shouldn&rsquo;t.</p><p>But why move from email to the phone? It may seem counter-intuitive — surely, you would know who is on the other side of the phone simply by the voice, but it&rsquo;s not always the case. There isn&rsquo;t always a “familiar” contact when it comes to banking institutions or an employee at a partnered company — or if there is, we aren&rsquo;t always familiar with how they sound.</p><p>We believe the words, not the voice, and the words tell us to trust them. So, how should your employees work out if a phone call is legitimate? This article explores voice phishing — or, more specifically, a couple of different types of vishing — and what you can do to avoid falling prey to a vishing attack.</p><p>Let&rsquo;s hash it out...</p>"
  },
  "date": "2023-03-01T09:00:00-06:00",
  "featured": false,
  "headline": "Hello? Is That a Cybercriminal? A Look at Vishing Attacks",
  "id": "1677661200",
  "imageFilename": "hello-is-that-a-cybercriminal",
  "slug":"hello-is-that-a-cybercriminal-a-look-at-vishing-attacks",
  "sourceName": "",
  "sourceArticleUrl": "https://www.thesslstore.com/blog/hello-is-that-a-cybercriminal-a-look-at-vishing-attacks/",
  "tags": ["AI", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>Cryptocurrency exchange Coinbase has fended off a cyberattack that might have been mounted by the same attackers that targeted Twillio, Cloudflare and many other companies last year.</p><p>Leveraging smishing and vishing, the attackers tried to trick Coinbase employees into sharing login credentials and installing remote desktop applications, and were only partly successful: the company&rsquo;s incident response team quickly reacted to “unusual activity” alerts and, in the end, the attackers were unable to access customer information or steal funds.</p><h2>How the Coinbase cyberattack unfolded</h2><p>The attack started on a Sunday, February 5th, 2023, when a number of Coinbase employees received a text message saying that they needed to urgently log into the company systems via a provided link, so they could receive an important message.</p><p>Only one of the targeted employees fell for the ruse and entered their credentials into the provided phishing page. Armed with that info, the attackers tried to access company systems, but because they didn&rsquo;t have the second authentication factor at hand, they were unsuccessful.</p><p>So they tried another tactic: getting the employee on the phone by impersonating Coinbase&rsquo;s IT staff, convincing them to log into their workstation, and to install software that would allow the attackers to access the system without needing access credentials...</p>"
  },
  "date": "2023-02-21T09:00:00-06:00",
  "featured": false,
  "headline": "What can we learn from the latest Coinbase cyberattack?",
  "id": "1676970000",
  "imageFilename": "coinbase-cyberattack",
  "slug":"what-can-we-learn-from-the-latest-coinbase-cyberattack",
  "sourceName": "HelpNet Security",
  "sourceArticleUrl": "https://www.helpnetsecurity.com/2023/02/21/coinbase-cyberattack/",
  "tags": ["Smishing", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<h2>Hi Lori Anne, please tell us about your role and how you arrived at Verizon.</h2><p>Hi, and thank you for the interview. I started my career at Verizon 30 years ago in customer service, and I have held roles in Sales, Marketing and my favorite jobs have been Product Management. Product Management touches all parts of the business and keeps me in front of customers, collaborating with partners and exploring technology. Today, I am responsible for developing Verizon&rsquo;s global VoIP and Customer Experience services portfolio.</p><h2>How much has Verizon&rsquo;s products and services evolved in the last 3 years? What impact did the pandemic have on your product roadmap?</h2><p>The progress and adoption of digital customer experiences is definitely related to the pandemic! Our customers have been using digital technologies like Chat for years, but most were still treating digital interactions as a call deflection and FAQ strategy. Early in the pandemic, we flexed and delivered huge volumes of contact center traffic for retail, public sector and healthcare customers, but higher call volume didn&rsquo;t deliver a better experience in a market with agent turnover and shortages. (good news! CCaaS helped with work-from-home and agent retention) A few months into the pandemic, we saw a spike in digital and AI customer experience trials as businesses and agencies tried to align with rising consumer expectations. Today, the digital and AI experience capabilities are table stakes in the contact center and customer experience technology stack, and the differentiation is created in the way knowledge is integrated across all interactions...</p>"
  },
  "date": "2023-02-09T09:00:00-06:00",
  "featured": false,
  "headline": "AiThority Interview with Lori Anne, Director of Product Development & Management at Verizon",
  "id": "1675933200",
  "imageFilename": "aithority-interview-with-lori-anne",
  "slug":"aithority-interview-with-lori-anne-director-of-product-development-management-at-verizon",
  "sourceName": "AiThority",
  "sourceArticleUrl": "https://aithority.com/technology/customer-experience/aithority-interview-with-lori-anne-director-of-product-development-management-at-verizon/",
  "tags": ["Ransom", "Robocalls", "Spoofing & Impersonation", "TDoS", "Verizon"]
},
{
  "content": {
    "html": "<p>In today&rsquo;s digital age, businesses still often rely heavily on phone calls as a means of customer communication. However, with the rise of phone scams and robocalls, it can be difficult for consumers to trust most incoming calls, even from numbers familiar to them. This is where branded caller ID has the potential to help.</p><p>Branded caller ID, also known as call display branding or caller ID branding, allows businesses to display their company name and/or logo on the caller ID of outbound calls. This can create a more trustworthy and professional appearance for the business, helping companies deal with fraud and the rise in consumers that are increasingly wary of answering calls from unfamiliar numbers. Through branded caller ID, customers can identify the brand and have more trust that the call is genuine.</p><p>In this way, branded caller ID can help businesses improve the chances that customers will answer their calls, likely leading to more productive and successful interactions and outcomes. This can be especially valuable for businesses that rely heavily on phone calls for sales, customer service or other important interactions...</p>"
  },
  "date": "2023-02-08T06:15:00-06:00",
  "featured": false,
  "headline": "Branded Caller ID: The Pros And Cons In The Battle Against Phone Scams",
  "id": "1675836900",
  "imageFilename": "branded-caller-id-pros-and-cons",
  "slug":"branded-caller-id-the-pros-and-cons-in-the-battle-against-phone-scams",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/forbestechcouncil/2023/02/08/branded-caller-id-the-pros-and-cons-in-the-battle-against-phone-scams/?sh=6cba05731817",
  "tags": ["Call Authentication", "Call Branding"]
},
{
  "content": {
    "html": "<h2>If you haven&rsquo;t heard of “vishing,” you may be at risk.</h2><p>Tax season is already an unpleasant and much-dreaded time but, for many, it also carries a higher risk of getting scammed for hundreds or even thousands of dollars -- every year, fraudsters will try to take advantage of people&rsquo;s anxiety about receiving a letter from the IRS to get them to transfer money or give away sensitive information.</p><p>Common red flag phrases like “urgent” and “your account is at risk of being shut down” come up from year to year but, in 2023, there has been a rise in a new scam called “vishing.”</p><p>Short for “voice phishing,” vishing refers to impersonating someone else with the purposes of scamming by phone rather than text or email. Many use voice-alteration software while others simply repeat the same scam from thousands of fake phone numbers that are very difficult to track...</p>"
  },
  "date": "2023-01-26T12:03:00-06:00",
  "featured": false,
  "headline": "A New Scam Is Making the Rounds Just in Time for Tax Season",
  "id": "1674734580",
  "imageFilename": "a-new-scam-for-tax-season",
  "slug":"a-new-scam-is-making-the-rounds-just-in-time-for-tax-season",
  "sourceName": "The Street",
  "sourceArticleUrl": "https://www.thestreet.com/banking/what-is-vishing-scam",
  "tags": ["Financial Fraud", "IRS", "Phone Scam", "Vishing"]
},
{
  "content": {
    "html": "<p>Smishing has become an increasingly popular attack method among cybercriminals – and they&rsquo;re getting better at using it. </p><p>Today, it&rsquo;s not just customers of big financial institutions that are being targeted, and messages with spelling mistakes or in the wrong language that allowed users to notice something was off are getting harder to spot. Nowadays, we&rsquo;re seeing nearly-perfect language and fake websites used by scammers that are almost impossible to say whether we are looking at a fake message or a real one at first glance...</p>"
  },
  "date": "2023-01-05T00:00:00-06:00",
  "featured": false,
  "headline": "Smishing: The new year is here — and so are new scams",
  "id": "1672876800",
  "imageFilename": "new-year-new-scams",
  "slug":"smishing-the-new-year-is-here-and-so-are-new-scams",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2023/01/smishing-the-new-year-is-here-and-so-are-new-scams/",
  "tags": ["Financial Fraud", "Phishing", "Smishing"]
},
{
  "content": {
    "html": "<p>CLEVELAND – The U.S. Attorney&rsquo;s Office for the Northern District of Ohio is cautioning northern Ohio residents about a telephone spoofing campaign where the caller is portraying themselves as an attorney, representative, or law enforcement officer, and the phone number is showing as the Department of Justice or the U.S. Attorney&rsquo;s Office.</p><p>During these calls, scammers may attempt to collect money from victims or threaten arrest or legal action. These calls are bogus and an attempt to use a legitimate law enforcement number to obtain money from victims.</p><p>Scammers use many tactics to sound and appear credible. They sometimes provide information like actual names of federal prosecutors and federal office addresses. They also spoof their phone numbers to appear on caller IDs as if they are calling from a government agency such as the U.S. Attorney&rsquo;s Office...</p>"
  },
  "date": "2023-01-03T12:00:00-06:00",
  "featured": false,
  "headline": "U.S. Attorney’s Office Warns Residents About Scam Calls Demanding Money",
  "id": "1672747200",
  "imageFilename": "us-attourneys-office-warns-about-scam-calls",
  "slug":"u-s-attorneys-office-warns-residents-about-scam-calls-demanding-money",
  "sourceName": "Department of Justice",
  "sourceArticleUrl": "https://www.justice.gov/usao-ndoh/pr/us-attorneys-office-warns-residents-about-scam-calls-demanding-money",
  "tags": ["Caller-ID Spoofing", "Department of Justice", "Financial Fraud", "Phone Scam"]
},
{
  "content": {
    "html": "<p>The Vice Society ransomware actors have switched to yet another custom ransomware payload in their recent attacks aimed at a variety of sectors.</p><p>“This ransomware variant, dubbed &rsquo;PolyVice,&rsquo; implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms,” SentinelOne researcher Antonio Cocomazzi said in an analysis.</p><p>Vice Society, which is tracked by Microsoft under the moniker DEV-0832, is an intrusion, exfiltration, and extortion hacking group that first appeared on the threat landscape in May 2021.</p><p>Unlike other ransomware gangs, the cybercrime actor does not use file-encrypting malware developed in-house. Instead, it&rsquo;s known to deploy third-party lockers such as Hello Kitty, Zeppelin, and RedAlert ransomware in their attacks.</p><p>Per SentinelOne, indications are that the threat actor behind the custom-branded ransomware is also selling similar payloads to other hacking crews based on PolyVice&rsquo;s extensive similarities to ransomware strains Chily and SunnyDay...</p>"
  },
  "date": "2022-12-23T12:00:00-06:00",
  "featured": false,
  "headline": "Vice Society Ransomware Attackers Adopt Robust Encryption Methods",
  "id": "1671796800",
  "imageFilename": "vice-society-ransomware-attackers-adopt-robust-encryption-methods",
  "slug":"vice-society-ransomware-attackers-adopt-robust-encryption-methods",
  "sourceName": "The Hacker News",
  "sourceArticleUrl": "https://thehackernews.com/2022/12/vice-society-ransomware-attackers-adopt.html",
  "tags": ["Phishing", "Ransom", "TOAD", "Vishing"]
},
{
  "content": {
    "html": "<p>Flexible working arrangements, combined with increased digital engagement with customers, employees, and suppliers, have increased cybersecurity complexity for organisations in Singapore.</p><p>According to Proofpoint&rsquo;s <em>2022 Voice of the CISO</em> report, 44% of CISOs in Singapore reported a rise in targeted attacks in the last year since the widespread adoption of hybrid working. The report also showed that Singapore-based chief information security officers (CISOs) have a higher risk perception (64%) than the global average (48%) — revealing they are less confident about their cybersecurity posture than global counterparts.</p><p>CISO perceptions in Singapore have been influenced by highly publicised phishing attacks. Despite huge cybersecurity investments and full compliance with regulations – including those from the Monetary Authority of Singapore – some of the island state&rsquo;s largest and best-known companies have recently succumbed to phishing attacks. This was the case in December last year, when customers of a leading bank lost $13.7 million in an SMS phishing scam.</p><p>By far the most common attack vector around today, phishing is not new and has been used as a gateway for disruptive attacks and data exfiltration for decades. According to Proofpoint&rsquo;s report, indiscriminate &lsquo;bulk&rsquo; phishing attacks increased by 12% in 2021, with targeted attacks even higher. Spear phishing/whaling and business email compromise (BEC) increased by 20% and 18% respectively in 2021...</p>"
  },
  "date": "2022-12-23T11:30:00-06:00",
  "featured": false,
  "headline": "Recent phishing attacks shatter confidence in cybersecurity controls",
  "id": "1671795000",
  "imageFilename": "recent-phishing-attacks",
  "slug":"recent-phishing-attacks-shatter-confidence-in-cybersecurity-controls",
  "sourceName": "The Edge Singapore",
  "sourceArticleUrl": "https://www.theedgesingapore.com/digitaledge/focus/recent-phishing-attacks-shatter-confidence-cybersecurity-controls",
  "tags": ["Phishing", "Smishing", "TOAD"]
},
{
  "content": {
    "html": "<h2>AI-powered assaults will definitely excel at impersonation, a tactic utilized frequently in phishing, as per the study.</h2><p>A recent cyber analytical report has warned that artificial intelligence (AI) enabled cyberattacks which are quite limited until now, may get more aggressive in the coming years.</p><p>The Helsinki-based cybersecurity and privacy firm WithSecure, the Finnish Transport and Communications Agency, and the Finnish National Emergency Supply Agency collaborated on the report, according to an article by <em>Cybernews</em> on Thursday.</p><p>“Although AI-generated content has been used for social engineering purposes, AI techniques designed to direct campaigns, perform attack steps, or control malware logic have still not been observed in the wild, said Andy Patel WithSecure intelligence researcher.</p><p>Such ”techniques will be first developed by well-resourced, highly-skilled adversaries, such as nation-state groups.“ </p><p>The paper examined current trends and advancements in AI, cyberattacks, and areas where the two intersect, suggesting early adoption and evolution of preventative measures were key to overcoming the threats. </p><p>”After new AI techniques are developed by sophisticated adversaries, some will likely trickle down to less-skilled adversaries and become more prevalent in the threat landscape,“ stated Patel...” </p>"
  },
  "date": "2022-12-18T11:55:00-06:00",
  "featured": false,
  "headline": "AI-armed cyberattacks may get lethal in next 5 years, warns report",
  "id": "1671364500",
  "imageFilename": "ai-armed-cyberattacks",
  "slug":"ai-armed-cyberattacks-may-get-lethal-in-next-5-years-warns-report",
  "sourceName": "Interesting Engineering",
  "sourceArticleUrl": "https://interestingengineering.com/science/ai-armed-cyberattacks-warns-report",
  "tags": ["AI", "Deepfake", "Phishing", "Vishing"]
},
{
  "content": {
    "html": "<h2>The action follows a similar order in July that prevented phone companies from fielding calls from several companies alleged to be responsible for a glut of offers for car warranties.</h2><p>The Federal Communications Commission said Thursday that it had blocked all U.S. phone companies from taking calls from a tiny communications company accused of sending robocalls that push fraudulent student loan relief services.</p><p>Tens of millions of such calls, which often claim to come from a generic “student loan center,” went out to U.S. phones in recent months, said Alex Quilici, the CEO of the anti-robocall company YouMail, which helped the FCC with its investigation. The calls usually referred to the White House student loan forgiveness program and falsely claimed that people in the U.S. with student loans needed to either tell the caller their personal information or pay a fee to receive up to $10,000 in student debt relief.</p><p>“Today we&rsquo;re cutting these scammers off so they can&rsquo;t use efforts to provide student loan debt relief as cover for fraud,” FCC Chair Jessica Rosenworcel said in an emailed statement.</p><p>The FCC&rsquo;s action to block student loan robocalls follows a similar order in July that prevented phone companies from fielding calls from several companies alleged to be responsible for a glut of offers for car warranties. The calls became so common that they inspired their own internet meme...</p>"
  },
  "date": "2022-12-08T12:00:00-06:00",
  "featured": false,
  "headline": "FCC orders block on company tied to fraudulent student loan robocalls",
  "id": "1670500800",
  "imageFilename": "fcc-orders-block-on-company",
  "slug":"fcc-orders-block-on-company-tied-to-fraudulent-student-loan-robocalls",
  "sourceName": "NBC News",
  "sourceArticleUrl": "https://www.nbcnews.com/tech/security/fcc-orders-block-company-tied-fraudulent-student-loan-robocalls-rcna60792",
  "tags": ["FCC", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>After almost 150 years of business telephony, you would think that we&rsquo;d have a secure and dependable telecom infrastructure. However, when you have a complex international network that moves voice calls and SMS messages between multiple providers, bad actors can find ways to exploit cracks in the system.</p><p>Having a phone number—or many phone numbers—exposes the people who pay the bills to the potential for telecom fraud. It&rsquo;s a cost of doing business, but a cost that can be prevented by taking the right steps...</p>"
  },
  "date": "2022-12-08T09:45:00-06:00",
  "featured": false,
  "headline": "How To Uncover And Prevent Telecom Fraud On CPaaS Platforms",
  "id": "1670492700",
  "imageFilename": "how-to-uncover-and-prvent-telecom-fraud",
  "slug":"how-to-uncover-and-prevent-telecom-fraud-on-cpaas-platforms",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/forbestechcouncil/2022/12/08/how-to-uncover-and-prevent-telecom-fraud-on-cpaas-platforms/?sh=5297980b5c95",
  "tags": ["Toll Fraud & Call Pumping"]
},
{
  "content": {
    "html": "<p>Many businesses operate under the impression that their caller ID (also known as CNAM) appears every time they make an outbound call. However, less than 10% of consumers opt-in to caller ID, leaving 90% of consumers to receive only an 11-digit unknown number when a business tries to reach them.</p><p>Lack of context for incoming calls and the massive rise in scam calls has conditioned consumers not to answer calls from unknown numbers. In addition, an absence of consumer trust in the phone call has led to an inefficient phone channel, which is problematic for legitimate businesses trying to connect with customers.</p><p>First introduced in 1988, caller ID name has been tried and true over the last three decades. However, telecommunications technology has continued to evolve, leading us to the next step in this evolution: branded communication, which allows businesses to control how their outbound calls are displayed on the call recipient&rsquo;s device.</p><p>Caller ID pulls names from databases businesses can&rsquo;t easily adjust or control. With the number of different CNAM providers that carriers use, there is no guarantee a business&rsquo;s name will show up the same to all mobile subscribers. A business&rsquo;s inability to control its CNAM across all carriers means that if the name pulled from the database is unidentified or incorrect, there is a greater chance the consumer will perceive the phone call as spam or scam and let the call go unanswered...</p>"
  },
  "date": "2022-12-02T18:00:00-06:00",
  "featured": false,
  "headline": "Putting The Power Of Call Branding Where It Belongs: In The Hands Of Companies",
  "id": "1670004000",
  "imageFilename": "putting-the-power-of-call-branding-where-it-belongs",
  "slug":"putting-the-power-of-call-branding-where-it-belongs-in-the-hands-of-companies",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/forbestechcouncil/2022/12/02/putting-the-power-of-call-branding-where-it-belongs-in-the-hands-of-companies/?sh=c4de94236597",
  "tags": ["Call Branding", "Caller-ID Spoofing", "CNAM", "Outbound Call Trust"]
},
{
  "content": {
    "html": "<p>The Luna Moth campaign has extorted hundreds of thousands of dollars from several victims in the legal and retail sectors.</p><p>The attacks are notable for employing a technique called callback phishing or telephone-oriented attack delivery (TOAD), wherein the victims are social engineered into making a phone call through phishing emails containing invoices and subscription-themed lures.</p><p>Palo Alto Networks Unit 42 said the attacks are the “product of a single highly organized campaign,” adding, “this threat actor has significantly invested in call centers and infrastructure that&rsquo;s unique to each victim.”</p><p>The cybersecurity firm described the activity as a “pervasive multi-month campaign that is actively evolving...”</p>"
  },
  "date": "2022-11-22T12:00:00-06:00",
  "featured": false,
  "headline": "Luna Moth Gang Invests in Call Centers to Target Businesses with Callback Phishing Campaigns",
  "id": "1669118400",
  "imageFilename": "luna-moth",
  "slug":"luna-moth-gang-invests-in-call-centers-to-target-businesses",
  "sourceName": "The Hacker News",
  "sourceArticleUrl": "https://thehackernews.com/2022/11/luna-moth-gang-invests-in-call-centers.html",
  "tags": ["Hackers", "Phishing", "Phone Scam", "Remote Security"]
},
{
  "content": {
    "html": "<p>Cyber threat actors can use social engineering techniques in various ways to achieve their goals. Some examples of common social engineering attacks include the following...</p>"
  },
  "date": "2022-11-11T09:00:00-06:00",
  "featured": false,
  "headline": "11 Types of Social Engineering Attacks",
  "id": "1668157200",
  "imageFilename": "eleven-types-of-social-engineering-attacks",
  "slug":"11-types-of-social-engineering-attacks",
  "sourceName": "Checkpoint",
  "sourceArticleUrl": "https://www.checkpoint.com/cyber-hub/threat-prevention/social-engineering-attacks/11-types-of-social-engineering-attacks/",
  "tags": ["Fraud Prevention", "Smishing", "Vishing"]
},
{
  "content": {
    "html": "<h2>University IT teams must remain vigilant as phishing, vishing and smishing attacks all represent a threat.</h2><p>Higher education institutions have long been aware that cybercriminals target their faculty, staff and students through phishing attacks. Recently, the problem has gotten worse: The FBI issued a warning that as of January 2022, Russian criminal forums were offering for sale or giving away credentials and VPN access to many U.S.-based colleges and universities.</p><p>Criminals use stolen credentials for multiple purposes, often for access to intellectual property or prepublication technical writing. They may target staff, stealing credentials to gain access to financial systems. Individuals may be targeted in an attempt to drain their bank accounts, steal their credit card information or conduct fraudulent transactions. And because people reuse their credentials, stolen passwords can be used for brute-force credential-stuffing attacks across affiliated organizations.</p><p>One of the most concerning issues for higher education is that phishing scams have moved beyond the traditional email-based approach and now utilize other channels such as social media, phone calls, voicemail, text messages and more...</p>"
  },
  "date": "2022-11-08T10:06:00-06:00",
  "featured": false,
  "headline": "Multichannel Phishing Extends to Threats Beyond Email",
  "id": "1667901960",
  "imageFilename": "multichannel-phishing",
  "slug":"multichannel-phishing-extends-to-threats-beyond-email",
  "sourceName": "EdTech Magazine",
  "sourceArticleUrl": "https://edtechmagazine.com/higher/article/2022/11/multichannel-phishing-extends-threats-beyond-email",
  "tags": ["Phishing", "Smishing", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>HARRISBURG– Attorney General Josh Shapiro announced today that his office filed a lawsuit against New York-based Fluent, Inc. – a company that connects advertisers to potential new customers through the consumers&rsquo; personal data – for their and their subsidiaries&rsquo; role in allegedly causing hundreds of thousands of unwanted robocalls to be placed to Pennsylvania consumers. Fluent and its subsidiaries Fluent LLC, CAC, American Prize Center, LLC, Deliver Technology, LLC, Rewardzone USA, LLC, and Samples &amp; Savings USA, LLC, collected personal information, including telephone numbers, and that was then sold to telemarketing companies. This included the personal information of thousands of consumers on Pennsylvania&rsquo;s Do Not Call List.</p><p>“If a Pennsylvania resident registers their phone number on the &lsquo;Do-Not-Call&rsquo; List, it&rsquo;s illegal for telemarketers to call them,” Attorney General Josh Shapiro said. “Every company is obligated to comply with state and federal telemarketing laws, and Fluent failed to comply. These invasive robocalls are a growing problem – Fluent&rsquo;s phony actions cannot be used to obtain consumer&rsquo;s consent to receive unwanted calls.”</p><p>Consumers&rsquo; information was obtained by Fluent through the consumers&rsquo; efforts to register to receive promotional offerings, including gift cards to popular retailers such as Amazon and Walmart. These promotional opportunities consistently failed to include clear and obvious disclosures that warn consumers that if they provide their contact information, they are consenting to receive telemarketing calls from hundreds of potential sellers. These sellers&rsquo; products and services are oftentimes not related to the promotional offerings whatsoever...</p>"
  },
  "date": "2022-11-03T00:00:00-05:00",
  "featured": false,
  "headline": "PA Attorney General Files Suit against NY-Based Fluent for Their Role in the Illegal Distribution of Robocalls to PA Consumers",
  "id": "1667433600",
  "imageFilename": "pa-attorney-general-files-suit-against-ny-based-fluent",
  "slug":"pa-attorney-general-files-suit-against-ny-based-fluent",
  "sourceName": "attorneygeneral.gov",
  "sourceArticleUrl": "https://www.attorneygeneral.gov/taking-action/pa-attorney-general-files-suit-against-ny-based-fluent-for-their-role-in-the-illegal-distribution-of-robocalls-to-pa-consumers/",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>An investigation into an August smishing attack on Twilio has turned up a connection to an earlier vishing attack. It appears that the culprit behind the August Twilio hack also managed to penetrate the company in June in a separate incident that exposed a much smaller amount of customer contact information.</p><h2>Two Twilio hacks in three months linked to the same threat actor</h2><p>The August Twilio hack stemmed from a campaign that peppered employees with SMS messages, eventually convincing one to visit a fraudulent login page. The investigation into this incident was recently concluded, and the company has found that the same attacker was responsible for a smaller breach in June. That earlier incident involved a different approach, however; a vishing attack (voice phishing) that was able to convince an employee of the company to give up their login credentials over the phone.</p><p>The June vishing attack window reportedly lasted for only about 12 hours and provided the attackers with access to a “limited” amount of customer information. Those that were impacted were notified in July, but the link to the August attack is new. The August Twilio hack was apparently launched shortly after customers were notified of the first attack, with the hacker changing their approach to pose as a member of the company&rsquo;s IT staff and attempt to get employees to enter credentials into a fake Okta login portal...</p>"
  },
  "date": "2022-10-31T09:00:00-05:00",
  "featured": false,
  "headline": "Culprit Behind Twilio Hack Traced to Earlier Vishing Attack That Nabbed Employee Credentials",
  "id": "1667206800",
  "imageFilename": "twilio-hack-earlier-vishing-attack",
  "slug":"culprit-behind-twilio-hack-traced-to-earlier-vishing-attack",
  "sourceName": "CPO Magazine",
  "sourceArticleUrl": "https://www.cpomagazine.com/cyber-security/culprit-behind-twilio-hack-traced-to-earlier-vishing-attack-that-nabbed-employee-credentials/",
  "tags": ["Smishing", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>SMiShing uses SMS (Short Message Service) as the attack vector. The attacker&rsquo;s objective is to trick the target into installing malware on their device, or to reveal account information. The attacker crafts a SMiShing message to make the receiver think the communication is from a familiar or trusted source. The bad actor then sends their target a SMiShing message containing a malicious link. The link, if clicked, redirects the target to a website under the attacker&rsquo;s control. SMiShing is a social engineering attack because criminals exploit the target&rsquo;s vulnerabilities; the desire to trust, to be helpful, or to act quickly on a perceived danger. SMiShing is a very real security threat to enterprises as 39% of employees now access corporate data on personal devices...</p>"
  },
  "date": "2022-10-26T09:00:00-05:00",
  "featured": false,
  "headline": "SMiShing in Social Engineering News",
  "id": "1666774800",
  "imageFilename": "smishing-in-social-engineering-news",
  "slug":"smishing-in-social-engineering-news",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2022/10/smishing-in-social-engineering-news/",
  "tags": ["Cybersecurity", "Smishing"]
},
{
  "content": {
    "html": "<p>Malicious actors are resorting to voice phishing (vishing) tactics to dupe victims into installing Android malware on their devices, new research from ThreatFabric reveals.</p><p>The Dutch mobile security company said it identified a network of phishing websites targeting Italian online-banking users that are designed to get hold of their contact details.</p><p>Telephone-oriented attack delivery (TOAD), as the social engineering technique is called, involves calling the victims using previously collected information from the fraudulent websites.</p><p>The caller, who purports to be a support agent for the bank, instructs the individual on the other end of the call to install a security app and grant it extensive permissions, when, in reality, it&rsquo;s malicious software intended to gain remote access or conduct financial fraud.</p>"
  },
  "date": "2022-10-17T08:50:11-05:00",
  "featured": false,
  "headline": "Hackers Using Vishing to Trick Victims into Installing Android Banking Malware",
  "id": "1665996611",
  "imageFilename": "vishing-to-trick-victims-into-installing-android-banking-malware",
  "slug":"hackers-using-vishing-to-trick-victims-into-installing-android-banking-malware",
  "sourceName": "The Hacker News",
  "sourceArticleUrl": "https://thehackernews.com/2022/10/hackers-using-vishing-tactics-to-trick.html",
  "tags": ["Financial Fraud", "Hackers", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>You&rsquo;ve likely heard about Denial of Service attacks. But this variant can cripple infrastructure and cost lives. Here&rsquo;s what you need to know.</p><p>Telephony Denial of Service (TDoS) attacks have one aim: to overwhelm a service with so much traffic that the system buckles under the strain. This type of cyberattack is especially concerning because it is isolating and puts victims&rsquo; lives at risk.</p><p>In coordinated attacks, TDoS can cripple public infrastructure and render people unable to call emergency response services or notify their banks of suspicious activities on their accounts. Your phone company is responsible for having a system that&rsquo;s resilient to TDoS attacks. Still, there are some things you can do in a TDoS attack.</p><p>TDoS are attacks where hackers use automated setups to flood a phone service with a high amount of false traffic, thus preventing legitimate calls from going through. To put it into perspective, you can think of this type of Denial of Service (DoS) attack as using an army of toy cars to occupy a highway and causing traffic congestion that prevents real cars from going through that road...</p>"
  },
  "date": "2022-10-10T09:40:00-05:00",
  "featured": false,
  "headline": "What Is a Telephony Denial of Service (TDoS) Attack?",
  "id": "1665394800",
  "imageFilename": "what-is-a-tdos-attack",
  "slug":"what-is-a-telephony-denial-of-service-tdos-attack",
  "sourceName": "Make Use Of",
  "sourceArticleUrl": "https://www.makeuseof.com/what-is-telephony-denial-of-service/",
  "tags": ["Emergency Services & 911 Systems", "Hackers", "TDoS"]
},
{
  "content": {
    "html": "<p>What could be worse than robocalls? Robotexts.</p><p>The numbers for robocalls aren&rsquo;t nearly as bad as the ones for robotexts right now...</p>"
  },
  "date": "2022-09-29T15:00:00-05:00",
  "featured": false,
  "headline": "Rossen Reports: We found something more annoying than robocalls",
  "id": "1664463600",
  "imageFilename": "more-annoying-than-robocalls",
  "slug":"something-more-annoying-than-robocalls",
  "sourceName": "WCVB",
  "sourceArticleUrl": "https://www.wcvb.com/article/robocalls-robotexts-rossen-reports/41446157",
  "tags": ["Robocalls", "Smishing"]
},
{
  "content": {
    "html": "<p>PHOENIX (3TV/CBS 5) - If you&rsquo;ve tried to sell something online, you know there are a lot of scammers out there looking to take your money. But one of the biggest scams isn&rsquo;t after your money — it&rsquo;s after your identity.</p><p>It can happen when you post an item for sale on popular sites like Craigslist, Facebook Marketplace, or OfferUp. Scammers will pose as a buyer and text you saying they&rsquo;re interested, but they say they&rsquo;re concerned that you&rsquo;re a scammer.</p><p>A verification code then pops up on your screen, and they ask you to read off the code so they know you&rsquo;re legit. “What they&rsquo;re really trying to do is set up a Google Voice account tied to your phone number without you knowing,” said Ken Colburn of Data Doctors...</p>"
  },
  "date": "2022-09-22T20:30:00-05:00",
  "featured": false,
  "headline": "“Google Voice Scam” targeting people selling items online",
  "id": "1663878600",
  "imageFilename": "google-voice-scam",
  "slug":"google-voice-scam",
  "sourceName": "CBS News",
  "sourceArticleUrl": "https://www.azfamily.com/2022/09/23/google-voice-scam-targeting-people-selling-items-online/",
  "tags": ["Phone Scam"]
},
{
  "content": {
    "html": "<p>A New York man pleaded guilty in the Eastern District of New York to money laundering for his role as the owner and operator of a voice over internet protocol (VoIP) company that facilitated and profited from the introduction of fraudulent robocall traffic into the United States.</p><p>Jon J. Kahen, 48, of Great Neck, New York, was the owner and chief executive officer of Global Voicecom Inc. (GVI), a U.S.-based VoIP provider, from 1999 to 2020. GVI provided telecommunications services, such as calling platforms and domestic direct inward dial (DID), toll-free, and call termination services, that introduced foreign phone traffic into the U.S. telephone system (thereby serving as a so-called “gateway carrier”). </p><p>Beginning at least as early as 2016, GVI began serving as a gateway carrier for an India-based VoIP provider that used GVI&rsquo;s gateway carrier services to route fraudulent robocalls – including, but not limited to, U.S. government agency imposter calls placed by individuals located in India who were fraudulently impersonating agents of the IRS, Social Security Administration, and Social Security Administration Office of Inspector General (SSA-OIG) – into the U.S. telephone system. This provider also used the DID and toll-free numbers re-leased and/or re-sold to it by GVI to facilitate various fraudulent robocall scams. U.S. consumers, including the elderly, were defrauded as a result of these scams.</p><p>By 2018, Kahen became aware that this India-based VoIP provider was using GVI&rsquo;s telecommunications services to engage in unlawful activities (e.g., wire fraud involving fraudulent robocalls), and by May 2019, Kahen was aware that the funds paid to GVI by this client for continued gateway carrier services constituted the proceeds of unlawful activities. Despite this knowledge, Kahen conducted unlawful monetary transactions involving these criminally derived funds...</p>"
  },
  "date": "2022-09-16T09:00:00-05:00",
  "featured": false,
  "headline": "New York Man Enters Guilty Plea to Laundering Monies Connected to Proceeds from Facilitating Fraudulent Robocalls",
  "id": "1663318800",
  "imageFilename": "new-york-man-enters-guilty-plea",
  "slug":"new-york-man-enters-guilty-plea-to-laundering-monies-connected-to-proceeds-from-facilitating-fraudulent-robocalls",
  "sourceName": "Department of Justice",
  "sourceArticleUrl": "https://www.justice.gov/opa/pr/new-york-man-enters-guilty-plea-laundering-monies-connected-proceeds-facilitating-fraudulent",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<h2>What Is a Vishing Attack, and What Does It Look Like?</h2><p>Vishing attacks can take many forms, but the hallmark of vishing is unsolicited telephone calls to your employees. Usually, these phone calls pretend to be from a legitimate organization that your company may work with already. More sophisticated vishing attacks will spoof the caller ID as well. Some examples of vishing attacks include:What Is a Vishing Attack, and What Does It Look Like?</p><ul><li>The bank scam. In this vishing attack, someone calls a representative of your company, pretending to be from the bank that processes your payroll checks. The scammer then claims that something has gone wrong with the payments: perhaps there was an error or a data breach. In this scam, the scammer&rsquo;s ultimate goal is to get your company&rsquo;s banking information (which can include usernames, passwords, bank account numbers, and more).</li><li>The IRS scam. We&rsquo;ve all gotten those robocalls that claim to be from the IRS. Most of these vishing attacks aren&rsquo;t very sophisticated, opting instead to contact as many people in as short a period of time as possible, but some of them do spoof legitimate IRS phone numbers on the recipient&rsquo;s caller ID.</li><li>Tech support. Vishing attacks can also impersonate your own company. This is particularly common in spear-phishing and whaling attacks. The scammer usually claims that some work needs to be done on an employee&rsquo;s computer, and then directs the recipient to a fraudulent website, where they download malware that infects their computer, potentially compromising the entire network...</li></ul>"
  },
  "date": "2022-09-08T09:00:00-05:00",
  "featured": false,
  "headline": "What is Vishing and Is It A Threat to Your Business?",
  "id": "1662627600",
  "imageFilename": "vishing-net",
  "slug":"what-is-vishing-and-is-it-a-threat-to-your-business",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2022/09/what-is-vishing-and-is-it-a-threat-to-your-business/",
  "tags": ["Phone Scam", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>Every year, social engineering attacks are employing more advanced techniques. Technology continues its inexorable march forward, and its advancement in areas such as artificial intelligence (AI) and machine learning — deepfake technology, for example — will further exacerbate social engineering risks.</p><p>Social engineering can be defined as the psychological strategies scammers use to manipulate humans into clicking on compromised links or divulging sensitive information. Social engineering comes in many forms, including emails, phone calls and texting. These attacks exploit users&rsquo; fears, curiosity or helpfulness to trick individuals into sharing data such as login credentials, bank accounts or social security numbers. Commonly, they&rsquo;ll redirect victims to websites harboring drive-by malware downloads and initiate phishing attacks.</p><p>Phishing schemes are often quite sophisticated. In the fall of 2020, guests at the Ritz Hotel in London were “vished” (voice call phishing) by scammers posing as Ritz staff. The scammers convinced guests to divulge credit card information. According to Bitwarden research, emails purporting to be from financial institutions (35%) or a government entity (22%) were the top phishing culprits of 2021.</p><p>With the increase in digital and remote work, phishing driven by social engineering has reached the point where staying safe remains a priority for both individuals and enterprises, as phished employees can compromise an organization&rsquo;s network...</p>"
  },
  "date": "2022-09-06T09:00:00-05:00",
  "featured": false,
  "headline": "How can companies keep up with social engineering attacks?",
  "id": "1662454800",
  "imageFilename": "how-can-companies-keep-up-with-social-engineering-attacks",
  "slug":"how-can-companies-keep-up-with-social-engineering-attacks",
  "sourceName": "Security Magazine",
  "sourceArticleUrl": "https://www.securitymagazine.com/articles/98295-how-can-companies-keep-up-with-social-engineering-attacks",
  "tags": ["AI", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<h2>The FCC is tightening up its rules for voice calls routed into the US, which may offer new revenue opportunities for carriers, writes Alan Burkitt-Gray</h2><p>The US telecommunications regulator is about to tighten its rules on voice traffic entering the country, in a move to reduce what most of us call “nuisance calls” but Americans call “robocalls”. The changes by the Federal Communications Commission (FCC) will require the voice industry to spend lots of money in the hope that consumers will come to trust incoming calls once again.</p><p>As a result, there will valuable opportunities for wholesale service providers that can offer profitable services to fixed and mobile operators in enhancing calling line identification (CLI) services (or “caller ID”).</p><p>The name to hold close is Stir/Shaken, which Wikipedia says is a Bond-like development of “Stir”, an acronym of “secure telephony identity revisited”.</p><p>The “Shaken” addition means, according to the same source, “signature-based handling of asserted information using tokens”.</p><p>I don&rsquo;t understand either. But at home in London, the caller ID list on my BT landline phone includes numbers claiming they&rsquo;re for callers from Cornwall, Derbyshire, Manchester and Newcastle upon Tyne. They weren&rsquo;t. The callers were lying, just as they were lying about being from BT, trying to help with a non-existent broadband problem, or Microsoft, trying to fix my computer.</p><p>That&rsquo;s what, for the US market, Stir/ Shaken is trying to end. But it is a complex problem and it is expensive for the industry to fix. For example, all those calls to me all had credible, but false, caller IDs...</p>"
  },
  "date": "2022-09-05T14:30:00-05:00",
  "featured": false,
  "headline": "Shaking up caller ID",
  "id": "1662388200",
  "imageFilename": "shaking-up-caller-id",
  "slug":"shaking-up-caller-id",
  "sourceName": "Capacity Media",
  "sourceArticleUrl": "https://www.capacitymedia.com/article/2al2rzpvue0prafpknu2o/feature/shaking-up-caller-id/00000183-0dd5-da3a-a1df-fdffc0eb0000",
  "tags": ["Caller-ID Spoofing", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Healthcare delivery organizations should work to address potential risks posed by a rise in vishing attacks against the healthcare sector, as well as the ongoing threat of social engineering attempts, warns Department of Health and Human Services Cybersecurity Coordination Center.</p><p>Two new white paper alerts detail the ongoing threats and recommended remediation to prevent falling victim.</p><p>HC3 has observed a “marked increase” in vishing, or voice phishing, attacks in the last year across all sectors. The method is used by advanced persistent threat groups or state-sponsored actors, leveraging voice-changing software to trick victims into installing malware. </p><p>The objectives of these attacks are usually to obtain sensitive information or distribute malware. One of the more recent victims was a large organization that fell victim to a sophisticated vishing attack, which enabled an actor with access to their network. </p><p>First introduced by BazarCall/BazaCall, the callback phishing attacks were first observed in March 2021 and targeted corporate networks with ransomware attacks. Reports show the use of “hybrid vishing” saw a 625% growth during Q2 2022, which first connects with the victim via email before calling them.</p><p>Past healthcare vishing targeting led to the exploit of a Michigan health system in September 2020, whether the threat actor posed as an employee in an effort to steal member numbers and protected health numbers. In this specific incident, the “fake phone calls even &lsquo;spoofed&rsquo; caller ID and appeared to be originating from a legitimate phone number belonging to the… entity...” </p>"
  },
  "date": "2022-08-19T08:00:00-05:00",
  "featured": false,
  "headline": "HC3 alerts to social engineering risk, rise in vishing attacks on healthcare",
  "id": "1660896000",
  "imageFilename": "hc3-alerts-to-social-engineering",
  "slug":"hc3-alerts-to-social-engineering-risk-rise",
  "sourceName": "SC Media",
  "sourceArticleUrl": "https://www.scmagazine.com/analysis/vulnerability-management/hc3-alerts-to-social-engineering-risk-rise-in-vishing-attacks-on-healthcare",
  "tags": ["Phone Scam", "Ransom", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>WashingtonCNN Business — </p><p>No sentence in the English language may be more infuriating than the following 12 words: “We have been trying to reach you about your car&rsquo;s extended warranty.”</p><p>If you&rsquo;ve picked up the phone in response to an unknown caller anytime in the last several years, chances are you&rsquo;ve encountered this incessant and irritating automated message. But according to state and federal officials, just two men may be responsible for an overwhelming share of the billions of auto-warranty spam calls that have hit US phones.</p><p>Now, a new lawsuit in Ohio is trying to cut them off at their source, following a years-long effort across the public and private sectors to turn the tide on the scourge of robocalls once and for all.</p><p>In a complaint filed last month by Ohio Attorney General Dave Yost, the ringleaders of the auto-warranty robocall scheme are identified as Roy Melvin Cox, Jr. and Aaron Michael Jones, two California individuals described as repeat offenders of US telemarketing rules...</p>"
  },
  "date": "2022-08-18T15:07:00-05:00",
  "featured": false,
  "headline": "A monumental case looks to crack open the world of auto-warranty robocalls",
  "id": "1660835220",
  "imageFilename": "a-monumental-case",
  "slug":"monumental-case-to-crack-open-world-of-auto-warranty-robocalls",
  "sourceName": "CNN",
  "sourceArticleUrl": "https://www.cnn.com/2022/08/18/tech/auto-warranty-robocalls-case/index.html",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>A trio of offshoots from the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to breach targeted networks.</p><p>“Three autonomous threat groups have since adopted and independently developed their own targeted phishing tactics derived from the call back phishing methodology,” cybersecurity firm AdvIntel said in a Wednesday report.</p><p>These targeted campaigns “substantially increased” attacks against entities in finance, technology, legal, and insurance sectors, the company added.</p><p>The actors in question include Silent Ransom, Quantum, and Roy/Zeon, all of which split from Conti after the ransomware-as-a-service (RaaS) cartel orchestrated its shutdown in May 2022 following its public support for Russia in the ongoing Russo-Ukrainian conflict.</p><p>The advanced social engineering tactic, also called BazaCall (aka BazarCall), came under the spotlight in 2020/2021 when it was put to use by operators of the Ryuk ransomware, which later rebranded to Conti.</p><p>It&rsquo;s said to have received substantial operational improvements in May, around the same time the Conti team was busy coordinating an organization-wide restructuring while simulating the movements of an active group...</p>"
  },
  "date": "2022-08-11T08:00:00-05:00",
  "featured": false,
  "headline": "Conti Cybercrime Cartel Using ‘BazarCall’ Phishing Attacks as Initial Attack Vector",
  "id": "1660204800",
  "imageFilename": "conti-cybercrime-cartel",
  "slug":"conti-cybercrime-cartel-using-bazarcall-phishing-attacks",
  "sourceName": "The Hacker News",
  "sourceArticleUrl": "https://thehackernews.com/2022/08/conti-cybercrime-cartel-using-bazarcall.html",
  "tags": ["Phishing", "Phone Scam", "Social Engineering"]
},
{
  "content": {
    "html": "<h2>A cybersecurity expert explains how we might learn to trust our phones again</h2><p>“Hello, we&rsquo;ve been trying to reach you about your car&rsquo;s extended warranty.” After years of seemingly unstoppable scam robocalls, this phrase is embedded into the minds of many of us. Last month the Federal Communications Commission (FCC) announced it was ordering phone providers to block any calls coming from a known car warranty robocall scam, offering hope that U.S. phone users may hear that all-too-familiar automated voice a little less often.</p><p>But there is more work required to crack down on these calls. After all, car warranty warnings are only one type of scam. To understand how robocallers reach us, and why it&rsquo;s so hard to stop them, Scientific American spoke with Adam Doupé, a cybersecurity expert at Arizona State University.</p><h4>How big is the robocall problem in the U.S.?</h4><p>I think it&rsquo;s difficult to wrap our head around the scale. We can look at hard evidence of the complaints that consumers are sending to the FCC, but those are just people who actually complain. The FCC is claiming that one auto warranty scam operation is responsible for making more than eight billion robocall messages since 2018—that&rsquo;s just staggering. That&rsquo;s two billion a year from one campaign. Companies are sending out billions of messages, and that&rsquo;s inherently going to affect you; you&rsquo;ll get one to three a day.</p><p>A lot of these are done by companies that are selling real products. They&rsquo;re just using an illegal marketing campaign to get consumers to buy those products. That&rsquo;s distinct from robocalls that are trying to target people for fraud: the robocall itself is the marketing lure to get somebody on the hook, then they&rsquo;re transferred to a real person who is defrauding them out of money...</p>"
  },
  "date": "2022-08-05T09:00:00-05:00",
  "featured": false,
  "headline": "The Robocalls Problem Is So Bad That the FCC Actually Did Something",
  "id": "1659690000",
  "imageFilename": "the-robocalls-problem-is-so-bad",
  "slug":"robocalls-problem-so-bad-the-fcc-actually-did-something",
  "sourceName": "Scientific American",
  "sourceArticleUrl": "https://www.scientificamerican.com/article/the-robocalls-problem-is-so-bad-that-the-fcc-actually-did-something/",
  "tags": ["Caller-ID Spoofing", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>Access charges are the fees local exchange carriers (LECs) charge long distance carriers (interexchange carriers, or IXCs) to originate or terminate the IXCs&rsquo; customers&rsquo; calls. These have been the subject of disputes ever since the breakup of Ma Bell in 1984. For over a decade now, the disputes have centered on a practice known as access stimulation (also called traffic pumping or access arbitrage). This arbitrage became possible because, over time, the rates for access charges became disconnected from the costs of providing the service, with rates far exceeding costs. That mismatch created an incentive for some LECs to make arrangements with entities that offered high-volume calling services (<em>e.g.</em>, “free” chat lines, “free” conference calling) to route (“pump”) large volumes of long-distance traffic to their partner LECs&rsquo; switches for termination. That enabled the LEC and service provider to split the profits from the high access charges paid by the IXCs sending all that traffic to be terminated (far more traffic than would ever occur with normal customers and calling patterns).</p><p>The FCC found such schemes harm consumers by increasing IXCs&rsquo; costs and rates. It therefore sought to prevent them in a 2011 order and rules (26 FCC Rcd. 17663), and again in an order and rules in 2019 (34 FCC Rcd. 9035). The 2019 Order adopted certain “traffic ratio triggers,” which classified a LEC as an unlawful traffic pumper if its interstate terminating-to-originating traffic ratio was too high (meaning it was terminating vastly more long-distance traffic than it originated). A traffic pumper cannot recover terminating access charges...</p>"
  },
  "date": "2022-07-26T09:00:00-05:00",
  "featured": false,
  "headline": "FCC’s New Proposed Rules Would Apply Traffic-Pumping Triggers to VoIP Providers",
  "id": "1658826000",
  "imageFilename": "fccs-new-proposed-rules",
  "slug":"fccs-new-proposed-rules-traffic-pumping-voip",
  "sourceName": "Duane Morris Techlaw",
  "sourceArticleUrl": "https://blogs.duanemorris.com/techlaw/2022/07/26/traffic-pumping-voip/",
  "tags": ["Toll Fraud & Call Pumping"]
},
{
  "content": {
    "html": "<p>Mutare on Wednesday released a report finding that 47% of organizations experienced a voice phishing (vishing) or social engineering attack in the past year.</p><p>Even more troubling, most organization are unaware of the volume of unwanted voice traffic traversing their networks, or the significance of threats lurking in unwanted traffic, which includes robocalls, spoof and spam calls, spam storms, vishing, smishing, and social engineering.</p><p>The survey also found that in all industries, 9% of all calls received by businesses are unwanted.  Moreover, 45% of all unwanted traffic is tied to nefarious activity, while the survey ties 55% to nuisance activity. Amazingly, more than one-third (38%) say their organizations do not collect any data on the amount of inbound, unwanted, and potentially malicious voice traffic hitting their organizations.</p><p>The main reason that phishing scams are so convincing is that they often mimic the look of a brand or a credible person down to a very fine detail, said Ryan McCurdy, vice president of marketing at Bolster, Inc. McCurdy said to make matters worse, they prey on human action bias, with a call-to-action stating that attention must be taken right now.</p><p>“The same tactics are used in smishing campaigns as in phishing campaigns,” McCurdy said...</p>"
  },
  "date": "2022-07-20T09:15:00-05:00",
  "featured": false,
  "headline": "Nearly half of organizations experienced a vishing or social engineering attack in the last year",
  "id": "1658308500",
  "imageFilename": "nearly-half-of-organizations",
  "slug":"nearly-half-of-organizations-experienced-a-vishing-or-social-engineering-attack-in-the-last-year",
  "sourceName": "SC Media",
  "sourceArticleUrl": "https://www.scmagazine.com/news/social-engineering/nearly-half-of-organizations-experienced-a-vishing-or-social-engineering-attack-in-the-last-year",
  "tags": ["Phone Scam", "Smishing", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<h2>Relentless waves of sophisticated phone and online scams are impacting people&rsquo;s mental health</h2><p>Pamela McCarroll doesn&rsquo;t have the luxury of ignoring phone calls from unknown numbers.</p><p>The 30-year old is undergoing treatment for long-term colon cancer in Fairfax County, Va., and never knows whether it could be a doctor, a hospital with test results, or someone trying to schedule an appointment.</p><p>Unfortunately, that means she&rsquo;s fielding up to 20 spam phone calls every day on her mobile phone, adding to her already sky-high levels of stress. Since her diagnosis in August 2019, the number of scam attempts has shot up while the topics have gotten strangely specific, including Medicare or senior benefits.</p><p>“I&rsquo;ve gotten some calls about funeral insurance. That kind of bums me out,” McCarroll says. “I&rsquo;ve got cancer, but you don&rsquo;t have to rub it in.”</p><p>We&rsquo;re living in an era of constant scams. The technology and techniques behind them have improved, while attempts to crack down have largely stalled. For the millions of people in the United States dealing with scam attempts like McCarroll, there doesn&rsquo;t seem to be any meaningful relief in sight.</p><p>We mostly think about scam calls and texts in terms of their financial costs to the people who fall for them. Consumers reported $5.8 billion in fraud to the Federal Trade Commission last year, a 70 percent increase from 2020. Falling for or engaging with one scam can lead to an increase in attempts. According to RoboKiller, an app for screening robocalls on phones, an average smartphone owner in the United States will get an estimated 42 spam texts and 28 spam calls a month. Once a number or email address spreads into more spammer databases, it can be bought and sold by the companies involved in the booming scam industry...</p>"
  },
  "date": "2022-07-13T06:00:00-05:00",
  "featured": false,
  "headline": "The nonstop scam economy is costing us more than just money",
  "id": "1657692000",
  "imageFilename": "the-nonstop-scam-economy-mental-health",
  "slug":"the-nonstop-scam-economy-is-costing-us-more-than-just-money",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://www.washingtonpost.com/technology/2022/07/13/scam-fraud-fatigue/",
  "tags": ["Phone Scam", "Spoofing"]
},
{
  "content": {
    "html": "<p>Hey, have you heard that your car&rsquo;s extended warranty is about to expire? That&rsquo;s what the disembodied robot voice on the other end of the phone wants you to think, anyway. Fortunately, these incessant spam calls may soon be getting less frequent.</p><p>This week, the US Federal Communications Commission closed a loophole in a policy that requires voice service carriers to adhere to a standard that would help block robocalls. All carriers in the US are now required to utilize a tech known as Stir/Shaken (an acronym for a very long and unwieldy title of federal standards for calls). It&rsquo;s a way to identify legitimate carriers and allow them to connect calls, while blocking out those who are trying to spam you...</p>"
  },
  "date": "2022-07-02T11:00:00-05:00",
  "featured": false,
  "headline": "Robocalls Are (Finally) Being Shaken Up",
  "id": "1656759600",
  "imageFilename": "robocalls-are-finally-being-shaken-up",
  "slug":"robocalls-are-finally-being-shaken-up",
  "sourceName": "Wired",
  "sourceArticleUrl": "https://www.wired.com/story/robocalls-are-finally-being-shaken-up/",
  "tags": ["Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<h2>Cybercriminals continue to launch creative social engineering attacks to trick users. Meanwhile, social engineering misconceptions are exacerbating the risks of falling victim.</h2><p>Social engineering is involved in the vast majority of cyberattacks, but a new report from Proofpoint has revealed five common social engineering assumptions that are not only wrong but are repeatedly subverted by malicious actors in their attacks.</p><p>Commenting on the report&rsquo;s findings, Sherrod DeGrippo, Proofpoint&rsquo;s vice president threat research and detection, stated that the vendor has attempted to debunk faulty assumptions made by organizations and security teams so they can better protect employees against cybercrime. “Despite defenders&rsquo; best efforts, cybercriminals continue to defraud, extort and ransom companies for billions of dollars annually. Security-focused decision makers have prioritized bolstering defenses around physical and cloud-based infrastructure, which has led to human beings becoming the most relied upon entry point for compromise. As a result, a wide array of content and techniques continue to be developed to exploit human behaviors and interests.”</p><p>Indeed, cybercriminals will go to creative and occasionally unusual lengths to carry out social engineering campaigns, making it more difficult for users to avoid falling victim to them.</p><p>Here are five social engineering misconceptions exacerbating attacks, as presented by Proofpoint...</p>"
  },
  "date": "2022-06-24T07:11:00-05:00",
  "featured": false,
  "headline": "5 social engineering assumptions that are wrong",
  "id": "1656054660",
  "imageFilename": "5-social-engineering-assumptions",
  "slug":"5-social-engineering-assumptions-that-are-wrong",
  "sourceName": "CSO",
  "sourceArticleUrl": "https://www.csoonline.com/article/3664932/5-social-engineering-assumptions-that-are-wrong.html",
  "tags": ["Fraud Prevention", "Phone Scam", "Social Engineering"]
},
{
  "content": {
    "html": "<h2>Executives, administrators and network defenders overlook the severity of many of the most effective social engineering tools, Proofpoint cautions.</h2><p>Some of the most effective tricks used for social engineering attacks are being overlooked or underestimated.</p><p>That&rsquo;s according to security vendor Proofpoint, whose 2022 Social Engineering report concluded that many companies mistakenly assume that cybercriminals are unwilling or unable to use tactics such as extended conversations, legitimate services and hijacked email threads in order to dupe their targets into opening malware and following phishing links.</p><p>Proofpoint, which specializes in tools and services to counter social engineering, argued that these assumptions are putting companies at heightened risk for network intrusions and malware infections.</p><p>“Despite defenders&rsquo; best efforts, cybercriminals continue to defraud, extort and ransom companies for billions of dollars annually,” said Sherrod DeGrippo, vice president of threat research and detection at Proofpoint, based in Sunnyvale, Calif. “The struggle with threat actors evolves constantly, as they change tactics to earn clicks from end users.”</p><p>In general, the report found, companies underestimate the resources attackers are willing to put into social engineering attacks. For example, many believe that hacking crews will not exchange multiple messages with their targets.</p><p>In reality, the study found that many hacking operations were not only willing to exchange multiple messages with their targets in hopes of gaining their trust, but were also looking to get the target to engage over multiple forms of communication, such as personal email messages and phone calls...</p>"
  },
  "date": "2022-06-22T12:00:00-05:00",
  "featured": false,
  "headline": "Proofpoint: Social engineering attacks slipping past users",
  "id": "1655899200",
  "imageFilename": "proofpoint-social-engineering-attacks-slipping-past-users",
  "slug":"social-engineering-attacks-slipping-past-users",
  "sourceName": "Tech Target",
  "sourceArticleUrl": "https://www.techtarget.com/searchsecurity/news/252521837/Proofpoint-Social-engineering-attacks-slipping-past-users",
  "tags": ["Phone Scam", "Social Engineering"]
},
{
  "content": {
    "html": "<h2>Despite major progress fighting spam and scams, the roots of the problem go far deeper than your phone company&rsquo;s defenses.</h2><p>THERE&rsquo;S A GOOD reason you&rsquo;re still afraid to answer your phone when an unknown number pops up.</p><p>For years, the telecommunications industry has been trying to curb robocalls, the frustrating and potentially dangerous spam calls that try to scam anyone who picks up the phone. But even after significant milestones in defense—including the introduction of two telecom protocols that cryptographically authenticate the source of calls—you&rsquo;re probably still getting spammy calls that drive you nuts. In spite of the setbacks, though, researchers say they&rsquo;ve seen real progress on reducing spam calls in the United States, and there&rsquo;s potential for even more improvement.</p><p>At the RSA Conference in San Francisco last week, Josh Bercu of the trade association USTelecom and Gary Warner, director of intelligence at the security firm DarkTower, presented findings on progress squashing robocalls and the illegal call centers they emanate from, which are predominantly located in India. And they dug into the frustrating reality that the issue is far from solved.</p><p>“I think it&rsquo;s not going well at all!” Warner tells WIRED. “And people understandably wonder why the carriers don&rsquo;t just block spam calls. But if you&rsquo;re AT&amp;T or Verizon or T-Mobile or whoever, it&rsquo;s not in your purview to decide which conversations people are allowed to have. I don&rsquo;t think people want to be in that surveillance state where carriers are in a position of deciding what is an acceptable conversation for Americans to have.”</p><p>That doesn&rsquo;t mean the carriers haven&rsquo;t stepped up their blocking when they see enough evidence that a call has a suspicious provenance. But USTelecom&rsquo;s Bercu notes that deciding how bold to be about blocking is a delicate issue that each phone company handles differently...</p>"
  },
  "date": "2022-06-17T09:00:00-05:00",
  "featured": false,
  "headline": "Here’s Why You’re Still Stuck in Robocall Hell",
  "id": "1655456400",
  "imageFilename": "heres-why-youre-stuck",
  "slug":"heres-why-youre-still-stuck-in-robocall-hell",
  "sourceName": "Wired",
  "sourceArticleUrl": "https://www.wired.com/story/how-to-stop-robocalls/",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>Vishing (voice phishing) involves defrauding people over the phone. Vishing cases have increased almost 550 percent during 2021, and vishing attacks have overtaken business email compromise (BEC) as the second most reported response-based email threat since Q3 2021.</p><p>In this video for Help Net Security, Eric George, Director of Solutions Engineering, PhishLabs, talks about this constantly evolving threat...</p>"
  },
  "date": "2022-06-03T10:00:00-05:00",
  "featured": false,
  "headline": "Vishing attacks: What they are and how organizations can protect themselves",
  "id": "1654250400",
  "imageFilename": "vishing-attacks-how-organizations-can-protect-themselves",
  "slug":"vishing-attacks-how-organizations-can-protect-themselves",
  "sourceName": "HelpNet Security",
  "sourceArticleUrl": "https://www.helpnetsecurity.com/2022/06/03/increased-vishing-cases-video/",
  "tags": ["Phone Scam", "Smishing", "STIR/SHAKEN", "Vishing"]
},
{
  "content": {
    "html": "<p>2022 has indeed been an absolute feast for phone scammers. According to Truecaller&rsquo;s recent study, scams have increased threefold in the US in the last 12 months. The platform reported a whopping loss of $39.5 billion to phone scams alone. This is the highest recorded figure yet.</p><p>According to the research, more than 33% of people living in the US have been a victim of this fraud with 20% of them on more than one occasion. This highlights the shortcomings of the government since these frauds have bypassed even the most complex frameworks like the STIR/SHAKEN framework by the Federal Communications Commission. These frameworks are created to protect the public from call scams, however, the government is failing to do so.</p><p>The research also uncovered that men fall for these scams easier than women. Amongst the people that did fall for the scam, 55.6% were men while women were 42.2% only. Furthermore, young men are more prone to losing money than older men. Men aged 45 and above are smart enough to not be falling prey to such attacks.</p><p>We also came across a new fact - men aged 65 and above, and Hispanics are more likely to fall for scams and phone frauds than those aged below or belonging to any other ethnicity. Hispanics are more prone to losing money as can be seen by Truecaller&rsquo;s results that showed that 74% of Hispanic people were targeted and have lost money in the last 12 months when compared to Black or White adult individuals.</p><p>Next, we found out that the solution that most resort to avoid this problem has been causing further problems for most people. Amongst the people in question, about 63% believe they might lose important calls due to blocking apps that might filter out calls inappropriately. While 43% of the population did download apps to protect themselves, 25% missed calls that were important and had to suffer...</p>"
  },
  "date": "2022-06-01T10:00:00-05:00",
  "featured": false,
  "headline": "Phone scammers manage to secure $39.5 Billion by fraud this year",
  "id": "1654077600",
  "imageFilename": "phone-scammers-39bil",
  "slug":"phone-scammers-secure-39-bil-by-fraud-this-year",
  "sourceName": "Digital Information World",
  "sourceArticleUrl": "https://www.digitalinformationworld.com/2022/06/phone-scammers-manage-to-secure-395.html#",
  "tags": ["Phone Scam"]
},
{
  "content": {
    "html": "<p>The Federal Communications Commission (FCC) is taking action to decrease illicit and foreign robocalls following a request from Florida Attorney General Ashley Moody and other state Attorneys General.</p><p>In January of 2022, Florida Attorney General Ashley Moody urged the FCC to implement new measures to help prevent foreign-based illegal robocalls that are used to scam residents of the United States.</p><p>The FCC will require companies that transmit phone calls originating in foreign countries to U.S. public telephone networks, called gateway providers, to comply with STIR/SHAKEN: a protocol intended to combat caller ID spoofing. According to the FCC, certain small carriers that were previously afforded an exception must implement STIR/SHAKEN by June 30.</p><p>Moody said, “The best way to stop scams associated with robocalls is to block the avenues some telemarketers use to send fraudulent automated messages. By working with the FCC, we are gaining ground in our fight to protect Floridians by ensuring carriers utilize the latest technology to try and keep foreign actors from bombarding phones with illegal robocall messages...”</p>"
  },
  "date": "2022-05-31T10:00:00-05:00",
  "featured": false,
  "headline": "FCC taking action to stop foreign robocalls following request from Attorney General Moody",
  "id": "1653991200",
  "imageFilename": "foreign-robocalls",
  "slug":"fcc-taking-action-to-stop-foreign-robocalls-following-request-from-attorney-general-moody",
  "sourceName": "Ocala-News",
  "sourceArticleUrl": "https://www.ocala-news.com/2022/05/31/fcc-taking-action-to-stop-foreign-robocalls-following-request-from-attorney-general-moody/",
  "tags": ["Caller-ID Spoofing", "FCC", "Phone Scam", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Vishing (voice phishing) cases have increased almost 550 percent over the twelve month period Q1 2021 to Q1 2022, according to the latest Quarterly Threat Trends &amp; Intelligence Report from Agari and PhishLabs.</p><p>In Q1 2022, Agari and PhishLabs detected and mitigated hundreds of thousands of phishing, social media, email, and dark web threats targeting a broad range of enterprises and brands. The report provides an analysis of the latest findings and insights into key trends shaping the threat landscape.</p><p>According to the findings, vishing attacks have overtaken business email compromise (BEC) as the second most reported response-based email threat since Q3 2021. By the end of the year, more than one in four of every reported response-based threat was a vishing attack, and this makeup continued through Q1 2022.</p><p>“Hybrid vishing campaigns continue to generate stunning numbers, representing 26.1 percent of total share in volume so far in 2022,” said John LaCour, principal strategist at HelpSystems (Agari and PhishLabs are both part of the HelpSystems cybersecurity portfolio). “We are seeing an increase in threat actors moving away from standard voice phishing campaigns to initiating multi-stage malicious email attacks. In these campaigns, actors use a callback number within the body of the email as a lure, then rely on social engineering and impersonation to trick the victim into calling and interacting with a fake representative...”</p>"
  },
  "date": "2022-05-26T07:18:00-05:00",
  "featured": false,
  "headline": "Attackers turn to vishing: 550 percent increase seen in vishing attacks",
  "id": "1653549480",
  "imageFilename": "attackers-turn-to-vishing",
  "slug":"550-percent-increase-in-vishing-attacks",
  "sourceName": "Continuity Central",
  "sourceArticleUrl": "https://www.continuitycentral.com/index.php/news/technology/7345-attackers-turn-to-vishing-550-percent-increase-seen-in-vishing-attacks",
  "tags": ["Phone Scam", "Vishing"]
},
{
  "content": {
    "html": "<h2>April Robocall Volume Down Nearly 10% After March Spike</h2><p>IRVINE, Calif., May 5, 2022 /PRNewswire/ -- In April, Americans received over 3.9 billion robocalls, keeping 2022 on pace to hit 48 billion robocalls for the full year, averaging roughly 4 billion robocalls a month. This monthly call volume marked a 9.7% decrease from March. Because April has one fewer day than March, robocalls were actually down 6.7% on a daily basis. Specifically, April averaged 131.4m calls/day and 1,521 calls/second, compared to 140.8 million calls/day and 1,630 calls/second in March.</p><p>“It&rsquo;s always nice to see a month with lower robocall volume, but we&rsquo;ve seen that before, only to be followed by spikes in call traffic,” said YouMail CEO Alex Quilici. “We&rsquo;re on pace for at most a small decline from last year&rsquo;s robocall volume, despite the rollout of STIR/SHAKEN...”</p>"
  },
  "date": "2022-05-05T08:00:00-05:00",
  "featured": false,
  "headline": "U.S. Phones Received Over 3.9 Billion Robocalls in April, Says YouMail Robocall Index",
  "id": "1651737600",
  "imageFilename": "3-9-B-Robocalls",
  "slug":"us-phones-received-over-3-9-billion-robocalls-in-april",
  "sourceName": "PR Newswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/us-phones-received-over-3-9-billion-robocalls-in-april-says-youmail-robocall-index-301540784.html",
  "tags": ["Phone Scam", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Cybersecurity concerns are all-too-often focused on digital platforms: online, mobile and even wearable devices. However, old-fashioned voice connections to financial institutions are increasingly being used by bad actors for nefarious gain, according to a recent report from Pindrop.</p><p>Indeed, while so much attention is focused on digital access and the potential fraud there, some cybersecurity analysts are looking at how bad actors have been abusing long-standing voice access to financial institutions, through call centers and automated voice trees. Atlanta-based voice technology provider Pindrop recently released its annual Voice Intelligence &amp; Security Report, aimed at uncovering fraud, dark-web threats and other fraud challenges that could impact voice-based security.</p><p>Since individuals and their financial service providers may not consider voice channels and providers in their security plans, fraudsters are increasingly making their attacks here, since they see an unprotected opportunity. Indeed, the Pindrop study found that 92% of fraudsters were able to pass knowledge-based authentication (KBA) questions based in security authentication tests, while genuine customers only passed these knowledge-based tests 46% of the time...</p>"
  },
  "date": "2022-05-04T09:00:00-05:00",
  "featured": false,
  "headline": "Financial fraud, account takeover via voice channels on the rise",
  "id": "1651654800",
  "imageFilename": "financial-fraud-account-takeover",
  "slug":"financial-fraud-account-takeover-via-voice-channels",
  "sourceName": "SC Media",
  "sourceArticleUrl": "https://www.scmagazine.com/analysis/cybercrime/financial-fraud-account-takeover-via-voice-channels-on-the-rise",
  "tags": ["Account Takeover(ATO)", "Financial Fraud", "KBA", "Phone Scam"]
},
{
  "content": {
    "html": "<p>Bad actors are successfully using vishing, also known as voice phishing, to attack organizations and people. Experts in cybersecurity are seeing a growing trend, with criminals combining vishing with phishing, to increase the effectiveness of their attacks. In fact, the 2022 IBM Security X-Force Threat Intelligence Index reports that click rates for the average targeted phishing campaign increased around three-fold, from 18% to 53%, when phone phishing (vishing) was also used by threat actors. In addition, PhishLabs reports that hybrid vishing attacks initiated by email increased 554% from Q1.</p><h1>What is Vishing?</h1><p>At Social-Engineer, we define vishing as the practice of eliciting information or attempting to influence action via the telephone. When malicious actors call, they often employ social engineering tactics to trick their targets into giving away sensitive information.</p>"
  },
  "date": "2022-04-27T09:00:00-05:00",
  "featured": false,
  "headline": "Social Engineering News: Vishing",
  "id": "1651050000",
  "imageFilename": "social-engineering-news-vishing",
  "slug":"social-engineering-news-vishing",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2022/04/social-engineering-news-vishing-2/",
  "tags": ["Phishing", "Phone Scam", "Vishing"]
},
{
  "content": {
    "html": "<h2>If you get a phone call, especially from someone who&rsquo;s not your doctor, about doing a DNA test, you may be getting scammed.</h2><p>JACKSONVILLE BEACH, Fla. — A scam that involves a DNA test is hitting people on the First Coast. One man who believes he&rsquo;s been a victim is working to spread the word.</p><p>If you get a phone call, especially from someone who&rsquo;s not your doctor, about doing a DNA test, you may be getting scammed.</p><p>“It looks very legitimate,” said Dennis Carpenter. “It looks like this is the real deal!”</p><p>Dennis Carpenter got a call from a woman saying she was authorized by Blue Cross Blue Shield. Then he received a box with a DNA test in the mail. He didn&rsquo;t question it. He&rsquo;s an avid genealogist and says he&rsquo;s done multiple DNA tests before...</p>"
  },
  "date": "2022-04-26T19:02:00-05:00",
  "featured": false,
  "headline": "‘It looks like this is the real deal’: Jacksonville man warns of DNA test scam",
  "id": "1650999720",
  "imageFilename": "dna-test-scam",
  "slug":"jacksonville-man-warns-of-dna-test-scam",
  "sourceName": "First Coast News",
  "sourceArticleUrl": "https://www.firstcoastnews.com/article/entertainment/television/programs/gmj/it-looks-like-this-is-the-real-deal-jacksonville-man-warns-of-dna-test-scam/77-c7537c17-4af1-459f-97b7-ae7ed6ce2e80",
  "tags": ["Phone Scam"]
},
{
  "content": {
    "html": "<h2>Callers make fake pitches and empty promises in quick bid for your cash</h2><p>Before the days of the internet, the shady phone call offering you an irresistible investment opportunity likely came from a large suburban office in the U.S., with dozens of “salespeople” sitting side by side, glued to their landlines, the din made up of their pushy pitches. The goals were simple: Bond quickly with the client, then create a sense of urgency: If you don&rsquo;t act now, you&rsquo;ll lose the chance to make thousands of dollars!</p><p>Today, so-called boiler rooms (named that because the original illicit call centers were often set up in building basements) remain arguably the top purveyor of consumer fraud. They&rsquo;re the ones bombarding your phones, email accounts, social media feeds and text screens with false pitches. And they still use those same high-pressure sales techniques. But technology has supercharged their scamming capabilities.</p><p>At the Beverly Hills office of Metals.com, a precious metals company that the federal government shut down in 2020 for defrauding older Americans out of $185 million, as many as 200 people sat in front of brand-new Apple computers, fitted out with headsets and an automatic dialing system that made calling hundreds of potential victims a day seamless, according to a former employee of the company who spoke to AARP on the condition of anonymity.</p><p>“You would just log in to the computer, you would turn your phone on &lsquo;green,&rsquo; and it just automatically starts dialing for the next nine to 10 hours of your day,” the employee says. “The office was ridiculously loud.”</p><p>Boiler rooms are set up by a variety of actors. Some are former boiler room employees themselves; others used to be legitimate securities professionals who were previously accused of breaking the law.</p><p>A modern boiler room can also be a much cheaper, simpler operation. “People can do this from their homes if they want to,” says Joe Borg, head of the Alabama Securities Commission. “A boiler room that has 50 people in 50 different locations, to me, is still a boiler room.” And location isn&rsquo;t an issue: Boiler rooms dialing into your home often are based in Southeast Asia, Eastern Europe, India, Nigeria or a Caribbean island. All you need is a computer with an internet connection. Thanks to Voice over Internet Protocol, calling costs are low. You can spoof a phone number to look like it&rsquo;s coming from the next town over, even if you&rsquo;re actually 10,000 miles away...</p>"
  },
  "date": "2022-04-13T10:00:00-05:00",
  "featured": false,
  "headline": "Overseas Call Centers Bombard People They Target for Fraud",
  "id": "1649844000",
  "imageFilename": "overseas-call-centers",
  "slug":"overseas-call-centers-bombard-people-they-target-for-fraud",
  "sourceName": "AARP",
  "sourceArticleUrl": "https://www.aarp.org/money/scams-fraud/info-2022/international-phone-scammers-target-consumers.html",
  "tags": ["Caller-ID Spoofing", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<h2>Thai police say they have rescued some 700 Thais held against their will by Chinese gangs in Cambodia.</h2><p>Bangkok, Thailand – The brokers arrived with promises of high-paying online sales jobs in Poipet, a Cambodian border town just an hour&rsquo;s drive from Teerapat and Dao&rsquo;s home in eastern Thailand.</p><p>After more than two years of pandemic-induced poverty, Teerapat and Dao were willing to take virtually any work away from their remote, rural village.</p><p>But by the next day, the couple began to realise they had made a terrible mistake.</p><p>After being driven deep across the border to the crime-ridden Cambodian beach town of Sihanoukville, Teerapat and Dao allege that they were ordered to stay inside a guarded 12-storey compound where Chinese “bosses” laid out their instructions via an interpreter.</p><p>Their “job” quickly revealed itself as a scam, according to interviews with the pair and corroborating police information.</p><p>Instead of online sales, Teerapat and Dao say they were directed to make unsolicited phone calls posing as customs officers, policemen or potential investors looking to secure a bank transfer.</p><p>The couple allege they were each expected to scam at least 500,000 baht ($15,000) every month along with dozens of others at the compound, all the while facing the threat of being sold to another gang if they failed to make the numbers.</p><p>“I normally don&rsquo;t trust people easily,” Teerapat told Al Jazeera, speaking under an alias for fear of reprisals...</p>"
  },
  "date": "2022-04-13T09:00:00-05:00",
  "featured": false,
  "headline": "In Thai villages, Chinese gangs recruit desperate for phone scams",
  "id": "1649840400",
  "imageFilename": "in-thai-villages",
  "slug":"in-thai-villages-chinese-gangs-recruit-desperate-for-phone-scams",
  "sourceName": "Aljazeera",
  "sourceArticleUrl": "https://www.aljazeera.com/news/2022/4/13/in-thailand-chinese-gangs-recruit-the-desperate-into-phone-scams",
  "tags": ["Call Center Fraud", "Phone Scam"]
},
{
  "content": {
    "html": "<p>Robocalls aren&rsquo;t just annoying — some are actually illegal. As of Tuesday, there&rsquo;s a new way for Washingtonians to report them.</p><p>In a continuation of the office&rsquo;s work to stop illegal robocalls, Washington Attorney General Bob Ferguson launched a new form for people to report illegal, harassing calls.</p><p>Certain types of robocalls — phone calls that come from an automated system and play a recorded message — are legal.</p><p>According to the attorney general&rsquo;s office, political calls about candidates, charities asking for donations or informational messages like ones for a flight or a school closure are allowed without permission.</p><p>But the illegal robocalls can be irritating, or worse, scams to steal your identity or money.</p><p>Before this form was launched, Washingtonians could report suspicious calls through the attorney general&rsquo;s office general consumer complaint form. The new complaint form for robocalls will provide more precise information for quicker reaction to complaints, the attorney general&rsquo;s office said...</p>"
  },
  "date": "2022-03-30T08:47:00-05:00",
  "featured": false,
  "headline": "WA launches new way to report illegal robocalls",
  "id": "1648630020",
  "imageFilename": "WA-launches-new-way-to-report",
  "slug":"wa-launches-new-way-to-report-illegal-robocalls",
  "sourceName": "Seattle Times",
  "sourceArticleUrl": "https://www.seattletimes.com/seattle-news/wa-launches-new-way-to-report-illegal-robocalls/",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>ELK COUNTY--The tragic loss to two Pennsylvania State Troopers last Monday in an accident on I-95 was a heavy blow to the Statewide Law Enforcement Community. Adding insult to injury, it did not take long for telephone scam artists to develop a new script to try to scam Pennsylvania residents.</p><p>As friends of the two Pennsylvania state troopers killed in a crash on I-95 created fund-raisers to support their families, the Pennsylvania State Troopers Association (PSTA)warned of phone scams calling for donations claiming to be collecting money for the families of Troopers Branden Sisca and Martin Mack. The troopers, along with Reyes Rivera Oliveras, a 28-year-old man from Allentown, were killed when a 21-year-old Eagleville woman accused of driving under the influence struck them on the interstate early last Monday. In a statement, PSTA President David Kennedy warned of scammers who had called people, including some active troopers, under the guise of collecting money for the families of Sisca and Mack.</p><p>“It&rsquo;s disgusting even to have to issue this statement, but our members and others are reporting to us that they&rsquo;re receiving phone calls from people alleging to represent law enforcement organizations that are raising money to benefit the families of our fallen brothers,” Kenefy said.</p><p>“The Pennsylvania State Troopers Association does not do any phone solicitation. Period,” said PSTA spokesperson Dave LaTorre.</p><p>Meanwhile, two verified GoFundMe pages have been set up to support the troopers&rsquo; families. GoFundMe has confirmed both pages as legitimate. Donations can also be made to PSTA&rsquo;s Troopers Helping Troopers Foundation, which provides financial aid to families of injured and deceased troopers. It also helps ill troopers and family members who need expensive medical treatment.</p><p>This scam is one of the hundreds that assail local residents, especially targeting seniors, each day. People with landlines receive more scam calls than those who have switched entirely to mobile phones, which leads to scammers targeting senior citizens with scams designed to lure them in...</p>"
  },
  "date": "2022-03-27T09:00:00-05:00",
  "featured": false,
  "headline": "Spring is in the air, along with new phone scams targeting local seniors",
  "id": "1648371600",
  "imageFilename": "phone-scams-targeting-local-seniors",
  "slug":"phone-scams-targeting-local-seniors",
  "sourceName": "Ridgway Record",
  "sourceArticleUrl": "https://www.ridgwayrecord.com/news/spring-is-in-the-air-along-with-new-phone-scams-targeting-local-seniors/article_78953406-adfd-11ec-bbd2-f703a09137f2.html",
  "tags": ["Elder Fraud", "Phone Scam", "Vishing"]
},
{
  "content": {
    "html": "<h2>Using social engineering rather than traditional ransomware tactics, the Lapsus$ group has already hit multiple organizations, says Microsoft.</h2><p>A relatively new cybercriminal group has quickly gained an infamous reputation for its unique tactics and successful attacks against several major organizations. Known as Lapsus$, the gang uses social engineering to target its victims and has reportedly hit such companies as Samsung, Okta, NVIDIA and Microsoft. In a blog post published Tuesday, Microsoft provides insight into the group&rsquo;s tactics and techniques and offers tips on how to protect your organization from these attacks.</p><p>Lapsus$, also dubbed DEV-0537 by Microsoft, uses an extortion and destruction model of attack without relying on the typical ransomware payloads. To take advantage of potential victims, the group employs several types of social engineering schemes.</p><h3>Tactics of Lapsus$</h3><p>As one tactic, Lapsus$ uses phone-based social engineering via SIM-swapping to compromise a victim&rsquo;s phone. With SIM-swapping, a criminal convinces or even pays off an employee at a mobile carrier to change the victim&rsquo;s phone number to a SIM card owned by the attacker. Any multi-factor authentication requests are then directed to the criminal&rsquo;s phone via a call or text, allowing them to take over the victim&rsquo;s account.</p><p>As another tactic, Lapsus$ will compromise someone&rsquo;s personal or private accounts as a way to gain access to their work-related accounts. An employee will often use their personal accounts or phone number as a method for password recovery or for MFA, opening the door for a criminal to reset a password or take over an account.</p><p>In some cases, members of the gang will call an organization&rsquo;s help desk and try to persuade the support representative to reset the credentials for a privileged account. To appear more convincing, the group uses any information previously gathered about the account and has an English-speaking person talk to the help desk rep.</p><p>In yet another tactic, Lapsus$ seeks out employees and business partners willing to provide access to account credentials and MFA details for payment. Microsoft&rsquo;s blog includes an example of a Lapsus$ advertisement looking for employees at call centers, mobile carriers and large corporations willing to share VPN or Citrix access to a network for money...</p>"
  },
  "date": "2022-03-23T12:42:00-05:00",
  "featured": false,
  "headline": "Microsoft Warns of Phone-Based Social Engineering Attacks",
  "id": "1648039320",
  "imageFilename": "lapsus",
  "slug":"microsoft-warns-of-phone-based-social-engineering-attacks",
  "sourceName": "Tech Republic",
  "sourceArticleUrl": "https://www.techrepublic.com/article/microsoft-warns-destructive-attacks-lapsus-cybercrime-group/",
  "tags": ["Social Engineering"]
},
{
  "content": {
    "html": "<h3>To protect yourself, request an identity protection PIN from the IRS.</h3><p>PHILADELPHIA (WPVI) -- Tax scams come in all forms, but the purpose is always the same.</p><p>Criminals are trying to get your financial and personal information, so here&rsquo;s what you need to know.</p><p>“People need to realize that the IRS never initiates contact by text message, email, or social media.They actually still initiate contact the old-fashioned way through the US Postal Service,” said Chuck Minnich, owner of Foundation Capital Management, LLC.</p><p>The IRS will not initiate contact with a phone call either. Even if your caller ID says “IRS,” beware.</p><p>“The person on the other side will tell you that you&rsquo;re either due for a large refund or you owe taxes,” said Minnich.</p><p>If you don&rsquo;t provide your bank account information or promise to pay up, bogus threats often follow.</p><p>“Generally from supposedly law enforcement, threatening arrest, license revocation, or even deportation,” he said.</p><p>Another red flag is if someone claims to be from the IRS and demands payment in a very specific form...</p>"
  },
  "date": "2022-03-09T19:07:00-06:00",
  "featured": false,
  "headline": "How to spot scam artists impersonating the IRS",
  "id": "1646852820",
  "imageFilename": "how-to-spot-scam-artists-impersonating-the-irs",
  "slug":"how-to-spot-scam-artists-impersonating-the-irs",
  "sourceName": "ABC News",
  "sourceArticleUrl": "https://6abc.com/tax-scams-irs-consumer-protection-credit-score/11636369/",
  "tags": ["Fraud Prevention", "IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>The Russia-Ukraine conflict is nearly 6,000 miles from our border, but it&rsquo;s likely already affecting you here at home.</p><p>You probably see a hit to your 401(k) and financial portfolio. As those go down, gas prices are going up. Tap or click here for simple ways to find the best gas prices in your area.</p><p>Whenever there&rsquo;s an event of mass impact, hackers, scammers, and thieves take advantage of the situation.</p><p>Note that scammers will contact you via calls, text, email, or social media. If you have anyone older in your family, they are very susceptible to falling for these scams. Share this post with them on your social media or email this post with a link.</p><p>Here&rsquo;s a list of scams we can expect to see as the Russia-Ukraine war heats up...</p>"
  },
  "date": "2022-03-02T17:30:00-06:00",
  "featured": false,
  "headline": "10 Russia-Ukraine war scams hitting you via email, phone, and social media",
  "id": "1646242200",
  "imageFilename": "ten-russia-ukraine-war-scams",
  "slug":"ten-russia-ukraine-war-scams",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://www.usatoday.com/story/tech/columnist/komando/2022/03/02/beware-10-russia-ukraine-scams-via-email-phone-and-social-media/9342759002/",
  "tags": ["AI", "Deepfake", "Phone Scam", "Spoofing & Impersonation"]
},
{
  "content": {
    "html": "<p>Like millions of Americans, Emmy Ross has a bunch of student debt. So when she started getting phone calls from people offering to help have the loans forgiven, she was immediately interested.</p><p>The problem? They were scammers asking for things such as her account details or credit card number.</p><p>Ross figured out the con pretty quickly. But her mom, Jing Su, was also getting the calls.</p><p>“I thought it was serious because they are so persistent,” Jing Su said. “I said, &rsquo;I got a call again. So what is the story?&rsquo; You know?”</p><p>Ross tried to tell her mom they weren&rsquo;t real.</p><p>“Every time we would get on the phone, she&rsquo;d be like, &rsquo;Oh, did you call the student loan people yet?&rsquo; And every time, I&rsquo;d be like, &rsquo;Mom, it&rsquo;s not real. It&rsquo;s a scam,&rsquo; ” Ross said.</p><p>Thankfully, the callers didn&rsquo;t get any information or payment details out of Ross or her mom. But not everyone has been so lucky.</p><p>This winter, the Federal Trade Commission warned about an increase in student loan scams. Those scams prey on confusion. President Biden said during his campaign that he was open to forgiving some student debt, but that hasn&rsquo;t happened yet...</p>"
  },
  "date": "2022-02-21T09:49:00-06:00",
  "featured": false,
  "headline": "Student loan scams are on the rise as the pause on payments is due to expire",
  "id": "1645436940",
  "imageFilename": "student-loan-scams-are-on-the-rise",
  "slug":"student-loan-scams-are-on-the-rise",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://www.npr.org/2022/02/21/1081726834/scam-student-loan-scams-biden-forgiveness",
  "tags": ["Phone Scam", "Student Debt"]
},
{
  "content": {
    "html": "<ul><li>Fraudsters are selling bots on Telegram that are designed to trick investors into divulging their two-factor authentication, leading to accounts being wiped out.</li><li>Crypto investors are being targeted around the country.</li><li>Dr. Anders Apgar, a Coinbase customer, said his account had a balance of more than $100,000 in crypto when it was hacked during a robocall.</li></ul><p>Dr. Anders Apgar was out for dinner last month with his family, and his phone would not stop buzzing. It looked like a robocall, so he tried to ignore it.</p><p>But the calls would not stop. Then his wife&rsquo;s phone also started to ring.</p><p>“When she picks it up, a banner came across, a notification that says, &lsquo;Your account&rsquo;s in jeopardy,&rsquo;” he said.</p><p>The warning, which he said was a text message, prompted him to pick up his phone. That was when the couple&rsquo;s nightmare started.</p><p>It&rsquo;s the kind of nightmare many crypto account holders around the country are facing as hackers target a boom in the industry, cybersecurity experts said.</p><p>The Apgars, who are both Maryland-based obstetricians, began investing in cryptocurrency several years ago. By December, their account had grown to about $106,000, mainly held in bitcoin. Like millions of investors across the country, their account is with Coinbase, the country&rsquo;s largest cryptocurrency platform.</p><p>When Apgar picked up the phone, a female voice said, “Hello, welcome to Coinbase security prevention line. We have detected unauthorized activity due to failed log-in attempt on your account. This was requested from a Canada IP address. If this (is) not you, please press 1, to complete precautions recovering your account.” The call lasted just 19 seconds.</p>"
  },
  "date": "2022-02-15T06:00:00-06:00",
  "featured": false,
  "headline": "Fraudsters are using bots to drain cryptocurrency accounts",
  "id": "1644904800",
  "imageFilename": "Fraudsters-using-bots-to-drain-cryptocurrency-accounts",
  "slug":"fraudsters-using-bots-to-drain-cryptocurrency-accounts",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://www.cnbc.com/2022/02/15/crypto-fraudsters-use-robocalls-to-drain-accounts.html",
  "tags": ["Cybersecurity", "Financial Fraud", "Hackers", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<h2>They sound like charities, but many aren&rsquo;t— which means funds mostly get pocketed</h2><p>“I&rsquo;m calling on behalf of the National Save the Police Fund,”* the voice on the phone told me. “We support police officers who risk their lives daily protecting our communities. Can the police officers count on you?”</p><p>Gotten calls like this? So have we all. At the end of 2021, robocalls raising money for police groups were the highest-volume phone messages in most major U.S. markets, according to Nomorobo, a robocall-blocking company that works with AARP on fraud prevention.</p><p>These callers typically use language that suggests they are charities raising money directly for local police. But what&rsquo;s the truth.</p><p>The answer is that, in many cases, these aren&rsquo;t charities at all. Instead, they&rsquo;re “independent, expenditure-only” political action committees, or super PACs. Why does this matter? Simple: less scrutiny. Charities face relatively rigorous review from the Internal Revenue Service, and most states require them to register before they can operate there.</p><p>Super PACs generally have far fewer state-level reporting requirements and are regulated by the Federal Election Commission (FEC), which has fewer enforcement options than the IRS. The result: a rise in super PACs that use sympathetic-sounding causes primarily to line their own pockets (the FEC has called this subset “scam PACs”). </p><p>I recently took about a dozen of these “police-support” calls to hear the pitches. The first thing I noticed was that I wasn&rsquo;t talking to live people; the answers all sounded scripted and recorded. In fact, former employees of these types of fundraisers have testified about how they used soundboard technology to play prerecorded messages as responses, in part so they could talk to several donors at once.</p><p>On each call, my questions about how donations got spent mostly went unanswered. Only one replied directly: 90 percent went to fundraising, and 10 percent went to police support. Wow! That means of a $35 donation, no more than $3.50 goes to their stated cause...</p>"
  },
  "date": "2022-02-10T08:00:00-06:00",
  "featured": false,
  "headline": "Phone Calls for Donations to the Police Could be a Scam",
  "id": "1644480000",
  "imageFilename": "phone-calls-for-police-dontations-could-be-a-scam",
  "slug":"phone-calls-for-police-dontations-could-be-a-scam",
  "sourceName": "AARP",
  "sourceArticleUrl": "https://www.aarp.org/money/scams-fraud/info-2022/police-charity-scam.html",
  "tags": ["Phone Scam"]
},
{
  "content": {
    "html": "<h2>Caregivers can play a key role in keeping criminals at bay</h2><p>It&rsquo;s a sad fact of life: Criminals target older Americans for fraud.</p><p>Many older folks have nest eggs. Cybersecurity is not their second language. They came of age during more trusting times. And they may be coping with isolation, diminished eyesight, hearing loss or other health issues.</p><p>Crooks exploit these vulnerabilities, but make no mistake: All of us — young and old — are susceptible to the bad actors who show up uninvited in calls, emails, mail, texts and tweets. Some are so bold as to knock on our front doors.</p><p>Fraud “is a crime that rips people&rsquo;s souls apart,” says Anthony Pratkanis, an authority on the topic and professor emeritus of psychology at the University of California Santa Cruz. When it happens, financial loss is compounded by psychological hurt, feelings of vulnerability and even the death of one&rsquo;s dreams, he says.</p><p>It&rsquo;s role reversal when a younger person needs to counsel an elder, so you might want to frame these safeguards as steps that you, too, will take, Pratkanis says. As there are many techniques, consider tackling one a week.</p><p>Pratkanis and AARP&rsquo;s Amy Nofziger took the lead in providing the anti-fraud measures below. Nofziger oversees the AARP Fraud Watch Network&rsquo;s free helpline, 877-908-3360.</p><p>Nofziger suggests starting out with a nonconfrontational chat about a common scam and then role playing to game out how to deter it...</p>"
  },
  "date": "2022-02-04T12:55:56-06:00",
  "featured": false,
  "headline": "10 Essentials to Protect Your Loved One — and Yourself — From Fraud",
  "id": "1643979356",
  "imageFilename": "10-essentials-to-protect-loved-ones-from-fraud",
  "slug":"10-essentials-to-protect-loved-ones-from-fraud",
  "sourceName": "AARP",
  "sourceArticleUrl": "https://www.aarp.org/money/scams-fraud/info-2022/how-caregivers-can-protect-loved-ones.html",
  "tags": ["Fraud Prevention", "Phone Scam"]
},
{
  "content": {
    "html": "<p>The Etowah County Sheriff&rsquo;s Office is getting reports of a wave of attempted phone scams. Here are some ways the Federal Trade Commission says you can tell if someone is a scammer, and how to avoid being taken advantage of.</p><h2>Signs of a scam:</h2><ul><li>Scammers often pretend to be from an organization you are familiar with — the government, Social Security, the IRS, Medicare, a utility company, a charity, an individual, or a made-up organization that sounds official. They can use technology to change the number that appears on your caller ID; the name and number you see may not be real.<br></li><li>Scammers will tell you there&rsquo;s a problem — that you&rsquo;re in trouble with the government, that you owe money, there&rsquo;s a problem with your account, someone in your family had an emergency or there&rsquo;s a virus on your computer. Or scammers will claim you&rsquo;ve won money in a lottery or sweepstakes, but you have to pay a fee to receive it.<br></li><li>Scammers will pressure you to act immediately, before you have time to think things through. While they have you on the phone they may say “don&rsquo;t hang up” so you can&rsquo;t check out their story.<br></li><li>Scammers will tell you a specific way to pay — often by sending money through a money transfer company, or putting money on a gift card and giving them the number on the back. A common scam involves sending you a check to deposit, then send them money back, only to have the check they sent bounce.</li></ul>"
  },
  "date": "2022-01-28T07:00:00-06:00",
  "featured": false,
  "headline": "Is this a scam? Here are some tips to identify fakers over the phone",
  "id": "1643353200",
  "imageFilename": "is-this-a-scam",
  "slug":"is-this-a-scam",
  "sourceName": "The Gadsden Times",
  "sourceArticleUrl": "https://news.yahoo.com/scam-tips-identify-fakers-over-120049356.html?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAACkMPYjwIh4YQhk_fqWwE5KGiFmGLWey691FKn5fhP4_aBP6jWn7tFbS3yu8gp65zjjTgN6g9fEIWKkUDkwj8mfLi00_pWUbmCOdrSHPjZE_DHdWt5chgnYZx9CPawUiR98uzbMDu0SOPVc6MnwHH3i4S6_bSd4tPdrCVGEN09-T",
  "tags": ["Caller-ID Spoofing", "Fraud Prevention", "Phone Scam"]
},
{
  "content": {
    "html": "<p>There were nearly 15,000 cases of elder fraud reported in Ohio in 2020 — defined as scams or abuse of financial authority, such as a power of attorney — that resulted in more than $190.8 million in losses, according to a study by Comparitech.com. </p><p>But tens of thousands of more cases were likely unreported by seniors who, out of embarrassment or for other reasons, didn&rsquo;t report their losses. Using government and other data, Comparitech&rsquo;s methodology estimates that more than 350,100 seniors age 60 or older in Ohio have been victims with losses estimated at more than $4.48 billion, according to the firm&rsquo;s study published earlier this month.</p><p>Online scams can involve emailed requests for money or personal account information, such as passwords, account numbers or personal information. Fraud attempts can also be made over the phone, said Comparitech, which identifies itself as a pro-consumer website providing information to help people improve their cyber security and privacy online.</p><p>Detective Patrick Durant, a member of Columbus police&rsquo;s economic crime unit, said it is important to have conversations with senior family members and loved ones about potential scams and how to handle them. </p><p>“You want to stress that there are situations out there where scams are occurring and you want to make them aware, but not scared,” Durant said. “We&rsquo;re hoping something like this never happens, but we want you to know there are people, there are bad actors out there, whether they live on the same street as you in Columbus, in the state or somewhere else in the world, they are out there to commit some type of theft and they have bad intentions...”</p>"
  },
  "date": "2022-01-17T05:00:00-06:00",
  "featured": false,
  "headline": "Elder fraud results in far more than nearly $191 million reported in Ohio, study says",
  "id": "1642395600",
  "imageFilename": "elder-fraud-far-more-than-191m-reported-in-ohio",
  "slug":"elder-fraud-far-more-than-191m-reported-in-ohio",
  "sourceName": "The Columbus Dispatch",
  "sourceArticleUrl": "https://www.dispatch.com/story/news/local/2022/01/17/dont-victim-tips-how-avoid-phone-email-scamdont-be-a-victim-tips-for-how-to-avoid-phone-email-scs/9168358002/",
  "tags": ["Elder Fraud", "Phishing", "Phone Scam", "Vishing"]
},
{
  "content": {
    "html": "<p>TULSA, Oklahoma - </p><p>The Tulsa County Sheriff&rsquo;s Office (TCSO) has a warning about scammers who are calling people claiming to be deputies and asking for money.</p><p>Deputies say some folks have lost as much as $3,500 because of this scam, so they&rsquo;re reminding the community that this is not how they operate.</p><p>Casey Roebuck with the TCSO said these crimes are especially irritating because the scammers have it down to a T.</p><p>“I&rsquo;ve actually been on the phone with one of these guys and they can sound very convincing,” Roebuck said. “They sound very official. And it&rsquo;s very scary for people to don&rsquo;t know how we actually do our jobs.”</p><p>Deputies say scammers have been calling people saying they are with the Tulsa County Sheriff&rsquo;s Office.</p><p>They say the scammers tell the potential victim that they have a warrant, and they have to pay a bond to avoid arrest...</p><p></p>"
  },
  "date": "2022-01-02T21:18:00-06:00",
  "featured": false,
  "headline": "TCSO Warns Tulsans About ‘Convincing’ Phone Scams",
  "id": "1641158280",
  "imageFilename": "TCSO-warns-about-convincing-scams",
  "slug":"tcso-warns-of-convincing-phone-scams",
  "sourceName": "NEWS9",
  "sourceArticleUrl": "https://www.news9.com/story/61d2503d85bebb0be73e668d/tcso-warns-tulsans-about-convincing-phone-scams",
  "tags": ["Phone Scam"]
},
{
  "content": {
    "html": "<p>Broad awareness has been made about cyberattacks in the form of phishing that typically use email messages to lure victims into divulging sensitive information or opening a link that allows malware to infiltrate their device. Companies have learned how to combat phishing by training employees to recognize such scam attempts and report them as phishing to protect their organizations. “Vishing” is another tactic used by scammers that, while less familiar, is no less invasive and dangerous.</p><p>Vishing, a term that comes from the combination of the words “voice” and “phishing,” tricks victims into providing personal information over the phone. Vishing scams convince victims to provide passwords, social security numbers, bank account information and other personal data to callers pretending to represent an organization that requires sensitive information, such as a governmental authority or the victim&rsquo;s financial institution or utility company.</p><p>In order to appear as if they are legitimate, vishing scammers use local area codes and text message prompts to cover their tracks. Oftentimes a vishing attempt will try to persuade the victim to act quickly in response to a (falsely) urgent situation such as a lost child, medical emergency, or once-in-a-lifetime opportunity. These attempts can target hundreds of phone numbers at once, casting a wide net of potential victims, including employees that could provide unintended access to corporate computer systems...</p>"
  },
  "date": "2021-12-17T08:00:00-06:00",
  "featured": false,
  "headline": "Sounds Phishy – The Rise of Vishing Scams",
  "id": "1639728000",
  "imageFilename": "sound-phishy-the-rise-of-vishing-scams",
  "slug":"sounds-phishy-the-rise-of-vishing-scams",
  "sourceName": "JD Supra",
  "sourceArticleUrl": "https://www.jdsupra.com/legalnews/sounds-phishy-the-rise-of-vishing-scams-2238715/",
  "tags": ["Smishing", "Vishing"]
},
{
  "content": {
    "html": "<p>Criminal groups have been sending threatening messages in the past couple of months to companies that manage broadband phone services all over the world, promising they&rsquo;ll flood the digital phone lines with traffic and take them offline unless the targets pay a ransom.</p><p>What those extortionists have discovered is that the number of phone calls that take place at least partially over the internet has quietly and dramatically increased in recent years — and there&rsquo;s a lot at stake when major providers go down.</p><p>Like landline providers, companies that manage digital phone calls, also known as Voice over Internet Protocol (VoIP) services, are required to transmit audio in real time, facilitating personal, business and even emergency calls.</p><p>It&rsquo;s probably a bigger part of our lives than many people realize. It&rsquo;s much cheaper and often more accessible and scalable, a staple of working from home during the coronavirus pandemic. Small companies and people living overseas might have been using purely digital phone lines for years to reach customers, friends and family abroad. Large carriers and telecommunication companies often use VoIP to handle calls or connections between providers, while smaller carriers are routing tens of thousands of simultaneous calls over the internet. Call center companies handle over 1 million digital calls a day.</p><p>But if those companies that manage digital phone lines come under attack by a tsunami of fake callers, the behind-the-scenes mechanisms for beaming voices online begins to crumble fairly quickly.</p><p>“The challenge is that when you put all of the phone system on the internet, it exposes it to all of the other things that can go wrong on the internet,” says Matthew Prince, CEO and co-founder of Cloudflare, a company that provides protection against the kinds of attacks currently hitting internet phone providers...</p>"
  },
  "date": "2021-12-06T07:00:00-06:00",
  "featured": false,
  "headline": "Criminal hackers are now going after phone lines, too",
  "id": "1638774000",
  "imageFilename": "criminal-hackers-going-after-phone-lines",
  "slug":"criminal-hackers-now-going-after-phone-lines-too",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://www.npr.org/2021/12/06/1060838850/criminal-hackers-are-now-going-after-phone-lines-too",
  "tags": ["Hackers", "Ransom", "TDoS"]
},
{
  "content": {
    "html": "<p>Like the Whac-A-Mole game at the carnival, every time state and federal law enforcement officials think they have smacked down scam robocalls, the unwanted calls pop up in a slightly different place with a slightly different face.</p><p>One new trick is for callers to send messages straight to voicemail. The scammers argue that because they don&rsquo;t cause phones to ring, they aren&rsquo;t really calling at all.</p><p>They also may buy or hijack lists of real phone numbers to trick spam-blocking software into letting the calls through. Law enforcement officials have asked phone carriers to make it harder for scammers to obtain real numbers, but those lists are legally for sale by third-party data providers, and ferreting out who is buying them is difficult.</p><p>Earlier this month, North Carolina Attorney General Josh Stein, a Democrat, and Florida Attorney General Ashley Moody, a Republican, led all 51 attorneys general, including the District of Columbia&rsquo;s, in a letter calling on the Federal Communications Commission to reduce unwanted robocallers&rsquo; access to real phone numbers.</p><p>“Robocallers have too many arrows in their quiver,” Stein said in a Stateline interview. “We have to do everything in our power to make sure they can&rsquo;t pretend to be legitimate callers and trick people into picking up the phone.”</p><p>Scammers&rsquo; motivation is “to steal from vulnerable people, and they are so successful at it that they have great incentives to come up with technological workarounds every time we try to block them,” Stein said...</p><p></p>"
  },
  "date": "2021-12-01T11:06:00-06:00",
  "featured": false,
  "headline": "From buying call lists to going straight to voicemail, robocallers try new tactics to evade crackdowns",
  "id": "1638356760",
  "imageFilename": "robocalls-evade-crackdowns",
  "slug":"robocalls-evade-crackdowns",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://www.usatoday.com/story/money/2021/12/01/robocalls-evade-crackdowns-using-tactics-voicemail-call-lists/8819857002/",
  "tags": ["Phone Scam", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>The call was coming from inside the company.</p><p>Or so it seemed when the mobile phone of a customer-service representative for Robinhood Markets Inc. lit up on the evening of Nov. 3. More than an hour passed -- on and on the conversation ran, as the caller reeled in the hapless employee.</p><p>By the time it was over, that one Robinhood rep had unwittingly handed over keys to the personal information of about 7 million customers, in what&rsquo;s now believed to be one of the biggest retail brokerage cyber-breaches of all time, by number of accounts affected.</p><p>Robinhood didn&rsquo;t learn of the lapse until the rep got home and told a relative about the strange call -- and was promptly advised to escalate it, according to a person familiar with the matter. Only then did the employee inform the company, whose free trading app caught fire with young people buying meme stocks, options and crypto during the pandemic, at times with devastating results.</p><p>Robinhood declined to comment on the agent&rsquo;s performance. It said separately that, to its knowledge, no Social Security numbers or data about debit cards or bank accounts were compromised. Nor did customers incur financial losses, according to the firm...</p>"
  },
  "date": "2021-11-27T11:00:00-06:00",
  "featured": false,
  "headline": "When a Hacker Calls: How Robinhood Fell Victim to a Vishing Raid",
  "id": "1638010800",
  "imageFilename": "how-robinhood-fell-victim-to-vishing-raid",
  "slug":"how-robinhood-fell-victim-to-a-vishing-raid",
  "sourceName": "Bloomberg",
  "sourceArticleUrl": "https://www.bloomberg.com/news/articles/2021-11-27/when-a-hacker-calls-how-robinhood-fell-victim-to-vishing-attack",
  "tags": ["Phone Scam", "Vishing"]
},
{
  "content": {
    "html": "<p>The Securities and Exchange Commission (SEC) has warned of a new multi-channel phishing campaign designed to elicit personal and financial information from victims.</p><p>An investor alert from the regulator revealed that several people have come forward claiming to have received phone calls or voicemail messages from purported SEC staff.</p><p>The scammers apparently raised concerns about suspicious activity on the recipients&rsquo; checking or cryptocurrency accounts in a bid to trick them into handing over more sensitive info — a classic phishing tactic.</p><p>“These phone calls and voicemail messages are in no way connected to the SEC. If you receive a communication that appears to be from the SEC, do not provide any personal information unless you have verified that you are dealing with the SEC,” the regulator urged.</p><p>“The SEC does not seek money from any person or entity as a penalty or disgorgement for alleged wrongdoing outside of its formal enforcement process.”</p><p>The SEC extended the warning to any form of unsolicited communication, including emails and letters, claiming it will never ask for payments related to enforcement actions, offer to confirm trades, or seek detailed personal and financial information...</p>"
  },
  "date": "2021-11-22T09:00:00-06:00",
  "featured": false,
  "headline": "SEC Warning as Phishing and Vishing Attacks Mount",
  "id": "1637571600",
  "imageFilename": "SEC-warning-as-phishing-and-vishing-attacks-mount",
  "slug":"sec-warning-phishing-vishing-attacks",
  "sourceName": "Info-Security Group",
  "sourceArticleUrl": "https://www.infosecurity-magazine.com/news/sec-warning-phishing-attacks-mount/",
  "tags": ["Phishing", "Phone Scam", "Vishing"]
},
{
  "content": {
    "html": "<p>COLORADO SPRINGS, Colo. (KKTV) - On the heels of Veterans Day, I want to share some important new research with you so you can share it with your friends and family. AARP found that veterans are much more likely to fall for scams than civilians. Similar results were found from a study a few years ago. The experts say the most important thing is to educate our community and share the warning signs that service members can watch for.</p><p>“What people need to realize is those who are vulnerable, at a vulnerable place in their lives, are more likely to be scammed,” said Colorado Attorney General Phil Weiser. “When you&rsquo;re leaving active service, that&rsquo;s a major transition, a transition when you may be looking for new educational opportunities, or you might be moving, or you might be subject to any number of scams that will prey on either your hopes or your fears, which means we need to do better to support our veterans as they leave active service and enter civilian life.”</p><p>AARP said four out of five military members or veterans were targeted by scams related to their service or the benefits they receive. One in three who were targeted by a scam, ended up losing money.</p><p>Many of the common themes include housing-related scams, romance scams, employment scams and benefits-related scams.</p><p>“If you&rsquo;re leaving active service, you have accrued some pensions, you may get people calling you, pretending to help you with your pension,” Weiser said. ::quot::What they&rsquo;re actually doing, is trying to harm you. What you need to know is when someone calls you and says, &lsquo;Oh I&rsquo;m a financial professional, I want to help you.&rsquo; Do your homework. If someone tries to pressure you and says, &lsquo;Act now, or you&rsquo;ll lose these benefits&rsquo;, don&rsquo;t take the bait. So we need smart and well-prepared professionals to work with our veterans.</p>"
  },
  "date": "2021-11-15T09:42:00-06:00",
  "featured": false,
  "headline": "Voice of the consumer: Veterans more likely to fall for scams",
  "id": "1636969320",
  "imageFilename": "veterans-more-likely-to-fall-for-scams",
  "slug":"veterans-more-likely-to-fall-for-scams",
  "sourceName": "KKTV",
  "sourceArticleUrl": "https://www.kktv.com/2021/11/15/voice-consumer-veterans-more-likely-fall-scams/",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>Governor Kathy Hochul signed a pair of bills on Monday aimed at cracking down on invasive robocalls — but don&rsquo;t expect the scammers to lose interest in your car&rsquo;s extended warranty anytime soon.</p><p>The new legislation is aimed at pushing telecommunications companies to do more to stop the scourge of robocalls that has cost Americans billions of dollars and seeded near unanimous suspicion of unknown numbers in recent years.</p><p>“New Yorkers are fed up with annoying, predatory robocalls, and we&rsquo;re taking action to stop them,” Hochul said in a statement.</p><p>The first piece of legislation codifies a recent federal rule — known by the acronym STIR/SHAKEN — requiring phone carriers to adopt protocols to digitally authenticate calls and prevent spoofing.</p><p>Under the standards, networks are able to validate the source of phone calls, allowing providers to block obviously fraudulent numbers or warn of potential spam.</p><p>A second piece of legislation signed by Hochul on Monday goes a step further, giving the state&rsquo;s Public Service Commission authority to oversee compliance with the protocols.</p><p>Paul Schmitt, a research computer scientist at the University of Southern California&rsquo;s Information Sciences Institute, said the oversight could close a gap in the FCC&rsquo;s attempted crackdown.</p>"
  },
  "date": "2021-11-08T18:32:00-06:00",
  "featured": false,
  "headline": "NY Moves To Crack Down On Robocalls. Don’t Expect The Scammers To Go Quietly",
  "id": "1636396320",
  "imageFilename": "ny-moves-to-crack-down-on-robocalls",
  "slug":"ny-moves-to-crack-down-on-robocalls",
  "sourceName": "Gothamist",
  "sourceArticleUrl": "https://gothamist.com/news/ny-moves-crack-down-robocalls-dont-expect-scammers-go-quietly",
  "tags": ["Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>The story of the manufactured net neutrality crisis is instructive when investigating consumers&rsquo; #1 communications complaint: robocalls. When the 2017 Federal Communications Commission (FCC) removed the so-called Title II net neutrality rules, the Washington Post and New York Times predicted an internet apocalypse. Some policymakers warned that the internet would be delivered one word at a time. Since then, however, US internet speeds and technologies have only improved. Moreover, nixing the 1934 Ma Bell price controls helped reboot fallen network investment. This proved critical as networks had to be ready <em>before </em>Covid-19 hit. The rule reversal also restored oversight of broadband markets to the Federal Trade Commission (FTC) where it had been since inception of the commercial internet. The FTC has broad powers to police anti-competitive practices and provide financial relief to consumers. </p><p>Data from the FCC&rsquo;s Consumer Complaint Center in 2020 reports that robocalls, or unwanted calls, comprise 55 percent of all complaints compared to just 1 percent for net neutrality or open internet. The FTC manages the Do Not Call Register and processes tens of millions of complaints of unwanted calls and texts annually. Yet despite significant public and private effort, robocalls continue to plague consumers. Then pandemic has fueled robocalls with fraudsters posing as government officials or ecommerce providers requesting personal, payment, or delivery information. Fraudsters employ spoofed or recognized phone numbers to evade regulation and blocking technology. The FBI reports that that highly-organized, international criminal gangs are behind much of the fraudulent activity. The problem is growing as scammers and fraudsters move to WhatsApp and other internet platforms.</p>"
  },
  "date": "2021-10-26T06:32:00-05:00",
  "featured": false,
  "headline": "Robocalls, Still The Bane Of Our Existence",
  "id": "1635229920",
  "imageFilename": "robocalls-still-the-bane-of-our-existence",
  "slug":"robocalls-still-the-bane-of-our-existence",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/roslynlayton/2021/10/26/robocalls-still-the-bane-of-our-existence/?sh=11baffe77668",
  "tags": ["FCC", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Three companies that allegedly helped initiate tens of millions of robocalls in the US -- including to people on Do Not Call registries -- are being sued by the Indiana attorney general.</p><p>“Honestly, Hoosiers are sick and tired of these harassing and illegal unwanted robocalls. Everyone is,” Attorney General Todd Rokita said in an interview with CNN.</p><p>The suit, filed Thursday in the US District Court Southern District of Indiana Evansville Division, says that of the millions of robocalls made across the US, more than 4.8 million were to Indiana area codes.</p><p>The suit lists Startel Communications LLC of Evansville, Indiana, a now-defunct company; VoIP Essential, located in California; and Piratel LLC, also located in California, as defendants.</p><p>Rokita said in a video statement that Startel allegedly acted as a gateway into the US for robocallers operating out of India, Singapore and the Philippines.</p><p>The lawsuit also lists Wanda Hall and Abhijit Chowdhury as defendants, alleging they operated a Voice over Internet Protocol (VoIP) business that helped the robocallers.</p><p>The suit alleges the “robocallers made millions of illegal calls to Indiana residents, many of whom were on Indiana&rsquo;s Do Not Call List and/or the Federal Do Not Call List...”</p>"
  },
  "date": "2021-10-16T12:26:00-05:00",
  "featured": false,
  "headline": "Indiana’s attorney general sues companies blamed for millions of robocalls across the US",
  "id": "1634387160",
  "imageFilename": "indiana-ag-sues-companies-blamed-for-millions-of-robocalls",
  "slug":"indiana-ag-sues-companies-blamed-for-millions-of-robocalls",
  "sourceName": "CNN",
  "sourceArticleUrl": "https://www.cnn.com/2021/10/16/us/indiana-ag-robocalls-lawsuit/index.html",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<h2>A new FCC proposal may help, but lobbying and recent court rulings mean the robocall menace isn&rsquo;t going away anytime soon.</h2><p>Every single day Americans receive more than 131 million annoying robocalls, or roughly 5.5 million robocalls an hour. And while a new FCC proposal takes helpful aim at the obnoxious menace, recent Supreme Court rulings, corporate lobbying, and the complexity of the problem means it&rsquo;s not getting significantly better anytime soon.</p><p>The FCC this week unveiled its latest attempt to address the robocall scourge after a parade of past agency efforts failed to make a dent in the problem. </p><p>New FCC rules mean phone companies must block traffic from phone companies that fail to implement cryptography-based identity authentication systems like STIR (Secure Telephone Identity Revisited) and SHAKEN (Signature-based Handling of Asserted Information Using toKENs). Such systems help thwart robocallers hiding their identities and real numbers using spoofing technology. </p><p>The new FCC announcement proposes expanding those restrictions to “gateway providers” that link overseas callers to U.S. phone networks, and requires phone companies to document their robocall-fighting efforts via the FCC&rsquo;s Robocall Mitigation Database. But it&rsquo;s just a drop in the bucket of addressing the broader problem, experts say.<br><br>“The plan as-is consists of good ideas, but I don&rsquo;t think it&rsquo;s going to make a big difference in the next couple of years,” Brad Reaves, an Assistant Professor of Computer Science at NC State University told Motherboard.<br><br>The proposal is just a proposal for now, and “gateway providers” still aren&rsquo;t covered by existing rules. Neither are smaller providers with less than 100,000 customers, who&rsquo;ve been exempted from the rules until 2023. “These two types are the providers that most in the industry believe are serving the robocallers,” he said.<br><br>But our failure to police robocalls goes beyond the technical. And it stems from our failure to understand the problem is far bigger than just bogus car warranty scams...</p>"
  },
  "date": "2021-10-04T09:00:00-05:00",
  "featured": false,
  "headline": "There Is No Escape From America’s Robocall Hell",
  "id": "1633338000",
  "imageFilename": "robocall-hell",
  "slug":"no-escape-from-americas-robocall-hell",
  "sourceName": "Vice",
  "sourceArticleUrl": "https://www.vice.com/en/article/v7e9va/there-is-no-escape-from-americas-robocall-hell",
  "tags": ["Phone Scam", "Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<h2>The FCC is taking the fight to scammers</h2><p>The Federal Communications Commission (FCC) has laid out its plans to stop both SIM swapping attacks and robocalls in an effort to protect US smartphone users from fraud and identity theft.</p><p>For those unfamiliar, SIM swapping is a technique used by an attacker in which they convince a mobile carrier to transfer a victim&rsquo;s phone number from their SIM card to one they own and control. Once in control of a victim&rsquo;s number, the attacker can receive two factor authentication (2FA) messages to take over their online accounts.</p><p>The FCC&rsquo;s Notice of Proposed Rulemaking puts forward a number of ways to address SIM swapping such as amending the Customer Proprietary Network Information (CPNI) and Local Number Portability rules so that mobile carriers would have to authenticate that a customer really is who they say the are before redirecting their phone number to a new SIM card or device. At the same time, the notice proposes requiring mobile carriers to immediately notify customers whenever a SIM change or port request is made on their accounts.</p><ul><li>We&rsquo;ve built a list of the best identity theft protection available</li><li>These are the best endpoint protection software solutions</li><li>Keep your devices virus free with the best malware removal software</li></ul><p>In addition to SIM swapping, these new changes will also address port-out fraud which occurs when an attacker poses as a victim and opens an account with another carrier in their name. They then arrange for the victim&rsquo;s phone number to be transferred or “ported out” to the account with the new mobile carrier which they control.</p>"
  },
  "date": "2021-10-01T08:00:00-05:00",
  "featured": false,
  "headline": "FCC unveils its methods to stop SIM swapping scams and robocalls",
  "id": "1633075200",
  "imageFilename": "fcc-unveils-methods-to-stop-sim-swapping-and-robocalls",
  "slug":"fcc-unveils-methods-to-stop-sim-swapping-and-robocalls",
  "sourceName": "Tech Radar",
  "sourceArticleUrl": "https://www.techradar.com/uk/news/fcc-unveils-its-method-to-stop-sim-swapping-scams-and-robocalls",
  "tags": ["Robocalls", "Sim Swapping", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>BASINGSTOKE, England, September 27, 2021--(BUSINESS WIRE)--A new study from Juniper Research has found consumers will lose $40 billion to fraudulent robocalls globally in 2022; rising from $31 billion in 2021. Fraudulent robocalls pose threats to consumers by encouraging the disclosure of personal information that fraudsters can use for identity theft. In most robocall fraud cases, fraudsters impersonate a genuine brand or enterprise to gain the call recipient&rsquo;s trust.</p><p>The new study, Robocall Mitigation: Emerging Strategies, Competitor Leaderboard &amp; Market Forecasts 2021-2026, predicts emerging mitigation frameworks will combat fraudulent robocalls by creating an ecosystem in which brands and enterprises are verified before the call is placed. However, it noted that standardising services across all stakeholders, including mobile operators, brands and mobile operating system developers, will be essential to creating a service that mitigates fraud in real-time.</p><p>For more insights, download our free whitepaper: Robocall: The $40 Billion Threat</p><p>Brand Authentication Frameworks Need Standardisation</p><p>The report identified brand authentication technologies as a critical element of these frameworks. Brand authentication services provide mobile subscribers with information on the smartphone screen before the call has been answered, including the verified identity of the enterprise calling and the purpose for the call.</p><p>To maximise the benefit of these frameworks, creating an ecosystem that enables enterprises to be verified by a third party will be essential to re-establish trust in mobile voice as a communications channel. Research co-author Charles Bowman remarked: <em>“Even if the fraudulent attempt is unsuccessful, subscribers will still be subject to nuisance calls. In 2022, we predict over 110 billion unwanted robocalls will be made globally; significantly diminishing the value of mobile voice channels...”</em></p><p></p>"
  },
  "date": "2021-09-27T09:00:00-05:00",
  "featured": false,
  "headline": "Juniper Research: Robocall Fraud to Cost Consumers $40 Billion Globally in 2022, as Standardised Mitigation Frameworks Become Priority",
  "id": "1632733200",
  "imageFilename": "Robocall-Fraud-to-Cost-Consumers-40-Billion-Globally-in-2022",
  "slug":"robocall-fraud-to-cost-consumers-40-billion-globally-in-2022",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "https://finance.yahoo.com/news/juniper-research-robocall-fraud-cost-060000816.html",
  "tags": ["Consumer Fraud", "Robocalls"]
},
{
  "content": {
    "html": "<p>The leader of a robocall scam center in India that victimized 4,000 people in the U.S. out of more than $10 million was sentenced Thursday to 22 years in prison.</p><p>Shehzadkhan Pathan, 40, pleaded guilty in January to charges of conspiracy to commit mail and wire fraud and aggravated identity theft and was sentenced Thursday by U.S. District Judge Henry E. Hudson.</p><p>Among the victims of the ring&rsquo;s scams, which typically began with a robocall from a center in Ahmedabad, India, was an elderly Chesterfield County woman whose story was recounted in a June article in the Richmond Times-Dispatch.</p><p>The woman, who cares for an adult son, lost $445,000 — almost her entire life savings, which she was duped into sending to people posing as law enforcement agents.</p><p>Raj Parekh, acting U.S. attorney for the Eastern District of Virginia, said, “The impact of the harm inflicted on the victims of these robocall schemes can be devastating. The victims, many of whom are elderly, continue to endure significant financial hardship from the defendant&rsquo;s vast fraud enterprise.”</p><p>“When you consider the sheer number of victims this defendant extorted and the magnitude of their losses, the scale of harm and pain he caused is enormous,” said Parekh...</p>"
  },
  "date": "2021-09-17T08:00:00-05:00",
  "featured": false,
  "headline": "Leader of massive robocall scam with 4,000 victims in the U.S. gets 22-year prison term",
  "id": "1631865600",
  "imageFilename": "leader-of-massive-robocall-scam-gets-22-years",
  "slug":"leader-of-massive-robocall-scam-gets-22-years",
  "sourceName": "Richmond Times-Dispatch",
  "sourceArticleUrl": "https://richmond.com/news/local/crime-and-courts/leader-of-massive-robocall-scam-with-4-000-victims-in-the-u-s-gets-22/article_86801551-878e-5496-9693-5616d7dcf138.html",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>Scammers sometimes use targeted emails to draw you into a malicious website, called phishing. This is just one way they target you.</p><p>By leaving voice messages on your mobile phone, scammers will also try to trick you into sending them your personal information. This type of scam is called vishing, and it has become more widespread in recent months.</p><p>But several new occurrences of these scams are taking a different approach. Cybercriminals are now so confident in their ability that they get you to call them. This is how it works and what to do to stay safe.</p><p>WARNING! Do <em>not </em>call the number. It&rsquo;s a vishing scam. Vishing means a “voice phishing” attack. In vishing attacks, cybercriminals impersonate trusted entities and trick people into sharing valuable data.</p><p>According to Kaspersky Lab, the scammers will try to convince you to reveal banking details or personal information. This is allegedly so they can track the order or cancel it...</p>"
  },
  "date": "2021-08-31T12:45:00-05:00",
  "featured": false,
  "headline": "This tricky new email campaign cons YOU into calling scammers",
  "id": "1630413900",
  "imageFilename": "this-tricky-new-email-campaign-cons-you-into-calling-scammers",
  "slug":"this-tricky-new-email-campaign-cons-you-into-calling-scammers",
  "sourceName": "KimKomando",
  "sourceArticleUrl": "https://www.komando.com/security-privacy/sneaky-vishing-email-scam/805303/",
  "tags": ["Phone Scam", "Vishing"]
},
{
  "content": {
    "html": "<p>LANSING, Mich. (AP) — Two conservative hoaxers face a record $5.1 million fine for allegedly making illegal robocalls to wireless phones without the owners&rsquo; consent in the 2020 election.</p><p>The Federal Communications Commission said Tuesday that the proposed fine for Jacob Wohl, Jack Burkman and Burkman&rsquo;s lobbying firm would be the largest ever for violating the Telephone Consumer Protection Act.</p><p>The men already face criminal charges in multiple states over allegedly organizing 85,000 robocalls that falsely warned people in predominantly Black areas of New York, Pennsylvania, Illinois, Ohio and Michigan that information gleaned from mail-in ballots could lead to their arrest, debt collection and forced vaccination.</p><p>The FCC said federal law prohibits making prerecorded calls to cellphones without the permission of those receiving the calls. The agency, which determined 1,141 calls went to mobile phones on Aug. 26 and Sept. 14, proposed a $4,500 fine for each one.</p><p>Regulators launched their investigation following consumer complaints and concerns raised by a national civil rights group, the Lawyers&rsquo; Committee for Civil Rights Under Law.</p><p>The FCC said it worked with the Ohio attorney general&rsquo;s office to obtain subpoenas from two dialing service providers showing emails from Burkman and Wohl, including ZIP codes to target and “the tape we want to go out.” They will have an opportunity to respond before the commission takes action...</p>"
  },
  "date": "2021-08-25T09:51:00-05:00",
  "featured": false,
  "headline": "Conservative hoaxers face $5.1M fine for election robocalls",
  "id": "1629885060",
  "imageFilename": "conservative-hoaxers-face-5-1m-fine-for-election-robocalls",
  "slug":"conservative-hoaxers-face-5-1m-fine-for-election-robocalls",
  "sourceName": "",
  "sourceArticleUrl": "https://apnews.com/article/technology-business-elections-election-2020-260f8df2ed47fa17bf3e88d0a49e64f6",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>Many of us now refuse to answer telephone calls from an unknown number, for fear that it could be a scam.</p><p>And we dread receiving a text message, purportedly from our bank or a delivery firm, again due to concerns that it might be from fraudsters.</p><p>A recent report suggests that we are right to be cautious. In the 12 months to March 2021, phone call and text message fraud across England, Wales and Northern Ireland was up 83% from the previous year, according to consumer group Which?.</p><p>Which? analysed data from Action Fraud, the UK&rsquo;s national reporting centre for fraud and cyber crime, and says this was the biggest rise across all types of fraudulent attacks.</p><p>It adds that the jump was fuelled by more people getting things delivered during the pandemic, which led to a corresponding huge rise in fake parcel delivery text notifications.</p><p>In these “smishing” attacks, fraudsters send a person a message, seemingly from a legitimate number, to claim that a small payment is needed before a package can be delivered. Then when you click on the link they try to steal your banking details.</p><p>But how exactly are the fraudsters able to do this, and why is it so difficult for telecoms firms and authorities to tackle the problem?</p>"
  },
  "date": "2021-08-23T13:45:00-05:00",
  "featured": false,
  "headline": "Why phone scams are so difficult to tackle",
  "id": "1629726300",
  "imageFilename": "why-phone-scams-are-so-difficult-to-tackle",
  "slug":"why-phone-scams-are-so-difficult-to-tackle",
  "sourceName": "BBC",
  "sourceArticleUrl": "https://www.bbc.com/news/business-58254354",
  "tags": ["Phone Scam", "Robocalls", "Smishing"]
},
{
  "content": {
    "html": "<p>The STIR/SHAKEN implementation deadline has passed, but the fight against illegal robocalls is far from over. At the August Open Meeting, the FCC adopted two items which would refine the FCC&rsquo;s processes and adopt new tools to fight illegal robocalls.</p><h4>Token Revocation Report and Order</h4><p>First, the FCC adopted a Report &amp; Order that establishes a process for appeals to the FCC of the private Governance Authority&rsquo;s decision to revoke a voice service provider&rsquo;s STIR/SHAKEN Service Provider Code (“SPC”). The FCC&rsquo;s rules require voice service providers to implement and participate in the STIR/SHAKEN caller ID authentication framework, and to do this voice service providers must obtain an SPC token. To guard against bad actors and preserve trust within the caller ID authentication system, the Governance Authority that oversees the STIR/SHAKEN framework may revoke a voice service provider&rsquo;s SPC token. Because this revocation process enables the Governance Authority to make decisions that would render voice service providers noncompliant with the FCC&rsquo;s rules, the FCC adopted a process for review of those revocation decisions by the Governance Authority. After the Wireline Competition Bureau&rsquo;s (“Bureau”) initial decision, voice service providers may appeal to the full Commission.</p><p>Voice service providers aggrieved by a Governance Authority revocation decision may file a request for review to the FCC within 60 days after completing the Governance Authority appeal process. The Commission would allow third parties to participate in the proceeding, but only to file oppositions and replies.</p>"
  },
  "date": "2021-08-18T06:00:00-05:00",
  "featured": false,
  "headline": "FCC Adopts Two Items, Continues to Tackle Robocalls at August Open Meeting",
  "id": "1629266400",
  "imageFilename": "FCC-Continues-to-Tackle-Robocalls",
  "slug":"fcc-continues-to-tackle-robocalls",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://www.natlawreview.com/article/fcc-adopts-two-items-continues-to-tackle-robocalls-august-open-meeting",
  "tags": ["Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Busy week? I had news meetings, family stuff, and interviews, of course. And then I got a call from an officious, digitized voice that said they were the IRS. It informed me they&rsquo;ve noticed suspicious activity on my account. Not a good start to the day.</p><p>Soon, more bad news. A call from a similar-sounding robo-voice — maybe they&rsquo;re siblings — said they&rsquo;ve noticed suspicious activity on my credit card account.</p><p>But good news, a minute later: a peppy, friendly, recorded voice, told me my spotless driving record entitled me to receive a great new deal on car insurance.</p><p>Then I remembered: I have no driving record. I have no driver&rsquo;s license, although that did not discourage another genial recorded voice who called a few minutes later to offer a great new deal on a car warranty because of my immaculate driving history.</p><p>By the way, I also have spotless record in performing brain surgery.</p><p>I take no poetic license when I say that on any given day, I get dozens of calls to say that I&rsquo;ve won a vacation, a home alarm system, or discounts on scores of pharmaceuticals. I get calls to warn me of suspicious activities on my Social Security or credit card accounts, and calls imploring me to donate to groups that sound faintly familiar, but are likely just cleverly monikered scams. 40% of robocalls reportedly are...</p>"
  },
  "date": "2021-08-07T04:50:00-05:00",
  "featured": false,
  "headline": "Opinion: “Hello? Hello?” The Pain Of Pandemic Robocalls",
  "id": "1628311800",
  "imageFilename": "The-Pain-of_Pandemic_Robocalls",
  "slug":"the-pain-of-pandemic-robocalls",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://www.npr.org/2021/08/07/1025507114/opinion-hello-hello-the-pain-of-pandemic-robocalls",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>Online banking and investment fraud have increased during the pandemic.</p><p>Last week, my colleague was phoned by her bank&rsquo;s security team and told that her account had just paid three sums of R10 000 each to a bank in Thailand. The caller, who identified himself by name, asked her to log on to her account to check if the money had actually been transferred out.</p><p>While she was hesitating, the caller, as if to reassure her, confirmed the bank account number, her street address and the name of the account holder. All these details, as quoted to her, were correct. The only detail that was &lsquo;off&rsquo;, (besides the fact that he was calling at all) was the fact that he did not seem to know that the account in question was her husband&rsquo;s and not hers. When she offered to call the purported bank official back, he cut the call.</p><p>Earlier this year, the UK&rsquo;s financial regulator, the Financial Conduct Authority, issued a statement that said that the number of fraudulent warnings on fraudulent banking and investment scams issued in 2020 was double the level seen in 2019, and was on course to double again in 2021.</p><p>Investment scams made up the highest proportion of authorised fraud losses in 2020, with more than £135 million lost to increasingly sophisticated deceptions often involving the grooming of potential victims over several months and credible-looking cloned websites of banks and investment advisors. In some cases, fraudsters paid &lsquo;dividends&rsquo;, while convincing their victims to invest more, before vanishing with their stolen money.</p><p>The FCA has a section of its website dedicated to helping investors detect fraud, called Scamsmart, as well as a list of unauthorised firms and individuals on its website. South Africa&rsquo;s regulator, the Financial Services Conduct Authority (FSCA), publishes a list of regulated services providers, but unlike the UK&rsquo;s regulator, does not publish lists of unauthorised firms. Like its UK equivalent, the FSCA only has the authority to prosecute the complaints against its regulated providers, so bitcoin fraud (a growing category of fraud) falls outside its authority.</p><p>With respect to banking fraud, fraudsters have not taken a sabbatical during the Covid-19 pandemic. On the contrary, as &lsquo;face to face&rsquo; shopping has dropped, along with opportunities to steal debit cards and credit cards, fraudsters have adapted their skills to new forms of fraud. New-to-digital consumers have proved especially vulnerable and have created new channels to exploit...</p>"
  },
  "date": "2021-07-30T06:53:00-05:00",
  "featured": false,
  "headline": "Watch out for new fraudster tricks",
  "id": "1627627980",
  "imageFilename": "Watch-out-for-new-fraudster-tricks-B",
  "slug":"watch-out-for-new-fraudster-tricks",
  "sourceName": "Moneyweb",
  "sourceArticleUrl": "https://www.moneyweb.co.za/financial-advisor-views/watch-out-for-new-fraudster-tricks/",
  "tags": ["Financial Fraud", "Phone Scam"]
},
{
  "content": {
    "html": "<p>SPRINGFIELD, Mo. (KY3) - Whether it&rsquo;s bogus calls from the IRS, your power company or Publishers Clearing House, we&rsquo;ve all had our fair share of annoying scam calls.</p><p>Thanks to new technology, the number of these calls you get should go down. A new Federal Communications Commission rule is now in effect.</p><p>Phone companies must use what&rsquo;s called Stir/Shaken technology. Basically, you should only get calls from real numbers. Those fake or spoof numbers should not make it through.</p><p>On Your Side has reported on these phone scams for years. Crooks use what&rsquo;s called Caller ID spoofing. They make your caller ID display a familiar number, like a 417 area code, your power company or even your own number. Scammers want you to think it&rsquo;s a legit call. Now this is an old trick...</p>"
  },
  "date": "2021-07-23T18:09:00-05:00",
  "featured": false,
  "headline": "New FCC rule aims to curb scam calls",
  "id": "1627063740",
  "imageFilename": "new-fcc-rule-aims-to-curb-scam-calls",
  "slug":"new-fcc-rule-aims-to-curb-scam-calls",
  "sourceName": "Kait8",
  "sourceArticleUrl": "https://www.kait8.com/2021/07/23/your-side-new-fcc-rule-aims-curb-scam-calls/",
  "tags": ["Caller-ID Spoofing", "Phone Scam"]
},
{
  "content": {
    "html": "<p>A New Jersey-based company that sold septic tank cleaning products was ordered to dissolve and pay $1.66 million in fines after the government sued its owners for making millions of illegal robocalls.</p><p>Environment Safety International (ESI), addressed to Fairview in Bergen County, made more than 45 million illegal robocalls over a 15-month period between January 2018 and March 2019, the Federal Trade Commission claims. The agency says more than two-thirds of those telemarketing calls were made to numbers listed on the FTC&rsquo;s National Do-Not-Call Registry.</p><p>Brothers Joseph and Sean Carney, who co-own and operate ESI, worked alongside their younger brother, Raymond Carney, to conduct their alleged telemarketing scheme dating back more than a decade. In the lawsuit filed by the Department of Justice, Raymond Carney allegedly formed Carbro in 2009 with the purpose of contacting potential customers to sell ESI&rsquo;s cleaning products -- ESI was their only client, the complaint says...</p>"
  },
  "date": "2021-07-19T09:01:00-05:00",
  "featured": false,
  "headline": "NJ Septic Company That Made 45 Million Robocalls Fined, Ordered to Dissolve",
  "id": "1626685260",
  "imageFilename": "NJ-Company-That-Made-45-Million-Robocalls-Fined-Ordered-to-Dissolve",
  "slug":"company-made-45-million-robocalls-fined-ordered-to-dissolve",
  "sourceName": "NBC News",
  "sourceArticleUrl": "https://www.nbcnewyork.com/news/local/crime-and-courts/nj-septic-company-that-made-45-million-robocalls-fined-ordered-to-dissolve-feds/3161684/",
  "tags": ["Department of Justice", "Robocalls"]
},
{
  "content": {
    "html": "<p>In 2019, the chief executive of a UK energy company received a call from his German-based boss and did not hesitate to meet his request and quickly transfer €220,000 (about $243,000) to a Hungarian supplier. However, even though the executive recognized his boss&rsquo;s German accent and the pattern of his voice, the caller wasn&rsquo;t actually his boss. Instead, it was a fraudster using AI voice technology.</p><p>By the time the victim realized he was conned (after the scammer called back asking for another transfer), it was already too late — the money had been moved from the Hungarian bank and transferred to other locations. While voice fraud isn&rsquo;t new, this is the first reported example of an audio deepfake scam, and although some doubt the veracity of this story, it highlights the potentially massive threat that deepfakes pose to businesses.</p><p>The rise of deepfakes</p><p>Whether they come in the form of images, videos, audio, or text, the number of “deepfakes” — synthetic media altered or created with the help of machine learning or artificial intelligence — has expanded at an alarming rate. According to Sensity, the number of deepfake videos online has nearly doubled every six months since 2018, and more than 85,000 deepfake videos have been detected as of December 2020. Considering that there&rsquo;s been a significant rise in global searches for “deepfake” since the beginning of 2021, this number has likely grown even higher now...</p>"
  },
  "date": "2021-07-09T08:38:00-05:00",
  "featured": false,
  "headline": "Stop deepfakes with employee awareness training and better personal data management",
  "id": "1625819880",
  "imageFilename": "stop-deepfakes-with-awareness-training-and-better-personal-data-management",
  "slug":"stop-deepfakes-awareness-training-personal-data-management",
  "sourceName": "SC Media",
  "sourceArticleUrl": "https://www.scmagazine.com/perspectives/stop-deepfakes-with-employee-awareness-training-and-better-personal-data-management/",
  "tags": ["AI", "Deepfake", "Financial Fraud", "Voice Security"]
},
{
  "content": {
    "html": "<p>Newswise — Washington, D.C. – Next Generation 9-1-1 (NG9-1-1) technology will allow responders and the public to employ real-time text, images, video, and voice calls during emergencies. The Department of Homeland Security (DHS) Small Business Innovation Research (SBIR) Program recently awarded $997,526.67 to San Antonio, Texas-based small business SecureLogix to secure that data against increased cyber threats.</p><p>“While NG9-1-1 technologies will enhance the current capabilities of today&rsquo;s 911 systems by enabling multimedia sharing and connectivity, we must ensure these critical emergency response networks remain resilient and reliably operational,”said Kathryn Coulter Mitchell, DHS Senior Official Performing the Duties of the Under Secretary for Science and Technology. </p><p>The DHS SBIR Program, administered by the DHS Science and Technology Directorate (S&amp;T), selected SecureLogix for a Phase II award following their successful demonstration of feasibility in Phase I and the proposed Phase II development of their architecture that expands on voice/call threats and secures NG9-1-1 multimedia content technology solutions.</p><p>“The DHS SBIR Program is an excellent opportunity for small businesses to develop cutting-edge technology for homeland security end users and grow their business capabilities,” said Dusty Lang, DHS SBIR Director. “I am looking forward to seeing how the partnership with SecureLogix can help support DHS Component needs.”</p><p>SecureLogix will continue their research and development efforts on an architecture that supports the Emergency Communications Cybersecurity Center (EC3) concept, which centralizes security processing functions for regions, states, or at the national level. SecureLogix, headquartered in San Antonio, Texas, will conduct a more thorough threat assessment and develop the architecture to their proposed technology that addresses the most significant threats from audio, text, images and video.</p><p>“The ever-increasing frequency and sophistication of cyber-attacks on Public Safety Answering Points, EC3, and Emergency Operations Centers demand that cutting-edge technical enhancements must be developed and put in place to protect NG9-1-1 center operations against Telephony Denial of Service attacks, ransomware, Zero-day, and other advanced attacks,” said David Nolan, DHS Cybersecurity and Infrastructure Security Agency Program Manager. “Accurate, real-time communications are the essence of NG9-1-1 and require all public safety entities to work together to provide life-saving services to those in need of emergency services.”</p><p>At the completion of the 24-month Phase II contract, SBIR awardees will have developed a prototype to demonstrate the advancement of the technology, spearheading the potential for Phase III funding. Under Phase III, SBIR performers will seek to secure funding from private and/or non-SBIR government sources, with the eventual goal to commercialize and bring to market the technologies from Phase I and II.</p><p>For more information on the DHS SBIR Program, visit: https://sbir2.st.dhs.gov or contact STSBIR.Program@hq.dhs.gov.</p><p>For more information on S&amp;T&rsquo;s innovation programs and tools, visit: https://www.dhs.gov/science-and-technology/work-with-st.</p>"
  },
  "date": "2021-07-07T07:35:00-05:00",
  "featured": false,
  "headline": "DHS Awards Nearly $1M to Small Business to Secure NG9-1-1 Multimedia Content",
  "id": "1625643300",
  "imageFilename": "DHS-Awards-Nearly-1M-to-Small-Business-to-Secure-NG9-1-1-Multimedia-Content",
  "slug":"dhs-awards-nearly-1m-to-small-business-to-secure-ng9-1-1-multimedia-content",
  "sourceName": "Newswise",
  "sourceArticleUrl": "https://www.newswise.com/articles/dhs-awards-nearly-1m-to-small-business-to-secure-ng9-1-1-multimedia-content",
  "tags": ["Emergency Services & 911 Systems", "Homeland Security", "next generation technology"]
},
{
  "content": {
    "html": "<h2>The deadline for STIR/SHAKEN certification is today</h2><p>T-Mobile announced on Wednesday that it is fully compliant with the FCC&rsquo;s new anti-spoofing protocol, telling the FCC that its now certifying that calls from its network are protected against impersonation by scam callers using the STIR/SHAKEN protocol.</p><p>Verizon also announced that it&rsquo;s verifying that the number that shows up on your caller ID is actually the number that&rsquo;s calling you, using the same STIR/SHAKEN protocol. The two major carriers announcing their progress on the same day isn&rsquo;t a coincidence — Wednesday, June 30th, is the deadline the FCC set for major carriers to implement STIR/SHAKEN.<q>THE PROTOCOL WORKS TO PREVENT SCAM AND SPAM CALLERS FROM SPOOFING THEIR NUMBER</q></p><p>The protocol, with its James Bond-themed name, works to prevent scam and spam callers from spoofing their number and showing up on your caller ID as a local caller. The FCC hopes that carriers implementing it will help stem the tide of robocalls that have made many of us scared of our phones&rsquo; actual phone function. In a press release put out on Wednesday (pdf), the commission stated that over 1,500 voice providers have filed to be included in its Robocall Mitigation Database, with over 200 of those providers being fully certified.</p><p>The Wednesday deadline set by the FCC is only for major carriers — smaller carriers with fewer than 100,000 subscribers will be exempt until June 30th, 2023, though the FCC is considering shortening that timespan (pdf). The major carriers that haven&rsquo;t certified themselves as compliant may face an unspecified “appropriate enforcement action” from the FCC and will run into even more trouble come September. Beginning September 28th, according to the FCC (pdf), carriers will have to stop accepting traffic from providers that aren&rsquo;t in the robocall database — it&rsquo;s hard to imagine customers being too happy that they&rsquo;re not able to reach their friends or family who are on T-Mobile or Verizon.<q>WHILE THIS MAY MEAN A SIGNIFICANT DROP IN SPAM CALLS, IT&rsquo;S NOT BULLETPROOF</q></p><p>AT&amp;T, the third major carrier in the US, doesn&rsquo;t seem to have explicitly said that it&rsquo;s filled for certification for STIR/SHAKEN with the FCC yet. Last week, the carrier put out a press release about blocking over a billion robocalls a month, and it told <em>Fierce Wireless</em> that it intends on meeting the deadline. AT&amp;T did not immediately respond to our request for comment about its certification status today.</p><p>In its press release, T-Mobile says that its STIR/SHAKEN network covers calls from 98 percent of US wireless customers, including those using carriers like AT&amp;T, Verizon, Google Fi, and Comcast. Verizon says that its validation network covers 80 percent of the US wireless industry.</p><p>The STIR/SHAKEN protocol isn&rsquo;t a total solution to the robocall problem, and it won&rsquo;t keep your phone from ringing when a scammer calls you unless your carrier is doing additional blocking using the data from it. <em>Fierce Wireless</em> also points out that carriers still have to contend with international calls, which is no small task, and legacy phone systems are exempt from the requirements. Still, the next time you get a phone call, you may be able to see whether the number that&rsquo;s calling you is actually who it claims to be.</p><p></p>"
  },
  "date": "2021-06-30T15:14:03-05:00",
  "featured": false,
  "headline": "T-Mobile and Verizon Have Implemented the FCC’s Anti-Spoofing system",
  "id": "1625066043",
  "imageFilename": "fcc-verizon-anti-spoofing",
  "slug":"t-mobile-and-verizon-have-implemented-the-fccs-anti-spoofing-system",
  "sourceName": "The Verge",
  "sourceArticleUrl": "https://www.theverge.com/2021/6/30/22557539/t-mobile-verizon-carriers-fcc-stir-shaken-certification-deadline-spam-calls",
  "tags": ["Caller-ID Spoofing", "Spoofing", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Today is the deadline for voice providers to implement the Stir/Shaken tech designed to curb the flood of annoying and costly robocalls.</p><p>A big deadline in the fight to beat back those annoying robocalls is here. As of today, every major voice provider in the US, including phone companies AT&amp;T, Verizon and T-Mobile and cable provider Comcast, will need to implement a technology called Stir/Shaken designed to curb the tide of spam calls.</p><p>That&rsquo;s good news for everyone whose phone has been jangling with bogus phone calls involving health-related scams, expiring car warranties and fake banks offering nonexistent interest-rate discounts for credit cards. For years, the scourge of illegal robocalls has plagued the public. It&rsquo;s the No. 1 consumer complaint and a top priority at the Federal Communications Commission.</p><p>US consumers have received just under 22 billion robocalls in the first five months of the year, on pace to hit over 52 billion robocalls for the year, according to YouMail, a company specializing in blocking robocalls. </p><p>Now playing: Robocalls from spoofed numbers truly seem off the charts.... 11:29</p><p>Robocalls use automated dialers and recorded messages. To be fair, not all robocalls are bad or annoying. Some businesses and public entities use robocalls to communicate important information. For example, your pharmacy may use an automated recording to tell you your prescription is ready to be picked up, or your kids&rsquo; school may be alerting you to a snow day. These are legitimate robocalls, and they require that consumers sign up to receive them. </p><p>Then there are the illegal robocallers. Because robocalls are cheap to make, they&rsquo;ve been exploited by scammers all over the world, who use them to defraud billions of dollars from Americans every year. The problem has gotten so bad that many of us don&rsquo;t answer the phone when it rings, especially if it&rsquo;s an unfamiliar number on the caller ID. All too often, scammers disguise their phone numbers to trick people into answering. </p><p>An end to these annoying and costly calls could be on the horizon thanks to the implementation of Stir/Shaken, which will require voice providers to verify where calls are coming from. That&rsquo;s where the FCC&rsquo;s June 30 deadline comes in. To help you get a handle on that and other efforts to stamp out robocalls, CNET has put together this FAQ. </p><h2>What&rsquo;s Stir/Shaken?</h2><p>“Stir” stands for “secure telephone identity revisited,” and “Shaken” for “signature-based handling of asserted information using tokens.” Stir is the technical protocol, and Shaken is the framework by which calls can be tracked in the new robocall mitigation database. </p><p>The way it works is that Stir/Shaken technology ensures that calls traveling through phone networks have their caller ID “signed” as legitimate by originating carriers and validated by other carriers before the calls reach you. In short, the technology authenticates a phone call&rsquo;s origin and makes certain the information on the Caller ID matches.https://playlist.megaphone.fm/?e=RED6059823569CNET MOBILE</p><p>Discover the latest news and best reviews in smartphones and carriers from CNET&rsquo;s mobile experts.SIGN ME UP!</p><p>By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.</p><h2>What&rsquo;s &rsquo;caller ID spoofing&rsquo;?</h2><p>Spoofing is when callers disguise their identity by deliberately falsifying the information transmitted to your caller ID display. Scammers do this to make calls less easily traceable. Also, by using so-called neighbor spoofing, which makes it appear as though the number is a local one you may already know or trust, scammers try to trick you into picking up a call. </p><h2>Is spoofing illegal?</h2><p>Under the Truth in Caller ID Act, the FCC&rsquo;s rules prohibit any person or entity from transmitting misleading or inaccurate caller ID information with the intent to defraud, cause harm, or wrongly obtain anything of value. Spoofing isn&rsquo;t illegal if there&rsquo;s no intent to cause harm. </p><p>Illegal spoofers can face fines of up to $10,000 per violation of the law. </p><p>Spoofing that&rsquo;s intended to hide identity can be permitted under certain circumstances. For example, law enforcement agencies working on cases, victims of domestic violence, or doctors wishing to discuss private medical matters may all be exempt from these rules. </p><h2>What&rsquo;s the Traced Act? How will that stop robocalls?</h2><p>The Traced (Telephone Robocall Abuse Criminal Enforcement and Deterrence) Act, was signed into law in December 2019 by President Donald Trump. It basically makes compliance with the Stir/Shaken technology mandatory for all voice service providers. </p><p>The law directed the FCC to come up with rules to require voice providers to implement the technology within 18 months. https://playlist.megaphone.fm/?e=RED6059823569</p><h2>What&rsquo;s the June 30 deadline about?</h2><p>The FCC has set a deadline of June 30 for companies that provide phone service to implement Stir/Shaken, the call verification system that&rsquo;ll make it harder for scammers to hide their numbers. Phone companies will also have to publish robocall prevention strategies in a public database.</p><p>The program was created in late 2019 by the Traced Act. The FCC released the standards in March 2020, and it set a deadline for service providers to comply by the end of June 2021.</p><p>Major phone companies, such as AT&amp;T, Verizon and T-Mobile, as well as cable provider Comcast, have said they&rsquo;re implementing Stir/Shaken. Multiple carriers asked for an extension, but the FCC denied those petitions in March.</p><h2>Does this mean we&rsquo;ll see a huge drop in robocalls come July 1?</h2><p>That&rsquo;s the hope. But sadly, it probably won&rsquo;t be the reality. For one thing, some carriers have already been implementing Stir/Shaken. So the deadline won&rsquo;t necessarily mark a hard switchover for most phone companies. It&rsquo;s a technology and framework they&rsquo;ve been implementing and deploying for a while. </p><p>The second reason is that scammers are always coming up with new ways to make illegal robocalls. The sad truth is that making these calls is cheap and scamming people is lucrative. </p><p>“It ends up being a game of whack-a-mole,” FCC Commissioner Brendan Carr said in an interview with CNET in May. “So the long-term solution is still difficult. We&rsquo;ll see how much progress we can make.”</p><h2>Will all carriers be required to hit this deadline?</h2><p>Previously, the FCC had given small providers, those with fewer than 100,000 subscribers, until June 30, 2023, to implement Stir/Shaken. The extension would allow smaller providers to evaluate the implementation costs and plan deployment. But the FCC said in April that there&rsquo;s evidence a large volume of illegal robocalls are coming from a subset of smaller providers, so the agency has proposed bumping up the deadline for these carriers by a full year. </p><h2>What&rsquo;s the government been doing to stop illegal robocalls?</h2><p>The Department of Justice, the Federal Trade Commission and the FCC have worked together to combat robocalls. In March 2020, the DOJ won an injunction against two internet telephone providers that allegedly transmitted hundreds of millions of calls to consumers. </p><h2>What about the FCC?</h2><p>The agency has stepped up its enforcement, sending cease-and-desist letters to carriers that facilitate scam calls and imposing fines on illegal robocallers. In one case, the FCC fined Texas telemarketers $225 million for spoofing roughly 1 billion robocalls. </p><p>Though the June 30 date is the deadline for carriers to implement Stir/Shaken, many carriers have already started using the technology. As these carriers have gotten Stir/Shaken working, it&rsquo;s gotten easier for the FCC to track down carriers that illegally transmit calls. And it could potentially get even easier as all carriers meet the deadline for implementation. </p><p>“We need to use every tool we have to get these junk calls off of our networks,” acting FCC Chair Jessica Rosenworcel said in a statement in May. “From these new cease-and-desist letters to STIR/SHAKEN implementation to large fines and our robocall mitigation database, we are going to do everything we can to protect consumers from these nuisance calls,” Rosenworcel said. “We&rsquo;re not going to stop until we get robocallers, spoofers, and scammers off the line.”</p><p>Carr noted in an interview with CNET in May that there isn&rsquo;t a silver bullet for stopping these calls. Multiple technologies and policies are needed to address this issue, he said. </p><p>“I think combined that&rsquo;s what&rsquo;s going to break the back of these robocallers,” Carr said. “If it doesn&rsquo;t, then we&rsquo;ve got to continue to innovate and find more technologies that are going to stop this, because certainly the bad actors that are out there have a profit motive to find a way around these systems.”</p><h2>Is there any more movement in Congress to get tougher?</h2><p>Earlier this month, Senate Majority Leader Chuck Schumer and Sen. Kirsten Gillibrand, both Democrats from New York, introduced the Deter Obnoxious, Nefarious, and Outrageous Telephone (Do Not) Call Act to increase penalties for individuals and companies intentionally preying on consumers through unsolicited and illegal robocalls. </p><p>The bill would:</p><ul><li>Clarify violations under the Telephone Consumer Protection Act, which outlaws robocalls.</li><li>Allow prison terms of up to one year for willfully and knowingly violating the TCPA.</li><li>Allow prison terms of up to three years for aggravated violations of the TCPA.</li><li>Double the maximum penalties under the TCPA for falsifying caller ID, from $10,000 to $20,000.</li></ul><p>“Americans are desperate to &rsquo;hang up the phone&rsquo; and the DO NOT Call Act is the antidote we need to cut the cord on &rsquo;spoofing&rsquo; scams that target especially elderly New Yorkers,” Schumer said in a statement. </p><p>Gillibrand added, “This vital piece of legislation will give the FCC the tools needed to combat scammers who grossly violate the Telephone Consumer Protection Act and, all too often, target and defraud senior Americans.”</p>"
  },
  "date": "2021-06-30T14:42:10-05:00",
  "featured": false,
  "headline": "Robocalls Are Out Of Control. But That Could All Change Today",
  "id": "1625064130",
  "imageFilename": "robocalls-are-out-of-control",
  "slug":"robocalls-are-out-of-control-but-that-could-all-change-today",
  "sourceName": "CNET",
  "sourceArticleUrl": "https://www.cnet.com/news/robocalls-are-out-of-control-but-that-could-all-change-today/",
  "tags": ["Department of Justice", "Robocalls"]
},
{
  "content": {
    "html": "<p>Nearly 1 in 3 Americans say they&rsquo;ve fallen victim to a phone scam in the past year, like the ones where someone calls pretending to be from the IRS or from a company inquiring about an expiring warranty on your vehicle.</p><p>That&rsquo;s according to a new report from Truecaller that finds roughly 59.4 million Americans have lost money to phone scams over the past year. About 19% fell victim more than once, according to the report, which was undertaken in partnership with The Harris Poll in March 2021.https://datawrapper.dwcdn.net/P9AOf/2/</p><p>Not only is the number of victims on the rise, the expense of these scams is also up. The average reported loss was about $502 per person, the highest amount on record since Truecaller began tracking this data in 2014 and up significantly from the average loss of $351 reported in 2020. </p><p>“It&rsquo;s very disappointing to me, and alarming that people are getting convinced to send criminals money,” says Clayton LiaBraaten, senior advisory board member at Truecaller. Yet it&rsquo;s not surprising, he adds, considering how convincing scammers can be. “These criminals are incredibly clever in the way that they manipulate people.” </p><p>Fraudsters are very good at what they do; they understand all of the technology, all of the loopholes and all of the gaps to get into the networks, as well as the psychosocial approach to intimidating people and getting them to pay, LiaBratten says.</p><p>Truecaller found that younger Americans are more susceptible to phone scams. And across generations, about 59.4% of men reported being scammed, compared to just 38.3% of women.https://datawrapper.dwcdn.net/WRHNo/1/</p><p>Americans will likely see a short-term dip in scam calls over the summer, in part because the Federal Communications Commission is requiring providers to implement caller ID authentication technology by June 30, 2021. LiaBraaten says this will help mitigate spoofing, but it&rsquo;s not a silver bullet. </p><p>Every time regulators or businesses find a new anti-fraud solution, put in a firewall or develop some sort of new anti-malware software, the criminals find a way to get around it. “They&rsquo;re not going to give up,” LiaBraaten says.</p><p>Yet there are ways that consumers can make it more difficult for scammers to successfully scam money from them. </p><h2>Let unknown calls go to voicemail </h2><p>Most experts recommend that consumers avoid picking up any calls from unfamiliar phone numbers. Instead, let them roll into voicemail for further scrutiny. “If somebody doesn&rsquo;t leave a voicemail, then it obviously wasn&rsquo;t that important,” LiaBraaten says. </p><p>Although the FCC&rsquo;s new requirement will make it more difficult for scammers to use spoofing technology to impersonate government agencies and legitimate businesses, consumers should still be on guard. </p><p>Additionally, LiaBraaten says Americans should be leery about picking up the phone for out-of-area calls. If someone is calling you from Lexington, Kentucky, or Boise, Idaho, and you have no relationships to people or businesses there, the simplest solution is to let the call go to voicemail. </p><h2>Block and report spam calls</h2><p>If you do suspect a call is spam, block it, LiaBraaten says. You can manually block a call on your phone or download a robocall-blocking app. </p><p>Most mobile service providers have free software or apps that allow you to screen or block automated calls. Some, like Verizon, have software that automatically blocks some of the worst robocalls throughout their network, while others have separate options that consumers can install. </p><p>If a caller didn&rsquo;t leave a voicemail and you have no idea who it was, you can use a number lookup to see if it&rsquo;s attributed to any business that you might be affiliated with. If not, block it. Some apps allow you to also report the number so that they can warn other users. Additionally, you can report unwanted calls through the national Do Not Call Registry.</p><h2>Limit how you give your number out</h2><p>Be careful where and how you give out your number. There are a lot of ways scammers can get their hands on your phone number, but you don&rsquo;t want to make it any easier for them, LiaBraaten says.</p><p>Do you really need to include it on websites or social media accounts? Do you need to give it out to retailers when they ask at checkout? </p><p>“This is high enough at $500 a pop that people should be treating their phone numbers like they treat their bank account numbers,” LiaBraaten says.</p>"
  },
  "date": "2021-06-29T15:14:00-05:00",
  "featured": false,
  "headline": "Americans Lost $29.8 Billion to Phone Scams Alone Over the Past Year",
  "id": "1624979640",
  "imageFilename": "americans-lost-29-billion-to-scams",
  "slug":"americans-lost-29-8-billion-to-phone-scams-alone-over-the-past-year",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://www.cnbc.com/2021/06/29/americans-lost-billions-of-dollars-to-phone-scams-over-the-past-year.html",
  "tags": ["Caller-ID Spoofing", "Phone Scam", "Spoofing"]
},
{
  "content": {
    "html": "<p>The Federal Communications Commission (FCC) has issued a Public Notice reminder to certain voice service providers regarding their obligations to implement STIR/SHAKEN and the robocall mitigation database filing deadline.</p><p>Specifically, the agency&rsquo;s June 21, 2021 Public Notice “reminds voice service providers and intermediate service providers not subject to an extension that they must implement the STIR/SHAKEN caller ID authentication framework in their Internet Protocol networks no later than June 30, 2021. We also remind voice service providers that they must file certifications in the Robocall Mitigation Database no later than June 30, 2021.”</p><p>The FCC Public Notice also warns “those voice service providers and intermediate providers without an extension of, or exemption from, the STIR/SHAKEN implementation deadline that fail to implement the authentication framework by June 30, 2021, and those voice service providers that fail to file the required certification and accompanying information in the Robocall Mitigation Database by this date may be subject to appropriate enforcement action.” Further, “beginning September 28, 2021, intermediate providers and voice service providers may not accept traffic directly from voice service providers that are not listed in the database.”</p>"
  },
  "date": "2021-06-28T14:51:00-05:00",
  "featured": false,
  "headline": "FCC Reminders RE STIR/SHAKEN and Robocall Mitigation Database",
  "id": "1624891860",
  "imageFilename": "fcc-reminders-re-stir-shaken-and-robocall-mitigation-database",
  "slug":"fcc-reminders-re-stir-shaken-and-robocall-mitigation-database",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://www.natlawreview.com/article/fcc-reminders-re-stirshaken-and-robocall-mitigation-database",
  "tags": ["FCC", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>The Federal Communications Commission (FCC) has now adopted rules to implement Section 10(a) of the TRACED Act, which provision directed the agency “to establish regulations to create a process that &lsquo;streamlines the ways in which a private entity may voluntarily share with the Commission information relating to&rsquo; a call or text message that violates prohibitions regarding robocalls or spoofing set forth section 227(b) and 227(e) of the Communications Act of 1934, as amended.” Its June 17, 2021 Report and Order is here. https://docs.fcc.gov/public/attachments/FCC-21-75A1.pdf</p><p>To satisfy the requirement, the FCC&rsquo;s Report and Order directs the FCC&rsquo;s “Enforcement Bureau to create and monitor an online portal located on the Commission website. We anticipate that this portal will be particularly useful to private entities experiencing large scale robocall incidents and voice service providers that have network analytic information. This robocall &lsquo;tip&rsquo; line will provide a streamlined process for reporting potential violations, and will enable the Enforcement Bureau to respond quickly to disruptive robocalling events.”</p><p>In defining the term “private entity,” the FCC excludes “individual natural persons,” noting that “we find that interpreting the term to exclude individual consumers from the definition of private entity is consistent with Congress&rsquo;s other uses of that term and similar terms.” With that exception, the term includes “any entity other than…a public entity.” A “public entity” is “any governmental organization at the federal, state or local level.”</p><p>The new portal will not “affect the process by which a consumer submits an informal complaint about a robocall or a spoofed call, using the long-standing process located on the Commission&rsquo;s home page.”</p><p>Except for rule sections that require approval by the Office of Management and Budget – which relate to collection of information through the portal – the new provisions take effect 30 days after publication in the Federal Register. The FCC&rsquo;s Enforcement Bureau will announce the effective date of the information collection provisions in a subsequent Federal Register document after OMB review.</p>"
  },
  "date": "2021-06-28T14:47:00-05:00",
  "featured": false,
  "headline": "FCC Adopts Rules for Online Robocall Reporting Portal",
  "id": "1624891620",
  "imageFilename": "fcc-adopts-rules-for-online-robocall-reporting-portal",
  "slug":"fcc-adopts-rules-for-online-robocall-reporting-portal",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://www.natlawreview.com/article/fcc-adopts-rules-online-robocall-reporting-portal",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<h2>At a glance.</h2><ul><li>Vishing campaigns sneak past spam filters.</li><li>C10p doxes more victims.</li><li>Data taken during the Tulsa ransomware attack are published online.</li></ul><h2>Vishing campaigns sneak by spam filters.</h2><p>Threatpost details two vishing campaigns taking advantage of the public&rsquo;s trust in household names like Geek Squad and Norton Antivirus. In the Geek Squad campaign, the malicious email convincingly mimics Best Buy&rsquo;s IT support service, containing a fake protection plan renewal confirmation and urging the target to call a fraudulent billing phone line. With the Norton scam, the email forgoes any brand-specific formatting, instead bearing a header spelling “N0RT0N PR0TECTI0N” with zeros replacing the letter O. Armorblox researchers found that the emails, sent to tens of thousands of corporate inboxes, went undetected by Microsoft spam filtering because they appeared to be sent from a source server on the &lsquo;IP Allow&rsquo; list and contained no suspicious links. “Including phone numbers as the payload is effective because a phone number is not an IOC that the security community tracks in a structured, shareable manner right now,” explained researcher Abhishek Iyer. Though the nefarious phone numbers have been deactivated, the campaigns demonstrate how easily vishing campaigns can circumvent traditional detection methods.</p><h2>C10p publishes stolen data days after recent arrests.</h2><p>As the CyberWire noted last week, the National Police of Ukraine, along with South Korean and American authorities, completed a successful sting that ended in the arrest of six alleged members of the C10p ransomware gang and reportedly shut down the threat group&rsquo;s server infrastructure. However, just days later, C10p appears to be up and running, releasing data purportedly stolen from a farm equipment retailer and an architecture office, TechCrunch reports. According to cybersecurity firm Intel 471, C10p&rsquo;s speedy resurgence could be because last week&rsquo;s arrests impacted only the money-laundering arm of the gang, not its core members: “The overall impact to C10p is expected to be minor, although this law enforcement attention may result in the C10p brand getting abandoned as we&rsquo;ve recently seen with other ransomware groups like DarkSide and Babuk.” C10p&rsquo;s top actors are believed to reside in Russia, where authorities have been hesitant to take action against cybercriminals. That said, just last week Russian Federal Security Service head Alexander Bortnikov agreed to collaborate with the US, so perhaps the tide could be turning.</p><h2>Stolen data published after Tulsa ransomware attack.</h2><p>The City of Tulsa, located in the US state of Oklahoma, suffered a ransomware attack in May, and now the perpetrators have released more than 18,000 stolen files on the dark web. IT Pro reports that the data consist predominantly of police citations and internal department files, containing personal data such as names, dates of birth, addresses, and driver&rsquo;s license info. As the investigation continues, officials urge anyone who has shared private data with the City to monitor their accounts for suspicious activity.</p><p>We heard from Chris Clements, VP of Solutions Architecture at Cerberus Sentinel, who reminds us of the utility such information has in rendering social engineering more plausible, more convincing:</p><p>“While the disclosure of this type of information may not seem immediately useful to cybercriminals, it can be leveraged to create incredibly powerful social engineering lures to fool victims into sending money. In this instance, the disclosure of police records can be used to construct convincing stories to trick unsuspecting victims or their families into paying fake fees or fines by claiming to be lawyers or court representatives. Even normally scam savvy people may be fooled if a fraudster has enough detailed information. </p><p>”Municipalities must adopt a culture of security to protect their data from compromise including proper staff training, security hardening of systems and applications, regular penetration testing to identify any gaps or mistakes and finally continuous monitoring for any suspicious activity that may indicate that an attack is imminent.</p><p>“Individuals must remain vigilant to potential fraud attacks as well. Even someone contacting you with seemingly legitimate information should require independent verification before sending personal information or payments to. In this case, if you are contacted about your or a family member&rsquo;s criminal case or fine, you should separately verify the information and requested actions by looking up and calling the court directly.”</p><p>Erich Kron, Security Awareness Advocate at KnowBe4, observes that the incident is another reminder of the ruthlessness of ransomware gangs:</p><p>“Conti, one of the most prolific ransomware gangs in operation, continues to show that it is ruthless in its attacks on the public sector and healthcare networks. In a May 20th alert, the same month as this attack, the FBI warned of this group and their specific targeting of first responder and healthcare networks. </p><p>”The Conti group is showing a blatant disregard for the authority of law enforcement as they continue their attacks on these vital services. Even after the shutdown of the Darkside gang, the arrests in the takedown of the Clop group, and even in light of the Ziggy ransomware gang providing all of their encryption keys for victims due to the fear of law enforcement actions, Conti continues their attacks without skipping a beat.</p><p>“Because Conti&rsquo;s typical attacks begin with email phishing or stolen RDP (Remote Desktop Protocol) credentials, organizations looking to defend themselves against the threat should concentrate on these attack vectors. Users should be provided high-quality security awareness training with a focus on spotting phishing emails, dealing with potentially infected documents or malicious email links, the importance of having secure passwords that are unique, complex and not shared or reused anywhere else, and the use of two-factor authentication. Providing password vaults and the education to properly use them can help greatly in this matter as well. In addition, organizations should review the security related to any RDP instances they have deployed, paying special attention to securing against brute force attacks, spotting unusual login times or attempts from unusual locations and ensuring that unusual behavior through these portals is quickly reported to security.”</p>"
  },
  "date": "2021-06-24T15:04:00-05:00",
  "featured": false,
  "headline": "Vishing, doxing, and the Ruthlessness of Ransomware Gangs",
  "id": "1624547040",
  "imageFilename": "vishing-doxing-and-the-ruthlessness-of-online-ransomware-gangs",
  "slug":"vishing-doxing-and-the-ruthlessness-of-ransomware-gangs",
  "sourceName": "The CyberWire",
  "sourceArticleUrl": "https://thecyberwire.com/newsletters/privacy-briefing/3/121",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>New dictionary words have been formed to describe online scams. Phishing, one that everyone knows by now, is when a scammer uses a pretext in an email to get someone to click on a link or attachment in the email to deploy malicious malware and ransomware.</p><p>Social engineering is when criminals conduct online search of individuals and companies by looking at Facebook and LinkedIn profiles and through Google searches to find out as much as possible about a company and its employees and develop a dossier on the company to launch a phishing, vishing or smishing scam.</p><p>Vishing can occur, for example, when a criminal buys a similar domain to a company domain, then adds some security terms to make it look like they are from the IT department of the company and calls an employee, tells them a story about how they need to update the VPN or add additional security measures, sends the employee an email from the fake company email address and while they are on the phone with the employee, convinces the employee to put their user name and password into the pop-up, now allowing the criminal full access to the employee&rsquo;s account.</p><p>And smishing (it&rsquo;s so new that spell check doesn&rsquo;t recognize it) is when the scammers use a text (SMS messaging) as the ruse instead of an email or a telephone call.</p><p>People tend to trust text messages more than emails. They also read them more frequently and faster than emails. Scammers are using old techniques with new technology to get people to click on embedded links to introduce malicious malware into individuals&rsquo; phones or to give up personal or corporate credentials. Now the scam is using text messages.</p><p>This should be concerning for IT professionals since so many employees use their personal phones for work. Even though the employees are being targeted on their personal phones, the smishing scams can be a threat to corporate security. IT professionals may wish to add smishing as a technique when providing security training to employees so they are aware of the latest techniques used by criminals.</p>"
  },
  "date": "2021-06-24T14:57:00-05:00",
  "featured": false,
  "headline": "Phishing, Vishing, and Smishing—Your Employees Need to Know the Newest Schemes",
  "id": "1624546620",
  "imageFilename": "phishing-vishing-smishing-the-newest-schemes",
  "slug":"phishing-vishing-and-smishing-your-employees-need-to-know-the-newest-schemes",
  "sourceName": "JD Supra",
  "sourceArticleUrl": "https://www.jdsupra.com/legalnews/phishing-vishing-and-smishing-your-9828510/",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>A new report shines a light on the malicious practice known as voice phishing or vishing – a social engineering tactic that some cyber experts say has only grown in prominence since COVID-19 forced employees to work from home.</p><p>And in some instances the technique is being used to supplement email-based phishing attempts.</p><p>“Vishing is one of the attacks that we&rsquo;ve seen a huge surge in since lockdown,” in part due to the increase in conversations that happen over the phone or over Zoom, said report author Abhishek Iyer, director of product marketing at Armorblox, in an interview with SC Media. Iyer estimated that the number of vishing attacks have doubled since the COVID-19 pandemic took hold in March of 2020. Indeed, some of these attacks even leveraged the pandemic as a lure, to trick people into calling numbers for coronavirus test results, he added.</p><p>Iyer also believes that the frequency emails sent from businesses and employers related to password resets, security alerts, locked accounts, order confirmations and invoices have increased during the pandemic as well. “And so many of the attacks that we see try to replicate these workflows,” because “we tend to act quicker on these.”</p><p>The report from Armorblox describes a pair of recently observed attacks in which adversaries sent an email designed to fool recipients into calling phone number staffed by a malicious actor who then perpetuates the scam from there. A similar tactic was used recently by actors looking to spread BazarBackdoor malware, but in this latest case, the purpose was to steal credit card information.</p><p>This hybrid use of email and phone is a technique designed to avoid actually placing malicious phishing URLs or attachments in emails, in order to bypass email security solutions and spam filtering. For instance, both of the attacks described by Armorblox reportedly bypassed Microsoft security controls.</p><p>“The only payload here is a phone number, and phone numbers are not something that the security community tracks and shares in a scalable manner. I don&rsquo;t know if it&rsquo;ll ever be,” said Iyer. And because phone numbers can be changed and reassigned, you often “don&rsquo;t really know if a phone number is legitimate or not.”</p><p>“It is apparent that it is a two-prong attack – the first being phishing and the second being vishing,” said James McQuiggan, security awareness advocate at KnowBe4, commenting on the report. “Phishing is not always about clicking a link or opening an attachment, but getting the victim to take an action they might not otherwise take. The email appears believable, and they provide a phone number which continues the confidence or social engineering scam against the victim.”</p><p>Both email attacks were sent from Gmail accounts, used a fake order confirmation as a lure, and employed social engineering techniques such as messaging that&rsquo;s “carefully treading the line between vagueness and urgency-inducing specificity,” Iyer wrote in the blog post.</p><p>One attack impersonated electronic retailer Best Buy&rsquo;s Geek Squad division, even using similar HTML stylings as the actual company in order to feign authenticity. This attack informed recipients that they had been renewed for an annual protection service at the cost of $358.46 – a sizable enough fee to potentially trigger some victims to call the posted number before recognizing that something is suspicious.</p><p>The other attack impersonated communications from Norton AntiVirus, but using the digit zero instead of the letter O in order to trick “deterministic filters or blocklists that check for brand names being impersonated,” the blog post explains.</p><p>In both cases, Armorblox researchers discovered that the numbers listed in the phishing/vishing emails had been disconnected. But it&rsquo;s simply enough for a new number to spring up just as quickly. According to Iyer, it&rsquo;s relatively easy and cheap for cybercriminals set up this kind of scam. “ I don&rsquo;t think there&rsquo;s anything too sophisticated, he said. ”Setting up a Google Voice number is very easy. They email attack doesn&rsquo;t even need to have a URL, and attackers can be confident of launching these attacks at scale and maybe they&rsquo;ll make their way past inboxes.“</p><p>In his blog post, Iyer recommenders that user organizations protect themselves by bolstering native email security with additional controls, be aware of social engineering cues, observe MFA and password management best practices, and avoid sharing sensitive information over the phone.</p><p>”Always be sensitive when you&rsquo;re talking to someone over the phone and they&rsquo;re asking you for data that sounds strange, especially if it&rsquo;s someone you have ever talked to before,“ said Iyer. ”We want to be polite over the phone, so if someone asks us [for personal information], we won&rsquo;t hang up straight away. We&rsquo;ll see what the call is about – there is a human being on the end of the line, after all.“</p><p>Keep that politeness in check, he added, especially when someone is asking you for account details.</p><p>”Users must educate themselves and remain aware of the latest scam emails, and trust, but verify when it comes to billing or information requests,“ added McQuiggan. ”Users should understand that they need to confirm information through the actual website and avoid utilizing the information within an email when prompted with an email.“</p><p>Email security company Tessian also conducted research last year showing that 24% of IT leaders had experienced more vishing attacks once their employees began working remotely between March and July 2020.</p><p>”I think data breaches are a significant contributor to the increase in phone and email phishing,“ said Charles Brook, threat intelligence researcher at Tessian. ”Breaches from major social media sites contain aligned personal information like names, phone numbers and email addresses for thousands of individuals. There is a good chance that cybercriminals will be collating or joining up the information from various data breaches to create an information-rich dataset of potential targets, in order to make their scams as convincing as possible.::quot::</p>"
  },
  "date": "2021-06-24T06:00:00-05:00",
  "featured": false,
  "headline": "Hybrid Phishing/Vishing Attacks Imitate Business Workflows",
  "id": "1624514400",
  "imageFilename": "hybrid-phishing-vishig-attacks-imitate-business-workflows-1",
  "slug":"hybrid-phishing-vishing-attacks-imitate-business-workflows",
  "sourceName": "SC Media",
  "sourceArticleUrl": "https://www.scmagazine.com/home/security-news/phishing/hybrid-phishing-and-vishing-attacks-hunt-for-credit-card-info/",
  "tags": ["Phone Scam", "Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<p>An email campaign asking victims to call a bogus number to suspend supposedly fraudulent subscriptions got right past Microsoft&rsquo;s native email controls.</p><p>A pair of billing and tech support “vishing” attacks using Geek Squad and Norton Antivirus as cover managed to hit 25,000 mailboxes recently, questing after victims&rsquo; credit-card details.</p><p>Vishing (a contraction of “voice phishing”) generally involves stealing personal information from victims over the phone or leaving fraudulent voice messages. In this case, researchers said the gambit consisted of sending fake order receipts via email, and then including phone numbers to call “for processing order returns.”</p><p>According to researchers at Armorblox, the emails bypassed native Microsoft email security controls along with email security engines like Exchange Online Protection (EOP) and Proofpoint, landing in tens of thousands of corporate inboxes.</p><p>“Microsoft assigned a spam confidence level (SCL) of &lsquo;-1&rsquo; to both emails,” explained researcher Abhishek Iyer, writing in a Thursday posting. “This means the emails skipped spam filtering because Microsoft determined they were from a safe sender to a safe recipient or were from an email source server on the &lsquo;IP Allow&rsquo; list.”</p><h2>Geek Squad…to the Rescue?</h2><p>The Geek Squad vishing email. Click to enlarge. Source: Armorblox.</p><p>The attackers used the same look and feel from a branding perspective as the real Geek Squad, Iyer said, and the email body language “carefully [tread] the line between vagueness and urgency-inducing specificity.”</p><p>The emails likely avoided suspicion because the messages didn&rsquo;t include any random links – usually the hallmark used for spotting malicious emails or scams.</p><p>Instead, the only call to action in the email was a phone number that would supposedly connect the recipient to the “billing department” in order to process order returns, the researcher explained. The method enabled the emails to bypass standard threat-detection controls.</p><p>“Including phone numbers as the payload is effective because a phone number is not an IOC that the security community tracks in a structured, shareable manner right now (and might never be, due to the fungibility of phone numbers, random numbers generated through Google Voice, etc.),” Iyer said.</p><h2>Irony Alert: Norton Vishing Attack</h2><p>The Norton attack was less frilly, according to Armorblox, with the body being sent in plain text, stripped of any HTML stylings or Norton branding.</p><p>Otherwise, the emails used the same approach as in the Geek Squad campaign, being also sent from a Gmail account and with the same “Order Confirmation” subject line, according to the researcher. And, once again, there were no links or conventional payloads in the body of the email, just a phone number to use to “cancel a subscription.”</p><p>The emails did exhibit one notable detection-evasion trick, Iyer explained.</p><p>“Near the top of the email, notice the &lsquo;N0RT0N PR0TECTI0N&rsquo; with zeros instead of the letter O. This is a simple but effective technique used by attackers to slip past any deterministic filters or blocklists that check for brand names being impersonated,” he said.</p><h2>Nobody Home</h2><p>In both cases, the Armorblox research team called the number provided, from a disposable Google Voice endpoint, only to find that the scam numbers had been deactivated.</p><p>“The technique here matters as much as (if not more than) the outcome,” Iyer said. “If the number here was taken down, it&rsquo;s very easy for the attackers to stand up another number and repeat the attack flow, because they know the email is getting past traditional email-security controls.”</p><p>He added that one social-engineering aspect that leads to success for this type of campaign is the context of the attacks. They “replicate workflows that already exist in our daily lives (ordering subscriptions and services online),” he explained. “When we see emails we&rsquo;ve already seen before, our brains tend to employ System 1 thinking and take quick action.”</p><h2>How to Avoid Becoming a Vishing Victim</h2><p>Vishing is certainly not new – last year for example, a similar campaign made the rounds with emails purporting to communicate about an Amazon delivery order. They included a phone number for the “Fraud Protection Team” to call in case the order was bogus.</p><p>“Vishing was used last year as part of the Twitter hack, where two eighteen-year-olds gained the confidence of two Twitter employees and got access to their systems to post fake tweets from various celebrities and convinced 120 people to give up $1,000 of bitcoin to receive $2,000,” said James McQuiggan, security awareness advocate at KnowBe4. “In this instance, it is apparent that it is a two-prong attack — the first being phishing and the second being vishing. Phishing is not always about clicking a link or opening an attachment, but getting the victim to take an action they might not otherwise take. The email appears believable, and they provide a phone number which continues the confidence or social engineering scam against the victim.”</p><p>However, vishing isn&rsquo;t as well-known as phishing, nor as common. To protect oneself from these types of scams, organizations should not only augment native email security with additional controls, but also layer on additional employee training, especially when it comes to engaging with familiar-seeming emails in a rational and methodical manner.</p><p>“Subject the email to an eye test that includes inspecting the sender name, sender email address, language within the email and any logical inconsistencies within the email (e.g. Why is Geek Squad sending an email to my work account, why are none of the CTA buttons in the email working, etc.),” Iyer suggested.</p><p>If convinced the email may be legitimate, simply be suspicious when calling the number, and never give up credit-card details or other sensitive information over the phone, he added. It&rsquo;s worth carrying out a second-channel effort and searching for a publicly available customer-service or billing number for the company in question.</p><p>“Users must educate themselves and remain aware of the latest scam emails and trust but verify when it comes to billing or information requests,” McQuiggan said. “Users should understand that they need to confirm information through the actual website and avoid utilizing the information within an email when prompted with an email.”</p>"
  },
  "date": "2021-06-17T15:00:00-05:00",
  "featured": false,
  "headline": "Geek Squad Vishing Attack Bypasses Email Security to Hit 25K Mailboxes",
  "id": "1623942000",
  "imageFilename": "geek-squad-vishing-attack-bypasses-email-security",
  "slug":"geek-squad-vishing-attack-bypasses-email-security-to-hit-25k-mailboxes",
  "sourceName": "ThreatPost",
  "sourceArticleUrl": "https://threatpost.com/geek-squad-vishing-bypasses-email-security/167014/",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>On Thursday, the Federal Communications Commission unanimously approved a report and order under Section 10a of the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act to implement a streamlined process for private entities to report calls that may be unlawful and callers who are using legitimate businesses&rsquo; caller IDs.</p><p>“The new online portal will allow such entities to alert agency investigators of concerning incidents, including floods of robocalls like those that have been known to clog up hospital phone lines,” according to a news release from the FCC .</p><p>When a private entity submits a report through the online portal, it will collect their contact information and details about the robocall campaign they are concerned about, according to the FCC. The Consumer and Governmental Affairs Bureau may then initiate an investigation to stop the robocalls and may work with federal and/or state partners to address the issue.</p><p>The report and order also requires private entities using the portal to submit certain minimum information including, but not necessarily limited to, the name of the reporting private entity; contact information, including at least one individual name and means of contacting the entity (e.g., a phone number); the caller ID information displayed; the phone number(s) called; the date(s) and time(s) of the relevant calls or texts; the name of the reporting private entity&rsquo;s service provider and a description of the problematic calls or texts.</p><p>The new process will not affect the current informal complaint process that the Consumer and Governmental Affairs Bureau manages, according to the FCC.</p><p>The bureau will implement the portal once it receives the requisite approvals from the Office of Management and Budget. The report and order will take effect 30 days after it is published in the <em>Federal Register</em>.</p>"
  },
  "date": "2021-06-16T15:16:00-05:00",
  "featured": false,
  "headline": "FCC Adopts Order Under TRACED Act for Reporting Unlawful Robocalls and Caller ID Spoofing",
  "id": "1623856560",
  "imageFilename": "fcc-adopts-order-under-traced-act-for-reporting-robocalls-and-spoofing",
  "slug":"fcc-adopts-order-under-traced-act-for-reporting-unlawful-robocalls-and-caller-id-spoofing",
  "sourceName": "ACA International",
  "sourceArticleUrl": "https://www.acainternational.org/news/fcc-adopts-order-under-traced-act-for-reporting-unlawful-robocalls-and-caller-id-spoofing",
  "tags": ["Caller-ID Spoofing"]
},
{
  "content": {
    "html": "<p>Robocalls are the No. 1 consumer complaint filed with the Federal Communications Commission, and robocalls to hospitals are a significant portion of the problem, creating a new type of ransomware attack on hospitals and a threat to public safety.</p><p>The illegal calls flood hospital networks and are often perpetuating fraud. The nonstop flow of calls undermines hospitals&rsquo; ability to perform patient care by keeping staff on phone lines unnecessarily and impairing operational capacity, according to a June 11 FCC news release.</p><p>Five details:</p><ol><li>Robocallers often use spoofed caller ID to trick hospital staff into thinking it&rsquo;s a real patient. Some robocalls attempt to trick hospital staff into giving up the insurance or financial information of a staff member. Hospitals have been falling victim to the intentional flooding of phone networks with multiple simultaneous calls, demanding a ransom payment in exchange for stopping the attack.<br></li><li>The flow of calls can clog phone lines and make it difficult for patient calls to get through. One hospital received 4,500 robocalls in two hours in 2018. Another hospital had 6,500 calls with spoofed caller ID to look like internal calls and tied up 65 hours of response time of hospital staff over 90 days. This hospital also received 300 robocalls spoofing numbers affiliated with the Justice Department in an attempt to extract sensitive information from physicians. <br></li><li>The FCC recommends hospitals make clinicians aware of unlawful robocalls that interfere with patient care and hospital operations. The FCC encourages hospitals to create a robocall incident response plan and increase their robocall blocking and labeling offerings from their phone providers.<br></li><li>Federal and state governments should expand efforts to prevent these fraudulent calls, such as increased call blocking and labeling tools and encouraging phone providers to cooperate with traceback requests.<br></li><li>Communication between law enforcement and hospitals should be improved. Law enforcement should actively monitor complaints, engage in prompt outreach to providers who can assist, and coordinate traceback response among law enforcement partners.</li></ol>"
  },
  "date": "2021-06-15T14:48:00-05:00",
  "featured": false,
  "headline": "Hospitals Held for Ransom by Flood of Robocalls: 5 Details",
  "id": "1623768480",
  "imageFilename": "Hospitals-held-for-ransom-by-flood-of-robocalls",
  "slug":"hospitals-held-for-ransom-by-flood-of-robocalls-5-details",
  "sourceName": "Health IT",
  "sourceArticleUrl": "https://www.beckershospitalreview.com/cybersecurity/hospitals-held-for-ransom-by-flood-of-robocalls-5-details.html",
  "tags": ["Robocalls", "TDoS"]
},
{
  "content": {
    "html": "<h2>How do vishing scams work, how do they impact businesses and individuals, and how can you protect yourself, your family and your business?</h2><p>We&rsquo;ve all heard of phishing, the tried-and-tested email scam that spoofs authoritative sources to trick recipients into handing over sensitive information or downloading malware. Well, vishing is its voice call equivalent. It&rsquo;s a con trick with many variants that can impact individuals and organizations alike – with potentially devastating consequences.</p><p>Together phishing, smishing, pharming and vishing cost more than 241,000 victims over $54 million in 2020. And that&rsquo;s just the cases that were reported to the FBI as many cases of fraud go unreported.</p><p>So how do vishing scams work, how do they impact businesses and individuals, and how can you protect yourself from them?</p><h2>The problem with social engineering</h2><p>Vishing works across the consumer and business sphere for one very good reason: human fallibility. Social engineering lies at the heart of the bad guys&rsquo; efforts. It is, in effect, the art of persuasion. Social engineering is about impersonating a trusted authority – your bank, technology provider, the government, an IT helpdesk worker – and creating a sense of urgency or fear that overrides any natural caution or suspicion the victim may have.</p><p>These techniques are used in phishing emails and fake text messages (known as smishing). But perhaps they&rsquo;re most effective when used “live” over the phone. Vishers have several additional tools and tactics to make their scams more successful, including:</p><ul><li>Caller ID spoofing tools, which can be used to hide the scammer&rsquo;s real location and even impersonate the phone numbers of trusted organizations. Last year, for example, clients of the Ritz London hotel had their personal details stolen during a breach at the luxury hotel and the scammers then used the data to mount convincing social engineering attacks against the victims, spoofing the hotel&rsquo;s official number in the process.</li><li>Multi-channel scams that might start with a smishing text message, a phishing email or a voicemail and encourage the user to call a number. Doing so will put the victim through direct to a scammer.</li><li>Social media scraping and open source research which can provide the scammer with a wealth of information on their victims. It can be used to target specific individuals (say, corporate employees with privileged accounts) and to add legitimacy to the scam – i.e., the visher may repeat back some personal details to the victim so that they might divulge more.</li></ul><p></p><h2>The impact of vishing in the workplace</h2><p>Vishing is most likely in corporate context to be used to steal privileged credentials. The FBI has warned multiple times of such attacks. Back in August 2020, it detailed a sophisticated operation in which cybercriminals researched their targets and then called pretending to be from the IT helpdesk. Victims were encouraged to fill in their login details at a previously registered phishing site designed to spoof the company&rsquo;s VPN login page. These credentials were then used to access company databases for customers&rsquo; personal information.</p><p>Such attacks are more commonplace partly thanks to the mass shift to remote working during the pandemic, the FBI warned. In fact, it was forced to issue another alert in January 2021 for an operation in which similar techniques were used to gain corporate network access.</p><p>A now-infamous breach at Twitter, in which highly targeted employees were tricked by vishers into revealing their logins, illustrates that even tech-savvy companies and users can fall victim. In this case, access was used to hijack the accounts of celebrity users to distribute a cryptocurrency scam.</p><h2>How voice phishing can hit your family</h2><p>Unfortunately, vishing scammers are also out in force to target consumers. In these attacks, the ultimate goal is to make money from you: either by stealing bank account or card information directly, or tricking you into handing over personal information and logins they can use to access these accounts.</p><p>Here are a few typical scams:</p><h3>Tech support scams</h3><p>In tech support fraud, victims are often cold-called by someone pretending to be their ISP, or a well-known software or hardware vendor. They&rsquo;ll claim to have found a non-existent problem with your PC and then elicit payment (and your card details) to fix it, sometimes downloading malware in the process. These scams may also begin with a user presented with a pop-up window that urges them to call a hotline number.</p><h3>Wardialing</h3><p>This is the practice of sending automated voicemail messages to large numbers of victims, and usually tries to scare them into calling back—for example by claiming they have tax bills or other fines unpaid.</p><h3>Telemarketing</h3><p>Another popular tactic is to call up claiming the recipient has won a fabulous prize. The only catch is that there&rsquo;s an upfront fee required before the victim can receive the prize.</p><h3>Phishing/smishing</h3><p>As mentioned, scams can begin with a spoofed email or fake SMS, encouraging the user to call a number. A popular one is an &lsquo;Amazon&rsquo; email claiming something is wrong with a recent order. Calling the number will put the victim on the line with a vishing fraudster.</p><h2>How to prevent vishing</h2><p>Although some of these scams are becoming increasingly sophisticated, there&rsquo;s plenty you can do to mitigate the risk of falling victim. Some basic steps include:</p><ul><li>Go ex-directory, so your number is not publicly available.</li><li>Do not enter your phone number into any online forms (i.e., when buying online).</li><li>Be wary of requests for your bank, personal or any other sensitive information over the phone.</li><li>Exercise caution – don&rsquo;t engage with any unsolicited callers, especially if they ask to confirm sensitive details.</li><li>Never call back a number left via voicemail. Always contact the organization direct.</li><li>Use multi-factor authentication (MFA) on all online accounts.</li><li>Ensure your email/web security is updated and includes anti-phishing capabilities.</li></ul>"
  },
  "date": "2021-06-14T15:01:00-05:00",
  "featured": false,
  "headline": "Vishing: How to Avoid Getting Scammed",
  "id": "1623682860",
  "imageFilename": "Vishing-how-to-avoid-getting-scammed",
  "slug":"vishing-how-to-avoid-getting-scammed",
  "sourceName": "WeLive Security",
  "sourceArticleUrl": "https://www.welivesecurity.com/2021/06/14/vishing-what-is-it-how-avoid-getting-scammed/",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>Most people know about internet scams. If you visit the wrong website or open the wrong email, it&rsquo;s surprisingly easy to wind up a being a victim of cybercrime.</p><p>One type of scam that many people overlook, however, is the type that occurs over the phone. And unfortunately, these scams can be just as expensive.</p><p>Most phone scams rely on a technique known as vishing. So what is a vishing attack? And how can you keep yourself safe from it?</p><h2>What Is Vishing?</h2><p>Vishing, otherwise known as voice phishing, is a type of social engineering where attackers call victims over the phone pretending to be somebody else.</p><p>It can also occur in reverse, with the victim being tricked into initiating the phone call.</p><p>The person on the line might claim to be tech support, a bank employee, or even a police officer. In reality, they are criminals, typically calling from thousands of miles away, and the only thing that they really want is your personal information.</p><p>If they are successful, the next step is either identity theft or wire fraud.</p><h2>How Does Vishing Work?</h2><p>To start a vishing scam, all an attacker really needs is a phone number, a victim, and an idea. Here&rsquo;s how vishing works.</p><h3>Create a Fake Number</h3><p>First off, the attacker needs a way to create a fake number. Most people will check who is calling them before they give out information. Mostalso won&rsquo;t call a number if it doesn&rsquo;t have the correct area code.</p><p>Attackers often use call spoofing to achieve this. It provides them with a fake number that&rsquo;s both local and anonymous.</p><h3>Find a Victim</h3><p>All vishing scams start with finding a potential victim. One method is to email thousands of people and wait for somebody to respond. Another is to find directories of people and just start calling them one by one. Your number might have been involved in a data breach too.</p><p>It&rsquo;s possible to get people to start calling the fake number by posting it on social media pretending to be somebody else.</p><h3>Start Calling</h3><p>The next step depends largely on the attackers&rsquo; imagination. It also depends on how many different numbers they have access to.</p><p>They might choose a simple message and call a thousand numbers, asking the same question. Or they might take a more tailored approach and come up with a story that&rsquo;s designed to take information from a specific individual.</p><h2>Examples of Vishing Attacks</h2><p>Vishing tactics are constantly changing. When one stops working, attackers simply move onto the next.</p><p>Most, however, involve the same fake personas or character types.</p><h3>Bank Impersonation</h3><p>A bank employee will tell you that there&rsquo;s a problem with your account. In order to fix the problem, they first need to verify your details.</p><h3>Telemarketing</h3><p>A telemarketer will inform you that you&rsquo;ve won a free prize. In order to receive the prize, you just need to confirm your address.https://f25b5de9d31bc84ac24fcea6bd852384.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html</p><h3>Tech Support</h3><p>A tech support agent will tell you that they&rsquo;ve found an issue with your computer, smartphone, or another device. They may offer to send you a solution via email. Or they might ask to log into your computer remotely.</p><h3>Tech Sales</h3><p>A tech salesperson will offer you an amazing deal on some type of computer service or software. Once again, they require either an email address or access to your computer.</p><h3>Government Impersonation</h3><p>A government employee (usually the IRS) will tell you that there&rsquo;s some type of legal issue. To avoid a penalty, you just need to verify a few details. Sometimes, they&rsquo;ll even ask for money over the phone.</p><h2>How to Recognize Vishing Scams</h2><p>Cybercriminals rely on the fact that the majority of people aren&rsquo;t aware of their tactics. Vishing is no exception to this.</p><p>Most vishing calls are actually pretty easy to recognize once you are aware of their existence.</p><p>Always be suspicious whenever anyone calls you and claims to be in any position of power.</p><p>The average person is pretty cold when calling a stranger. A scam caller, on the other hand, will often try to be incredibly friendly, or, if that doesn&rsquo;t work, even moderately threatening.</p><p>All vishing calls eventually ask for something. Be on guard whenever an unknown caller asks you for personal information of any kind.</p><p>Anyone who makes phone calls for a living knows that they are not allowed to do this. Your bank, for example, would never ask you to provide sensitive details over the phone.</p><h2>How to Prevent Vishing Scams</h2><p>Half the battle of preventing vishing is just knowing that it exists. After that, it&rsquo;s just a matter of being careful and vigilant.</p><h3>Don&rsquo;t Answer Unknown Numbers</h3><p>The easiest way to prevent a vishing call is to simply not to pick up the phone. Naturally, this isn&rsquo;t always practical. If you don&rsquo;t know the number calling, you could leave it go to voicemail—if it&rsquo;s that urgent, they should leave a message. Obviously, that&rsquo;s not always the case, though.</p><h3>Be Careful Who You Call</h3><p>When searching for a number online, be careful where you look. Never call numbers that you find on social media.</p><h3>Always Verify Who You&rsquo;re Speaking To</h3><p>If you do have to receive a phone call from a stranger, don&rsquo;t discuss anything important without first verifying who you are talking to. This can be done by arranging to call them back at a number of your choosing.</p><p>Keep in mind that many scam callers will have their own scam number ready to give out, claiming it&rsquo;s their own personal direct line.</p>"
  },
  "date": "2021-06-12T15:17:00-05:00",
  "featured": false,
  "headline": "What is Vishing? The Voice Phishing Social Engineering Scam Explained",
  "id": "1623511020",
  "imageFilename": "What-is-vishing-the-voice-phishing-social-engineering-scam-explained",
  "slug":"what-is-vishing-the-voice-phishing-social-engineering-scam-explained",
  "sourceName": "Make Use Of",
  "sourceArticleUrl": "https://www.makeuseof.com/what-is-vishing/",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<h2>“No point of making a robocall if no one&rsquo;s there when you press 1.”</h2><p>Robocalls may have met their match in the pandemic.</p><p>The number of scam calls to phone lines in the United States dropped by half at the start of the pandemic, as lockdowns closed the call centers necessary to robocall enterprises and reduced the number of phone lines with a person on the other end.</p><p>Robocalls, auto-dialed calls that usually come with a recorded message that attempt to cheat victims, started coming back after the initial decline. Then Covid-19 walloped India and calls fell almost 20 percent from March to May, as the disease surged and prompted states and cities to institute a new wave of lockdowns.</p><p>Alex Quilici, CEO of the voicemail provider and scam-blocking app YouMail, said the lockdowns have had the side effect of preventing people who work at call centers from going in to those call centers.</p><p>“They couldn&rsquo;t leave their homes, so they couldn&rsquo;t do the scams,” Quilici said. “No point of making a robocall if no one&rsquo;s there when you press 1.”</p><p>India, along with Pakistan and the Dominican Republic, are among the main origin points for illegal robocalls involving Social Security, debt collection and bogus utilities, said Josh Bercu, vice president of policy and advocacy at USTelecom, the association that organizes the industry&rsquo;s robocall tracing efforts. “Those types of pure fraud almost always are coming from overseas,” Bercu said.</p><p>Scam calls peaked in October 2019, when an estimated 5.7 billion scam calls reached consumers, according to data from YouMail. Quilici said that while a series of enforcement actions from the Federal Communications Commission and the Department of Justice brought the total down some in late 2019 and early 2020, they absolutely bottomed out in April and May 2020, falling by nearly half.</p><p>“The weeks that India and Pakistan shut down, we saw robocalls fall off a cliff,” Quilici said of the 2020 shutdowns.</p><p>The number of calls have crawled back up since then, reaching a pandemic-era high of 4.9 million calls in the U.S. in March before falling again. But the types of scams have evolved as well. In May, YouMail warned that Americans were getting up to 150 million calls a month from scammers pretending to be from Amazon.</p><p>Marriott filed a lawsuit against 10 unknown robocall operators in May, claiming they made more than a half-million calls to residents in Virginia from October 2020 to March. In the filing, Marriott alleged the scammers tried to swindle people with bogus complementary stays at Marriott hotels, leading to what the company called an “exponential increase” in complaints from customers....</p>"
  },
  "date": "2021-06-07T14:42:00-05:00",
  "featured": false,
  "headline": "Pandemic Lockdowns Have Curbed Robocalls. The Telecom Industry Is Trying To Keep Them From Coming Back.",
  "id": "1623076920",
  "imageFilename": "Pandemic-lockdowns-have-curbed-robocalls",
  "slug":"pandemic-lockdowns-have-curbed-robocalls-the-telecom-industry-is-trying-to-keep-them-from-coming-back",
  "sourceName": "NBC News",
  "sourceArticleUrl": "https://www.nbcnews.com/news/us-news/pandemic-lockdowns-have-curbed-robocalls-telecom-industry-trying-keep-them-n1269831",
  "tags": ["Department of Justice", "Robocalls"]
},
{
  "content": {
    "html": "<h2>The commission is seeking comment on moving the deadline for additional providers to June 30, 2022. The deadline for most providers is June 30, 2021.</h2><p>At its May meeting, the Federal Communications Commission approved a Further Notice of Proposed Rulemaking (FNPRM) seeking comment on shortening the amount of time afforded to certain small voice service providers for implementing Caller ID authentication using the STIR/SHAKEN framework, according to a news release .</p><p>As a result, the deadline for those providers is now proposed to be June 30, 2022.</p><p>Implementation of caller ID authentication technology—specifically, the framework known as STIR/SHAKEN—will reduce the effectiveness of illegal spoofing, allow law enforcement to identify bad actors more easily, and help voice service providers identify calls with illegally spoofed caller ID information before those calls reach their subscribers, according to the FCC.</p><p>The FNRPM approved May 20 is “to fight illegal robocalls by proposing to accelerate the date by which small voice service providers that originate an especially large amount of call traffic must implement the STIR/SHAKEN caller ID authentication framework,” according to the meeting notice.</p><p>According to the FNPRM notice, the FCC is requiring most voice service providers to implement this technology in their Internet Protocol (IP) networks by June 30, 2021. The FCC granted some providers— including smaller voice service providers with 100,000 or fewer subscriber lines—until June 30, 2023, to implement the technology.</p><p>“New evidence suggests, however, that a subset of small voice service providers appears to be originating a large and increasing quantity of illegal robocalls,” according to the FCC.</p><p>In addition to the shorter deadline for STIR/SHAKEN, the FNRPM would:</p><ul><li>Seek comment on how best to identify and define the subset of small voice service providers that are at a heightened risk of originating an especially large amount of illegal robocall traffic; and</li><li>Seek comment on whether to adopt additional measures, including data submissions, to facilitate oversight to ensure that small voice service providers subject to a shortened deadline implement STIR/SHAKEN in a timely manner.</li></ul>"
  },
  "date": "2021-06-06T11:04:00-05:00",
  "featured": false,
  "headline": "FCC Proposes Earlier Caller ID Authentication Deadline for Small Voice Service Providers",
  "id": "1622977440",
  "imageFilename": "FCC-proposes-earlier-caller-ID-authentication-deadline",
  "slug":"fcc-proposes-earlier-caller-id-authentication-deadline-for-small-voice-service-providers",
  "sourceName": "ACA International",
  "sourceArticleUrl": "https://www.acainternational.org/news/fcc-proposes-earlier-caller-id-authentication-deadline-voice-service-providers-stir-shaken",
  "tags": ["Call Authentication", "FCC", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<h2>At a glance.</h2><ul><li>Employment scams.</li><li>Survey: Americans want more transparency about the handling of personal data.</li><li>Vishing in Seattle.</li></ul><h2>Employment scams: all in a day&rsquo;s work.</h2><p>It turns out if you have a job, lost a job, or are looking for a job (so, in short, anyone), you could be at risk for identity theft. In April, the US Federal Bureau of Investigation released an advisory warning that threat actors are using fraudulent job postings to swindle victims out of their personal information, and Proofpoint details several employment scams. As the CyberWire noted recently, cybercriminals are taking advantage of the increased demand for unemployment benefits due to the pandemic to commit unemployment fraud. A business email compromise uses fake, high-paying remote work opportunities as a lure to gain the target&rsquo;s trust, with the possible goal of using the victim as a money mule, convincing them their activities are all part of the new job. A highly sophisticated campaign involves a job offer message linking to a website that automatically downloads the More_eggs downloader, a JavaScript backdoor that profiles the victim&rsquo;s machine and installs additional payloads. </p><h2>Study shows Americans want increased transparency about data handling.</h2><p>A study conducted by API management firm Axway shows most Americans desire more clarity about how their data are being handled by the companies with which they interact. After surveying about one thousand adults, Axway found 82% wish they knew exactly what data companies were collecting, while only 39% felt they understood how their data is being stored. And as 59% see the value of sharing their personal data to improve user experience, 75% choose to work with companies they feel are working to protect their data. “Whether in energy, health, finance, or retail, companies are trying to stand out and provide brilliant digital experiences while also complying to industry data privacy and security requirements, which is no simple proposition,” Axway VP and Chief Catalyst Brian Pagano explained. It&rsquo;s worth noting that Axway found respondents were overwhelmingly positive about Apple&rsquo;s App Tracking Transparency framework, and 75% felt other operating systems should employ a similar approach.</p><h2>Utility provider sheds light on vishing scam.</h2><p>Washington state utility company Seattle City Light is alerting the public to an operation in which scammers are posing as bill collectors and using the threat of a power shutoff to convince the target to reveal payment details over the phone, the Seattle Times reports. Seattle City Light explains employees would never request payment via phone, email, or even a home visit, and that a shutoff would be preceded by multiple warnings. Victims are advised to report any incidents to Seattle City Light or local police.</p>"
  },
  "date": "2021-06-04T15:09:00-05:00",
  "featured": false,
  "headline": "Employment scams as phishbait. Data use transparency. Vishing, as a spoofed utility.",
  "id": "1622819340",
  "imageFilename": "Employment-scams-as-phishbait",
  "slug":"employment-scams-as-phishbait-data-use-transparency-vishing-as-a-spoofed-utility",
  "sourceName": "The CyberWire",
  "sourceArticleUrl": "https://thecyberwire.com/newsletters/privacy-briefing/3/107",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>Bank of Hawaii on Friday issued an alert of a new scam targeting customers and non-customers alike.</p><p>The “vishing,” or voice phishing, scam has involved a caller with a spoofed Bank of Hawaii caller I.D. impersonating a BOH representative. The caller demands the recipient press “1” to speak to another representative or threatens the deactivation of their account. At that point, sensitive information is requested.</p><p>One of the numbers identified has been 808-693-1637, although a variety have been used. The bank recommends anyone who receives such a call hang up.</p><p>In its alert, BOH reminded its customers that it does not call, email or text message them requesting personal identity information such as their name, social security number, PIN, account numbers and passwords.</p><p>If a BOH customer mistakenly provided personal information, they can contact the bank at 1-888-643-3888 and press “0.”</p><p>A BOH spokeswoman told Pacific Business news that the scam just came to the bank&rsquo;s attention and is “not frequent or prevalent at this time, but we wanted to err on the side of caution and let the public know, so they are aware of the specifics of the type of call.”</p><p>Other Hawaii banks and utilities have reported similar scams in recent months.</p>"
  },
  "date": "2021-06-04T15:07:00-05:00",
  "featured": false,
  "headline": "Bank of Hawaii Issues Vishing Fraud Warning",
  "id": "1622819220",
  "imageFilename": "Bank-of-Hawaii-Issues-Vishing-Fraud-Warning",
  "slug":"bank-of-hawaii-issues-vishing-fraud-warning",
  "sourceName": "Pacific Business News",
  "sourceArticleUrl": "https://www.bizjournals.com/pacific/news/2021/06/04/bank-of-hawaii-issues-fraud-warning.html",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>Americans received just under 4 billion robocalls in May, a 9.9% decrease in volume over April, marking the second straight decrease in monthly volumes and the lowest levels of robocalls this year. In May, robocalls averaged 128.7 million calls/day and 1,490 calls/second, down from April&rsquo;s 147.6 million calls/day and 1,708 calls/second.</p><p>Despite this decline in the pace of robocalls, Americans have received just under 22 billion robocalls in the first five months of the year, on pace to hit over 52 billion robocalls for the year.</p><p>“It&rsquo;s great to see a second straight month of declining robocall traffic, but we aren&rsquo;t getting too excited about the decline,” said YouMail CEO Alex Quilici. “We believe the decline is due to continuing and expanding lockdowns in India based on the prevalence of Covid-19 there, which once again has closed or reduced the capacity of call centers.” </p><p>May 2021 Saw A Big Decrease In Scam Calls</p><p>In May, combined scam calls and telemarketing calls accounted for roughly 63% of the month&rsquo;s total robocall volume, similar to the April results. However, the number of scam and telemarketing calls declined to 2.4 billion calls for the month. This is a very substantial number of likely unwanted and/or illegal calls, but it reflects a decline of 19% in scam calls and 8% in telemarketing calls.</p><figure><table><tbody><tr><td>Type ofRobocall</td><td>Estimated AprilRobocalls</td><td>Percentage AprilRobocalls</td></tr><tr><td>Scams</td><td>1.7 billion (-19%)</td><td>43% (-5%)</td></tr><tr><td>Alerts and Reminders</td><td>1.1 billion (flat)</td><td>26% (+2%) </td></tr><tr><td>Payment Reminders</td><td>.56 billion (flat)</td><td>14% (+2%)</td></tr><tr><td>Telemarketing</td><td>.66 billion (-8%)</td><td>16% (+1%)</td></tr></tbody></table></figure><p>Top Illegal Robocalls in May 2021</p><p>Once again, the leading illegal types of robocalls in April continued to be those involving Car Warranties and Health-Related Scams. Both categories shrunk very significantly in volume versus April, with both having roughly 100 million fewer calls in the month.</p><figure><table><tbody><tr><td>Rank</td><td>Type of Scam</td><td>Estimated April<br>Robocalls</td><td>Summary of Scam</td></tr><tr><td>1</td><td>Warranty Scams</td><td>252 million (-106m)</td><td>Scam payments/illegal solicitations</td></tr><tr><td>2</td><td>Health-Related Scams</td><td>168 million (-94m)</td><td>Identify theft/scam payments/illegal solicitations</td></tr></tbody></table></figure><p>“Winners” in May 2021</p><p>In May, we recorded three changes in the cities and area codes registering the highest volumes of robocalls over April. Washington, DC replaced Memphis, Tennessee as the second most robocalled city on a per capita basis. California surpassed Florida as the second most robocalled state. And South Carolina and Louisiana replaced Alabama and Tennessee as the states with the most robocalls per person.</p><figure><table><tbody><tr><td>Cities with the Most Robocalls:</td><td>Atlanta, GA (154.5 million, -7%)Dallas, TX (147.3 million, -6%)</td></tr><tr><td>Cities with the Most Robocalls/Person:</td><td>Baton Rouge, LA (32.7/person, -15%)Washington, DC (32.3/person, -5%)</td></tr><tr><td>Area Codes with the Most Robocalls:</td><td>404 in Atlanta, GA (65.3 million, -7%)214 in Dallas, TX (55.2 million, -5%)</td></tr><tr><td>Area Codes with the Most Robocalls/Person:</td><td>404 in Atlanta, GA (53.4/person, -7%)225 in Baton Rouge, LA (32.7/person, -15%)</td></tr><tr><td>State with the Most Robocalls:</td><td>Texas (470.4 billion, -8%)California (349.7 million, -4%)</td></tr><tr><td>State with the Most Robocalls/Person:</td><td>South Carolina (23.8/person, -8%)Louisiana (22.8/person, -13%)</td></tr></tbody></table></figure>"
  },
  "date": "2021-06-03T14:45:00-05:00",
  "featured": false,
  "headline": "Just Under 4 Billion Robocalls in May Mark 9.9% Monthly Drop, Says YouMail Robocall Index",
  "id": "1622731500",
  "imageFilename": "Just-Under-4-Billion-Robocalls-in-May",
  "slug":"just-under-4-billion-robocalls-in-may-mark-9-9-monthly-drop-says-youmail-robocall-index",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/just-under-4-billion-robocalls-in-may-mark-9-9-monthly-drop-says-youmail-robocall-index-301305216.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>In its continuing actions to implement the TRACED Act, the Federal Communications Commission will consider an order at its June 17, 2021, Open Meeting to implement Section 10(a) of the statute.</p><p>That Section directed the agency “to establish regulations to create a process that &lsquo;streamlines the ways in which a private entity may voluntarily share with the Commission information relating to&rsquo; a call or text message that violates prohibitions regarding robocalls or spoofed caller ID set forth section 227(b) and 227(e) of the Communications Act of 1934, as amended.”</p><p>To that end, the FCC&rsquo;s proposed Report and Order provides for the following implementing actions (https://docs.fcc.gov/public/attachments/DOC-372822A1.pdf):</p><ul><li>“Creates an online portal located on the FCC website where private entities can submit information about suspected robocall and spoofing violations directly to the Enforcement Bureau.</li><li>Private entities that use the portal will be asked to submit certain minimum information including, but not necessarily limited to, the name of the reporting private entity, contact information, including at least one individual name and means of contacting the entity (e.g., a phone number), the caller ID information displayed, the phone number(s) called, the date(s) and time(s) of the relevant calls or texts, the name of the reporting private entity&rsquo;s service provider, and a description of the problematic calls or texts.</li><li>Defines ”private entity“ as anyone other than a public entity or an individual natural person (i.e. an individual consumer).</li><li>The new process will not affect the current informal complaint process that the Consumer and Governmental Affairs Bureau manages.</li><li>The Enforcement Bureau will implement the portal once it receives the requisite OMB approvals.”</li></ul>"
  },
  "date": "2021-05-28T11:11:00-05:00",
  "featured": false,
  "headline": "FCC to Establish Online Portal for Submitting Suspected Robocall and Spoofing Information",
  "id": "1622200260",
  "imageFilename": "FCC-to-Establish-Online-Portal",
  "slug":"fcc-to-establish-online-portal-for-submitting-suspected-robocall-and-spoofing-information",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://www.natlawreview.com/article/fcc-to-establish-online-portal-submitting-suspected-robocall-and-spoofing",
  "tags": ["Caller-ID Spoofing", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>Researchers have highlighted tactics used by fraudsters today in voice-based phishing campaigns. </p><p>Phishing attempts involve fraudulent messages sent over email, social media networks, SMS, and other text-based platforms. They may appear to be from your bank, popular online services -- such as PayPal or Amazon -- or they may attempt to lure in victims with promises of tax rebates and competition prizes. </p><p>These messages often contain malicious attachments designed to deploy malware, or they may try to direct victims to fake websites. </p><p>So-called “vishing” is a subset of phishing techniques that combines &rsquo;voice&rsquo; and &rsquo;phishing&rsquo;. Victims may be cold-called or emails could contain phone numbers, voice notes, and messages -- but the overall goal is the same: to swipe your personal data. </p><p>Scam artists can employ “spray and pray” techniques in campaigns and blast out thousands of emails in one go, and now, voice over internet protocol (VoIP) technology has allowed fraudsters to do the same, all while spoofing their caller IDs and identities. </p><p>In separate case studies published by Armorblox on Thursday, the team highlighted two Amazon vishing attacks intent on stealing customer credit card details -- and how the use of voice messages can bypass existing spam filters. </p><p>The first example vishing attempt, tracked to roughly 9,000 email inboxes, was sent from a Gmail account and contained the subject line: “Invoice:ID,” followed by an invoice number and content containing color markers used by Amazon. </p><p>This book explains software-defined storage, an innovative solution for high-performance, cost-effective storage using the IBM General Parallel File System (GPFS). Download it today!eBooks provided by IBM</p><p>Armorblox called the &rsquo;payload&rsquo; phone number and a person on the other end of the line answered, pretending to be from Amazon customer service. The scammer requested the order number, customer name, and credit card details before cutting the call and blocking the number. </p><p>According to the researchers, the use of a zero in “AMAZ0N TEAM” helped the message bypass existing spam filters, including Microsoft Exchange Online Protection (EOP) and Microsoft Defender for Office 365 (MSDO). A spam level of “1” was assigned to the email, which means that the message was not considered fraudulent. </p><p>In the second example, which reached roughly 4,000 inboxes and was also able to circumvent EOP and MSDO, fraudsters impersonated Amazon via a spoofed email address -- “no-reply@amzeinfo[.]com” -- and used the subject line, “A shipment with goods is being delivered.”</p><p>The email contained an order number, a payment amount of $556.42, and another phone number &rsquo;payload&rsquo; for customers to make return requests. However, in this case, the researchers found that the scam appeared to have been shut down as the phone number was not in service.</p><p>As the emails did not contain malicious attachments or links, this allowed the fraudsters to bypass spam filters.</p><p>In both cases, the fraudsters used a combination of social engineering, brand impersonation, and emotive triggers -- the apparent loss of hundreds of dollars -- to induce victims into calling them. If successful, victims could end up handing over their personal data and credit card details, leading to consequences such as identity theft or fraudulent payments made on their behalf. </p><p>As many of us remain at home due to the pandemic and we&rsquo;ve come to rely more heavily on online shopping, fraudsters will continue to try and exploit these trends. In August, the FBI and US Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory warning of an increase in vishing attacks against the private sector. </p>"
  },
  "date": "2021-05-20T10:18:00-05:00",
  "featured": false,
  "headline": "Fraudsters employ Amazon ‘vishing’ attacks in fake order scams",
  "id": "1621505880",
  "imageFilename": "Fraudsters-employ-Amazon-‘vishing-attacks-in-fake-order-scams",
  "slug":"fraudsters-employ-amazon-vishing-attacks-in-fake-order-scams",
  "sourceName": "ZDNet",
  "sourceArticleUrl": "https://www.zdnet.com/article/fraudsters-employ-amazon-vishing-attacks-in-fake-order-scams/",
  "tags": ["Social Engineering", "Voice Spam"]
},
{
  "content": {
    "html": "<p>The proposal includes an accelerated date for smaller voice service providers to implement the STIR/SHAKEN caller ID authentication framework.</p><p>The Federal Communications Commission will consider a Further Notice of Proposed Rulemaking (FNPRM) during its Thursday, May 20 meeting “to fight illegal robocalls by proposing to accelerate the date by which small voice service providers that originate an especially large amount of call traffic must implement the STIR/SHAKEN caller ID authentication framework,” according to the meeting notice.</p><p>The FCC is requiring most voice service providers to implement this technology in their Internet Protocol (IP) networks by June 30, 2021. The FCC granted some providers, including smaller voice service providers with 100,000 or fewer subscriber lines, until June 30, 2023, to implement STIR/SHAKEN.</p><p>“New evidence suggests, however, that a subset of small voice service providers appears to be originating a large and increasing quantity of illegal robocalls,” according to the FCC.</p><p>As a result, the deadline for those providers is now proposed to be June 30, 2022.</p><p>In addition to the shorter deadline for STIR/SHAKEN, the FNRPM would</p><ul><li>Seek comment on how best to identify and define the subset of small voice service providers that are at a heightened risk of originating an especially large amount of illegal robocall traffic; and</li><li>Seek comment on whether to adopt additional measures, including data submissions, to facilitate oversight to ensure that small voice service providers subject to a shortened extension implement STIR/SHAKEN in a timely manner.</li></ul><p>If the FCC approves the FNPRM Thursday, comments and reply comments will be due 30 and 60 days, respectively, after publication in the <em>Federal Register</em>.</p>"
  },
  "date": "2021-05-18T11:12:00-05:00",
  "featured": false,
  "headline": "FCC to Consider Proposed Rulemaking on Call Authentication",
  "id": "1621336320",
  "imageFilename": "FCC-to-Consider-Proposed-Rulemaking",
  "slug":"fcc-to-consider-proposed-rulemaking-on-call-authentication",
  "sourceName": "ACA International",
  "sourceArticleUrl": "https://www.acainternational.org/news/fcc-consider-proposed-rulemaking-call-authentication-robocalls-stir-shaken",
  "tags": ["Call Authentication", "FCC", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<h2>Up to 150 million illicit calls a month, estimate says</h2><p>Impostors posing as online retailer Amazon have been bombarding U.S. consumers with up to 150 million robocalls a month, warns YouMail Inc., an Irvine, California-based firm that tracks scam calls and offers robocall-blocking apps. The calls skyrocketed during the three-month period ending in April, the company says.</p><p>Perhaps you&rsquo;ve gotten one of the nuisance calls. An alert purports there has been a suspicious charge on your account — say, for $1,499 — and suggests what steps to take next. These steps invariably spell trouble, so it&rsquo;s best to hang up. If you are concerned, contact the megaretailer.</p><h3>Staggering increase</h3><p>Prior to the recent spike, robocalls that were supposedly from Amazon totaled about 10 million to 30 million per month, says YouMail CEO Alex Quilici. To put the figures in perspective, U.S. consumers now receive an estimated 4.5 billion to 5 billion robocalls a month, he notes.</p><p>Amazon impostors are preying on people&rsquo;s trust in its brand, Quilici says. Other big companies, such as Costco, also are prime targets for impostors, so be wary of a call claiming to be from a megaretailer.</p><p>“Amazon&rsquo;s a great target because they&rsquo;re almost universal,” Quilici says. “Very few people don&rsquo;t do some ordering from Amazon. For them to get a call from Amazon or a fraud alert doesn&rsquo;t seem that unusual. People just think, Oh, this is Amazon trying to help me out.” Quilici&rsquo;s firm is not alone in observing a huge rise in Amazon scams.</p><p>“Hi, this is Daniel from Amazon Customer Service. We have seen a recent order … which is billed on your card attached to your Amazon account. The amount charged is $1,499. We noticed some suspicious activity on your account. So we have put in hold to [a hold on] this transaction. Please press 1 now. And to report, please press 2. Thank you.”</p><p><em>Listen to this illegal robocall.</em></p><h3>AARP helpline confirms rise</h3><p>This year, Amazon scams originating from robocalls, texts and emails have been among the top five complaints to AARP&rsquo;s Fraud Watch Network helpline (877-908-3360 toll-free). “Consumer reliance on delivery services such as Amazon during the pandemic has created an environment where Amazon-related scams are now almost as prevalent as some government impostor scams,” says Mark Fetterhoff, a helpline official.</p><p>The Amazon-scam robocalls tend to start with someone saying there has been suspicious activity on your account, and then he asks you to press 1 or call another phone number. Next, the scammer may ask for your Amazon account information. Or he may ask to help you by taking over control of your computer via software that lets him gain access to your credit card, banking and other sensitive information — so he can steal your identity and your money.</p><p>When call volume soars like this, it suggests the scams are working, Quilici says. “It becomes a trend, and criminals are like everybody else: They&rsquo;ll jump on the latest trend.”</p><p>One tip-off to a scamming robocall is the use of incorrect grammar or stilted wording, because the calls often don&rsquo;t originate from countries with native English speakers, he adds.</p><h3>Amazon acknowledges problem</h3><p>Amazon, for its part, says it is aware that scammers are using the company name to defraud people. It advises consumers to report the matter to the company and to the Federal Trade Commission.</p><p>“These bad actors are misusing our brand to deceive the public, and we will hold them accountable,” Kathryn Sheehan, Amazon&rsquo;s vice president of business conduct and ethics, said in a statement urging consumers to be vigilant “no matter where they shop.”</p><p>Amazon just sued some marketers who were allegedly sending fraudulent text messages, pretending to be the company, to drive traffic to online sites selling products and services not related to Amazon. These scammers, who promise rewards for filling out fake surveys, are paid fees for driving traffic to certain merchants.</p><p>Another tip from Amazon: While some of its departments call customers, the retailer will never ask you to disclose or verify sensitive personal information or offer a refund that you do not expect. Amazon suggests protecting your online account with a two-step verification system.</p><p>The best advice, says Quilici of YouMail, is not to trust that any incoming calls are coming from the number showing on your caller ID. If you aren&rsquo;t sure, hang up and log on to your account to find the company&rsquo;s customer service number, he adds.</p>"
  },
  "date": "2021-05-14T13:12:00-05:00",
  "featured": false,
  "headline": "Americans Bombarded with Robocalls from Amazon Impostors",
  "id": "1620997920",
  "imageFilename": "amazon-robocalls",
  "slug":"americans-bombarded-with-robocalls-from-amazon-impostors",
  "sourceName": "AARP",
  "sourceArticleUrl": "https://aarp.org/money/scams-fraud/info-2021/amazon-impostor-calls.html",
  "tags": ["Impostor Scam", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<h2>President Joe Biden&rsquo;s executive order comes as Colonial Pipeline continues to grapple with a crippling ransomware attack.</h2><p>WASHINGTON — President Joe Biden signed an executive order Wednesday aimed at strengthening U.S. cybersecurity defenses, a move that follows a series of sweeping cyberattacks on private companies and federal government networks over the past year.</p><p>The action comes as Colonial Pipeline continues to grapple with a crippling ransomware attack, which has led to widespread fuel shortages along the East Coast and prompted an all-of-government response.</p><p>The Colonial Pipeline hack is only the latest example of criminal groups or state actors exploiting U.S. cyber vulnerabilities. Last year, software from the IT company SolarWinds was breached, allowing hackers to gain access to communications and data in several government agencies.WATCH NOWVIDEO01:13Top U.S. and Russian diplomats speak following pipeline hack</p><p>The president&rsquo;s executive order calls for the federal government and private sector to partner to confront “persistent and increasingly sophisticated malicious cyber campaigns” that threaten U.S. security.</p><p>Biden&rsquo;s executive order takes a number of steps aimed at modernizing the nation&rsquo;s cybersecurity:</p><ul><li>Requires IT service providers to tell the government about cybersecurity breaches that could impact U.S. networks, and removes certain contractual barriers that might stop providers from flagging breaches.</li><li>Creates a standardized playbook and set of definitions for federal responses to cyber incidents.</li><li>Pushes the federal government toward upgrading to secure cloud services and other cyber infrastructure, and mandates deployment of multifactor authentication and encryption with a specific time period.</li><li>Improves security of software sold to the government, including by making developers share certain security data publicly.</li><li>Establishes a “Cybersecurity Safety Review Board” comprising public- and private-sector officials, which can convene after cyber attacks to analyze the situation and make recommendations.</li><li>Improves info-sharing within the federal government by enacting a government-wide endpoint detection and response system.</li></ul><p>News of the president&rsquo;s action came about an hour after Colonial announced it had restarted pipeline operations — though it will be days before fuel deliveries return to normal, the company said in a press release.</p><p>“Colonial will move as much gasoline, diesel, and jet fuel as is safely possible and will continue to do so until markets return to normal,” said the statement, which also thanked the Biden administration “for their leadership and collaboration.”</p><p>At the White House earlier Wednesday afternoon, President Joe Biden hinted his administration would soon have “good news” to share about its efforts to address the attack on Colonial.</p><p>The White House said Tuesday it was directing a “comprehensive federal response” aimed at restoring and securing U.S. energy supply chains in response to the incident.</p><p>On May 7, Colonial Pipeline paused its operations and notified federal agencies that it had fallen victim to a ransomware attack.</p><p>The assault, carried out by the criminal cyber group known as DarkSide, forced the company to shut down approximately 5,500 miles of pipeline, leading to a disruption of nearly half of the East Coast&rsquo;s fuel supply.</p>"
  },
  "date": "2021-05-12T13:20:00-05:00",
  "featured": false,
  "headline": "Biden signs executive order to strengthen U.S. cybersecurity defenses after Colonial Pipeline hack",
  "id": "1620825600",
  "imageFilename": "biden-cybersecurity",
  "slug":"biden-signs-executive-order-to-strengthen-u-s-cybersecurity-defenses-after-colonial-pipeline-hack",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://www.cnbc.com/2021/05/12/biden-signs-executive-order-to-strengthen-cybersecurity-after-colonial-pipeline-hack.html",
  "tags": ["Cybersecurity", "Ransom"]
},
{
  "content": {
    "html": "<p>The attacks used fake order receipts and phone numbers in an attempt to steal credit card details from unsuspecting victims, says Armorblox.</p><p>A standard phishing campaign uses email to try to trick people into divulging confidential information. But attackers are increasingly employing a variant of that ploy known as vishing, short for voice phishing. In a vishing attack, the scammer still impersonates someone from a trusted company but uses a phone call as the weapon of choice.</p><p>In some cases, the attacker calls or leaves a voicemail message for the intended victim. In other cases, the criminal sends an email with a contact phone number urging the recipient to call that number. Whatever method is used, the attacker relies on savvy social engineering tactics to convince the person to provide financial or account information during the phone call.</p><p>In a report published Thursday, cybersecurity firm Armorblox looked at two recent vishing campaigns that spoofed Amazon as a way to capture credit card details.</p><h2>First campaign</h2><p>You need an AI-powered planning solution that augments human intelligence, so that your employees can spend less time manually aggregating data, and more time on analysis and higher-value work. And with predictive capabilities, put the power of algorit...Tools &amp; Templates provided by IBM</p><p>In the first campaign, an email sent from a Gmail account used the subject line of “Invoice:ID” followed by a long and seemingly legitimate invoice number. The message spoofed the look and layout of an actual Amazon email and referenced an LG OLED TV and XBOX console allegedly bought by the recipient.</p><p>The real threat in the email was a “Contact Us” phone number in the body of the message. When researchers from Armorblox called this number, a real person answered the call, pretending to be from Amazon. That person asked for an order number, name and credit card details before becoming wise and hanging up.</p><h2>Second campaign</h2><p>In the second campaign, an email was sent using an address of no-reply@amzeinfo.com, which at first glance looks like an actual Amazon address. Titled “A shipment with goods is being delivered,” the message carried a random order number to seem more legitimate.</p><p>As with the first email, this one included a phone number, asking people to call if they wanted to return the items in question. In this case, Armorblox researchers who called the number initially ran into an endless ringtone and eventually no answer, indicating that the number had been taken down. However, the attackers could easily set up another number to restart the campaign</p><p>Both emails received a Spam Confidence Level (SCL) of &rsquo;1&rsquo; from Microsoft&rsquo;s Exchange Online Protection (EOP), which meant the messages were not considered spam and were sent to the inboxes of the intended recipients.</p><h2>How to protect yourself</h2><p>To help your organization fend off vishing attacks and other threats, Armorblox serves up four pieces of advice.</p><ul><li>Supplement your native email security with additional protection. Both emails cited in the report got through after Microsoft&rsquo;s EOP determined that they were not spam. To avoid that type of situation, add more layers to augment your native security, especially ones that use a different approach to detect threats. Armorblox recommends Gartner&rsquo;s Market Guide for Email Security as a helpful starting point to evaluate different products.</li><li>Look out for social engineering cues. Rather than accept an email at face value, scrutinize it in a more methodical way. Inspect the email&rsquo;s sender name, sender email address and language. Look for any clear inconsistencies within the message that trigger such questions as “Why is Amazon sending an email to my work account” or “Why are the call-to-action buttons in the email not working?</li><li>Avoid sharing sensitive information over the phone. Beware of anyone who asks for personal or sensitive details via a phone call. If you think the call may be a vishing attempt, simply hang up. If you feel you need to call back, don&rsquo;t contact the person through any phone number listed in the message. Instead, run a search for a publicly available number for the company.</li><li>Follow best practices for multifactor authentication (MFA) and password management. Vishing attacks often try to snag your account credentials as well as your financial information. Protect the user accounts in your organization through the following methods: 1) Implement MFA on all accounts and for all sites. 2) Don&rsquo;t use the same password across multiple accounts. 3) Use a password manager to store your passwords. 4) Avoid using passwords that reference publicly available details such as your date of birth or anniversary date. 5) Don&rsquo;t use generic passwords such as ”password,“ ”123456“ or ”qwerty.::quot::</li></ul><p></p>"
  },
  "date": "2021-05-07T10:23:00-05:00",
  "featured": false,
  "headline": "Vishing attacks spoof Amazon to try to steal your credit card information",
  "id": "1620382980",
  "imageFilename": "Vishing-attacks-spoof-Amazon-to-try-to-steal-your-credit-card-information",
  "slug":"vishing-attacks-spoof-amazon-to-try-to-steal-your-credit-card-information",
  "sourceName": "Tech Republic",
  "sourceArticleUrl": "https://www.techrepublic.com/article/vishing-attacks-spoof-amazon-to-try-to-steal-your-credit-card-information/",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>The Federal Communications Commission has long battled the issue of robocalling, requiring major voice service providers to help stop the problem and limiting the number of allowed telemarketing calls.</p><p>Yet the issue has continued as bad actors harass millions of Americans with unwanted calls, ranging from health-related scams to fake banks offering credit card interest rate discounts.</p><p>Jessica Rosenworcel, the FCC&rsquo;s acting chairwoman, will discuss a new proposal May 20 that would accelerate the date that certain small voice service providers must implement the STIR/SHAKEN caller ID authentication technology by one year. Specifically, the proposal would target only those small voice providers originating a large quantity of robocalls.</p><p>The FCC previously gave all small providers with 100,000 or fewer subscriber lines until June 30, 2023, to implement STIR/SHAKEN — an extension that was seen as important as it would allow small operators more time to digest the high implementation costs and also, limited STIR/SHAKEN vendor offerings were available to those smaller operators at the time. But new evidence suggests that a subset of small voice service providers are originating “a large and increasing quantity of illegal robocalls,” according to FCC officials.</p><p>The proposal, if approved, would add to other efforts initiated by Rosenworcel as part of her anti-robocall agenda that kicked off in March. The FCC imposed a $225 million fine on Texas telemarketers for illegally spoofing roughly 1 billion robocalls, the agency delivered cease-and-desist letters to six voice providers that have consistently violated FCC guidelines on the use of autodialed and prerecorded voice message calls.</p><p>The Federal Communications Commission has long battled the issue of robocalling, requiring major voice service providers to help stop the problem and limiting the number of allowed telemarketing calls.</p><p>Yet the issue has continued as bad actors harass millions of Americans with unwanted calls, ranging from health-related scams to fake banks offering credit card interest rate discounts.</p><p>Jessica Rosenworcel, the FCC&rsquo;s acting chairwoman, will discuss a new proposal May 20 that would accelerate the date that certain small voice service providers must implement the STIR/SHAKEN caller ID authentication technology by one year. Specifically, the proposal would target only those small voice providers originating a large quantity of robocalls.</p><p>The FCC previously gave all small providers with 100,000 or fewer subscriber lines until June 30, 2023, to implement STIR/SHAKEN — an extension that was seen as important as it would allow small operators more time to digest the high implementation costs and also, limited STIR/SHAKEN vendor offerings were available to those smaller operators at the time. But new evidence suggests that a subset of small voice service providers are originating “a large and increasing quantity of illegal robocalls,” according to FCC officials.</p><p>The proposal, if approved, would add to other efforts initiated by Rosenworcel as part of her anti-robocall agenda that kicked off in March. The FCC imposed a $225 million fine on Texas telemarketers for illegally spoofing roughly 1 billion robocalls, the agency delivered cease-and-desist letters to six voice providers that have consistently violated FCC guidelines on the use of autodialed and prerecorded voice message calls.</p>"
  },
  "date": "2021-05-07T10:15:00-05:00",
  "featured": false,
  "headline": "FCC wants to cut robocalls from smaller operators",
  "id": "1620382500",
  "imageFilename": "FCC-Wants-to-Cut-Robocalls-from-Smaller-Operators",
  "slug":"fcc-wants-to-cut-robocalls-from-smaller-operators",
  "sourceName": "S&P Global Market Intelligence",
  "sourceArticleUrl": "https://www.spglobal.com/marketintelligence/en/news-insights/latest-news-headlines/fcc-wants-to-cut-robocalls-from-smaller-operators-64096443",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<h2>With more people using their smartphones to make payments and many banks and utilities verifying users&rsquo; accounts through text messages, the fraud floodgates have opened.</h2><p>It took just a momentary lapse in judgment for Alyssa Beckwith to fall for the scam.</p><p>The text message she received looked legitimate — even expected. After some of her personal information had already been stolen a few years ago, she signed up for text alerts from her bank, Wells Fargo, to confirm each time she made a new purchase. And that step to protect herself, ironically, is what made her such an easy target.</p><p>So when a scammer texted Beckwith in April, telling her that her Wells Fargo card had been charged with a $240 withdrawal and to “Contact Us if Suspicious,” she didn&rsquo;t think twice and called. A robotic voice welcomed her to Wells Fargo and asked her to verify herself, so she entered in her credit card number, Social Security number and birthday.</p><p>“This information is valid. Thank you,” the voice said, and hung up. Only then did she realize her mistake.</p><p>“I was like, wait a minute,” Beckwith said in a phone interview. “I&rsquo;m surprised it didn&rsquo;t connect me with somebody to talk to. Usually that&rsquo;s what happens. That&rsquo;s when I thought, &rsquo;Oh my God, oh my God, I think this is a scam.&rsquo;”</p><p>In the space of a few minutes, Beckwith became the latest victim of “smishing,” or SMS phishing, in which a scammer sends a text message to trick a person into turning over some sensitive personal information, which can be used for all sorts of fraud, like siphoning money from their bank account or opening up credit cards in their name.</p><p>Unwanted texts have existed for practically as long as the text message itself. But with more people using their smartphones to make payments and as many sites for banks and utilities verify users&rsquo; accounts through text messages, the fraud floodgates have opened.</p><p>The numbers are staggering. The Federal Trade Commission got 334,833 complaints about scam texts last year, more than double the year before. People around the world were exposed to about 125 percent more smishing attempts every three months, a new study from the cybersecurity company Lookout found. </p><p>Jacinta Tobin, a vice president at Proofpoint, a cybersecurity company that specializes in threats to mobile phones, said scammers and criminal hackers noticed that more marketers and businesses interact with people through text messages and simply followed that trend.</p><p>“Before, text was a very clean, relatively speaking, peer-to-peer channel. You don&rsquo;t communicate with strangers via text. It&rsquo;s just friends,” Tobin said in a phone interview. “But now texting has opened as a more general communication channel for business, like transaction confirmations, fraud alerts.” </p><p>Scam and phishing messages sent via text are particularly tenacious because there&rsquo;s little ability to block them. Good email providers now block most junk and phishing emails, making email spam a shadow of the problem it once was. While unwanted phone calls are annoying, you can at least look at the caller&rsquo;s number and decide to not to take a call.</p><p>But though smartphones are nearly ubiquitous — 97 percent of Americans own one — there&rsquo;s very little people can do to stop unwanted texts. Apple and Google, the respective manufacturers of the iOS and Android smartphone operating systems, advise users to block unwanted numbers, but it&rsquo;s so easy for scammers to pretend to send messages from different numbers that such strategies are effectively meaningless. Apple at least allows users to filter all messages from people who aren&rsquo;t already in their contacts, but that doesn&rsquo;t flag which texts are likely to be scams, and it puts them in the same folder as authentic messages from unsaved numbers.</p><p>Data breaches of users&rsquo; personal information — including their phone numbers — are a frequent occurrence, and hackers regularly trade people&rsquo;s data with eager scammers. It&rsquo;s so common that in April, after researchers realized that hackers were able to pull more than half a billion Facebook users&rsquo; names and phone numbers from the site, Facebook accidentally sent a Dutch reporter an internal memo that “we expect more scraping incidents and think it&rsquo;s important to both frame this as a broad industry issue and normalize the fact that this activity happens regularly.”</p><p>There&rsquo;s also little indication that authorities are doing much about it or have advice for the public. Once Beckwith realized she&rsquo;d fallen for a scam, she contacted the FTC, which didn&rsquo;t respond, and the Social Security Administration, which told her to monitor her credit. But that was all the help they gave, and while she hasn&rsquo;t noticed anyone taking out a loan in her name, the spam texts have only gotten worse.</p><p>“I get texts about &rsquo;your package from UPS is waiting, please click this link to confirm,&rsquo;” she said. “Texts from &rsquo;Amazon,&rsquo; I get one of those almost every day.”</p><p>While U.S. phone carriers do have some anti-spam measures in place, their process for guarding against scammers is largely opaque, and they offer little specific help to customers. Sprint and Verizon didn&rsquo;t respond to requests for comment. AT&amp;T declined to comment but pointed to the official guidance from the Cellular Telecommunications and Internet Association, an industry trade group, which has a few recommendations for users who get spam texts, including, “If you receive texts you don&rsquo;t want, respond &rsquo;STOP.&rsquo;”</p>"
  },
  "date": "2021-05-06T13:08:00-05:00",
  "featured": false,
  "headline": "Why cybercriminals looking to steal personal info are using text messages as bait",
  "id": "1620306480",
  "imageFilename": "sms-cybercrime",
  "slug":"why-cybercriminals-looking-to-steal-personal-info-are-using-text-messages-as-bait",
  "sourceName": "NBC News",
  "sourceArticleUrl": "",
  "tags": ["Financial Fraud", "Smishing", "Social Security"]
},
{
  "content": {
    "html": "<p>N<small>obody likes</small> a call from the taxman. Donald Rumsfeld, who as America&rsquo;s defence secretary oversaw a budget bigger than the economy of a typical country, nonetheless finds the rules so confusing that he writes to the Internal Revenue Service each year complaining that he has “no idea” whether he has filed his taxes correctly. So it is hardly surprising that, when the phone rings and an official-sounding voice says you have underpaid your taxes and will be connected to an adviser to pay the balance, ordinary folk tremble.</p><p>It is, however, invariably a scam. Few tax authorities call individuals about their taxes. If you are lucky, they will send you a letter a year later, to the wrong address. They will certainly not menace you, as bogus calls often do, with the threat of arrest if you do not stump up the cash right now.</p><p>It is, however, invariably a scam. Few tax authorities call individuals about their taxes. If you are lucky, they will send you a letter a year later, to the wrong address. They will certainly not menace you, as bogus calls often do, with the threat of arrest if you do not stump up the cash right now.</p><p>Such scams have become vastly more common. Phone calls from tricksters claiming to be taxmen almost doubled in number last year, according to <small>uk</small> Finance, a trade association of banks. Other countries show increases at least as dramatic.</p><p>Even as rates of most crimes remain low in rich countries, the spectacular growth of cyber-crime—crime committed mostly or entirely by digital means—stands out. According to the Crime Survey of England and Wales, the best indicator of long-term trends in Britain, in 2019 there were 3.8m incidents of fraud, mostly online, representing a third of all crimes committed. That figure has increased every year since 2017 when the government started collecting data. Around 7% of all adults were victims. Three-quarters lost money, and 15% lost more than £1,000 ($1,390). In America the number of reported cases of internet fraud increased by 69% last year. Reported losses there (excluding bank or credit-card fraud) reached $4.2bn, three times higher than in 2017...</p>"
  },
  "date": "2021-05-06T13:02:00-05:00",
  "featured": false,
  "headline": "New technology has enabled cyber-crime on an industrial scale",
  "id": "1620306120",
  "imageFilename": "industrial",
  "slug":"new-technology-has-enabled-cyber-crime-on-an-industrial-scale",
  "sourceName": "The Economist",
  "sourceArticleUrl": "https://www.economist.com/international/2021/05/06/new-technology-has-enabled-cyber-crime-on-an-industrial-scale",
  "tags": ["Phone Scam", "Robocalls", "Spam"]
},
{
  "content": {
    "html": "<h2>They&rsquo;ll have to detail what they&rsquo;re doing to stop spam calls in a new database.</h2><p>The Federal Communications Commission (FCC) is introducing a new database all voice providers will have to use to allow the agency to track the work they&rsquo;re doing to stop robocalls. Starting September 28th, 2021, phone companies will be required to block any incoming traffic from providers not listed in the Robocall Mitigation Database. In particular, any companies that got an extension to implement STIR/SHAKEN, a protocol that allows a carrier to verify a caller ID before it reaches its intended recipient, will have to file detailed reports with the agency on their progress towards putting the technology in place.</p><p>“Protecting consumers from scammers that use robocall and spoofing tools is a top priority,” said Acting FCC Chair Jessica Rosenworcel. “To succeed, we not only need an all-hands-on-deck response from government, but we need industry commitment and focus. Our message to providers is clear: certify under penalty of perjury the steps you are taking to stop illegal robocalls, or we will block your calls.”</p><p>It&rsquo;s not clear how the FCC will validate the reports that end up in the database, nor what consequences companies that avoid using it will face beyond getting their calls blocked. The majority of phone providers and carriers have until June 30th to implement STIR/SHAKEN. In September, the FCC gave some smaller companies, particularly those operating non-IP networks, limited extensions. Effectively, the database will allow the FCC to track compliance.</p><p>It can feel like the FCC and public is in a constant losing battle against spam callers, but positive changes could be on the horizon. Under Jessica Rosenworcel, the agency recently issued the biggest fine in its history. Two Texas telemarketers will have to pay the FCC $225 million for making approximately 1 billion robocalls across the US. Rosenworcel also recently formed a Robocall Response Team that will work on new policies initiatives to stop spam callers.</p>"
  },
  "date": "2021-04-25T13:06:00-05:00",
  "featured": false,
  "headline": "The FCC is going to hold providers accountable for anti-robocall efforts",
  "id": "1619355960",
  "imageFilename": "fcc-to-hold-providers-accountable-for-robocalls",
  "slug":"the-fcc-is-going-to-hold-providers-accountable-for-anti-robocall-efforts",
  "sourceName": "Engadget",
  "sourceArticleUrl": "https://www.engadget.com/fcc-robocall-mitigation-database-182723864.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<h2>The Federal Communications Commission this week announced a Robocall Mitigation Database that voice service providers must use to track call authentication and ensure they are not the source of “illegal robocalls” to consumers.</h2><p>The database will also be used for voice service providers to inform the FCC of their robocall mitigation efforts, according to a news release from the FCC .</p><p>“As of Sept. 28, 2021, phone companies must refuse to accept traffic from voice service providers not listed in the Robocall Mitigation Database. The new Robocall Mitigation Database includes a portal through which voice providers must file certifications regarding their efforts to stem the origination of illegal robocalls on their networks,” according to the FCC.</p><p>Creation of the database is another step in the FCC&rsquo;s implementation of the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act.</p><p>Under the TRACED Act, the FCC previously required providers with IP-based phone networks to implement the STIR/SHAKEN call authentication framework by June 30, 2021.</p><p>The STIR/SHAKEN framework allows voice service providers to confirm that the caller ID information transferred with a call is the same as the caller&rsquo;s phone number, according to the FCC.</p><p>“The FCC also required voice service providers with non-IP network technology either to upgrade their non-IP networks to IP and implement these standards, or work to develop a non-IP caller ID authentication solution. Providers that received an extension of time to come into compliance with these STIR/SHAKEN obligations must adopt robocall mitigation programs,” according to the FCC news release.</p><p>Through the Robocall Mitigation Database , all voice service providers must file certifications providing detailed information regarding their implementation of the STIR/SHAKEN caller ID authentication framework and/or a robocall mitigation program.</p><p>Consumers may download voice service providers&rsquo; certifications. In addition, through the portal found on the database website, voice service providers may submit their certifications.</p><p>Users can find an active listing of all voice service providers that have submitted sufficient certifications by clicking “view database” or by downloading the registry.</p><p>In related news, the FCC is accepting public comments on ACA International&rsquo;s petition with industry trade associations for the FCC to reconsider certain aspects of its order modifying longstanding Telephone Consumer Protection Act exemptions.</p><p>The petition for the FCC to reconsider the TCPA exemptions order will ensure that consumers are protected against unlawful calls and bad actors, have meaningful choice and control over the calls they receive, and can continue to receive time-sensitive informational communications.</p>"
  },
  "date": "2021-04-22T05:55:00-05:00",
  "featured": false,
  "headline": "FCC Launches Robocall Mitigation Database for Voice Service Providers",
  "id": "1619070900",
  "imageFilename": "robocall-mitigation-database",
  "slug":"fcc-launches-robocall-mitigation-database-for-voice-service-providers",
  "sourceName": "ACA International",
  "sourceArticleUrl": "https://www.acainternational.org/news/fcc-launches-robocall-mitigation-database-for-voice-service-providers",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<h2>Record-breaking spam call and text message levels show scammers mean business in 2021</h2><p>NEW YORK, April 1, 2021 /PRNewswire/ -- RoboKiller, the app that helps eliminate spam calls and text messages, reveals Americans received a staggering 7.4 billion spam text messages in March - a 37% increase from February 2021. Spam calls were no different, hitting a record 6.3 billion in March 2021 and surpassing October 2020&rsquo;s previous high of 6.1 billion.</p><p>March&rsquo;s record-breaking totals mark a key inflection point in the fight against phone scams. With more Americans now wary of answering phone calls from unknown numbers, recent trends show that scammers are relying more heavily on the use of text messages as their weapon of choice to steal from more Americans over the phone.</p><p>The rise in spam calls and texts is not unexpected. In mid-2020, RoboKiller anticipated spam calls and text messages could return to normal levels or beyond as COVID-19 related hindrances to spammers&rsquo; phone scam operations, especially quarantine orders, were lifted. Spammers typically thrive during times of uncertainty and economic stress because it can be easier for the more vulnerable to fall victim to their scams. </p><p>MARCH 2021 KEY FINDINGS</p><p>Spam Text Messages Make Their Presence Known</p><p>Spam text messages continue to grow month over month, reaching record levels at 7.4 billion in March. The previous record was only two months ago, in January 2021, with 6 billion spam text messages, showing that spam text messages are rapidly on the rise and show no signs of slowing down. </p><p>Top Five Most Spam-Texted States Per Capita:</p><figure><table><tbody><tr><td>State</td><td>Total Estimated Spam Text Messages</td><td>Estimated Spam Texts Per Person</td></tr><tr><td>Texas</td><td>852,572,855</td><td>36</td></tr><tr><td>Georgia</td><td>284,349,854</td><td>32</td></tr><tr><td>Illinois</td><td>301,190,677</td><td>28</td></tr><tr><td>California</td><td>735,978,807</td><td>22</td></tr><tr><td>Florida</td><td>394,403,427</td><td>22</td></tr></tbody></table></figure><p>Spam Calls Reach New Record Levels, Too</p><p>Recent trends indicate spam calls will increase drastically in 2021 as scammers attempt to recover from the impact COVID-19 had on their operations. Monthly spam call totals in the United States have increased by an average of roughly 10% each month starting in June 2020.</p><p>March exceeded February&rsquo;s 5.6 billion by 12%, proving that scammers mean business in 2021, and any American who owns a smartphone should be prepared for a flood of unwanted calls.</p><p>Top Phone Scams:<br>In March, the top phone scam was vehicle warranty-related at 17% of total spam calls, followed by health insurance-related calls at 8% and vacation-related scams at 6%.</p><p>Top Five Most Spam-Called States Per Capita:</p><figure><table><tbody><tr><td>State</td><td>Total Estimated Spam Calls</td><td>Estimated Spam Calls Per Person</td></tr><tr><td>Texas</td><td>801,654,873</td><td>33</td></tr><tr><td>Georgia</td><td>269,255,878</td><td>30</td></tr><tr><td>Ohio</td><td>295,768,288</td><td>30</td></tr><tr><td>North Carolina</td><td>241,636,088</td><td>27</td></tr><tr><td>Florida</td><td>467,513,366</td><td>26</td></tr></tbody></table></figure><p>Spam Text Message Explosion: What&rsquo;s The Impact?<br>According to the FTC, in 2020, 2.2 million Americans reported losses totaling $3.3 billion to digital fraud - a whopping 73% increase from 2019&rsquo;s $1.9 billion. Of those 2020 fraud reports, 27% said the contact method was a text message, while 31% reported the contact method was a phone call, showing spam text messages are just as large of a problem as spam calls, if not larger.. As these scams reach record-breaking levels and economic stress from the COVID-19 pandemic grows, it&rsquo;s likely total consumer losses to phone fraud will continue to worsen in 2021.</p><p>What Is Being Done To Stop Robocalls?<br>Recently the FCC fined two Texas-based telemarketing companies $255 million for making automated robocalls in 2019. This is the largest fine to date and part of an expanded effort to stop automated robocalls. Since the FCC announcement, RoboKiller has noticed a slight dip in health insurance-related spam calls but anticipates this drop could be temporary.</p><p>In addition, The Pallone-Thune TRACED Act was signed into law in 2019 to help protect consumers from spam calls. One important requirement for this law is that voice service providers (VoIP) must implement STIR/SHAKEN, which uses digital certificates to authenticate calls, determine their legitimacy, and inform use cases such as labeling potential spam calls as “scam likely.” Most larger phone carriers will be required to enact STIR/SHAKEN by June 2021 in an attempt to restrict caller ID spoofing. Smaller phone carriers have exemptions lasting until 2023 and, in some cases, beyond.</p><p>Tips on How to Stop Phone Scams:</p><ul><li>Don&rsquo;t answer phone calls from unknown phone numbers, especially those that call or text at odd hours.</li><li>Never provide personal, banking, or sensitive information over the phone to any caller.</li><li>Don&rsquo;t follow any prompts like “Press 1” or click any links.</li><li>Download a spam call and text blocker like RoboKiller to equip your phone with the latest phone-scam-fighting technology. Apps like RoboKiller use global databases of millions of known scams to prevent them from reaching you in the first place.</li></ul><p>RoboKiller&rsquo;s Data Insights<br>These national robocall and spam text insights are provided by RoboKiller. RoboKiller&rsquo;s Robocall Insights is powered by its global database of millions of known phone scams and audio fingerprints. This data is estimated by monitoring observed robocall and spam text trends for Americans who have trusted RoboKiller to stop their spam calls and has been featured by major media publications since its release in 2018. </p>"
  },
  "date": "2021-04-21T05:57:00-05:00",
  "featured": false,
  "headline": "Robocall Record: 7.4 Billion Spam Texts Surpass Total Robocalls By More Than 1 Billion Messages In March 2021",
  "id": "1618984620",
  "imageFilename": "spam-texts",
  "slug":"robocall-record-7-4-billion-spam-texts-surpass-total-robocalls-by-more-than-1-billion-messages-in-march-2021",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/robocall-record-7-4-billion-spam-texts-surpass-total-robocalls-by-more-than-1-billion-messages-in-march-2021--301260890.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>Back in December of 2018, Booking.com experienced a breach, where the company was exploited through a Vishing attack. For those who don&rsquo;t know, Vishing is the hacking method in which phone calls and voicemail messages pretend to be from reputable companies, convincing users to give out personal information such as banking information, credit card numbers, or other non-public personal information. This is similar to phishing and smishing but uses phone systems and voicemail instead of email or text messages. What makes this breach important is not the breach itself but the subsequent fines issued by the Dutch Data Protection Authority (DPA). Read on to find out why fines were assessed.</p><h3>How Did It Happen?</h3><p>According to the report, the attack was conducted against hotels in the United Arab Emirates (UAE), using social engineering tricks over the phone. The hackers called staff at 40 different hotels in the region and talked them into handing over login credentials for hotel accounts in the Booking.com system.</p><p>With these stolen credentials, the &lsquo;Vishers&rsquo; retrieved data on 4109 customer bookings, including customer&rsquo;s names, addresses, and phone numbers. Although, the criminals also got hold of credit card data from 283 of those bookings. Hackers even stole 97 CVV&rsquo;s (3-digit code on the back of the card) which should never be saved in any electronic system!</p><p>Monique Verdier, deputy chair of the Dutch Data Protection Authority (DPA) pointed out in the Authority&rsquo;s report of the breach:</p><blockquote><p>By posing in emails or on the phone as hotel staff, they attempted to steal money from people. Such an approach can seem highly credible if the fraudster knows exactly when you made a booking and what room you booked, then asks you to pay for the nights in question. Large amounts of money can be stolen in this way.</p></blockquote><p>Everything discussed to this point in this article explains how most breaches occur. Very few breached companies receive additional government fines, so what happened to cause that here?</p><h3>The Breach Happened in 2018</h3><p>Dutch DPA regulators fined Booking.com almost half a million Euros not because there was a breach, but because the company didn&rsquo;t report the breach quickly enough:</p><blockquote><p>The Dutch Data Protection Authority (DPA) has imposed a €475,000 fine on Booking.com because the company took too long to report a data breach to the DPA. When the breach occurred, criminals obtained the personal data of over 4,000 customers. They also got their hands on the credit card information of almost 300 people.</p></blockquote><h5>Timeline</h5><ul><li>December 2018: Data breach started</li><li>13 January 2019: Booking.com became aware of the leak.</li><li>04 February 2019: Booking.com informed affected customers.</li><li>07 February 2019: Booking.com informed the Data Protection Authority.</li></ul><p>EU businesses have 72 hours to report a breach from the time they confirmed it occurred. While Booking.com knew a leak had occurred on Jan. 13th, they might not have known the extent of the breach which would require government notification. However, in Jan. at the moment in time that Booking.com confirmed the breach affected more than 500 records, they needed to notify the DPA within 72 hours. They failed to do so, which is why they were fined so heavily.</p><h3>What Does This Mean For My SMB?</h3><p>Regarding breach notification, it&rsquo;s extremely important to notify the affected users and applicable agencies like the DPA in Holland quickly. Since 2002 there have been countless data privacy laws enacted all over the world. The US has a patchwork quilt of data privacy laws for each state, but no federal law in effect. In preparing your breach notification process, if you do business internationally, you will need to consider the following regulations:</p>"
  },
  "date": "2021-04-16T06:10:00-05:00",
  "featured": false,
  "headline": "Booking.com Fined Following Vishing Attack",
  "id": "1618553400",
  "imageFilename": "booking-dot-com-vishing-attack",
  "slug":"booking-com-fined-following-vishing-attack",
  "sourceName": "Business2Community",
  "sourceArticleUrl": "https://www.business2community.com/cybersecurity/booking-com-fined-following-vishing-attack-02398916",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<h2>We Witnessed International Phone Scammers In Action. What We Saw Will Both Terrify You And Help Keep You And Your Money Safe and Secure</h2><div style=“height:30px” aria-hidden=“true”></div><h3>The Discovery</h3><p><em>London May 2014</em></p><p>A LIGHT RAIN FELL AND a cold gray mist hung over the street as Jim Browning arrived home from work. A middle-aged Irishman with a strong brogue, Jim is a software engineer at a midsize consulting firm, and on this workday, like most, there were few surprises. He shared a pleasant dinner with his wife, and when the dishes were cleared, he retreated to his office, shut the door, opened his computer and went undercover.</p><p>Jim Browning is not his real name. The alias is necessary to protect him and his family from criminals <em>and</em> law enforcement, as what he does in the privacy of his office may be morally upright but technically illegal. It&rsquo;s a classic gray area in the netherworld of computer hacking, as we will explain. What is important to know is that back in 2014, it was the same annoying robocalls that you and I get most days that set Jim on his journey to become a vigilante.</p><p>A relative of Jim&rsquo;s had told him about warnings popping up on his computer, and Jim, too, was besieged with recorded calls saying his computer was on the verge of meltdown, and that to prevent it he should call immediately. As a software expert, Jim knew there was nothing wrong with his system, but the automated calls from “certified technicians” didn&rsquo;t stop. One night that spring, his curiosity got the better of him. “It was part nosiness and part intellectual curiosity,” Jim said. “I&rsquo;m a problem solver and I wanted to get to the bottom of what these people wanted.” So he returned one of the calls.</p><p>The person who answered asked if he could access Jim&rsquo;s computer to diagnose the problem. Jim granted access, but he was ready; he had created a “virtual computer” within his computer, a walled-off digital domain that kept Jim&rsquo;s personal information and key operations safe and secure. As he played along with the caller, Jim recorded the conversation and activity on his Trojan horse setup to find out what he was up to. It took mere moments to confirm his hunch: It was a scam.</p><p>Intrigued by the experience, Jim started spending his evenings getting telephone scammers online, playing the dupe, recording the interactions and then posting videos of the encounters on YouTube. It became, if not a second career, an avocation—after­dinner entertainment exposing “tech support” scammers who try to scare us into paying for unnecessary repairs.</p><p>“Listening to them at first, honestly, made me sick, because I realized right away all they wanted to do was steal money,” Jim would later tell me. “It doesn&rsquo;t matter if you are 95 or 15, they will say whatever they need to say to get as much money out of you as possible.”</p><p> Jim saw, for example, how the callers used psychology to put targets at ease. “They say reassuring phrases like &lsquo;Take your time, sir,&rsquo; or &lsquo;Do you want to get a glass of water?&rsquo; And they will also try to endear themselves to older people, saying things like &lsquo;You sound like my grandmother,&rsquo; or &lsquo;You don&rsquo;t sound your age—you sound 20 years younger.&rsquo; ”</p><p>Jim&rsquo;s YouTube videos garnered mild interest—a couple thousand views at best. For Jim, this didn&rsquo;t matter. The engineer in him enjoyed solving the maze. At the least, he was wasting the scammers&rsquo; time. At best, his videos maybe helped prevent some cases of fraud.</p><p>Then one day in 2018, Jim&rsquo;s evening forays took an unexpected turn. A tech support scammer called from India and went through the normal spiel, but then he asked Jim to do something unusual: to log in to the scammer&rsquo;s computer using a remote-access software program called TeamViewer. Later on, Jim found out why: The developers of TeamViewer had discovered that criminals in India were abusing their software, so they temporarily banned its use from computers initiating connections from India. But there was a loophole: It didn&rsquo;t stop scammers from asking U.S. and U.K. consumers like Jim to initiate access into computers in India.</p><p>Hence, the scammer&rsquo;s request. The voice on the phone talked Jim through the connection process, then told him to initiate a “switch sides” function so the caller could “be in charge” and look through Jim&rsquo;s computer.</p><p>Presented with this opportunity, Jim acted quickly. Instead of “switching sides,” he took control of the criminal&rsquo;s computer and locked the scammer out of his own computer. Lo and behold, mild-mannered programmer Jim Browning had complete access to all of the scammer&rsquo;s files and software. And he was able to see everything the scammer was frantically trying to do to regain control.</p><p>This bit of digital jujitsu changed everything. Over the next few months, Jim figured out ways to infiltrate the computers of almost every scammer who tried to victimize him. “My process worked on almost every remote access program out there, certainly the ones most popular with scammers, like TeamViewer, AnyDesk or FastSupport.” He also figured out how to secretly install software that recorded what the scammers were doing—without them even knowing it.</p><p>Suddenly, Jim was sitting on some powerful knowledge. But as Spider-Man was told, with great power comes great responsibility. Jim wondered, <em>What should I do with what I&rsquo;ve learned?</em></p><div style=“height:30px” aria-hidden=“true”></div><h3>Laughing at Us</h3><p><em>New Delhi May 2019</em></p><p>BY NOW JIM HAD REVERSE engineered his way into dozens of scammers&rsquo; computers, sometimes four or five at a time. He would set his software to record, then leave for work as his computers did their thing. When he came home at night, he reviewed the footage. Often, he couldn&rsquo;t believe what he saw: call after call of boiler room scammers—mostly in India—contacting older people—mostly in the U.S. and U.K.—and scaring them into spending money to fix a fake computer problem, or sending money based on other deceptions.</p><p>Jim posted these new videos, which gave an authentic, bird&rsquo;s-eye view of how scammers operate. As a result, his YouTube channel jumped to tens of thousands of subscribers.</p><p>One night in May 2019, Jim found his way into the computer network of a large New Delhi boiler room. While lurking in their network, he noticed the company had installed closed-circuit television (CCTV) cameras so the bosses could monitor their employees. So Jim hacked his way into that network and was able to turn the cameras this way and that, capturing the facial expressions and attitudes of dozens of scammers in action.</p><p>In one remarkable scene, he called one of the scammers in the boiler room and focused a CCTV camera on him as they talked. Zooming in, Jim could see that while the scammer was supposedly diagnosing his computer, he was actually playing Pac-Man. Jim got annoyed by this criminal&rsquo;s nonchalance; call it hacker&rsquo;s pride. So he decided to grill him.</p><p>“Where are you calling from?” Jim asked.</p><p>“San Jose,” replied the scammer from his desk in New Delhi.</p><p>“What is your favorite restaurant in San Jose?” Jim asked. The scammer paused and replied, “Why do you want to know that?” Jim then asked him, “Can you even name one restaurant in San Jose, California, without looking it up on Google?” The man became flustered and eventually hung up.</p><p>Jim continued to monitor the room in the following weeks, recording one tragic story after another of vulnerable people being exploited. One woman said, “I&rsquo;m a nervous wreck. I have MS and I can&rsquo;t understand a lot, but I&rsquo;m listening.…” The scammer said, “That is the reason you are telling me you won&rsquo;t live past next year, right?” She said, “Probably not. I&rsquo;m a diabetic and I&rsquo;m legally blind.…”</p><p>“Relax. You are in safe hands,” he said.</p><p>Another older man started crying when told it would cost about $1,500 to repair his machine. “Oh, bloody hell. I&rsquo;m going to have a heart attack. I feel sick.” When the scammer asked why he was crying, he said he suffered from depression. As the man wept, Jim captured images of the salesmen in the room who were listening to the call, and laughing and pointing fingers mockingly at the victim.</p><div style=“height:30px” aria-hidden=“true”></div><blockquote><p>This is when Jim reached a new stage in his journey: outright fury. He wanted to do more than make a few salesmen squirm. He wanted to stop as many operations as possible so they couldn&rsquo;t continue to abuse people.</p><cite>—DOUG SHADEL, AARP fraud expert</cite></blockquote><div style=“height:30px” aria-hidden=“true”></div><p>But Jim was careful; he had his and his family&rsquo;s welfare to worry about. “I could have physically destroyed their computers by placing a virus in them, but I intentionally didn&rsquo;t do that because there was really nothing on their computers worth destroying,” he said. “And secondly, if I physically destroyed property, I would be overstepping the mark.” Translation: <em>He, too, would be a criminal.</em></p><p>So what could he do? Jim had already started to intervene personally when he thought he could prevent a fraud from occurring, by calling the victim, the financial institution or anyone else he thought could halt the scam. So he tried a new tactic: using “call flooding” software to tie up the boiler room&rsquo;s phone lines with thousands of junk calls. Viewing the scene through his computer, he saw all the salesmen removing their headsets and complaining that the calls were nothing but annoying white noise. To his joy, he successfully shut the place down for several hours.</p><p>But then, reality set in: What Jim had done was just a trivial, temporary annoyance for just one operation. The next morning, the boiler room was back to business as usual.</p><p>Determined to make a difference, Jim moved to plan C: He contacted the media. He sent his best footage to the BBC, Britain&rsquo;s largest news operation. And it bit, producing a half-hour program featuring the evidence he had gathered and naming “Jim Browning” as the source. It aired in the U.K. in March 2020, just as the coronavirus pandemic hit. The piece received widespread international exposure. Around the same time, Jim sent videos to local authorities in India; they arrested the scammers and shut down the boiler room.</p><p>After years of obscurity, Jim had become a YouTube star. As of this writing, Jim&rsquo;s video of this particularly cruel boiler room has been viewed more than 14 million times, and his YouTube page has grown to over 2.8 million subscribers. Success!</p><p>And he had succeeded at walking the fine line. “Doing just enough to make life miserable and identifying who they are is probably the best thing that I can achieve,” Jim said.</p><p>But again, Jim asked himself, <em>What now?</em></p><div style=“height:30px” aria-hidden=“true”></div><h3>Spreading the Word</h3><p><em>Seattle June 2020</em></p><p>THIS IS WHERE I enterthe story. I stumbled onto Jim&rsquo;s YouTube page early in 2020, and after watching many of the videos, emailed him to see if I could learn more about his work. To my joy, he responded immediately, saying he would be happy to work with AARP on educating its members about tech-support scams. He said that while his videos do reach millions of people, most of his subscribers are male and younger than 40, meaning many are likely tech geeks, law enforcement or even scammers. He has found it difficult to reach older people who are the prime scam targets.</p><p>And so, in the middle of a pandemic, I entered into one of the most intriguing correspondences of my life. At first, I needed to verify his story. You already know that Jim Browning is not his real name; but for AARP to tell his story, we had to confirm his real identity and situation. Ultimately, he agreed, and I can assure you that the “Jim Browning” of this story is real and accurately described.</p><p>Once that was done, Jim and I spent countless hours over the summer looking over new footage he had recorded earlier in the day to watch phone marauders try to steal money. We communicated only on Skype, with our personal cameras turned off, again to protect Jim&rsquo;s identity and his family&rsquo;s privacy.</p><p>On four separate occasions, I witnessed a tech-support crime occurring in real time. The first time this happened, Jim was showing me what I thought was a recording from earlier in the day. I asked him when it happened, and to my surprise he said, “It&rsquo;s happening right now.”</p><p>“Well, what do we do?” I asked, my blood pressure surging. “We can&rsquo;t just let this transaction go through. They are about to send the scammer $10,000!”</p><p>Jim, an old pro at these situations by now, was already at work to find the victim&rsquo;s phone number. Often, he could get it directly from the scammer&rsquo;s computer; as we became more familiar, he sometimes would ask if I could access the person&rsquo;s contact information through a U.S. public data aggregator service to which I subscribe.</p><p>In those cases, I would give Jim the victims&rsquo; phone numbers as fast as I could find them, and he would call to warn them. After initial skepticism, they typically became convinced that it was a scam, and decided not to send cash. Which is what many scammers actually asked for.</p><p>The picture below is of a woman holding a box with $10,000 in cash. The scammers turned her computer camera on and asked her to show them the package to prove she was really going to send it to them. In this case, Jim was able to contact FedEx, which intercepted the package and stopped delivery.</p><p>But for every successful intervention, there were many more times when we were too late. “I can&rsquo;t tell you how many times I have infiltrated a scammer&rsquo;s computer and looked at his previous transactions, and it will say things like, &lsquo;Confirmation of wire transfer,&rsquo; ” Jim told me. “You just know those people have been scammed, and there is nothing you can do about it. That is the worst feeling.”</p><p>I get it. I witnessed crimes with Jim that couldn&rsquo;t be undone; I can&rsquo;t overstate how frustrating it was, or how angry I became.</p><p>Here are some cases I observed with Jim. I&rsquo;d urge to you read on, as knowing the details is the best protection from becoming a victim. It might spark a little rage in you, too.</p><p>One important note: Don&rsquo;t try to do what Jim does! Hacking undetected into criminal computers takes advanced skills, gear and cunning; it is also illegal and very dangerous.</p><div style=“height:30px” aria-hidden=“true”></div><h3>The False Diagnosis</h3><p><em>Riverton, Utah July 2020</em></p><p>DAVID, A 63-YEAR-OLD DISABLED VETERAN from Utah, was surfing the web one night when his screen filled with a scary pop-up sent by Sarjun, a scammer working solo out of Dehradun, a city about 150 miles northwest of New Delhi. David, alarmed, called the number on the pop-up to find out what was going on.</p><p>Sarjun claimed to be a certified computer technician and instructed David how to open up the event log on his computer. As we watched, Jim explained that the event log is a diagnostic tool that professionals use to track computer activity. An event log often includes many ominous-looking red and yellow warning messages. To a coder, they mostly indicate normal functions and trivial glitches. But since most of us don&rsquo;t know that, the log can create a real sense of fear.</p><p>“Can you see all of these bugs that have gotten into your computer?” Sarjun asks David—1,327 of them, he explains. “They are responsible for compromising your computer security. You can see here—error, warning, error—and these bugs—they are not harmful for your computer only. They are harmful for your other devices also, like your cellphone, your iPad, that you have at your location.”</p><p>Sarjun then showed David two other diagnostic screens that all computers use, misrepresenting the information to ramp up the fear. For example, Sarjun twisted one innocuous piece of data to say that 19 individuals were currently connected to David&rsquo;s computer.</p><p>“Wow. I don&rsquo;t know what they are after, but I don&rsquo;t keep numbers in my phone like banking or any of that stuff. But my wife might,” David tells Sarjun.</p><p>At this point, Sarjun senses he can go in for the kill. He tells David it will cost $300 to fix the problem, and David gladly complies to avoid any more problems.</p><p>Sarjun uses the exact same scare tactics with every victim, and they have been very effective. Jim found a spreadsheet on Sarjun&rsquo;s computer that showed he had scammed close to 1,000 victims and taken in more than $250,000 in the first six months of 2020 alone. Pretty good dough for a solo scammer sitting on a couch in India.</p><p>The average age of Sarjun&rsquo;s victims? Sixty-eight years old. To help fight back, Jim sent a warning to every victim on Sarjun&rsquo;s client list for whom he had an email address—about 850 of them. It described what he had seen and suggested they contact their bank to report the transaction as a fraud.</p><p>Several people wrote back, thanking him for the warning. Jim also has reported Sarjun and his operation to the Indian authorities. It took a while, but the Dehradun police recently asked Jim to help them “to do something about Sarjun.”</p><p>Of course, not everyone fell for Sarjun&rsquo;s scam. Jim played me a recording he made of another scam baiter interacting with Sarjun. At some point, the scam baiter confronted him: “You are a scammer, aren&rsquo;t you?” the man asked Sarjun angrily.</p><p>Sarjun replied, “Yes, I am and I am proud of it. Don&rsquo;t ever call this number again.”</p><div style=“height:30px” aria-hidden=“true”></div><h3>The Bogus Refund</h3><p><em>Waterloo, Michigan September 2020</em></p><p>HELLO, THIS IS KATHY JACKSON. I am calling you from the Microsoft Refund Department. Please do not hang up. You paid for your computer technical support a few months ago, and we are calling to refund your $400 as the company has been ordered to close down. Please call us on our toll-free number, 855-789-0307. Repeating again: 855-789-0307. Thank you.“</p><p>Jim and I watched live as a woman named Betty, 78, called the phone number after getting such a call. The man on the phone told her she was eligible for the $400 refund, but he would have to remote access into her computer to confirm it. He started by walking her through the steps for how to give him access using—you guessed it—TeamViewer.</p><p>After gaining access to her computer, the scammer told Betty that to get her refund, she needed to log in to her bank account so he could deposit the money directly. What she didn&rsquo;t realize was that the scammer could see everything she was doing. And so could we. We watched as she entered her bank account username and password. Within seconds, we could see the scammer himself logging in to her bank account.</p><p>”What he will do next is look at how much the victim has in her savings account,“ Jim told me, having observed many of these transactions. ”You see there—she has $180,035.74 in savings. The scammer will love that.“</p><p>Once he saw her sizable stash, the scammer pushed the ”Blank Guest Monitor“ button on the software to blacken Betty&rsquo;s screen so she couldn&rsquo;t see what he would do next: transfer $40,000 from her savings account into her checking account. The scammer then went into the HTML code on her computer (which determines what Betty would see on her screen) and changed the savings balance back to $180,035.74. He did this so when she looked, it would appear that nothing had been transferred but that her checking account had gone from $4,657 to $44,657.</p><p>Why do this? To set up the story he was about to feed her: that he had made a horrid mistake and transferred $40,000 of his firm&rsquo;s money into her account instead of $400.</p><p>If Betty had known to refresh her screen, or log out and log back in, she would have been able to see that the scammer had simply transferred her own money from one account to another. Absent those actions, the story seemed believable. So it wasn&rsquo;t hard for the bad guy to convince her that she needed to send the difference between $40,000 and $400—$39,600—to a bank in China to pay him back or else he will lose his job.</p><p>Because we were literally inside the scammer&rsquo;s computer, we could see him logging in to his Bank of China Hong Kong branch account to get the right account numbers to give the victim.</p><p>As he continues on with Betty, he tells her she would need to physically go to her bank and wire the money (that way, it would be untraceable). She should not, under any circumstances, mention what she is doing to anyone. Jim says scammers typically will coach the victim on what to tell the bank: ”Say you are sending money to a sick relative.“</p><p>It seemed pretty obvious to both Jim and me that unless someone intervened, Betty would comply with this request. While I listened, Jim called her bank to warn someone that Betty might be coming in soon to transfer funds and that it was a scam. Then Jim tried calling Betty, pretending to be a representative from her bank (any other explanation would have been too hard to explain), but she hung up on him—a good sign because it meant she was growing suspicious.</p><p>A few days later, I called Betty, a longtime AARP member, to make sure she never sent the funds. She confirmed that she had been contacted about a software refund, but told me that she figured out it was a fraud and never sent them any money.</p><p>”Don&rsquo;t worry, honey, I&rsquo;m fine. But thanks for checking on me,“ she said.</p><div style=”height:30px“ aria-hidden=”true“></div><h3>The Official Response</h3><p><em>Washington, D.C. October 2020</em></p><p>IMPOSTOR SCAMS LIKE THESE—in which a crook fakes the identity of some kind of authority to coerce money out of you—were the number one form of consumer fraud in 2020, the Federal Trade Commission reports. And it&rsquo;s not just Jim&rsquo;s observation that victims often are older. Consumers over 60 were about five times more likely to report losing money to a tech-support scam in 2020 than those ages 20 to 59, the FTC says.</p><p>In response, law enforcement agencies have invested heavily to take down tech-support scammers, resulting in more than 900 arrests in the U.S. in the past three years. Industry giants like Microsoft have also ramped up the fight by more widely sharing information they see about these types of abuses. After all, their brand reputation is at stake.</p><p>Just in October, the Central Bureau of Investigation (India&rsquo;s equivalent to the FBI) and the U.S. Justice Department brought charges against a group of tech-support scammers who allegedly defrauded thousands of seniors for almost a decade. Jim had penetrated these operations years earlier and sent details of them to the CBI. He even confronted one of the main defendants, Michael Brian Cotter, online; Cotter denied any wrongdoing, saying Jim&rsquo;s evidence was just the result of a couple of rogue employees and was not what his company was all about.</p><p>The Justice Department and the India law enforcement agency disagreed; Cotter, a California resident, and numerous others have been indicted in the United States.</p><p>Did Jim&rsquo;s tip play a role? It&rsquo;s impossible to know. I spoke with a senior manager at the FTC and a former state assistant attorney general about how law enforcement thinks about people like Jim. They both said that even if what vigilantes like Jim do is illegal, law enforcement will turn a blind eye as long as they don&rsquo;t ”cross the line“ and use the information they gather for nefarious purposes. One person likened them to industry whistleblowers who report wrongdoing that in some cases leads to indictments—and, in some cases, cash payments to the whistleblower.</p><p>Jim doesn&rsquo;t expect reward money anytime soon. ”I know that law enforcement probably wouldn&rsquo;t approve of what I do,“ he told me. ”But almost every time I pass on information“—Jim notes he&rsquo;s done so at least 100 times—”they tell me they are grateful and say, &lsquo;Keep doing what you are doing.&rsquo; “</p><p>Perhaps that&rsquo;s because the onslaught of tech-support fraud shows no sign of letting up. Robocall technology has made it shockingly cheap and easy for fraudsters to call millions of homes, thereby increasing their chances of reeling in unsuspecting victims.</p><p>Likewise, the global pandemic has caused us to spend more time online, exposing us to dubious websites where malicious pop-ups are more common. And high youth unemployment in developing countries, combined with easy access to technology, has swelled the number of individuals willing to engage in fraud for a living.</p><p>You&rsquo;re probably wondering: Do law enforcement agencies sneak into scammers&rsquo; computers and observe crimes as Jim does? The answer is: only under the narrowest of circumstances. Electronic wiretapping rules are extensive and highly restrictive. One U.S. official told me, ”It&rsquo;s a big deal“ to get a judge to sign off on electronic surveillance that would allow the government to do what Jim is doing; prosecutors would need overwhelming documentation ahead of time that a crime is occurring before a judge would grant such approval.</p><p>But Jim doesn&rsquo;t work for the U.S. or any other government, which means there is no one to stop him as he continues his solitary quest to search and call out the bad guys...”</p>"
  },
  "date": "2021-04-13T21:42:00-05:00",
  "featured": false,
  "headline": "Lessons from Inside the Fraud Factory",
  "id": "1618350120",
  "imageFilename": "inside-the-fraud-factory",
  "slug":"lessons-from-inside-the-fraud-factory",
  "sourceName": "AARP",
  "sourceArticleUrl": "https://www.aarp.org/money/scams-fraud/info-2021/international-tech-support-scam-exposed.html",
  "tags": ["Account Takeover(ATO)", "Caller-ID Spoofing", "Fraud Prevention", "Phone Scam", "Spoofing"]
},
{
  "content": {
    "html": "<p>Government laws and regulations often have to be adapted to meet the challenges of evolving technology. Sometimes they fail to respond quickly enough. Skeptics regularly cite this “pacing problem” as a reason for letting technology companies manage themselves. </p><p>But sometimes lawmakers get ahead of the curve and put in place a flexible law that allows the rules to evolve to meet changing technology. The 1991 Telephone Consumer Protection Act (TCPA), directed at controlling nuisance telephone calls, was a successful example of flexible, adaptive technology policymaking. By granting rulemaking authority to the Federal Trade Commission and the Federal Communications Commission, for instance, it allowed the agencies to put in place the Do Not Call rule in 2003. Dave Barry called this rule “the most popular federal concept since the Elvis stamp” because it allowed people to opt out of receiving telemarketing calls.</p><p>The statute also bans the use of autodialers to make calls to cell phones or to send text messages without the prior express consent of the called party. Or at least it used to until April Fools&rsquo; Day 2021, when the Supreme Court gutted that provision in a decision that reads like a brief from a telemarketers&rsquo; trade association. The decision creates a “pacing problem” that Congress thought it had solved by giving agencies the power to adapt the statute to new conditions. It will force Congress to pass a new law to correct the Court&rsquo;s mistaken and overly narrow reading of the statute. </p><p><em>The Court&rsquo;s Narrow Reading of the Statute</em></p><p>An autodialer is defined in the statute as a device with the capacity “(A) to store or produce telephone numbers to be called, using a random or sequential number generator; and (B) to dial such numbers.” Since modern autodialers don&rsquo;t use number generators at all, the Ninth Circuit Court of Appeals reasonably adapted the statutory definition to the contemporary world by ruling that an autodialer need only have the capacity to “store numbers to be called” and “to dial such numbers automatically.” Senator Ed Markey, the actual author of the 1991 law agreed with that interpretation, saying, “It was clear when the TCPA was introduced that Congress wanted to ban dialing from a database.” </p><p>But, in an exercise of arid judicial scholasticism, the Supreme Court ruled that a device is an autodialer only if it uses a random or sequential number generator to store or produce numbers to be called, thereby applying the statute&rsquo;s autodialer provision to exactly zero real-world devices. It didn&rsquo;t even attempt to hide the gutting of the statute - noting blandly that if its interpretation meant that the statute applied only to “senescent” technology that was because the statute itself was “senescent.”</p><p>The Court&rsquo;s professed rationale for this narrow reading of the text was an obscure rule of statutory interpretation - look at the placement of the comma, the majority opinion urged. Even Justice Samuel Alito, who nevertheless concurred in the decision, rejected the Court&rsquo;s strained reasoning as “mechanically applying a set of arcane rules.” Such arbitrary rules of interpretation, which the Court increasingly relies on, derive from the work of the late Justice Antonin Scalia. They have nothing to do with the rules of English grammar, but everything to do with giving the Court a flexible tool to reach whatever conclusions its policy preferences dictate. </p><p><em>Where&rsquo;s the Technology Assessment?</em></p><p>The Court did engage with today&rsquo;s technology - but only in the crudest and least nuanced way. Since cell phones have a speed dialing function and store numbers, the Court reasoned, a broad reading of the statute would make every cell phone an autodialer subject to the consent requirements of the statute, which indeed makes very little sense.</p><p>But a speed dialer is easily distinguishable from an autodialer because a cell phone user has to select the person to be called and push a button to speed dial it, while an autodialer can dial telephone numbers 24/7 with no human intervention at all. The court brushed aside such a reasonable technological distinction, saying it had no interest in the “difficult line-drawing exercise” of determining how much automation makes a device an automatic dialer. </p><p>Moreover, the Court moreover attributed to Congress not an interest in reducing nuisance phone calls, but only the narrowest possible interest in preventing just the abuses arising from calling random or sequential blocks of numbers. Why Congress would deliberately limit itself in this way to the technological realities of 1991 is left to the imagination of the reader. </p><p>The Court even provides a roadmap for how to use an automatic dialer to make calls or to send text messages without triggering the TCPA consent requirement. First obtain a “preproduced” list of cell phone numbers. Then be sure not to use “a random number generator to store numbers to be called later” because storing numbers for later calling using a random generator will make the device an autodialer in the Court&rsquo;s interpretation of TCPA. Instead, the Court advises, draw numbers from the “preproduced” cell phone list “for immediate dialing” in whatever fashion you want - the Court has no interest in regulating how the automatic dialing takes places. In this case, the Court says, the device will neither store nor produce the called numbers using a sequential or random number generator, and so will not be an autodialer for TCPA purposes. </p><p>The TCPA prohibitions on recorded messages remain intact, and the Do Not Call opt out opportunity is still available, but the danger in the Court&rsquo;s decision is clear. Unwanted calls are such a pervasive problem today that many people do not answer their cell phones unless they know the person calling. The Court&rsquo;s decision just made the current miserable situation immeasurably worse. As Margot Saunders with the National Consumers Law Center says, the decision will allow telemarketers to “flood our cellphones with even more unwanted robocalls and automated texts.” </p><p>The good news is that Senator Markey and Representative Anna Eshoo plan to introduce legislation soon “to amend the TCPA, fix the court&rsquo;s error, and protect consumers.” If the experience of Do Not Call is any precedent, we can expect rapid passage of such a popular consumer protection measure. </p><p>In responding, Congress needs to make it clear that the enforcing agencies have full authority to update the relevant definitions to adapt to changing technology. At one point, perhaps, the Supreme Court could be relied upon to adapt statutes to evolving technology, but it appears to be lost in sterile scholastic debates about the placement of commas rather than an evaluation of real- world technological issues. Congress should lodge the responsibility to update and clarify the application of old rules in light of evolving technology to expert agencies that understand the business realities and the technologies used in the industries they regulate.</p>"
  },
  "date": "2021-04-09T21:24:00-05:00",
  "featured": false,
  "headline": "The Supreme Court Just Gutted A Thirty-Year-Old Law Against Robocalls",
  "id": "1618003440",
  "imageFilename": "supreme-court-guts-robocall-law",
  "slug":"the-supreme-court-just-gutted-a-thirty-year-old-law-against-robocalls",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/washingtonbytes/2021/04/09/the-supreme-court-just-gutted-a-thirty-year-old-law-against-robocalls/?sh=2b016a747935",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>Walt Hickey is a senior editor for data at Insider. Recently, he has been getting a bunch of phone calls about renewing his auto warranty, but Walt doesn&rsquo;t even have a car! Where is all this spam coming from?</p><p>Cell phone spam calls have been on the rise for a few years now. Americans receive billions of robocalls per month. Most people, like Walt, just hang up as soon as they find out it&rsquo;s a scam robocall. So why are advertisers, even scammers, spending money on them? Turns out, robocalls are so cheap that even luring in a few people is worth paying for billions of calls, and even though these spam calls are technically illegal, the government hasn&rsquo;t successfully clamped down on robocallers.</p><p>On The Indicator, Walt helps us explain the economics behind how robocalls have become such a nuisance, and what this year holds for the dreaded robocall.</p>"
  },
  "date": "2021-03-26T21:31:00-05:00",
  "featured": false,
  "headline": "Rise of the Robocall",
  "id": "1616794260",
  "imageFilename": "rise-of-the-robocall",
  "slug":"rise-of-the-robocall",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://www.npr.org/2021/03/23/980478016/rise-of-the-robocall",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>The Federal Communications Commission issued its largest ever fine of $225 million to Texas telemarketers who sent about 1 billion robocalls falsely claiming to sell health insurance for Aetna, Blue Cross Blue Shield and other companies.</p><p>John Spiller and Jakob Mears, who did business under the names Rising Eagle and JSquared Telecom, faced the fine, proposed in June 2020 by the FCC, for massive spamming of spoofed robocalls in the U.S. in 2019. Spoofed calls have a false caller ID that makes them appear to come from a nearby location.</p><p>Consumers would be asked if they were interested in “affordable health insurance with benefits from a company you know?” and companies including Aetna, Cigna, Blue Cross Blue Shield and United HealthCare were mentioned.</p><p>If they pressed 3 to get an agent, the consumer would be transferred to a call center unaffiliated with any of those insurers. One of the robocallers&rsquo; largest clients, Health Advisors of America, was sued in 2019 by the the Missouri attorney general for telemarketing violations, the FCC says.</p><p>Spiller told the USTelecom Industry Traceback Group, a group authorized by the FCC to investigate robocalls, that he knowingly called consumers on the Do Not Call list, the FCC says. He told the group that his firm made millions of calls per day and that he was using spoofed numbers, the FCC said in its original fine proposal.</p><p>In addition to enforcing the agency&rsquo;s largest-ever fine, the FCC also issued several cease-and-desist orders against other robocallers and created a robocall response team.</p><p>“Unwanted robocalls are not only a nuisance, but they also pose a serious risk to consumers who can inadvertently share sensitive, personal information in response to bad actors&rsquo; malicious schemes,” acting FCC Chairwoman Jessica Rosenworcel said in a statement. ::quot::I&rsquo;m proud to unveil my first set of actions to put a renewed focus on what the FCC can do to combat the issue that we receive the most complaints about.</p><p>The cease-and-desist letters went to six firms charged with making or facilitating robocalls:</p><ul><li>RSCom of Canada, which was warned in May 2020 to cease making scam calls involving COVID-19, Social Security, the Internal Revenue Service, electric utilities and Apple Inc.</li><li>Stratics Networks of Canada for facilitating fraudulent calls about COVID-19, student loans, political campaigns, and discounts and upgrades for AT&amp;T and DirecTV.</li><li>Yodel Technologies, a Florida provider, for facilitating fraudulent calls related to Social Security, health insurance, and debt reduction services.</li><li>Icon Global, a U.K.-based company, for facilitating robocalls that inundated the Washington, D.C., Metropolitan Police Department, as well as those falsely representing Apple and the Social Security Administration.</li><li>IDT Corporation of New Jersey, for transmitting, on behalf of clients, illegal robocalls about COVID-19 and health insurance, Social Security, fictional Amazon refunds, computer services, credit cards, and fraudulent calls threatening to disconnect utilities without payments.</li><li>Third Rock Telecom, of Canada, which is suspected of transmitting robocalls about fictional Apple/iCloud account breaches, Social Security scams, and credit card fraud.</li></ul>"
  },
  "date": "2021-03-17T21:20:00-05:00",
  "featured": false,
  "headline": "FCC enforces largest fine ever against telemarketers who made 1 billion robocalls",
  "id": "1616016000",
  "imageFilename": "fcc-hits-robocaller-with-225-million-dollar-fine",
  "slug":"fcc-enforces-largest-fine-ever-against-telemarketers-who-made-1-billion-robocalls",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://www.usatoday.com/story/tech/2021/03/17/robocalls-fcc-fine-spoofed-calls-health-insurance/4734336001/",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>After a year of relief, robocalls are back up to pre-pandemic levels.Americans received more than 4.6 billion robocalls in February, up 15% compared to January, according to new data from YouMail, a robocall-prevention service that tracks robocall traffic across the United States. About 159.1 million robocalls were placed each day last month.This marked the highest monthly robocall volume since February 2020, notably right before the Covid-19 pandemic hit the United States hard. So far, 2021 is on pace to reach 51.5 billion robocalls, a big jump from 2020 (45.9 billion). Americans received 58.5 billion robocalls in 2019, up 22% from the year before.“Because February was a short month, I think the first two months are lower than we&rsquo;ll see going forward and we&rsquo;re actually going to wind up much closer to 2019&rsquo;s pre-pandemic levels overall,” YouMail CEO Alex Quilici told CNN Business, attributing the resurgence to economies&rsquo; reopening worldwide.</p><p>Americans experienced a significant drop in the amount of robocalls flooding their phones last Spring, helped by international call centers being shut down during the global pandemic and government efforts to stop Covid-19-related scams. At the time, YouMail reported the number of robocalls made to US phone numbers in April was the lowest in two years. That included both scam and legitimate calls, such as payment reminders from banks.“Call centers are closed or running at much lower capacity due to social distancing around the world,” Quilici told CNN Business at the time. ::quot::There&rsquo;s no point to robocall people if there&rsquo;s no one there on the other end [to field it] when someone &rsquo;presses 1&rsquo; or returns a call.</p><p>The latest report noted that scam and telemarketing calls accounted for about 60% of last month&rsquo;s robocall volume -- a trend in line with past months. The leading illegal types of robocalls involved car warranties and health-related scams.</p>"
  },
  "date": "2021-03-05T13:44:00-06:00",
  "featured": false,
  "headline": "Yes, you are getting lots of robocalls again",
  "id": "1614951840",
  "imageFilename": "lots-of-robocalls-again",
  "slug":"yes-you-are-getting-lots-of-robocalls-again",
  "sourceName": "CNN",
  "sourceArticleUrl": "https://www.cnn.com/2021/03/04/tech/robocalls-pre-pandemic-levels/index.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<h3>Daily Robocalls are Up a Whopping 27% from January</h3><p>Americans received just over 4.6 billion robocalls in February, a dramatic 15.1% increase over January. In February, robocalls averaged 159.1 million calls/day, or roughly 1,911 calls/second, a 27% increase from 129.5 million calls/day and 1,500 calls/second in January. The total for February 2021 is the highest monthly robocall volume since February 2020, right before the pandemic. Only two months into this new year, robocalls are on pace to reach 51 billion robocalls for 2021, a significant increase from 2020.</p><figure><img src=“https://mma.prnewswire.com/media/1449195/YouMail_Robocalls_in_February.jpg?p=publish&amp;w=950” alt=“”/><figcaption>(PRNewsfoto/YouMail, Inc.)</figcaption></figure><p>These latest monthly figures come from YouMail, a totally free robocall blocking app and call protection service for mobile phones.</p><p>“Robocallers are basically back in action,” said YouMail CEO Alex Quilici. “As economies continue their reopening journey, it&rsquo;s not a surprise to see robocalls essentially return to pre-pandemic levels.”</p><p>February 2020 Saw an Increase in Scam Calls</p><p>In February, combined scam calls and telemarketing calls accounted for roughly 60% of the month&rsquo;s total robocall volume, similar to past months. Unfortunately, the total number of scam and telemarketing calls exceeded 2.8 billion calls for the month, a very substantial number of likely unwanted and/or illegal calls.</p><figure><table><tbody><tr><td>Type ofRobocall</td><td>Estimated FebruaryRobocalls</td><td>Percentage February Robocalls</td></tr><tr><td>Scams</td><td>2.2 billion (+26%).</td><td>48% (+2%)</td></tr><tr><td>Alerts and Reminders</td><td>1.2 billion (+20%)</td><td>25% (-2%)</td></tr><tr><td>Payment Reminders</td><td>.64 billion (-+14%)</td><td>14% (flat)</td></tr><tr><td>Telemarketing</td><td>.60 billion (+13%)</td><td>13% (flat)</td></tr></tbody></table></figure><p>Top Illegal Robocalls in February 2021</p><p>The leading illegal types of robocalls in February continued to be those involving Car Warranties and Health-Related Scams. In particular, Warranty Scams continue to grow rapidly, increasing by 74 million calls in February versus January, after increasing 100 million calls in January versus December.</p><figure><table><tbody><tr><td>Rank</td><td>Type of Scam</td><td>Estimated February Robocalls</td><td>Summary of Scam</td></tr><tr><td>1</td><td>Warranty Scams</td><td>339 million (+74m)</td><td>Scam payments/illegal solicitations</td></tr><tr><td>2</td><td>Health-Related Scams</td><td>202 million (+23m)</td><td>Identify theft/scam payments/illegal solicitations</td></tr></tbody></table></figure><p>“Winners” in February 2021</p><p>The cities, area codes and states with the highest volumes of robocalls in February continue to be relatively stable. One big change was Memphis, Tennessee overtaking Macon, Georgia, as the city whose residents got the second most calls per person behind Atlanta, Georgia. The other big change was the 225 area code in Baton Rouge replacing the 215 area code in Macon, Georgia, as the area code that got the second most robocalls, trailing the 404 area code in Atlanta.</p><figure><table><tbody><tr><td>Cities with the Most Robocalls:</td><td>Atlanta, GA (171.1 million, +6%)Dallas, TX (164.8 million, +16%)</td></tr><tr><td>Cities with the Most Robocalls/Person:</td><td>Baton Rouge, LA (38.9%/person, +19%)Memphis, TN (36.0 /person, +16%)</td></tr><tr><td>Area Codes with the Most Robocalls:</td><td>404 in Atlanta, GA (72.6 million, +4%)214 in Dallas, TX (60.9 million, -13%)</td></tr><tr><td>Area Codes with the Most Robocalls/Person:</td><td>404 in Atlanta, GA (59.4/person, -2%)225 in Baton Rouge, LA (38.9 person, +19%)</td></tr><tr><td>State with the Most Robocalls:</td><td>Texas (513.3 billion, +15%)California (419.0 million, -+18%)</td></tr><tr><td>State with the Most Robocalls/Person:</td><td>Tennessee (27.4/person, +15%)Alabama (26.4/person, +12)</td></tr></tbody></table></figure>"
  },
  "date": "2021-03-04T13:50:00-06:00",
  "featured": false,
  "headline": "4.6 Billion Robocalls in February Mark 15.1% Monthly Increase",
  "id": "1614865800",
  "imageFilename": "february-2021-robocalls",
  "slug":"4-6-billion-robocalls-in-february-mark-15-1-monthly-increase-says-youmail-robocall-index",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/4-6-billion-robocalls-in-february-mark-15-1-monthly-increase-says-youmail-robocall-index-301240523.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<ul><li>Spam robocalls are on the rise, and the reason is they&rsquo;re incredibly profitable.</li><li>Court decisions have paved the way for telemarketers to get away with spam calls scot-free.</li><li>You can stop scam robocalls, but you need to take it into your own hands.</li></ul><p>Nearly every day for the past year, I have been breathlessly informed that the warranty on my vehicle is out of date. The situation is dire: it&rsquo;s the middle of a pandemic, and if the warranty on my vehicle gives out, I could be out a serious chunk of money.</p><p>The problem is that I do not have a warranty on my automobile. I do not own an automobile. I have <em>never</em> owned an automobile. I last drove one my parents owned in high school. But unrelentingly, a woman calls me in the midafternoon to offer me a way out of my warranty problem.</p><p>Why?</p><p>Because spam calls are out of control. Billions of robocalls hit American cell phones every month.</p><p>A February 2021 Insider survey conducted on SurveyMonkey Audience found that 46% of Americans reported receiving spam phone calls on their cell phone every day, with another 24% receiving them multiple times per week.</p><p>Spam calls impact everyone evenly. Eighty percent of Democrats got spam robocalls at least weekly, as did 79% of Republicans. They impact men (76%) and women (78%), old (85%) and young (66%), rich (72%) and poor (71%).</p><p>Nobody is safe, nobody can escape them, and for many it seems nothing can stop them.</p><p>How we got here is the result of an erosion of protections on three fronts.</p><p>First is the technological, as advances have magnified fundamental flaws in the American phone system enabling unrelenting robocalls from untraceable origins.</p><p>The second is financial: because of that, it&rsquo;s incredibly profitable to use spam calls to drive business whether the caller is a scammer trying to bilk money out of marks or an actual business using telemarketing to increase sales.</p><p>Lastly is the legal situation, with a series of enormous court decisions — with one more on the way — so far paving the way for telemarketers to get away with blowing up your phone scot-free, with next to no legal recourse and under-funded enforcement just trying to keep the lid on.</p><p>Further, special interests who prefer an unregulated robocall environment are enormously powerful compared to the pro-consumer groups; an Insider analysis found that the federal lobbyists employed by pro-robocall businesses outnumbered the anti-robocall consumer groups&rsquo; lobbyists by a factor of 100 to 1.</p><p>This doesn&rsquo;t mean there aren&rsquo;t solutions, just that the approach to spam calls needs to change. The prevailing message is that this is not a problem that can be legislated away or turned off with a switch. Rather, consumers must treat the American telecom system like an infected computer network, taking matters into their own hands with software protections for their phones.</p><h2>Why do I keep getting spam calls?</h2><p>Experts credit the ascendance of spam phone calls to fundamental problems with caller ID, a phone system where anyone can operate as a carrier, the inability to detect bad callers, and a number of bad actors exploiting those flaws to drive billions of calls to American phones.</p><p>Plus, spam calls make their perpetrators a killing.</p><p>The standard operating procedure is more sledgehammer than scalpel. There are different kinds of robocall scams: some are clearly illegal, such as calls the pretend to be the IRS or law enforcement, while others sell some kind of product like an auto warranty or an insurance policy but illegally telemarket the products. All basically use some iteration of the same business model.</p><figure><img src=“https://i.insider.com/603e670013b221001876b171?width=1300&amp;format=jpeg&amp;auto=webp” alt=“robocallers flow”/></figure><p>First you have a company that wants to find buyers. They could be selling actual products like insurance policies or alarm systems, or they could be a scam operation looking for marks they can coerce into buying gift cards. The product doesn&rsquo;t really matter, what matters is they&rsquo;re willing to pay someone $6 or $7 per lead to send them people who may be interested in buying.</p><p>The company they contract to find those leads is the robocaller; typically overseas, what they do is call millions of phone numbers with a prerecorded message. Most hang up, but occasionally some listen, and those people are plugged through a phone tree until they&rsquo;re determined to be a qualified lead, which is then sold to the original company.</p><p>The robocaller is able to place their calls through a gateway carrier, which is a telecommunications company willing to place those calls to American phones. The gateway carrier may not always know they&rsquo;re laundering scam calls into the US telecom system, but they&rsquo;re often targets of FTC enforcement. Once the call is on US soil, it passes through the patchwork of carriers to your phone.</p><p>“They work,” said Aaron Foss, founder of Nomorobo, a company that blocks spam calls. “The response rates are abysmal, a tenth of a percent response rate. But the risk of getting caught is so, so low, and the rewards are so high.”</p><p>The economics of phone spam are incredibly favorable. For perspective, 125,000 minutes of robocalls from Message Communications Inc — which sustained a $25,000 penalty in 2015 for what the FTC described as “willful, repeated” violations — has sold for a mere $875. Assuming a consumer listens to the call for an average of three seconds, that $875 would translate into 2.5 million calls, with one cent getting a buyer 28 spam calls.</p><p>Even if just one out of every 10,000 calls turns into a qualified lead, at a going rate of $7 per lead, an hour of robocalls will pull in $1,750 in revenue, neatly doubling their investment.</p><p>It&rsquo;s an engine that turns phone calls into money with a byproduct of distributed annoyance.</p><p>Every person who buys from a telemarketer can facilitate hundreds of thousands of calls, according to an FTC spokesperson. While many calls may eventually sell an actual product, plenty are simply scams targeting the elderly or infirm, spam calls that are functionally elaborate elder abuse operations attempting to bilk seniors out of money.</p><p>The top scams of any given time are a reflection of anxieties; auto warranty scams are big today, and were last highly popular during the heights of the Great Recession, when economic anxiety roiled the country. As Americans take on debt to ride out the pandemic, calls preying on those anxieties remain popular.</p><p>The calls often originate overseas, where the FTC lacks jurisdiction. The Do Not Call list doesn&rsquo;t work for robocalls on your cell phone, it just prevents<em> live</em> telemarketers from calling you. Even if it did work, the robocallers are already flaunting the law, and there&rsquo;s little reason they&rsquo;d respect the registry. They&rsquo;re able to thrive on the US phone system because of a fundamental flaw in the structure of the grid.</p><p>“Caller ID was never verified,” Foss said. In the 1980s when caller ID was first implemented, there was only one phone company — AT&amp;T — and as they were able to verify customers, caller ID was implemented the same way that a return address on an envelope was, where a person could put anything.</p><p>Then AT&amp;T was broken up, and deregulation meant anyone could become a carrier, and the FCC laws that effectively protect the privacy of you as a phone user are equally capable of protecting bad actors, as well. As a result, caller ID is meaningless yet still relied on, which makes it easy for scammers to exploit.</p><p>So, why don&rsquo;t the carriers just stop them?</p><p>“Carriers don&rsquo;t shut it down unless it&rsquo;s absolutely positively proven to be illegal,” said Alex Quilici, the CEO of YouMail, another spam blocker app.</p><p>Carriers want to move calls around, not actively regulate the calls. The reasoning is clear: if a debt collector robocalls someone, while the recipient may consider that a nuisance, it&rsquo;s absolutely legal. They want to stay out of it.</p><p>There is a liability component, Quilici said. A pharmacy may contact a patient about their COVID-19 vaccine appointment with an automated call, and if a carrier blocked that there would be hell to pay. Carriers avoid interfering in grey areas, and will only block a gateway carrier or caller when given ample grounding to do so, often by federal action against a bad actor.</p><h2>Why have they gotten worse?</h2><p>If I&rsquo;m getting overwhelmed by spam calls that are violations of the Telephone Consumer Protection Act (TCPA), why can&rsquo;t I just sue them into oblivion?</p><p>“Federal courts have used a decision called Spokeo to curtail TCPA lawsuits,” said attorney Scott Owens, a litigator who specializes in these kinds of cases. “Spokeo held you can&rsquo;t go into federal court for just a violation of federal law.”</p><p>The 2016 6-2 Supreme Court decision in Spokeo Inc. v. Robins has had broad implications in the rise of spam robocalling. Spokeo came to mean that being annoyed isn&rsquo;t enough to sue an illegal telemarketer in federal court. A plaintiff needs to be injured, which makes it much harder to build a case against telemarketing operations doing flagrantly illegal things that rarely injure people.</p><p>If the federal courts are out of the picture, why not state courts? That&rsquo;s also a no go, Owens said, as many states follow the same Article III injury standard as the federal courts, and plenty of other states, including New York, have a bar on bringing purely statutory violations to class actions. As a result, even if a dogged, furious person trying to sue a telemarketer took the full measure of legal remedies available to them, best they could probably win is $1,500.https://datawrapper.dwcdn.net/0HFwk/1/</p><p>With judgments that low, the risk has become negligible. And even if caught, there&rsquo;s nothing stopping spam callers from closing down one operation and winding up another.</p><p>“Calls are cheap,” Owens said. “It&rsquo;s easy to set up one of these operations if you have a little bit of money.”</p><p>In February 2018, YouMail estimated there were 2.75 billion spam calls. That same month, the Supreme Court declined to review the Spokeo case. The legal risk for telemarketers would remain nil.</p><p>By March, the number of monthly robocalls was up to 3.16 billion, then 4.06 billion by May, 4.41 billion by September, and rising to 5.11 billion by October. The gloves were off.</p><p>“Our best guess is the scammers realized they could scale,” Quilici said. Over the course of 2018, more gateway carriers launched. Some callers who had been placing a million calls per month upped to 20 million. Volumes exploded.https://b349a83fb4c1be1035cd289fd9fe1363.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html</p><h2>Why can&rsquo;t the government stop them?</h2><p>The easy cliché is that taking out robocallers is like whack-a-mole. The pros reject this analogy.</p><p>“Whack-a-mole is fun,” Foss said. “Fighting robocallers isn&rsquo;t.”</p><p>Foss knows a lot about the government&rsquo;s war on robocallers. In 2013, with their backs to the wall after a grueling, losing fight against surging robocalls, the FTC threw out the gauntlet, offering a $50,000 prize for the best overall solution to blocking illegal robocalls. One of the pair of winners, beating out nearly 800 other ideas, was Foss.</p><p>The FTC has been waging a war on robocallers for nearly two decades. They began by going after the robocallers themselves, though this presented significant difficulties because they were often offshore and tended to be small operations with low overhead. A single person can be responsible for 100 million robocalls, and it&rsquo;s impractical to go after all of them.ADVERTISING</p><p>So next, the FTC began going after the companies that hire them. They went after alarm companies fueling spam calls in 2014, and secured a $1.1 billion judgment from Caribbean Cruises in 2017.</p><p>After that they began to go after the gateway carriers that bring the calls onshore, and the individuals who make the software that enables illegal robocalling. This is where they have had considerable success lately.</p><p>Take the gateway carriers later involved when the agencies cracked down on illegal coronavirus-related telemarketing in April and May of last year. According to the FTC and FCC, the calls were promoting bogus free test kits and HVAC cleaning services, targeting desperate Americans amid the initial uncertainty of the pandemic. Those robocalls were originated, according to the agencies, by two companies called VoIPMax in The Philippines and Oberlo Peer BPO in Pakistan. Their action targeted three gateway providers — SIP Join of Virginia, Connexum of California, and VoIP Terminator of Florida — who the feds said got those calls into the US and into the phone system.</p><p>Again, these are not companies you&rsquo;ve probably ever heard of, but the fact that anyone, anywhere can pretty much get a telephone call into the system without a great deal of difficulty or cost means that it takes just one bad apple to spoil the entire telecommunications barrel.</p><p>Taking down just one entity can have a drastic impact, as seen in the 2018 FTC complaint against Jamie Christiano and the company TelWeb, which the agency said was responsible for creating and hawking “a computer-based telephone dialing platform” behind <em>billions</em> of illegal robocalls.</p><figure><img src=“https://i.insider.com/603d520413b221001876af4e?width=1300&amp;format=jpeg&amp;auto=webp” alt=“infographic net dot solutions timeline1”/></figure><p>The FTC is fiercely proud of its work, and has room to boast. They do a lot with a little: In 2015, the FTC budget was $300 million. They returned <em>$9 billion</em> to consumers in refunds. They can hit bad actors with civil penalties, but the criminal prosecutions are up to the Department of Justice.</p><p>Lately they have begun to step up. Just last week the DOJ announced 11 guilty pleas in a $300 million telemarketing scam.</p><p>Last year, the DOJ launched cases against three individuals and five companies — Ecommerce National, SIPRetail, Global Voicecom, Global Telecommunication Services, and KAT Telecom — who they allege were gateway carriers bringing in hundreds of millions of fraudulent robocalls.</p><p>Again, just by removing bad actors from the mix, a considerable dent can be made in the volume of calls, with the DOJ claiming that two of those companies carried 720 million calls in just 23 days, with 425 million of them lasting less than one second. An earlier FTC bust of SBN Peripherals in 2012 found that one company carried out 2.6 billion outbound calls over a 20-month period, a volume of annoyance that led to 12.8 million people — about one half of one percent of the overall call volume — being connected to a sales agent.</p><p>Still, all it takes is one server and a little bit of money.</p><blockquote><p>&rsquo;If they win, what we will have is a tsunami of unwanted texts.&rsquo;</p></blockquote><p>This year will be enormous in deciding the fate of robocalls for three reasons — one technical, one financial, and one legal.</p><p>First, on the technical side, this year will see the full rollout of STIR/SHAKEN, a new system designed to hit robocallers who spoof numbers illegally. This is being rolled out across carriers to mixed efficacy. National carriers developed the program and have the tech to seamlessly roll it out, smaller or regional carriers may have a less elegant implementation, and the fragmented state of the phone system makes any nationwide technical rollout difficult to nail down.</p><p>Still, the expectation is that STIR/SHAKEN — which digitally validates the handoff of phone calls and ensures that the caller ID is signed as legit — will have an impact come this summer on reducing the volume of calls that make it to your cell phone.</p><p>Second, the unfortunate reality is that as the COVID-19 pandemic abates, spam calls are poised to increase because call centers shut down due to social distancing will re-open.</p><p>“When India and Pakistan shut down, you saw an instant decline in robocalls,” Quilici said. “When the pandemic recedes, you&rsquo;re going to see more robocalls in general.” Call centers that were shuttered will re-open, and a volume of calls that had been at around 75% of peak over the course of the pandemic will get back up to full capacity.</p><p>Lastly, on the legal front, a case before the Supreme Court could also make spam texts and calls far more pervasive.</p><p>Last November, the Supreme Court heard oral arguments in a case with enormous implications for the sanctity of your phone. Several years ago, someone linked their telephone number to their Facebook account. They eventually gave up that telephone number, and in 2014 it was assigned to Noah Duguid, a person who does not even have a Facebook account.</p><p>When Facebook began texting that number repeatedly about suspicious activity on the account of the previous number&rsquo;s owner, Dugiud asked them to stop texting him. When they didn&rsquo;t, he sued. The case wound its way through the legal system and, after Duguid won at the Ninth Circuit court of appeals, Facebook took the case to the Supreme Court. At issue now is whether Facebook used what under the TCPA is an automated telephone dialing system, but as tends to be the case with legal matters escalated to the Supreme Court, it&rsquo;s about more than that.</p><p>“Facebook and Yahoo have an interest in not being sued when they fail to stop texts,” said Margot Freeman Saunders, the senior counsel at the National Consumer Law Center.</p><p>Facebook, backed by dozens of business groups, and Duguid, who has the support of several consumer advocates and Congressional representatives, are each arguing for a different interpretation of what an Automated Telephone Dialing System is. Facebook&rsquo;s legal team argues that an ATDS, under the law, only calls numbers randomly or sequentially, and as a result their use of a machine to automatically contact phone numbers through a dialing system does not technically count as an ATDS because they&rsquo;re calling from a list. Duguid&rsquo;s argument is the law specifically stipulates consent, which necessitates a list, and as a result the system is still an ATDS.</p><p>Naturally, the Supreme Court oral arguments came down to an intense discussion of grammar.</p><p>“Courts are buying some of these excuses, and the FCC under Trump did not come down hard on these ridiculous excuses,” Saunders said. “Instead they didn&rsquo;t do anything.”</p><p>Facebook did not respond to a request for comment.</p><p>Legal wrangling aside, the Supreme Court&rsquo;s ruling will have a direct impact on your cell phone. If Facebook wins, it&rsquo;s a massive boost not only for businesses trying to robocall you, but also for the people who abuse the system. It will grant legal cover to spam calls and spam texts that hasn&rsquo;t existed in decades, consumer advocates say.</p><p>“If they win,” Saunders said, “what we will have is a tsunami of unwanted texts, because there will be no limit on uninvited texts.”</p><p>Either way, when the case is decided a legislative fight will kick off. Despite polls showing vast public annoyance with robocalls, the political might of the pro-robocall lobby vastly exceeds that of the anti-robocall crowd. In addition to Facebook, 35 unique companies and associations wrote or signed on to friends-of-the-court briefs to bolster their case. These organizations all have their reasons for supporting Facebook&rsquo;s cause, most of which comes down to less liability for texting and calling people. Those companies and groups also exert an enormous amount of influence in Washington outside of the legal realm. </p><p>An Insider analysis of Center for Responsive Politics data found that as a whole, the pro-Facebook forces spent a collective $184.7 million on federal lobbying across all issues in 2020, employing a collective 689 unique lobbyists. By comparison, the various consumer groups that signed on to support Duguid&rsquo;s case employed a collective six federal lobbyists in 2020, and spent a grand total of $250,000 across all issues.</p><p>Congress has relented in pursuing aggressive anti-robocall policies. The reality is that the factions that prefer the status quo are vastly better capitalized and connected than the consumer advocates.</p><h2>What can I do to stop them?</h2><p>While it&rsquo;d be ideal if there were a simple technical solution to spam calls, there isn&rsquo;t for the very same reason there isn&rsquo;t a simple technical solution to computer viruses, or a simple immune solution to the common cold.</p><p>Anyone, anywhere on earth can set up a script to spam robocalls for fractions of a penny. No government agency can find and dismantle those servers, or the gateway carriers that slip them into the system; no carrier can find them in the billion-call flow of the telecom system, and even if they could they&rsquo;d be skittish about killing a call without an external push to do so.</p><p>Essentially, the chance to solve the technical problem in the phone system ended in the 1980s, and unless you are a Supreme Court justice, there is little to be done about the legality of spam calls.</p><p>The solution, according to the people who do <em>not</em> operate mobile applications designed to fight call spam, is to install a mobile application designed to fight call spam. These systems are fairly clever in maintaining a more active block list than the carriers.</p><p>In addition to the FTC-maintained blacklist that can nuke a bad number across the board, apps like Nomorobo and YouMail can be effective in weeding out robocalls. Nomorobo has stopped 2 billion robocalls since Foss first launched it in the FTC bake-off, analyzing 150 million calls a month to find patterns. When there are billions of calls per day, and spammers pick up and drop numbers to evade detection, it&rsquo;s a constant war of attrition. YouMail works by using your own voicemail as a trap, finding new robocallers by listening in and comparing incoming calls against a database of scams, a “Shazam for Spam.”</p><p>It&rsquo;s also important to never fall for a scam call, and to advise loved ones on how to avoid them; the FTC maintains a list of common scams to prepare against.</p><p>Lastly, make sure to read the fine print when signing up for things; many companies “obtain consent” to robocall you by burying it in terms and conditions many skip.</p><p>Beyond that, it&rsquo;s up to the courts to decide how much power consumers have over their own phones.</p><p>“I take the view that if they adopted a more broad and expansive view of what is an automatic telephone dialing system, there would be an uptick in lawsuits but a decrease in robocalls,&rsquo;&rsquo; Owens said. ”I think people dislike robocalls more than they dislike plaintiff&rsquo;s attorneys.::quot::</p>"
  },
  "date": "2021-03-03T14:11:00-06:00",
  "featured": false,
  "headline": "Spam robocalls became profitable scams by exploiting the phone system, but you can stop them",
  "id": "1614780660",
  "imageFilename": "spam-robocalls-exploit-the-phone-system",
  "slug":"the-annoyance-engine-spam-robocalls-became-profitable-scams-by-exploiting-the-phone-system-but-you-can-stop-them",
  "sourceName": "Business Insider",
  "sourceArticleUrl": "https://www.businessinsider.com/why-so-many-spam-robocalls-how-to-stop-them-2021-3",
  "tags": ["Department of Justice", "Robocalls", "Spoofing", "Voice Spam"]
},
{
  "content": {
    "html": "<p>After a surprising lull at the onset of the COVID-19 pandemic, phone scammers are back, and showing signs of overlapping more and more with text messages and cyber elements.</p><p>Scammers are combining phone calls with tricks to circumvent two-factor authentication, using information they obtain online to make more targeted calls and, in some cases, mimicking the attack methods of hackers, government and industry officials say.</p><p>Phone scams that merge with other methods are growing more frequent and difficult to contend with, said Connecticut Attorney General William Tong. “I think it&rsquo;s common and it&rsquo;s dangerous, particularly the way that they&rsquo;re able to cloak themselves or convince you that you need to respond to a particular call or email,” he said.</p><p>Internet technology has helped fuel a record number of robocalls thanks to the advent of voice-over IP, a tool that made mass calling convenient and more affordable. Estimates vary, but most studies conclude that U.S. consumers lose billions of dollars annually to phone scams.</p><p>Since early in the pandemic, the number of robocalls has hovered at between 3 and 4 billion robocalls per month, and somewhere in the vicinity of 2 billion scam calls within that number, said Alex Quilici, CEO of YouMail, a robocall blocking company. The figure is up from an estimated 2.9 billion in April 2020, some 1.2 billion of which were scam calls. In October 2019, though, YouMail estimated the robocall number at closer to 5.7 billion, roughly 2.4 billion of which were scam calls — a label the company applies to “clearly illegal” calls.</p><p>Several factors have pushed the overall numbers down after reaching that record high in late 2019, one of which is improving consumer savvy. That, in turn, has forced scammers to get creative.</p><p>“We&rsquo;re doing way better on robocalls than we were,” said Quilici. “What happened, though, is with the pandemic, people got spoiled and said, &lsquo;Hey, the robocalls went away,&rsquo; and now they&rsquo;re starting to come back and it&rsquo;s really noticeable.”</p><p>The numbers dropped at the pandemic&rsquo;s outset, according to several experts, because physical call centers still play a role in the number of calls that go out. Those centers, like everyone else, were shutting down offices and adapting to working from other locations. A scam-busting activist featured in the New York Times recently boasted of turning on webcams at those call centers in places like India, where footage shows employees working in cubicles.</p><h3>Where cyber meets phone scams</h3><p>While phone scams might be showing more creativity, there is a history of them overlapping with other mediums.</p><p>Tech support scam calls usually have had a cybersecurity dimension. In that variety, fraudsters call up pretending to be from Microsoft or another vendor, then say they need access to a victim&rsquo;s computer to remedy an apparent virus or other fictional technical issue. Finally, the swindlers install malware or try to sell worthless security products.</p><p>Tech support scams can also be conducted without phone calls, such as via email.</p><p>Quilici said that the real danger, however, is the increasing sophistication of scammers as opposed to just the volume. He said he can see those tech support scammers move toward, say, obtaining a targeted list online of people using a specific version of Windows.</p><p>“That&rsquo;s my worry is that&rsquo;s where this tech support stuff is going to head,” he said. “They&rsquo;re going to find lists, they&rsquo;re going to have information that&rsquo;s about the person they&rsquo;re calling that convinces a person they really know it&rsquo;s them.”</p><p>In one kind of scam Proofpoint is seeing more often, the grifters send a text message pretending to be from a bank and ask if a made-up transaction was fraudulent. When the victim replies that they didn&rsquo;t make that purchase, the scammers call, then swindle the victim into helping circumvent two-factor authentication to gain access to real bank accounts.</p><p>Increasingly, consumers have learned to not answer calls from unknown numbers or calls labeled spam by their carriers, said Jacinta Tobin, vice president of cloudmark operations for Proofpoint. But mobile phone users open almost all their text messages, she said.</p><p>“So there&rsquo;s a kind of multimodal cumulative trust that builds, meaning if you get a text and a call from the same person, you&rsquo;re more likely to trust that source,” she said.</p><p>USTelecom, a phone industry organization, established the Industry Traceback Group, which many observers have credited with helping crack down on scam callers. The group is a collaborative industry effort to trace the origins of illegal calls, and it also works closely with law enforcement and regulatory agencies. Josh Bercu, vice president of policy and advocacy, said the traceback program has increasingly been tracing back two kinds of cybersecurity-related calls.</p><p>In one variety, scammers make phishing calls in a bid to obtain credentials from call center workers, other employees or customers so they can “do the same thing any cybersecurity hacker can do,” Bercu said.</p><p>The other kind the group is increasingly tracing back is “telephonic denial of service (TDoS)” attacks that mimic the tactics of internet distributed denial of service attacks, with the TDoS offenders sometimes flooding a victim&rsquo;s phone lines beyond their capacity and then demanding a ransom to stop.</p><p>One of the most infamous hacks of 2020, where hackers took over high-profile Twitter accounts including those of then-presidential candidate Joe Biden, came after a “phone spear phishing attack” on Twitter employees — although the social media company didn&rsquo;t offer many more details.</p><h3>What makes the numbers move</h3><p>Besides the pandemic and the rise of voice-over IP, other factors affect the rise and fall of robocalls and scam calls, for good or ill.</p><p>Asked what&rsquo;s challenging about battling phone scammers, an attorney in the Federal Trade Commission&rsquo;s Bureau of Consumer Protection said the nature of telephonic infrastructure itself makes it difficult.</p><p>“The issue is that you&rsquo;ve got a phone network that&rsquo;s designed to be open source, and with a diffuse network that is designed to avoid outages in certain areas there can be almost an infinite number of pathways that travel from point A to point B, so that there&rsquo;s redundancy in the system,” said the attorney, Will Maxson.</p><p>Designed more than 100 years ago, the copper line that transmits calls can&rsquo;t carry very much data about a call source, either, Maxson said. That makes it relatively easy for scammers to spoof other numbers.</p><p>One thing that might help with that problem is the Federal Communications Commission mandate, under a 2019 law, for carriers to implement a set of caller ID authentication protocols known as STIR/SHAKEN.</p><p>Under STIR/SHAKEN, “calls traveling through interconnected phone networks would have their caller ID &lsquo;signed&rsquo; as legitimate by originating carriers and validated by other carriers before reaching consumers,” the FCC touted. “Once implemented, it should greatly help the accuracy of caller ID information and should allow voice service providers to provide helpful information to their consumers about which calls to answer.”</p><p>The seasons can also drive scam calls numbers, with Proofpoint&rsquo;s Tobin predicting a rise in Internal Revenue Service-themed fraud efforts as the tax filing deadline approaches.</p><p>Law enforcement and other regulatory agencies taking action against illegal callers can demonstrate an immediate impact. Quilici said that an operation in India in December, for instance, drove down overall numbers in January.</p><p>Tong and other attorneys general fear that a pending court case could hamper their joint effort to battle robocallers. In 2015, Congress enacted an amendment to a 1991 law, the Telephone Consumer Protection Act that placed restrictions on robocalls. That amendment allowed an exception to robocalls for collecting government debt. The Supreme Court last year struck down that exception.</p><p>Because of that Supreme Court ruling, a lower court ruled that the 1991 law&rsquo;s robocall ban was unenforceable between 2015 and 2020. Last month, a group of attorneys general filed a friend of the court brief arguing against that lower court ruling.</p><p>One thing that probably won&rsquo;t affect the battle against robocalls and scam calls is the shift to a new presidential administration, though, Maxson said.</p><p>“From my experience, it hasn&rsquo;t changed at all really on this issue,” he said. “It&rsquo;s been an enforcement priority for essentially every commissioner, for every chairman and chairwoman that I&rsquo;ve worked under.”</p>"
  },
  "date": "2021-03-01T13:58:00-06:00",
  "featured": false,
  "headline": "Robocalls keep spamming Americans, in part because of their cyber tools",
  "id": "1614607080",
  "imageFilename": "robocalls-keep-spamming-americans",
  "slug":"robocalls-keep-spamming-americans-in-part-because-of-their-cyber-tools",
  "sourceName": "CyberScoop",
  "sourceArticleUrl": "https://www.cyberscoop.com/robocalls-scam-calls-cyber-hacking-text/",
  "tags": ["Hackers", "Phone Scam", "Robocalls", "VoIP"]
},
{
  "content": {
    "html": "<p>Cyber criminals are using Voice over Internet Protocol (VoIP) platforms to launch vishing attacks against employees worldwide, the FBI warned on Jan. 14. </p><p>Vishing means &lsquo;voice phishing,&rsquo; an attack in which threat actors use phone calls instead of emails. Their goal: to try to trick the person on the other end into allowing access to their accounts. Vishers may try to convince employees to visit a website designed to steal their credentials, the FBI warned. Success gave the attackers all they needed to move deeper into the victim&rsquo;s network.</p><p>Read on to learn more about this campaign as well as how to avoid vishing attacks in general.</p><h2>What is Vishing?</h2><p>Those responsible for January&rsquo;s vishing attempts started as far back as December 2019. But, the latest cases were particularly noteworthy. The attackers targeted all employees, not just those in top roles who might have greater access. Once the users of VoIP platforms picked up the phone, the attackers tried to trick them into authenticating themselves on a phishing website. This site then stole their employee username and password.</p><p>With those details, the attackers could gain greater access to a targeted group&rsquo;s network by elevating their privileges. They could then use that access to cause even greater financial damage.</p><p>In one instance, vishers located an employee through a company&rsquo;s chatroom, the FBI said. Then, they used a fake VPN login page to steal their credentials. The attackers authenticated themselves as the employee. Using this false persona, they found another employee who could implement username and e-mail changes. Next, they used a chatroom messaging service to steal that person&rsquo;s details, too.</p><h2>A Look Back at Other Recent Vishing Attempts</h2><p>The campaign described above wasn&rsquo;t the only time that vishers made headlines in the past few months.</p><p>Threat actors registered domains and created phishing pages to impersonate organizations&rsquo; virtual private network (VPN) login pages, KrebsonSecurity revealed in August 2020. Those portals even came equipped with the ability to steal employees&rsquo; multifactor authentication (MFA) codes so the attackers could compromise their victims&rsquo; accounts and mine the affected organization&rsquo;s databases for customer information.</p><p>Around the same time, Scam Detector warned of malicious actors using VoIP number and computer pots to impersonate the U.S. Internal Revenue Service. With that disguise, the attackers threatened that they would file a lawsuit against the recipient unless they agreed to pay a fake outstanding tax bill and hand over their payment information.</p><h2>How to Avoid VoIP Attacks</h2><p>The FBI made several suggestions as to how employers can avoid falling victim to a vishing attack.</p><p>1. Consider putting MFA in place on all employee accounts. Doing so will help to prevent threat actors from getting the first foothold on your network.</p><p>2. Use the principle of least privilege. This makes it harder for attackers to elevate their privileges on a compromised account to get greater access to the network.</p><p>3. Segment the network and deploy monitoring solutions within each of those segments to watch for signs of potential account compromises. With these tactics you can decrease the chance of VoIP scams opening a door into your network. </p>"
  },
  "date": "2021-02-28T14:02:00-06:00",
  "featured": false,
  "headline": "FBI Warns Against Vishing Scams Over VoIP",
  "id": "1614520920",
  "imageFilename": "fbi-warns-against-vishing-attacks",
  "slug":"fbi-warns-against-vishing-scams-over-voip",
  "sourceName": "SecurityIntelligence",
  "sourceArticleUrl": "https://securityintelligence.com/news/fbi-warns-against-vishing-scams-over-voip/",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>For many of us, every week begins the same way: a Monday morning phone call with a recorded voice offering “important information” about car warranties or credit cards (often, warranties or credit cards that are entirely fictional). These robocalls are a plague of modern life—consumer agencies including the Federal Communications Commission and the Federal Trade Commission identified them as the No. 1 complaint in 2020—and they&rsquo;re getting worse. According to communications firm YouMail, robocalls were up nearly 4% in January and are on pace to number 48 <em>billion</em> for the year.</p><p>Remarkably, all of this is occurring <em>after </em>Congress passed a law, just over a year ago, intended to stamp out the problem with a series of new technical and legal remedies. So what happened? Why have robocalls become so bad that most Americans no longer pick up the phone unless they recognize the number?</p><p>The short answer is that a shadowy auto-dialing industry, which makes good money by unleashing millions of calls a day, has proved adept at staying ahead of the law. A longer answer would also point the finger at tacit support for robocalling from big businesses (some more legitimate than others) and foot-dragging by federal agencies who could do more to enforce the law.</p><h2>Who is making all those robocalls?</h2><p>Once upon a time, running a telemarketing operation meant renting out a big warehouse and filling it with cubicles and miles of telephone wire. Now you can do it from your living room.</p><p>That&rsquo;s what Nick Palumbo did. The Arizona man ran several companies that charged robocallers, many of them based overseas, to relay the calls they initiate via thousands of Internet-based phone lines he runs from his home. According to the <em>Wall Street Journal</em>, Palumbo&rsquo;s businesses alone have routed hundreds of millions of calls to U.S. consumers, including many from Social Security impostors.</p><p>Palumbo was arrested by federal agents in 2019 on fraud-related charges, and last summer he entered an agreement with the Justice Department barring him and his wife from running robocalling operations. But as the ongoing flood of robocalls attest, Palumbo is far from alone in enabling the scammers.</p><p>These middlemen are not the original source of the Social Security or auto warranty calls, which typically originate from scam shops in India, the Philippines, Mexico, and other overseas countries—fraudulent operations that aim to harvest personal data and credit card info while remaining effectively beyond the reach of U.S. regulators. </p><p>But to reach your cell phone, they need a U.S.-based operator to relay their calls. Such companies provide a hyper–low-cost service for organizations, including legitimate ones such as political campaigns, to run phone campaigns—but may turn a blind eye to clients who are running scams. </p><p>For the call to reach your cell phone, of course, it has to be completed by your service provider, which for most of us is Verizon, AT&amp;T, or T-Mobile. Why don&rsquo;t these giants put a stop to the robocalls? </p><p>By all accounts, they&rsquo;re trying. According to Greg Guice, a lawyer and telecom expert with Public Knowledge, the big phone companies have an incentive to kneecap the robocallers—in part because of the public outrage, but also because robocalls spur consumers to terminate landline service, which is still a big source of revenue for AT&amp;T and Verizon (and a minor one for T-Mobile).</p><p>Meanwhile, the phone giants are learning to overcome a traditional aversion to cutting off calls. That aversion stems in part from the industry&rsquo;s longtime mission to complete every call, and also from fears they will be sued for blocking calls. The new federal robocall law, however, reduces phone carriers&rsquo; legal exposure and also encourages the use of call authentication technology—which is why more consumers are seeing messages like “Scam likely” on their phone displays.</p><p>Margot Saunders, an attorney with the National Consumer Law Center, says phone carriers are getting better at choking off robocalls—she praised Verizon in particular—but says they could be doing a lot more.</p><p>Saunders suggests that the robocall situation would dramatically improve if phone carriers were legally responsible for the nuisance calls. If this were the case, the carriers would have an enormous incentive to put an end to them. But the industry&rsquo;s political clout means this has been a nonstarter in Congress.</p><p>Saunders also rejects the idea that a technological solution to block robocalls is too difficult.</p><p>“I&rsquo;m not going to say what the technology should be. But we have the capacity to go to Mars and perform open heart surgery, so we could come up with tech to do this,” she says.</p><h2>A new law&rsquo;s big loopholes</h2><p>In 2019, Congress passed the Telephone Robocall Abuse Criminal Enforcement and Deterrence (or TRACED) Act. The law passed with broad bipartisan support: Both Republicans and Democrats are eager to claim they&rsquo;re fighting robocalls. But while the law is supposed to make it easier to identify and penalize robocallers, it also failed to close some major loopholes. </p><p>These loopholes provide wiggle room when it comes to defining what activities can be exempt from robocalling prohibitions. For instance, many automated debt collection calls remain legal (a sop to the financial services industry), and so are various calls classified as election- or politics-related.</p><p>Meanwhile, robocallers can get around the law by claiming a customer has given consent to receive them. Unfortunately for consumers, such consent can arise inadvertently—for instance, if they&rsquo;ve ticked a box on the Internet giving a company permission to contact them. In many cases, that permission also gives the company the right to sell that “consent” to third parties, including the data broker industry. The upshot is, once such a permission has been granted, it can serve as a legal backstop for marketers to pester consumers for years. </p><p>Then there are the corporate lawyers, who are quick to push any potential loophole in court. One recent example is Royal Seas Cruises, which this year wriggled out of a $123 million class action lawsuit that accused the company of making millions of robocalls flogging vacations. In order to beat the rap, the company claimed it had not made the calls, but that a third-party agency had done so. As a matter of common sense, the distinction may not matter—it seems absurd to think an agency would embark on a massive robocalling campaign without the company&rsquo;s knowledge or permission—but, from a legal perspective, the argument persuaded a federal judge.</p><p>Saunders and others claim Congress needs to tighten all these loopholes so that companies are less tempted to push the boundaries. Meanwhile, she suggests that other big industries are quietly opposed to serious reform, since robocalls can be a cheap and effective form of marketing.</p><p>Finally, there is the question of whether government agencies are doing all they can to punish and deter robocallers. While the FCC has imposed a series of whopping fines on companies behind the robocall epidemic, Guice of Public Knowledge says the government has collected only a pittance—less than 2¢ on the dollar. He attributes this to a lack of coordination between the FCC and the Justice Department, which is tasked with enforcing judgments and prosecuting scofflaws.</p><p>This may change as a new chair takes the helm of the FCC under the Biden administration. Previously, President Trump&rsquo;s appointee to the agency, Ajit Pai, pursued an agenda many perceived as favoring business over everyday consumer concerns. Though public interest groups say Pai took steps to address the robocalling nuisance, some question whether he was too timid.</p><p>“This was a relatively young man who wanted a long career in public service, and that career might have been hampered by an aggressive approach [to robocalling]. He was afraid to piss off the Chamber of Commerce,” said a Washington, D.C., lawyer who asked for anonymity in order to discuss Pai. (Pai did not respond to a request for comment sent via social media.)</p><p>Consumer groups are heartened by President Biden&rsquo;s choice of FCC commissioner Jessica Rosenworcel to serve as acting head of the agency. They described her as more willing to confront the corrupt interests that may be impeding stricter measures against robocalls.</p><p>Nonetheless, consumer advocates also cautioned that Rosenworcel will likely be preoccupied with other matters, including the struggle to provide low-income children with reliable Internet access during the pandemic. While robocalls were not on the agenda during her inaugural meeting as chair, an FCC spokesperson says they are a priority for Rosenworcel.</p><p>“Robocalls are out of control and have been on the rise in recent years…Consumer protection is a top priority for the acting chairwoman,” said the spokesperson, adding that the agency is in the midst of a review about its past and future policies for fighting robocalls.</p><p>The bottom line is that a wide variety of economic and political forces suggest that robocalls are not going away soon. This may not pose a problem for the handful of Americans eager to hear automated warranty pitches. But everyone else will have to put up with the nuisance for the foreseeable future.</p>"
  },
  "date": "2021-02-27T13:46:00-06:00",
  "featured": false,
  "headline": "You aren’t alone: Why Americans will receive 48 billion robocalls this year",
  "id": "1614433560",
  "imageFilename": "americans-will-receive-48-billion-robocalls",
  "slug":"you-arent-alone-why-americans-will-receive-48-billion-robocalls-this-year",
  "sourceName": "Fortune",
  "sourceArticleUrl": "https://fortune.com/2021/02/27/scam-calls-robocalls-phone-scams-car-warranty-calls-traced-act/",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>The Federal Bureau of Investigation has released a security notice that specifically warns emergency call centers against a new threat. FBI investigators have noticed that there is a high probability that telephony denial of service (TDoS) attacks are going to flood these centers with the intention of taking them offline. A TDoS attack is quite simple in its execution. Much like how a distributed denial-of-service (DDoS) attack floods a computer server with too many requests from multiple locations, a telephony denial-of-service attack floods a target that uses telephones in the same manner.</p><p>The security notice speaks of the threat as follows:</p><blockquote><p>Public Safety Answering Points (PSAPs) are call centers responsible for connecting callers to emergency services, such as police, firefighting, or ambulance services. PSAPs represent key infrastructure that enables emergency responders to identify and respond to critical events affecting the public.</p><p>TDoS attacks pose a genuine threat to public safety, especially if used in conjunction with a physical attack, by preventing callers from being able to request service. The public can protect themselves if 911 is unavailable by identifying in advance non-emergency phone numbers and alternate ways to request emergency services in their area.</p></blockquote><p>As for sources and motives of the potential TDoS attacks, the FBI does not single out specific sources. The notice states that hacktivists may use the TDoS to push their agenda, whereas cybercriminals may seek financial gain by holding the emergency call center hostage.</p><p>The FBI advises civilians to prepare for 911 outages by following these steps: See if text-to-911 is available in your area: save non-emergency contact numbers for fire, rescue, and law enforcement, sign up for automated emergency notifications from where you live (county, city, etc.) to be kept aware of incidents, and finally, find social media and other websites of emergency services in your area for potential point-of-contact.</p>"
  },
  "date": "2021-02-23T13:55:00-06:00",
  "featured": false,
  "headline": "FBI Warns of Denial-of-Service Attacks Against Emergency Call Centers",
  "id": "1614088500",
  "imageFilename": "fbi-warns-emergency-call-centers-of-tdos-attacks",
  "slug":"fbi-warns-of-denial-of-service-attacks-against-emergency-call-centers",
  "sourceName": "TechGenix",
  "sourceArticleUrl": "http://techgenix.com/denial-of-service-attacks-emergency-call-centers/",
  "tags": ["Emergency Services & 911 Systems", "TDoS"]
},
{
  "content": {
    "html": "<h3>Both hacktivists and extortionists have used telephony denial-of-service attacks as a way to further their goals</h3><p>The United States&rsquo; Federal Bureau of Investigation (FBI) has issued a stark warning about consequences that telephony denial-of-service (TDoS) attacks on call centers could have on people&rsquo;s lives.</p><p>If launched against critical call centers, TDoS attacks could ultimately prevent callers from reaching emergency services such as first responders in time and so pose a legitimate threat to public safety. “The resulting increase in time for emergency services to respond may have dire consequences, including loss of life,” reads the FBI&rsquo;s public service announcement.</p><p>As the name suggests, the goal of TDoS attacks is to overwhelm a telephone system to such an extent that it would be unavailable for the intended users. This is done by keeping up a series of distraction calls going on for as long as possible, flooding the victim&rsquo;s telephone system, delaying legitimate phone calls or even making it impossible for them to make it through.</p><p>While in the past TDoS attacks were conducted manually by encouraging people on social networks to join in calling campaigns to inundate specific telephone numbers, the perpetrators have now evolved their modus operandi and use automated systems.</p><p>“An automated TDoS attack uses software applications to make tens or hundreds of calls, simultaneously or in rapid succession, to include Voice Over Internet Protocol (VOIP) and Session Initiation Protocol (SIP). Numbers and call attributes can be easily spoofed, making it difficult to differentiate legitimate calls from malicious ones,” the Bureau explained.</p><p>Hacktivism, harassment and financial gain through extortion are among the most common motives for carrying out TDoS attacks. While hacktivists may use computer network exploitation to further their political and social causes, threat actors will resort to TDoS attacks as a way of squeezing municipalities for money.</p>"
  },
  "date": "2021-02-19T13:53:00-06:00",
  "featured": false,
  "headline": "TDoS attacks could cost lives, warns FBI",
  "id": "1613742780",
  "imageFilename": "tdos-attacks-cost-lives-warns-fbi",
  "slug":"tdos-attacks-could-cost-lives-warns-fbi",
  "sourceName": "WeLive Security",
  "sourceArticleUrl": "https://www.welivesecurity.com/2021/02/19/tdos-attacks-could-cost-lives-warns-fbi/",
  "tags": ["Emergency Services & 911 Systems", "FBI", "TDoS"]
},
{
  "content": {
    "html": "<p>Ransomware attacks, phishing scams, fake news and several other cyberattacks made headlines in 2020. As millions of Americans shifted to remote work for business continuity, cybercriminals sprung into action, evolving their social engineering tactics. When it comes to phishing, Verizon research shows that 85% of phishing attacks are taking place over other channels beyond just email, like messaging, gaming, social and productivity apps. Smishing and vishing are new variants that are fast gaining traction, targeting mobile phones.</p><p>Smishing</p><p>Smishing is a phishing scam conducted via Short Message Service (SMS). Crafty phishers send text messages that appear from trusted senders, such as banks and online retailers. Such text messages typically contain URLs or links that trick recipients into visiting websites that download viruses and other forms of malware onto the victim&rsquo;s mobile device. </p><p>The reason why smishing attacks are growing in popularity is because SMS senders are not authenticated beyond phone numbers. Recipients receiving an SMS can only, at best, assume that the phone number is from an authentic source. Even that isn&rsquo;t a guarantee sometimes because many rogue applications allow senders to send SMS messages from spoofed or borrowed/shared telephone numbers.</p><p>Furthermore, SMS itself by design is unauthenticated. This means anyone can send another person an SMS message by simply knowing the recipient&rsquo;s phone number. As long as the recipient hasn&rsquo;t stored the sender&rsquo;s number in their contact list, it will end up looking like any other text message. Additionally, URLs embedded in SMS messages are harder to inspect or verify as legitimate since most are shortened by common URL shorteners.</p><p>How Does Smishing Work?</p><p>Smishing attacks follow basic social engineering principles and typically work in two stages:</p><ol><li>Bait victim via an SMS: Attacker baits the victim by sending them an SMS containing a false sense of urgency. Examples include unknown service charges, erroneous bank transactions, invoices or online purchases, cash prize winnings, and suspended account reactivation notices.</li><li>Setting the hook: The hook is usually executed via the URL embedded in the actual text message. This entraps victims through solicitation, capture of sensitive information or download of malicious software.</li></ol><p>Vishing</p><p>Vishing, a combination of “voice” and “phishing,” is a telephone version of phishing. This technique uses a spoofed caller ID that can make attacks look like they originate from a known number or perhaps an 800-number that might compel someone to answer the phone. Usage of VoIP technology is fairly common in vishing attacks including services like Skype and Zoom.</p><p>Vishing attacks are on the rise. This is because commercial and residential VoIP users are not required to provide valid caller ID data, which makes it ideal for committing fraud. The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) issued alerts recently to warn users against the growing threat of vishing attacks. The alert also stated that organized crime rings are compiling dossiers on employees at target companies by scraping information off their public profiles on social media, recruiter tools, open-source research and publicly available background check services. Using this data, attackers initiate contact with targets, often masquerading as someone trustworthy. Since the targets do not have time to think the situation through or verify the identity of the attacker, they usually end up falling victim by revealing sensitive information.</p><p>Potential consequences of vishing attacks include eavesdropping, unauthorized access to billing or credit card information, voicemail overloading (or junk voicemails), and phone number harvesting (method to collect valid phone numbers).</p><p>How Does Vishing Work?</p><p>Vishing is nearly identical to other forms of phishing; it&rsquo;s mainly the delivery mechanism that&rsquo;s different; in this case, voice-based telephony.</p><ol><li>Bait the victims via a call: Scammers start by spoofing their caller ID, so they appear to be calling from a local area code or a trusted business. Emotional appeals, sense of urgency, and timing work exactly the same way as other forms of phishing.</li><li>Setting the hook: Attackers may use callback numbers and automated recordings as the hook. Victims take the bait, dial the callback number, listen to the recording, and reveal sensitive or personal information. Large-scale operations could go to the extent of employing an answering service or a call center to emulate a trusted source.</li></ol><p>How You Can Stay Protected</p><p>Combating online scams is a joint responsibility for both governments and citizens alike. While international governments are tightening their grip on scammers -- Interpol recently cracked down on almost 20,000 scammers associated with smishing and vishing -- responsible parties must exercise caution and steer clear from smishing and vishing scams:</p><ul><li>Use common sense: Stop and think before taking action. Limit your online profile and do not share sensitive information like phone numbers on public platforms.</li><li>Trust no one: Do not click, call back or download from any SMS links. Don&rsquo;t fill out forms or provide credit card numbers without proper validation.</li><li>Don&rsquo;t Call Unknown Phone Numbers: Calling back gives attackers your phone number. Once a scammer has your number, you could end up getting several rogue SMS messages and malicious voice phone calls.</li><li>Ignore and flag suspicious texts and calls: Any unexpected text or call requesting an action should be regarded as suspicious unless proven legitimate. Remember that caller IDs can be faked.</li><li>Raise security awareness in your business: Using phishing simulation exercises, train your staff to recognize scams and help protect your business, employees, partners and customers from fraud.</li><li>Report: The Federal Trade Commission makes it easy to report telephone scams.</li></ul>"
  },
  "date": "2021-02-18T14:00:00-06:00",
  "featured": false,
  "headline": "Smishing and Vishing: Explained and Explored",
  "id": "1613656800",
  "imageFilename": "smishing-and-vishing-explained",
  "slug":"smishing-and-vishing-explained-and-explored",
  "sourceName": "Security Magazine",
  "sourceArticleUrl": "https://www.securitymagazine.com/articles/94634-smishing-and-vishing-explained-and-explored",
  "tags": ["Smishing", "Vishing"]
},
{
  "content": {
    "html": "<p>Is it safe to answer the phone? Short answer: No. It&rsquo;s probably a robocall spammer.</p><p>Sometimes, they claim Social Security Administration or the Internal Revenue Service is on the line. (They aren&rsquo;t; neither service will ever threaten you or demand immediate payment on the phone.) Or they call saying your car&rsquo;s warranty is expiring and that your credit card interest rate could be lowered.</p><p>Three out of 4 Americans said they were targeted by phone scammers over the past year, finds a survey done for Hiya, which provides cloud-based phone call performance management services for companies including AT&amp;T and Samsung.</p><p>The bombardment of robocalls, many of which come from scammers seeking to bilk you out of money, has led many to simply not answer their phone when the caller is unknown.</p><p>And for good reason. On average, those who fall for scam calls lose $182, with some losing more than $500, according to the survey of more than 2,000 consumers and 300 business professionals conducted Dec. 23-29, 2020, for Hiya by market research firm Censuswide.</p><p>The robocall and scam call deluge has led many to just avoid answering their phone – about 94% of those surveyed said they let unidentified incoming calls go unanswered. That comes at a time – during the coronavirus pandemic – when consumer and business use of voice calls nearly tripled, increasing 184%, says Hiya&rsquo;s “State of the Call 2021” report.</p><h2>Robocalls keep on coming</h2><p>The robocall bonanza shows no signs of slowing. More than 4 billion robocalls targeted phones across the U.S. in January, a 3.7% increase over the month of December, according to YouMail, a company that provides anti-robocall services.</p><p>During January, robocalls averaged 129.5 million calls daily, according to YouMail&rsquo;s Robocall Index, or about 1,500 calls each second.Get the Talking Tech newsletter in your inbox.</p><p>Get the current week of news, tips, and talk of tech in your inbox.Delivery: SatYour Email</p><p>Robocalls did decline in 2020 as the COVID-19 pandemic resulted in the closing of some call centers, YouMail says in its report. The estimated 45.9 billion robocalls to consumers in 2020, however, was 50% more than in 2017, the company says.</p><p>But the robocall volumes “appear to be resuming their slow journey back toward their pre-pandemic levels,” said YouMail CEO Alex Quilici in the report.</p><p>During the coronavirus pandemic, new types of phone scams have arisen including those promising tests and cures, expedited stimulus payments and texts about COVID-19 support and pandemic tracing.</p><p>But many of the traditional scams remain tops and have more targets since many Americans are at home and using their smartphones as their main communications device for work and personal calls. https://e.infogram.com/5a3893ef-6c32-4392-a219-353f0dbb29e1?src=embed#async_embed</p><p>“The reality of it is the fraudsters are always changing tactics,” said Hiya president Kush Parikh. “They are always trying to figure how to pounce on whatever the latest trend is and obviously right now there&rsquo;s fraud happening around vaccinations. There&rsquo;s this cat-and-mouse game always happening.”</p><h2>The harms of not answering</h2><p>The amount of consumers not answering unidentified calls (94%) is significantly higher than a year ago (72%), Hiya found. It may seem counterintuitive, but that increased rate of unanswered calls can lead to more calls being initiated.</p><p>Businesses have expensive call centers, too, and when calls aren&rsquo;t answered, “whether that&rsquo;s customer service or sales … if people end up not answering those calls what do they end up doing? They call more,” Parikh said. “So legitimate businesses not just fraudsters are actually calling more because people are answering less.” </p><p>Public health can be impacted, too, as COVID-19 vaccine scams have more than doubled since September, Hiya&rsquo;s data finds. Scammers can take advantage of interest in getting vaccinated – and confusion about the vaccination process – to lure victims.</p><p>Hiya estimates it saved its corporate and consumer customers about $2.3 billion in 2020. But that doesn&rsquo;t take into account the lost time that scam victims spend extricating themselves from scams. Add that in and the lost funds and productivity to scam calls likely surpassed $10 billion last year, Parikh said.</p><p>Regulators, wireless providers and security companies have focused on blocking robocalls. </p><p>The Federal Communications Commission and Federal Trade Commission have fined phone companies allowing coronavirus-related robocall scams. The FTC has worked with the Justice Department to block illegal robocalls and the FCC is requiring phone companies to adopt new caller ID features by June 30, 2021. Those actions would combat “spoofing,” where a false caller ID makes a call appear to be coming from a nearby location.</p>"
  },
  "date": "2021-02-11T13:37:00-06:00",
  "featured": false,
  "headline": "Robocalls and scam calls persist during pandemic, so Americans have stopped answering the phone",
  "id": "1613050620",
  "imageFilename": "robocalls-scam-calls-persist-during-pandemic",
  "slug":"robocalls-and-scam-calls-persist-during-pandemic-so-americans-have-stopped-answering-the-phone",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://www.usatoday.com/story/tech/2021/02/12/robocalls-scammers-fraud-phone-calls-increase-fcc-ftc-efforts/6706727002/",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>January Robocalls Are Above 2020&rsquo;s Monthly Average Of 3.8 Billion Robocalls</p><p>IRVINE, Calif., Feb. 4, 2021 /PRNewswire/ -- Americans received just over 4 billion robocalls in January, an increase of approximately 3.7% over December. In January, robocalls averaged 129.5 million calls/day, or roughly 1,500 calls/second, down 2% from 124.8 million calls/day and 1,445 calls/second in December. While it is very early in the year, this is a pace of over 48 billion robocalls for 2021, which would be greater than every year except 2019.</p><p>These latest monthly figures come from YouMail, a totally free robocall blocking app and call protection service for mobile phones.</p><p>“Robocall volumes appear to be resuming their slow journey back toward their pre-pandemic levels,” said YouMail CEO Alex Quilici. “As call centers continue to open more widely, it&rsquo;s not surprising that robocalls are increasing.”</p><p>January 2020 Saw An Increase in Scam Calls</p><p>In January, scam calls and telemarketing calls combined continued to account for roughly 60% of the month&rsquo;s total robocall volume, similar to past months. Unfortunately, the total number of scam and telemarketing calls exceeded 2.3 billion calls for the month, a very substantial number of likely unwanted and/or illegal calls.</p><figure><table><tbody><tr><td>Type ofRobocall</td><td>Estimated JanuaryRobocalls</td><td>Percentage January<br>Robocalls</td></tr><tr><td>Scams</td><td>1.8 billion (+8%).</td><td>46% (+2%)</td></tr><tr><td>Alerts and Reminders</td><td>1.1 billion (+7%)</td><td>27% (+1%)</td></tr><tr><td>Payment Reminders</td><td>.57 billion (-1%)</td><td>14% (-1%)</td></tr><tr><td>Telemarketing</td><td>.54 billion (-4%)</td><td>13% (-2%)</td></tr></tbody></table></figure><p>Top Illegal Robocalls in January 2020</p><p>The leading illegal types of robocalls in January continued to be those involving Car Warranties and Health-Related Scams. Warranty Scams in particular notched almost 100 million more calls in January than December.</p><figure><table><tbody><tr><td>Rank</td><td>Type of Scam</td><td>Estimated January Robocalls</td><td>Summary of Scam</td></tr><tr><td>1</td><td>Warranty Scams</td><td>265 million (+96m)</td><td>Scam payments/illegal solicitations</td></tr><tr><td>2</td><td>Health-Related Scams</td><td>179 million (-33m)</td><td>Identify theft/scam payments/illegal solicitations</td></tr></tbody></table></figure><p>“Winners” in January 2020</p><p>The cities, area codes and states with the highest volumes of robocalls in January were similar to what we&rsquo;ve seen over the past few months. The biggest changes were Baton Rouge, Louisiana overtaking Macon, Georgia as the city whose residents get the most calls per person, and Tennessee replacing South Carolina as the state whose residents get the most calls per person.</p><figure><table><tbody><tr><td>Cities with the Most Robocalls:</td><td>Atlanta, GA (162.0 million, -3%)Dallas, TX (142.0 million, -1%)</td></tr><tr><td>Cities with the Most Robocalls/Person:</td><td>Baton Rouge, LA (32.8/person, -1%)Macon, GA (32.6 /person, -3%)</td></tr><tr><td>Area Codes with the Most Robocalls:</td><td>404 in Atlanta, GA (69.7 million, -2%)214 in Dallas, TX (53.7 million, -1%)</td></tr><tr><td>Area Codes with the Most Robocalls/Person:</td><td>404 in Atlanta, GA (57.0/person, -2%)215 in Macon, GA (32.8/person, -1%)</td></tr><tr><td>State with the Most Robocalls:</td><td>Texas (444.9 million, -2%)California (353.8 million, -1%)</td></tr><tr><td>State with the Most Robocalls/Person:</td><td>Tennessee (23.7/person, +14%)Alabama (23.5/person, +6)</td></tr></tbody></table></figure><p>These data are provided by YouMail, a free call protection app for mobile phones. </p>"
  },
  "date": "2021-02-04T09:32:16-06:00",
  "featured": false,
  "headline": "Just Over 4 Billion Robocalls in January Mark 3.7% Monthly Increase, Says YouMail Robocall Index",
  "id": "1612431136",
  "imageFilename": "four-billion-robocalls-january-2021",
  "slug":"just-over-4-billion-robocalls-in-january-mark-3-7-monthly-increase-says-youmail-robocall-index",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/just-over-4-billion-robocalls-in-january-mark-3-7-monthly-increase-says-youmail-robocall-index-301222246.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>I am currently a full-time social engineering pentesting professional with Social-Engineer, LLC (SECOM). My specialization is vishing services. If vishing is a new word for you, let me help. The Social Engineering Framework defines vishing as the “practice of eliciting information or attempting to influence action over the telephone.” Our readers often ask whether acting skills and classes would benefit their social engineering career. So, for this newsletter, I wanted to share how acting skills helped me become a vishing professional.</p><h3>Acting Skills and Training</h3><p>I&rsquo;m not originally from the InfoSec world. My background is in construction, music, and, most importantly, acting. Playing in bands and working in customer&rsquo;s houses – these both helped me get used to having conversations with strangers. Acting, though, is where I really learned to be present; to assess the other person, and respond to what they were telling me, not only with their words but also their nonverbal communication. My acting training and experience also taught me how to understand the goals of the character I was playing, and the strategies that they would use in the pursuit of those goals. From hundreds of stage performances, and hours in rehearsal, I know that even scripted events don&rsquo;t always go to plan. Sometimes finding a way to get back on track is the most fun part.</p><p>This is how my acting skills helped me become a vishing professional. The tools I&rsquo;ve learned have been invaluable to me on the thousands of vishing calls I&rsquo;ve made. My ability to be comfortable talking to strangers has been a huge help to my vishing. I have a remarkably high discomfort threshold, and I don&rsquo;t feel awkward initiating contact and talking to unknown people. I also maintain my comfort level. Even when it&rsquo;s time for me to ask them for the information flags I need.</p><h3>Playing Objectives</h3><p>Every vishing call has an objective. But I would argue that many of our day-to-day conversations have an objective as well. In broad terms, we want people to listen to us, see our point of view, and do what we are asking. In some instances, we even try to offer some information in the hopes that they&rsquo;ll reciprocate.</p><p>Early on in most actors&rsquo; careers we learn that the pursuit of our characters objective is not only what makes a scene compelling, but also what makes it believable. And for me that kind of believability is vital to my success when I am using a pretext.</p><p>Occasionally I make the mistake of assuming the target I am calling won&rsquo;t answer their phone, and I go into the call without much preparation. Then, when they do answer, I&rsquo;m unfocused because I haven&rsquo;t taken a moment to remind myself of who I&rsquo;m calling and what I&rsquo;m calling about. In these instances, the targets pick right up on my lack of focus because it doesn&rsquo;t fit with the character I&rsquo;m playing in the moment. Sometimes I can find a way to pivot and regain my composure – “Oh, sorry! I thought you were a voicemail message for a second” – but often these calls result in me being shutdown by the caller.</p><div><figure><img src=“https://www.social-engineer.org/wp-content/uploads/2021/01/avel-chuklanov-Hn3S90f6aak-unsplash-1024x683.jpg” alt=“” /></figure></div><h3>Objectives Plus Character</h3><p>Designing a character and playing an objective – the pursuit of a character&rsquo;s goals and desires – are acting holdovers that are essential to my success in vishing and impersonation. It&rsquo;s easier and more natural to stay within the pretext when I&rsquo;m an IT or HR rep and the pretext IS my objective, rather than calling as some pentester whose objective is to get flags. The former makes building rapport and asking questions easy. The latter would make me sound a little (or a lot) suspicious. The key is making choices about who the character I&rsquo;m pretexting is and what their goals are.</p><p>For vishing I need a character that can easily answer some simple questions about themselves such as their:</p><ul><li>name</li><li>job title</li><li>manager&rsquo;s name</li><li>location</li><li>fake credentials<ul><li>employee ID</li><li>email address</li></ul></li></ul><p>If I&rsquo;m pretexting as an intern, being able to talk about where I go to college and what my major is has proved to be useful too.</p><p>This is different from the more intensive character work I would do for a play or a movie. The characters I design as a visher need to be somewhat flexible so I can adjust their personalities to suit the comfort levels of my target. I also want them to be somewhat forgettable (trust me, as an actor I NEVER EVER wanted that) so that when our interaction ends, they won&rsquo;t think back on it too much. These choices help me seem like a real person and, hopefully, will provide a good enough answer to simple verification questions.</p><h3>My Character Needs to Know “Why”</h3><p>The other details I need to be clear on are my “whys” for the flags. Why doesn&rsquo;t my character have access to the information I am asking for and why do they need it? Most of the time, the more difficult flags will be addressed by the pretext: often our pretexts will be built around these flags. Sometimes the smaller flags might need a quick, separate explanation. Maybe an email address is a flag I can get, although probably not one of the bigger items I can go for, but I might need a second piece of information to resolve a call as a compromise.</p><p>If I decide that my character would prefer to only be on the phone for more urgent issues, then any “following up” they&rsquo;d need to do would clearly be through email. “If I need to follow up with you at all I&rsquo;ll just email you, cool? What&rsquo;s your email address?” Because I understand my character&rsquo;s internal motivations, the reason for asking for the flag is natural, easy, and obvious.</p><p>This is also how my “attacker mindset” works. I stay in character, I stay on pretext, and I keep pursuing my objective the way I would in a scene. The active listening skills and the ability to stay present and in the moment that I learned on stage and in rehearsal keep me sharp. These skills also allow me to ask every question my character would ask. Every question – including the ones that get me the flags I&rsquo;m looking for. And this is what makes me hard to defend against without security training. I sound like a person who is legitimately pursuing my stated pretext goals, because the character I&rsquo;m playing is. And that character knows all the reasons he&rsquo;s asking you for sensitive information.</p><h3>Non-Verbals</h3><p>It&rsquo;s somewhat counterintuitive, but our voices also have non-verbal qualities. The rhythm, speed, volume and pitch (RSVP) of our voices can communicate as much as the words we speak. Acting training primed me for non-verbal training. More specifically, the way we train non-verbals in acting is a little more touchy-feely, whereas how we train non-verbals for social engineers is more technical and academic. In acting training, or even in rehearsal, we focus on listening to subtext and feeling our scene-partner&rsquo;s “energy,” and responding to what they are “giving you.” Which, in more technical terms, translates to “observe their non-verbals – including their RSVP – and use those observations to respond in a way that serves your objectives.”</p><h3>Non-Verbals and the Actor-Way</h3><p>The “actor-way” is how I originally learned non-verbal observation and is still primarily how I process things in the moment. But now I have also gone through SECOM&rsquo;s Advanced Practical Social Engineering, Paul Ekman&rsquo;s microexpression training, and trained with Joe Navarro at our Human Hacking Conference (HHC). This lets me stop and examine what I saw whenever something hits me in my more instinctive/intuitive actor brain – “Was that a bad sign? He leaned back and narrowed his eyes slightly… yeah, that&rsquo;s distancing and a slight version of an eye block, not great.” In vishing though, there are non-verbal cues that you hear, rather than see.</p><p>Very early on in my career, I noticed a sharp drop in some people&rsquo;s volume when they would give me a piece of information that I was looking for. This let me know that they were probably uncomfortable giving out that information and that I should try to put them at ease before I went after any of the other tidbits I was looking for.</p><h3>Non-Verbals and Vocal RSVP</h3><p>Instead of the target&rsquo;s body language clueing me in to their emotional state, their vocal RSVP will clue me in to their comfort level and can often provide information to help me assess them. If they have short, clipped answers and sound somewhat impatient, I will get straight to the pretext, because they are probably more of a task-focused person who will appreciate me getting to the point.</p><p>On the other hand, if my target seems like they are happy to hear from me and willing to joke around and small talk a little, I will assume that they are more of a people-person and I will shift my tactics to suit them. Being able to shift your RSVP on a call is a relatively easy way to mimic a target. People like people who are like them – adopting someone&rsquo;s rate and rhythm of speech can help build rapport.</p><h3>Exit Stage Left</h3><p>These are only a few examples of how acting skills helped me become a vishing professional. Some other points are too complicated to explain, and others are too abstract or instinctual. Luckily, all of these can be learned with some reading and, more importantly, some practice. I would love to recommend a slew of books to give you a wealth of acting knowledge, but the only book that ever gave me a palpable bump in my craft is <em>Impro</em> by Keith Johnstone the “Father of Improv.” Because <em>Impro</em> teaches spontaneity, Daniel Isler from Dreamlab Technologies, Fr1endlyRATs SE team, has called it the book that teaches how to be a social engineer (and you should read this one too).</p><p>As far as practice goes, improv classes will teach you how to trust your impulses and act on them in the moment. I would also recommend some scene study or text classes as well. Those will give you some experience working with character design and how strategies can change during the pursuit of objectives.</p><p>You can also learn about vishing techniques from myself and my co-worker Shelby Dacko at the HHC in March. The HHC will also feature the amazing Stephanie Paul and Britney Caldwell. Both of these remarkable ladies have experience in acting and coaching. Their workshops will enlighten you to the value of acting skills in communication. Acting skills helped me become a vishing professional and they can help you too.</p>"
  },
  "date": "2021-02-03T10:16:00-06:00",
  "featured": false,
  "headline": "Acting Skills Helped Me Become a Vishing Professional",
  "id": "1612347360",
  "imageFilename": "vishing-professional",
  "slug":"acting-skills-helped-me-become-a-vishing-professional",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2021/02/acting-skills-helped-me-become-a-vishing-professional/",
  "tags": ["Social Engineering", "Vishing"]
},
{
  "content": {
    "html": "<h3>Your employees could fall prey to this social engineering attack on the rise</h3><p>Calling up your colleagues directly has long been one of the most trusted methods of verifying a transaction request at work. If an email from a co-worker asking for sensitive data seems suspicious, the recipient should first double-check with the sender and seek clearance from senior team members by phone before even considering any request.</p><p>However, as investigators recently found, criminals are banding together and devising clever ways to manipulate even this tried-and-tested process. Hackers would allegedly call up employees directly in an attempt to mimic their colleagues and, from there, steal corporate or personal data by making the request appear legitimate. This social engineering attack is called voice phishing or “vishing”.</p><p>Last month, the US Federal Bureau of Investigation issued an advisory to employers worldwide about the latest tactic that evolved from email phishing attacks. Phishing scams typically lure recipients into clicking a malicious link, downloading a malicious file, or entering login credentials into a fake portal for criminals to capture the data and gain access to the employer&rsquo;s network.</p><p>Vishing, on the other hand, doesn&rsquo;t just rely on emails or text messages. Criminals have been going the extra mile by impersonating real employees during an actual voice call.</p><p>“During the phone calls, employees were tricked into logging into a phishing webpage in order to capture the employee&rsquo;s username and password,” the FBI said.</p><p>After using the stolen credentials to break into the network, the attackers allegedly discovered they could further adjust the security privileges of other accounts. This gave them deeper access into the system and a greater chance of dealing “significant financial damage” on the company, the FBI said.</p><p>In another incident, hackers targeted a specific employee through the company&rsquo;s VoIP/chat service and convinced the employee to enter their login details into a fake private network set up by the criminals. This led to a string of attacks against employees with “higher privileges,” the FBI said.</p><p>“The cyber criminals were looking for employees who could perform username and email changes and found an employee through a cloud-based payroll service. The cyber criminals used a chatroom messaging service to contact and phish this employee&rsquo;s login credentials,” investigators reported.</p><p>How can employers prevent vishing attacks? The FBI recommends the following methods:</p><ul><li>Use multi-factor authentication (MFA) which requires additional access codes or even biometric scans before granting access to the company&rsquo;s computer system</li><li>Give new employees restricted access and establish a tiered privilege system based on an employee&rsquo;s role, i.e. scope and sensitivity of data required for their tasks</li><li>Conduct a regular check of which employees have access to which data</li><li>Actively perform a network scan to detect possible breaches</li><li>Segment your network into one large network and multiple smaller networks to monitor data flow better</li><li>Provide administrators with two accounts: one with admin privileges for modifying the system and another for sending emails, deploying updates and generating reports</li></ul>"
  },
  "date": "2021-02-01T10:38:00-06:00",
  "featured": false,
  "headline": "Phishing scam uses voice calls to ‘trick’ enterprise employees",
  "id": "1612175880",
  "imageFilename": "phishing-scam-tricks-enterprise-employees",
  "slug":"phishing-scam-uses-voice-calls-to-trick-enterprise-employees",
  "sourceName": "Human Resources Director",
  "sourceArticleUrl": "https://www.hcamag.com/us/news/general/beware-phishing-scam-uses-voice-calls-to-trick-workers/245178",
  "tags": ["Hackers", "Vishing"]
},
{
  "content": {
    "html": "<p>One afternoon in December 2019, Kathleen Langer, an elderly grandmother who lives by herself in Crossville, Tenn., got a phone call from a person who said he worked in the refund department of her computer manufacturer. The reason for the call, he explained, was to process a refund the company owed Langer for antivirus and anti-hacking protection that had been sold to her and was now being discontinued. Langer, who has a warm and kind voice, couldn&rsquo;t remember purchasing the plan in question, but at her age, she didn&rsquo;t quite trust her memory. She had no reason to doubt the caller, who spoke with an Indian accent and said his name was Roger.</p><p>He asked her to turn on her computer and led her through a series of steps so that he could access it remotely. When Langer asked why this was necessary, he said he needed to remove his company&rsquo;s software from her machine. Because the protection was being terminated, he told her, leaving the software on the computer would cause it to crash.</p><p>After he gained access to her desktop, using the program TeamViewer, the caller asked Langer to log into her bank to accept the refund, $399, which he was going to transfer into her account. “Because of a technical issue with our system, we won&rsquo;t be able to refund your money on your credit card or mail you a check,” he said. Langer made a couple of unsuccessful attempts to log in. She didn&rsquo;t do online banking too often and couldn&rsquo;t remember her user name.</p><p>Frustrated, the caller opened her bank&rsquo;s internet banking registration form on her computer screen, created a new user name and password for her and asked her to fill out the required details — including her address, Social Security number and birth date. When she typed this last part in, the caller noticed she had turned 80 just weeks earlier and wished her a belated happy birthday. “Thank you!” she replied.</p><p>After submitting the form, he tried to log into Langer&rsquo;s account but failed, because Langer&rsquo;s bank — like most banks — activates a newly created user ID only after verifying it by speaking to the customer who has requested it. The caller asked Langer if she could go to her bank to resolve the issue. “How far is the bank from your house?” he asked.</p><p>A few blocks away, Langer answered. Because it was late afternoon, however, she wasn&rsquo;t sure if it would be open when she got there. The caller noted that the bank didn&rsquo;t close until 4:30, which meant she still had 45 minutes. “He was very insistent,” Langer told me recently. On her computer screen, the caller typed out what he wanted her to say at the bank. “Don&rsquo;t tell them anything about the refund,” he said. She was to say that she needed to log in to check her statements and pay bills.</p><p>Langer couldn&rsquo;t recall, when we spoke, if she drove to the bank or not. But later that afternoon, she rang the number the caller had given her and told him she had been unable to get to the bank in time. He advised her to go back the next morning. By now, Langer was beginning to have doubts about the caller. She told him she wouldn&rsquo;t answer the phone if he contacted her again.</p><p>“Do you care about your computer?” he asked. He then uploaded a program onto her computer called Lock My PC and locked its screen with a password she couldn&rsquo;t see. When she complained, he got belligerent. “You can call the police, the F.B.I., the C.I.A.,” he told her. “If you want to use your computer as you were doing, you need to go ahead as I was telling you or else you will lose your computer and your money.” When he finally hung up, after reiterating that he would call the following day, Langer felt shaken.</p><p>Minutes later, her phone rang again. This caller introduced himself as Jim Browning. “The guy who is trying to convince you to sign into your online banking is after one thing alone, and that is he wants to steal your money,” he said.</p><p>Langer was mystified that this new caller, who had what seemed to be a strong Irish accent, knew about the conversations she had just had. “Are you sure you are not with this group?” she asked.</p><p>He replied that the same scammers had targeted him, too. But when they were trying to connect remotely to his computer, as they had done with hers, he had managed to secure access to theirs. For weeks, that remote connection had allowed him to eavesdrop on and record calls like those with Langer, in addition to capturing a visual record of the activity on a scammer&rsquo;s computer screen.</p><p>“I&rsquo;m going to give you the password to unlock your PC because they use the same password every time,” he said. “If you type 4-5-2-1, you&rsquo;ll unlock it.”</p><p>Langer keyed in the digits.</p><p>“OK! It came back on!” she said, relieved.</p><p>For most people, calls like the one Langer received are a source of annoyance or anxiety. According to the F.B.I.&rsquo;s Internet Crime Complaint Center, the total losses reported to it by scam victims increased to $3.5 billion in 2019 from $1.4 billion in 2017. Last year, the app Truecaller commissioned the Harris Poll to survey roughly 2,000 American adults and found that 22 percent of the respondents said they had lost money to a phone scam in the past 12 months; Truecaller projects that as many as 56 million Americans may have been victimized this way, losing nearly $20 billion...</p>"
  },
  "date": "2021-01-27T09:17:00-06:00",
  "featured": false,
  "headline": "Who’s Making All Those Scam Calls?",
  "id": "1611739020",
  "imageFilename": "who-is-making-those-scam-calls",
  "slug":"whos-making-all-those-scam-calls",
  "sourceName": "",
  "sourceArticleUrl": "https://www.nytimes.com/2021/01/27/magazine/scam-call-centers.html",
  "tags": ["Caller-ID Spoofing", "Phone Scam", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>On July 15, 2020 the social media platform, Twitter, seemed to be operating normally. The hot topics of the day were about rapper T-Pain&rsquo;s newest spat with recording artist Travis Scott. Conversations were heated as people tweeted about the London Underground removing Banksy artwork, which was trending. With everything going well, many of the Twitter security team had just started their regular work tasks for the day. That&rsquo;s when the frantic messages started to arrive. They all said the same thing: “Someone is trying to collect employee credentials”.</p><p>This attack was not only sophisticated, but it took the entire world by surprise. What exactly happened? Why was it so successful? Let&rsquo;s analyze the 2020 Twitter attack.</p><h3>The Attack</h3><p>Early in the day on July 15, a Discord user with the name Kirk#5270 made an exciting post that had an interesting proposal. “I work for Twitter. I can claim any name, let me know if you&rsquo;re trying to work.” Bragging that he could get control of any account perked some people&rsquo;s interest. Many replied, “prove it.” Around mid-morning on July 15, some employees at Twitter started to get phone calls. Impersonating internal employees, the callers were contacting those who work in consumer service and tech support.</p><p>The instructions were simple – we need you to reset your password. Some flagged the call as suspicious and hung up on the attacker, reporting it to their security teams. However, a few employees were more accommodating. Following the instructions from the caller they went to a spoofed website controlled by the attackers. There they entered their usernames and passwords, as well as their multifactor authentication (MFA) codes. With this small hand full of credentials, the attackers had what they needed to collect the information they desired.</p><h3>Sophisticated and Targeted</h3><p>It&rsquo;s important to note that these phone calls were sophisticated and targeted. The caller leveraged information that he learned in each call to gain new information on his next call. Not all of the employees targeted in the vishing attack had access to in-house tools. However, the information that they could provide allowed the caller to get to employees who did. By using that information, the caller managed to obtain employee credentials who had access to account support tools. This information is exactly what the attacker needed.</p><p>By 3:13pm ET, people started noticing some suspicious tweets. The cryptocurrency exchange Binance said that they were going to be “giving back” $52 million of bitcoin to the community. The link that was attached to that tweet lead to a fraudulent website. By 4:17pm, Elon Musk and Bill Gates were tweeting that they were going to be giving away free bitcoin to their followers. By 4:55pm, accounts belonging to Uber, Apple, Kanye West, Jeff Bezos, and Joe Biden were also tweeting the same thing. The security team knew then that “something was going horribly wrong.”</p><h3>Stop the Scam</h3><p>The next few hours after the initial attack were chaotic for those on the Twitter team. The chaos of how to stop the attack led to their teams having to make tough decisions. Due to not knowing where the attack was coming from, the security team was left with just a few options, but only one seemed viable. At 6:18pm, the team made the decision to block all verified accounts from tweeting. They also placed restrictions on any account that had recently changed their password.</p><p>While this may not seem like a big deal to many reading this, the fact is that it does and did have its consequences. According to a May 2020 report, there are over 330 million monthly active users on Twitter. There are 145 million who use Twitter daily. Many users use Twitter as a main source of breaking news from media outlets, or public safety and emergency updates from government authorities. With Twitter down, the National Weather Service was unable to send out a tornado advisory to warn people of potential dangers. News media companies were unable to keep people updated on breaking news, including what was going on at Twitter at the time.</p><h3>The Aftermath</h3><p>Twitter found themselves in the same position that many corporations are when they discover a breach. Frantic decisions are made, tradeoffs are discussed, and potential courses of actions are planned. However, as Twitter discovered, the tighter you shut down your internal network, the less you are able to counter the scam. Doing so means you lose the ability to track the perpetrators and, more importantly, figure out who on your team has been compromised. So, with everyone kicked off the internal VPN, they started to use what is called the “zero trust” system. So everyone, starting with CEO Jack Dorsey, was going to log into a video conference with a supervisor. While on the call, they were to manually change their password in front of their supervisor. Once they did this, their services slowly came back online.</p><p>It left everyone with one question – who pulled off this sophisticated attack? At first, rumors were flying around that the culprit was a rouge employee, or perhaps professionals. However, to everyone&rsquo;s surprise the “mastermind” behind the attack was a recent high school graduate, who was only 17 years old. Federal authorities already had information on Graham Ivan Clark and had been following his online activity before the attack. In fact, in April 2020, the Secret Service had seized over $700,000 in Bitcoin from him. For the Twitter attack, Clark had managed to get access to over 100 accounts, had tweeted from 45 of them, gained access to direct messages of 36 of them, and downloaded full information from 7 accounts that he had breached. He also netted around $117,000 in Bitcoin.</p><h3>Protect Yourself from Vishing</h3><p>The question everyone was asking was, how did this attack happen? How could a few phone calls lead to the breach of an entire system? Well, let us give you a statistic. According to the 2020 Verizon DBIR, out of 3,950 data breaches, over 22% of all breaches are due to “social attacks.” Social engineering is effective because it targets humans, and humans can be easy to manipulate. This is especially dangerous if, like Twitter, there are too many people who have access to too many things.</p><p>Vishing, or phone phishing, isn&rsquo;t new. In fact, in 2015, it was added as an official word to the dictionary. But the 2020 Twitter attack made it a mainstream name. It also opened a lot of people&rsquo;s eyes to the true danger of vishing. The attack also proved that all job functions in a company have access to sensitive information, even if the attacker doesn&rsquo;t realize it. And that information is extremely valuable.</p><p>However, if employees understand the threats posed by vishing attacks, they are less likely to disclose vital information to malicious callers. Additionally, they are more likely to report suspicious activity. This is why security programs like Vishing as a Service® (VaaS®) are so important. Having regular vishing training can dramatically reduce the impact of a vishing call and can help protect your corporation&rsquo;s critical assets and trade secrets.</p>"
  },
  "date": "2021-01-20T11:07:00-06:00",
  "featured": false,
  "headline": "Analyzing the 2020 Twitter Attack",
  "id": "1611140820",
  "imageFilename": "2020-twitter-attack",
  "slug":"analyzing-the-2020-twitter-attack",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2021/01/analyzing-the-2020-twitter-attack/",
  "tags": ["Social Engineering", "Vishing", "Voice Security"]
},
{
  "content": {
    "html": "<h3>Though the FBI vishing warning references attacks that began in December 2019, the alert is reminiscent of the Twitter social engineering attacks that took place last July.</h3><p>Several months after the highly publicized Twitter attacks of last summer, social engineering and vishing are back in the spotlight.</p><p>A Jan. 14 Private Industry Notification (PIN) by the FBI&rsquo;s Cyber Division warned of cybercriminals targeting employees at large U.S. and international companies using social engineering and vishing tactics. In these attacks, which the FBI said began in December 2019, threat actors would target employees using VoIP platforms and convince victims to expose their corporate credentials through phishing sites.</p><p>“During the phone calls, employees were tricked into logging into a phishing webpage in order to capture the employee&rsquo;s username and password,” the notification reads. “After gaining access to the network, many cyber criminals found they had greater network access, including the ability to escalate privileges of the compromised employees&rsquo; accounts, thus allowing them to gain further access into the network often causing significant financial damage.”</p><p>The PIN offered an example of an incident in which “cyber criminals found an employee via the company&rsquo;s chatroom, and convinced the individual to log into the fake VPN page operated by the cyber criminals.” Once the threat actors had the employee&rsquo;s credentials, they logged into the company&rsquo;s VPN and began the process of locating a higher-privilege individual.</p><p>Recommended mitigations by the FBI include using multifactor authentication, keeping new employees on a lower privilege level and actively scanning for unauthorized access. The bureau also recommended network segmentation and for administrators to be “issued two accounts: one account with admin privileges to make system changes and the other account used for email, deploying updates, and generating reports.”</p><p>SearchSecurity asked the FBI about targeted industries and the number of attacks observed, but the bureau has not responded at press time.</p><p>Last July, Twitter was attacked in one of the most significant vishing attacks in recent memory. The attackers posed as Twitter tech support staff and used social engineering tactics to gain access to internal Twitter systems as well as numerous high-profile accounts like former president Barack Obama and SpaceX founder and CEO Elon Musk. The attackers then tweeted Bitcoin scams from these compromised accounts and made off with over $100,000 in cryptocurrency.</p><p>And last August, the FBI and CISA issued an advisory referencing a vishing campaign that took place the previous month, though it did not directly refence Twitter. The advisory, like last week&rsquo;s FBI PIN, warned that threat actors were taking advantage of the COVID-19 pandemic and increased VPN usage to vish employees and convince them to give up their login credentials.</p>"
  },
  "date": "2021-01-19T10:25:00-06:00",
  "featured": false,
  "headline": "FBI warns against vishing attacks targeting enterprises",
  "id": "1611051900",
  "imageFilename": "fbi-warns-against-vishing-based-attacks",
  "slug":"fbi-warns-against-vishing-attacks-targeting-enterprises",
  "sourceName": "Tech Target",
  "sourceArticleUrl": "https://searchsecurity.techtarget.com/news/252495059/FBI-warns-against-vishing-attacks-targeting-enterprises",
  "tags": ["Hackers", "Vishing"]
},
{
  "content": {
    "html": "<h3>As the social media platforms become more active in tackling false claims around politics and health, disinformation agents are searching for “new” ways to spread their messages.</h3><p></p><p>As millions of people around the world were under lockdown this year, social media became a lifeline for many. While researchers and journalists were focused on mis- and disinformation flourishing on the main social media platforms, information disruptors returned to old-school methods of sowing chaos and confusion through leaflets, billboards, emails, SMS, and robocalls.</p><p>The pandemic became an opportunity for the dissemination of Covid-19 hoaxes and conspiracy theories through mailboxes straight into people&rsquo;s homes. Leaflets sent out in the UK claimed that the government, the media and National Health Service representatives were attempting to “create the illusion of an unprecedented deadly pandemic” to justify “extreme lockdown measures.” People living near the Canberra Hospital in Australia received flyers alleging that Covid-19 is being spread by the government through the water supply, and that a vaccination would contain a tracking device. Misleading claims about the virus were also printed on billboards and posters: An Indian example promoted essential oils to protect people from Covid-19. Two U.S. billboards bore the message that “It&rsquo;s NOT about a &lsquo;VIRUS&rsquo;! It&rsquo;s about CONTROL” alongside an image of a crash-test dummy wearing a mask.</p><p>People received emails from fraudsters pretending to be with the Ministry of Health in Colombia, alleging they had to have mandatory Covid-19 tests. Similar attempts to gain access to personal information were conducted over text messages and phone calls, such as in South Korea, which saw a rise in “smishing,” scam text messages that spread false information about Covid-19 cures and offered free masks in exchange for personal information.</p><p>The U.S. presidential election was a greatest-hits compilation of the old-school genre, with unsolicited, misinformation-filled newspapers such as The Epoch Times sent to households across the country, unofficial “ballot boxes” erected on sidewalks, and robocalls telling people to “stay home, stay safe” on Election Day that reached millions.</p><p>As the social media platforms become more active in tackling false claims around politics and health, disinformation agents are searching for new ways to spread their messages.</p><p>Darren Linvill, an associate communications professor at Clemson University, told First Draft: “If you want to spread disinformation, you don&rsquo;t go where everybody is watching. You go somewhere where nobody is looking.” Online and offline channels are not mutually exclusive to disinformation actors, who often use multiple platforms to spread untruths, Linvill said. “We frequently saw content from text messages that were screen-grabbed and shared on social media.”</p><p>For purveyors of disinformation, one advantage of offline distribution is that provenance can be obscured — physical copies don&rsquo;t leave digital traces that could point people to the source. Amid worldwide protests against systemic racism this year, misleading flyers designed to undermine Black Lives Matter were circulated in the US and the UK. In both cases, it was unclear who created the leaflets. As Full Fact noted, “almost anybody can make a sticker that looks like an official one, whether they may support or oppose the goals of the group in question.”</p><p>And weeks before the U.S. election, suspicious flyers threatening Trump supporters were sent to residents in New Hampshire. Photos of these flyers, whose origin and authenticity were unknown at the time, were uploaded and amplified by social media influencers and partisan groups. Some social media posts with high engagement falsely claimed residents in Kansas had received the letters. Kansas City police investigated the rumor and reported that no resident had received this message on paper, but it did appear on social media.</p><p>As mis- and disinformation researchers know, leaflets, billboards, emails, SMS and robocalls present logistical challenges. It&rsquo;s impossible to be everywhere at once. Unless these messages are flagged by the recipient, they can remain under the radar. That makes it challenging to determine how far these hoaxes are spreading and — if the authors choose to remain anonymous — who is behind them.</p><p>ProPublica senior technology journalist Jack Gillum reported on the impact of the robocall operation that reached at least 800,000 residents living in key states that may have affected voter turnout for the 2020 U.S. election. “When it comes to robocalls, getting data for that is really difficult,” he said. “I didn&rsquo;t know what data is easily available and that we can confirm that sort of stuff, so basically I had to rely on U.S. government sourcing.”</p><p>Perhaps the most high-profile example in 2020 was the case of a fraudulent email targeting Democratic voters, sent before the presidential election. It prompted a press conference hosted by the FBI and the nation&rsquo;s director of national intelligence. Experts say it was the work of Iranian hackers posing as the far-right Proud Boys group. Evie Sorrell, an undergraduate student at the University of Pennsylvania who lives in Philadelphia, was among those who received a threatening email telling her to vote for Trump.</p><p>“When I first got the email, I was like, &lsquo;Huh, that&rsquo;s really weird. Also pretty illegal,&rsquo;” Sorrell said. “And then I realized that if it was real, then they might have information on me.”</p><p>Of the episode, including finding out that Iran might have been behind it, she said she felt violated. She speculated that her knowledge of internet culture and digital literacy skills might have put her at an advantage: “You could definitely be swayed to, at the least not vote, or take it very seriously and vote for Trump because you&rsquo;re worried for your life and safety.”</p><p>As Sorrell&rsquo;s experience shows, many of these messages can feel uncomfortably intimate to the recipient, as they were sent directly to homes or mobile phone numbers. Linvill says, “They have the potential to be more persuasive, simply because they&rsquo;re more personal. Because they&rsquo;re sent to you directly, as opposed to messages on social media that you scroll down through and it&rsquo;s one message in a list of messages.”</p><p>There are laws regulating false advertising and broadcasting materials, but these vary from country to country, as does enforcement. In January, the U.S. government took additional steps to limit the scourge of illegal robocalls, putting the onus on phone service providers instead of consumers. But days before the U.S. election, voters were still flooded with text messages containing damaging disinformation narratives, as The Washington Post reports. Peer-to-peer texting platforms used during elections are not as clearly covered by the anti-robocall rules, as the companies contend they are not an automated service.</p><p>In 2021, it&rsquo;s important to remember that misinformation is not just happening on the major social platforms. Journalists and researchers will need to devise ways to understand the complexities of scope and impact, beyond just hoping concerned citizens will report problematic emails and phone calls.</p>"
  },
  "date": "2021-01-07T14:19:00-06:00",
  "featured": false,
  "headline": "Bad actors are returning to old-school methods of sowing chaos",
  "id": "1610029140",
  "imageFilename": "bad-actors-are-returning-to-old-methods",
  "slug":"bad-actors-are-returning-to-old-school-methods-of-sowing-chaos",
  "sourceName": "Nieman Labs",
  "sourceArticleUrl": "https://www.niemanlab.org/2021/01/bad-actors-are-returning-to-old-school-methods-of-sowing-chaos/",
  "tags": ["Disinformation", "Robocalls"]
},
{
  "content": {
    "html": "<p>IRVINE<em>, </em>Calif., Jan. 6, 2021 /PRNewswire/ -- Americans received just under 3.9 billion robocalls in December, a decrease of approximately 2% over November. In December, robocalls averaged 124.8 million calls/day, or roughly 1,445 calls/second, down 2% from 127.0 million calls/day and 1,470 calls/second in November. There were just over 45.9 billion robocalls for the full year, down 21% from the almost 58.5 billion robocalls last year, and even 4% below 2018&rsquo;s total of 47.8 billion robocalls.</p><p>These latest monthly figures come from YouMail, a totally free robocall blocking app and call protection service for mobile phones.</p><p>“Robocall volumes have reduced dramatically this year, with 8 out of the 12 months below 4 billion robocalls,” said YouMail CEO Alex Quilici. “While it&rsquo;s taken a pandemic to reduce volumes materially, at least the public is dealing with substantially fewer robocalls this year than last.”</p><p>December Saw Another Decline in Scam Calls</p><p>In December, scam and telemarketing calls combined accounted for roughly 60% of the month&rsquo;s total robocall volume. The good news is that scam calls were down another 5% in December, after a 15% decline in November.</p><figure><table><tbody><tr><td>Type ofRobocall</td><td>Estimated DecemberRobocalls</td><td>Percentage December<br>Robocalls</td></tr><tr><td>Scams</td><td>1.7 billion (-5%).</td><td>44% (-3%)</td></tr><tr><td>Alerts and Reminders</td><td>1.0 billion (+3%)</td><td>26% (+1%)</td></tr><tr><td>Payment Reminders</td><td>.58 billion (+8%)</td><td>15% (+1%)</td></tr><tr><td>Telemarketing</td><td>.56 billion (+12%)</td><td>15% (+1%)</td></tr></tbody></table></figure><p>Top Illegal Robocalls in December 2020</p><p>December had only two scam categories with over 100 million robocalls for the month: Car Warranty Scams and Health-Related Scams, with a big increase in Warranty Scams during December. Government Imposter Scams decreased in volume significantly, falling to less than 70 million scam calls in December.</p><figure><table><tbody><tr><td>Rank</td><td>Type of Scam</td><td>Estimated December Robocalls</td><td>Summary of Scam</td></tr><tr><td>1</td><td>Warranty Scams</td><td>265 million</td><td>Scam payments/illegal solicitations</td></tr><tr><td>2</td><td>Health-Related Scams</td><td>212 million</td><td>Identify theft/scam payments/illegal solicitations</td></tr></tbody></table></figure><p>“Winners” in December 2020</p><p>The cities, area codes and states with the highest volumes of robocalls in December were similar to what we&rsquo;ve seen over the past few months. Interestingly, even with the slowdown in robocalls, there were still four states with over 21 robocalls/person in the month: South Carolina (22.2), Alabama (21.1), Louisiana (21.7), and Georgia (21.4).</p><figure><table><tbody><tr><td>City with the Most Robocalls:</td><td>Atlanta, GA (167.1 million, +8%)</td></tr><tr><td>City with the Most Robocalls/Person:</td><td>Macon, GA (33.5/person, +11%)</td></tr><tr><td>Area Code with the Most Robocalls:</td><td>404 in Atlanta, GA (70.8 million, +8%)</td></tr><tr><td>Area Code with the Most Robocalls/Person:</td><td>404 in Atlanta, GA (57.9/person, +8%)</td></tr><tr><td>State with the Most Robocalls:</td><td>Texas (454.6 million, +1%)</td></tr><tr><td>State with the Most Robocalls/Person:</td><td>South Carolina (22.2, +0%)</td></tr></tbody></table></figure>"
  },
  "date": "2021-01-06T14:00:00-06:00",
  "featured": false,
  "headline": "3.9 Billion Robocalls in December Mark Roughly 2% Monthly Decrease",
  "id": "1609941600",
  "imageFilename": "3.9-billion-robocalls-december-2020",
  "slug":"3-9-billion-robocalls-in-december-mark-roughly-2-monthly-decrease",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/almost-3-9-billion-robocalls-in-december-mark-roughly-2-monthly-decrease-says-youmail-robocall-index-301201808.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>New Year, new rules, at least where companies that use robocall systems are concerned. The FCC has expanded its guidelines for using robocalls and made it so phone companies have to do more to keep those calls off their networks.</p><p>Those new rules mean that not only telemarketers are bound by the restrictions on robocalling. Previously, non-commercial, commercial, and tax-exempt nonprofits didn&rsquo;t have to worry about restrictions on how many robocalls they sent. Now they&rsquo;re under the same rules as telemarketers, which should reduce the number of spam robocalls everyone receives.</p><blockquote><p>Americans are sick and tired of unwanted and illegal robocalls, and today&rsquo;s separate actions are like a one-two punch to ward them off. Today, we are putting much needed limitations on robocalls to our homes, and taking additional steps regarding call blocking that will yield significant improvements for consumers. – FCC Chairman Ajit Pai</p></blockquote><p>Under the new guidelines, companies can only make up to three robocalls per 30 days to any residential number, and they have to give the recipient of the calls the option to opt-out of any future calls.</p><p>New rules for phone companies mean that they have to respond to traceback requests from the FCC or from law enforcement. Phone carriers also have to investigate calls deemed illegal by the FCC and take action against those calls if their investigations come to the same conclusion. Carriers now have a wider remit to do network-level call blocking, without fears of legal liability for those blocks, with a system of checks to ensure any blocks of that level are illegal.</p><p>It&rsquo;s not all one-way, as the FCC also requires phone companies to immediately notify callers when their calls are being blocked. That might lead to robocall users to find ways around the blocks, but the overall effect will be more transparency in the process, and less spam calls on our phone lines.</p>"
  },
  "date": "2021-01-05T14:25:00-06:00",
  "featured": false,
  "headline": "The FCC is pretty much fed up with all robocalls, not just telemarketers",
  "id": "1609856700",
  "imageFilename": "fcc-fed-up-with-robocalls",
  "slug":"the-fcc-is-pretty-much-fed-up-with-all-robocalls-not-just-telemarketers",
  "sourceName": "KnowTechie",
  "sourceArticleUrl": "https://knowtechie.com/the-fcc-is-finally-expanding-its-new-robocall-rules-past-just-telemarketers/",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>A security incident at T-Mobile has resulted in customer call data being accessed, the telecommunications giant has said.</p><p>The hack, which was first reported on December 29, affected around 200,000 customers.</p><p>Leaked data “may have” included customer phone numbers and other call-related information the telco “collected as part of the normal operation of your wireless service”, said T-Mobile.</p><p>No financial data or sensitive personal information such as Social Security numbers was accessed.</p><p>Although it isn&rsquo;t clear exactly how the “malicious, unauthorized” hackers gained access to the data, T-Mobile said it has employed an external cybersecurity firm to conduct an investigation.</p><p>“We also immediately reported this matter to federal law enforcement and are now in the process of notifying impacted customers,” T-Mobile were reported as saying.</p><p>This latest incident follows a data breach back in March 2020, when customer financial information was exposed due to a third-party hack.</p><p>T-Mobile confirmed that its email vendor had suffered a hack, enabling attackers to gain access to employee&rsquo;s email accounts.</p><p>The incident resulted in the exposure of customer Social Security numbers, financial information, government ID numbers, billing information, and rate plans.</p>"
  },
  "date": "2021-01-04T14:39:00-06:00",
  "featured": false,
  "headline": "T-Mobile data breach: ‘Malicious, unauthorized’ hack exposes customer call information",
  "id": "1609771140",
  "imageFilename": "t-mobile-data-breach-hack",
  "slug":"t-mobile-data-breach-malicious-unauthorized-hack-exposes-customer-call-information",
  "sourceName": "The Daily Swig",
  "sourceArticleUrl": "https://portswigger.net/daily-swig/t-mobile-data-breach-malicious-unauthorized-hack-exposes-customer-call-information",
  "tags": ["Hackers"]
},
{
  "content": {
    "html": "<p>In another year-end action as directed by Section 4(b)(7) of the TRACED Act, the Federal Communications Commission&rsquo;s (FCC) Wireline Competition Bureau (Bureau) has issued “best practices that providers of voice services may adopt as part of their implementation of effective call authentication frameworks to ensure that the calling party on a voice call is accurately identified.&rsquo;&rsquo; In a Public Notice (PN) released December 22, 2020, the Bureau noted that the ”best practices“ are ”voluntary,“ but represented an ”industry consensus on the best ways to &lsquo;assist in the overall objective of mitigating robocalling when implementing call authentication frameworks&rsquo;“ (https://docs.fcc.gov/public/attachments/DA-20-1526A1.pdf).</p><p>The ”best practices“ derive from recommendations put forth by Call Authentication Trust Anchor Working Group of the North American Numbering Council (NANC) sought by the Bureau last February and approved by the NANC in September. The Bureau&rsquo;s PN ”encouraged voice service providers to follow“ a number of the recommendations ”when appropriate and applicable.“ Specifically, the PN summarized the following recommendations in Appendix A to the PN:</p><ul><li><em>Subscriber Vetting.</em> Voice service providers should vet the identity of retail and wholesale subscribers, in conjunction with (i) approving an application for service; (ii) provisioning of network connectivity; (iii) entering into a contract agreement; or (iv) granting the right-to-use telephone number resources.</li><li><em>Telephone Number Validation.</em> Originating voice service providers should confirm the end user or customer&rsquo;s right to use a telephone number.</li><li><em>Third-Party Validation Services</em>. Originating voice service providers should use a third-party validation service when they cannot or choose not to independently perform telephone number validation in accordance with Best Practice #2.</li><li><em>International</em>. Voice service providers that sell services to international call originators using North American Numbering Plan numbers should develop processes to validate that the calling party is authorized to use the telephone number or caller identity. Further, domestic gateway providers may wish to explore voluntary commercial arrangements with international providers that include terms and conditions that would give the domestic gateway provider the tools, information, and confidence to trust the validity of the calling identity.</li><li><em>Ongoing Robocall Mitigation</em>. Voice service providers, whether IP- or non-IP-based, should have ongoing robocall mitigation programs in addition to implementing caller ID authentication protocols. The elements of such programs may vary depending on the nature of the voice service provider&rsquo;s business but may include ongoing monitoring of subscriber traffic patterns to identify behaviors that are consistent with illegal robocalling. Voice service providers may, after further investigation, take appropriate action to address such behaviors.</li></ul><p>Finally, the Bureau chose not to adopt two best practice recommendations relating to components of the FCC&rsquo;s STIR/SHAKEN standards, noting that ”voice service providers are already <em>required to comply</em> with those standards to satisfy our caller ID authentication rules….“ (emphasis supplied). As a result, the Bureau resolved that these particular recommendations were not appropriate for inclusion ”on a list of <em>voluntary </em>best practices::quot:: (emphasis in original).</p>"
  },
  "date": "2021-01-04T14:32:00-06:00",
  "featured": false,
  "headline": "FCC Issues Voluntary Caller ID Authentication Best Practices for Voice Service Providers",
  "id": "1609770720",
  "imageFilename": "fcc-issues-voluntary-caller-authentication-best-practices-for-sps",
  "slug":"fcc-issues-voluntary-caller-id-authentication-best-practices-for-voice-service-providers",
  "sourceName": "TCPA World",
  "sourceArticleUrl": "https://tcpaworld.com/2021/01/04/fcc-issues-voluntary-caller-id-authentication-best-practices-for-voice-service-providers/",
  "tags": ["Authentication", "Caller-ID Spoofing"]
},
{
  "content": {
    "html": "<p>The U.S. Federal Communications Commission set new rules to curb annoying robocalls, limiting the number of calls companies can make and requiring phone companies to take greater steps to ensure their networks aren&rsquo;t used to transmit illegal calls.</p><p>The FCC said it receives more complaints about unwanted calls than any other issue and has been on a years-long quest to limit calls that can be used to commit fraud and identity theft.</p><p>“Americans are sick and tired of unwanted and illegal robocalls, and today&rsquo;s separate actions are like a one-two punch to ward them off,” FCC Chairman Ajit Pai said in a statement.</p><p>Under new rules announced Wednesday, voice service providers will be required to better police their networks to block robocalls with procedures to resolve disputes if a call is blocked in error. Consumers are to be notified when calls are blocked and can request a list of all blocked calls. The phone companies also would be required to aid the FCC and law enforcement in identifying the origin of the robocalls.</p><p>Some companies, like those doing market research or political polling, are exempt from some of the restrictions on calling consumers. Such groups will be limited, though, to three calls in a 30-day period and must give consumers a way to opt out of future calls. Those requirements are set to take effect in six months.</p>"
  },
  "date": "2020-12-30T14:12:00-06:00",
  "featured": false,
  "headline": "Robocall Crackdown to Be Policed With U.S. Phone Company Help",
  "id": "1609337520",
  "imageFilename": "phone-companies-to-police-robocalls-904x712",
  "slug":"robocall-crackdown-to-be-policed-with-u-s-phone-company-help",
  "sourceName": "Bloomberg",
  "sourceArticleUrl": "https://www.bloomberg.com/news/articles/2020-12-30/robocall-crackdown-to-be-policed-with-u-s-phone-company-help",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>On Monday the Federal Communications Commission (FCC) announced that it has issued an order clarifying that phone companies can block robocalls that are associated with one-ring scams, thus implementing a portion of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act). The order comes after the Commission issued a proposed rulemaking in April 2020.</p><p>“Today the FCC acts decisively to protect consumers from a particularly pernicious type of robocall: the one-ring scam,” Chairman Ajit Pai said. “In response to a spike in one-ring scam activity, we proactively targeted this problem over a year-and-a-half ago with a consumer advisory and have taken other action to combat this scam. Today&rsquo;s action is just the latest step to stop illegal calls before they reach consumers&rsquo; phones. We are sending bad actors a clear message: We will use all available tools, including those in the TRACED Act, to protect American consumers.”</p><p>The FCC noted that during a typical one-ring scam, a consumer receives a robocall, which can often occur late at night, during said robocall, the call disconnects after one ring in order to prompt the consumer to call back. While these calls appear to come from U.S. numbers, these scam calls generally originate from outside of the country. Thus, when consumers call back they will incur toll charges of which the scammer receives a portion. Furthermore, the agency stated that these scams also utilize fake voicemail messages to inform consumers about an allegedly “sick relative” or messages that urge consumers to call what appears to be a U.S. number in order to “schedule a package delivery.”</p><p>The FCC stated that it will also continue and expand its efforts, including collaboration with law enforcement and consumer education activities, to stop these types of scams and other robocalling conduct. Monday&rsquo;s order adds to the FCC&rsquo;s efforts to “provide phone companies with certainty and safe harbors for blocking unwanted and illegal robocalls,” such as its: 2017 Call Blocking Report and Order, which gave phone companies the authority to block by default calls that seem to come from invalid, unallocated, unused, and numbers on a Do-Not-Originate list; 2019 Call Blocking Declaratory Ruling, which permitted phone companies to automatically enroll new and existing customers in a default call-blocking service if reasonable analytics are used to identify unwanted calls to be blocked; and July 2020 Call Blocking Safe Harbor Report and Order, which incentivized phone companies to block calls by protecting them from liability if they inadvertently blocked wanted calls in certain instances. The FCC has made other initiatives to combat robocalls, such as requiring phone companies to authenticate caller ID to protect consumers from spoofed calls.</p>"
  },
  "date": "2020-12-02T10:07:45-06:00",
  "featured": false,
  "headline": "FCC Moves to Stop “One-Ring” Scams",
  "id": "1606903665",
  "imageFilename": "fcc-fights-one-ring-scams-904x712",
  "slug":"fcc-moves-to-stop-one-ring-scams",
  "sourceName": "Law Street",
  "sourceArticleUrl": "https://lawstreetmedia.com/tech/fcc-moves-to-stop-one-ring-scams/",
  "tags": ["FCC", "Robocalls", "TRACED Act"]
},
{
  "content": {
    "html": "<p>Despite the growing importance of balancing customer experience with strong contact center security, two-thirds of firms struggle to do so, Forrester Research noted in a recent report.</p><p>As COVID-19 changed the global business landscape, so too did consumer expectations, preferences, and behaviors. They expect companies to follow COVID-related business requirements while also maintaining a high level of security to combat the growing army of fraudsters working to profit from stolen data.</p><p>Some key findings from the report include the following:</p><ul><li>nearly a third of firms have seen a more than 50 percent increase in call volume since COVID-19 began;</li><li>on average, firms have seen a 42 percent increase in year-over-year call volume since the pandemic began;</li><li>57 percent of firms have seen fraud attacks in the call center increase since the start of COVID-19, and 53 percent can draw a direct line from the increase in fraud to their bottom lines;</li><li>80 percent of firms see fraud as a very serious issue in the call center;</li><li>78 percent of firms see solving IVR fraud as a top call center initiative;</li><li>nearly 60 percent of firms struggle to manage cross-channel attacks;</li><li>83 percent of firms rely on their contact center agents as the first line of defense in identifying potential fraud; and</li><li>only a third of respondents strongly agreed that they have a handle on contact center fraud.</li></ul><p>The report identified account reconnaissance as the most common type of fraud firms are seeing in their contact centers and maintains that this kind of security attack is on the rise.</p><p>“Most respondents said they have seen fraudsters use the [interactive voice response] for account mining or reconnaissance since the pandemic began. Bad actors know contact centers are stretched thin, and they are using that to their advantage,” the report said.</p><p>“As COVID-19 forced individuals to rapidly adapt to handling all aspects of their life remotely, contact centers have been one of the most significantly affected areas of global business,” observed Vijay Balasubramaniyan, CEO of Pindrop, a provider of contact center fraud monitoring and detection solutions. “As firms struggle to manage spikes in call volume, the surge has also widened the window of opportunity for fraudsters to quietly mine huge amounts of personal data to perpetrate cross-channel attacks.”</p><p>In addition to account reconnaissance, financial services and insurance companies are most commonly seeing social engineering, bot activity, and call-spoofing fraud in IVR systems, the report also pointed out, noting that these types of fraud attacks “are harder to manage in a decentralized contact center environment.”</p><p>But the news is not all bleak. On average, firms reported a decrease in fraud ranging from 10 percent to more than 50 percent after implementing fraud detection with real-time account monitoring, which has also led to significant bottom-line savings, the research found.</p>"
  },
  "date": "2020-11-30T10:30:00-06:00",
  "featured": false,
  "headline": "Contact Center Fraud Sees a COVID-Induced Spike",
  "id": "1606732200",
  "imageFilename": "contact-center-fraud-covid",
  "slug":"contact-center-fraud-sees-a-covid-induced-spike",
  "sourceName": "Destination CRM",
  "sourceArticleUrl": "https://www.destinationcrm.com/Articles/CRM-Insights/Insight/Contact-Center-Fraud-Sees-a-COVID-Induced-Spike-144078.aspx",
  "tags": ["Contact Center Security", "Covid-19", "Crisis Exploitation", "Financial Fraud"]
},
{
  "content": {
    "html": "<h2>Now a technological solution is in the works.</h2><p>As a contact tracer in my home county in Iowa, it&rsquo;s my job to provide people who have recently tested positive for the coronavirus with public health guidance and to help identify anyone else who might have been exposed. Doing that, however, can sometimes be more challenging than I would wish. On one occasion, the first time I called an elderly woman, I got her voicemail. I figured that she had dismissed the call from an unfamiliar number as spam, so I waited a minute and then called again. Thinking back to the plethora of times I&rsquo;ve received back-to-back spam calls, I tried my luck one more time. She answered. Relieved, I introduced myself, fearing as I often do that I was talking with someone who didn&rsquo;t appreciate public health.</p><p>She was skeptical of something, but it wasn&rsquo;t public health. It was phone calls from unidentified numbers. She first asked how could she know that I actually work with the county public health department. She had only answered because her husband was on a bike ride and she wondered if he was trying to reach her as she watched the Iowa Hawkeyes play. Understanding her genuine mistrust of random callers, I reassured her about the information we were asking for, and all the ways she could verify our county department&rsquo;s operations.</p><p>“I don&rsquo;t mean to give working people a hard time—but if your number came through as &lsquo;Public Health&rsquo; or something, I wouldn&rsquo;t be as skeptical,” she told me.</p><p>I&rsquo;ve had versions of this conversation many times. A significant number of contact tracers&rsquo; calls to confirmed cases and close contacts go unanswered. It makes sense: Many Americans are mistrustful of unidentified phone calls primarily due to being plagued by spam calls daily.<br>But this mistrust can come as a detriment to public health efforts. Here in Iowa, coronavirus cases are skyrocketing, and public health departments across the country are having trouble to keep up with contact tracing. Having to call people repeatedly and attempt other methods of communication wastes time we simply do not have right now.</p><p>It&rsquo;s understandable that people are suspicious of numbers they don&rsquo;t recognize. (I certainly am.) According to the Transaction Network Services, which publishes a robocall report twice a year, more than 100 billion unwanted calls were made nationwide between August 2019 and August 2020. While the number of unwanted calls in the first half of 2020 is down about 15 percent compared with the first half of 2019, primarily due to global shutdowns and less active call centers due to the COVID-19 pandemic, TNS says the number has been picking up again.</p><p>And some of them, as the elderly woman I called suspected, are fraudulently using the pandemic, even misrepresenting themselves as contact tracers. Bill Versen, the chief product officer at TNS, calls these “confidence men” calls, and says they include both robocalls and live-person fraud calls. Versen says that the confidence men “use a topical event, including the coronavirus and contact tracing, to try and defraud people.”</p><p>Versen notes that while the U.S. isn&rsquo;t the only country that faces challenges with robocalls and spam calls, the magnitude of the problem is higher in North America compared with other parts of the world.</p><p>A result of all these unwanted calls is that people simply don&rsquo;t pick up the phone. A recent industry analysis found that 75 percent of calls from unrecognized numbers go unanswered. Spammers often spoof local area codes, so even having a geographically proximate number is often not enough to make someone pick up the call.</p><p>Exactly how much these spam calls have negatively impacted contact tracing and accelerated the spread of the coronavirus is unclear.</p><p>“It&rsquo;s hard to put a number,” said Crystal Watson, senior associate at the Johns Hopkins Center for Health Security and assistant professor in the Department of Environmental Health and Engineering. “But all jurisdictions in the U.S. have had to struggle with this [spam calls].”</p><p>Often, these spam calls are a mere annoyance. But it&rsquo;s particularly dangerous at this moment, as new coronavirus cases are surging to all-time highs all around the United States and some county health departments have already given up on contact tracing.</p><p>“For contact tracing to truly be effective in controlling the coronavirus, we need to be recognizing and reaching the vast majority of cases, and break chains of transmission,” Watson said. “If that&rsquo;s not happening, and there are large number of cases that are going unrecognized—then contact tracing alone won&rsquo;t control large spreads of the virus.”</p><p>I sometimes hear from healthy but worried residents who want to know the local contact tracing team&rsquo;s phone number, just so they can put it in their phone and be sure they&rsquo;ll pick up. Unfortunately, it&rsquo;s not really sustainable for public health departments to get a massive number of calls for this purpose at a time when other pressing work needs to be done. Additionally, most organizations use a block of phone numbers, not just one.</p><p>Contact tracers have some tricks, like calling someone back to back, the way I did with the elderly woman, or using text messages. But these quick fixes are not enough to reach everyone. Text messages are also not infallible given similar perceptions of spam. Furthermore, contact tracing must be a conversation between a public health worker and the person who tested positive or their close contacts.</p><p>The good news is that another less intensive solution may already exist: public safety branded calling.</p><p>TNS identifies unwanted, spam calls and works with phone carriers and organizations to identify numbers used for legitimate work. Those numbers are then added to TNS&rsquo;s analytics engine to make sure they don&rsquo;t get caught in carriers&rsquo; safety nets to catch spam calls. (These are the systems that, for instance, make some numbers show up as “Likely Spam” on your phone screen.) Those unfamiliar numbers may still <em>look </em>like spam calls, of course, so the next step is a brand: putting some specific name or information about the organization like “New York State health department – COVID-19 tests results” on the identified phone numbers when a call is made, which are further authenticated to make sure from the call is actually coming from the number that shows up on your screen.</p><p>This may be coming soon to your local health department. While TNS said that while it couldn&rsquo;t share the names of specific public health agencies, it is “working with various health agencies in New York, New Jersey, Pennsylvania, Massachusetts and California, among others” to implement their branded call service.</p><p>While branded calling may be a promising practice, whether for contact tracing or other needs, we still need research to determine whether it can improve call pickup rates for public health uses.</p><p>Some experts also caution that a solution may not be as simple as making your phone display “Contact Tracer.” Spam calls “are so inoculated in our culture now—it could take many years for the public trust to follow,” said Jeff Engel, executive director of the Council of State and Territorial Epidemiologists.</p><p>TNS and other organizations including the Federal Communications Commission are working to tackle that broader problem by monitoring and criminalizing fraudulent calls, which could help bring back trust. The nationwide problem with spam calls is another example of how, in a pandemic, strong guidance and leadership from the federal government can make a bring difference.</p><p>“It&rsquo;s been a real push for public health departments to develop a workforce, not to mention managing mobile challenges,” Watson said. “A lot of states have had to go alone, and have not had the comprehensive guidance to improve testing or contact tracing, or to reduce issues associated with robocalling.”</p><p>For all its challenges, contact tracing can be rewarding. Just recently, the child of a concerned, single mother of two tested positive for the coronavirus. I called her multiple times, but didn&rsquo;t get an answer and couldn&rsquo;t leave a voicemail. I sent a text message informing her that as the county public health department, we were trying to reach her in regards to her child&rsquo;s case. Shortly after, she called back. She was almost in tears, relieved that we were trying to reach her. She told me she had no idea what to do after her child tested positive. Following our conversation, her fears were eased and her uncertainty was lifted because she knew what to do for her child and family.</p><p>In recent weeks, we&rsquo;ve seen promising news about vaccines, which makes me hopeful that we are in sight of the end of the crisis. I&rsquo;m also optimistic about the idea that technology may help us make contact tracing more efficient. For now, though, I&rsquo;ll keep making those phone calls. Perhaps you can help out your community by following public health guidelines, minimizing the spread of the coronavirus even if it means not traveling, and picking up the phone—especially if an unfamiliar number calls you multiple times in a row.</p>"
  },
  "date": "2020-11-24T10:10:00-06:00",
  "featured": false,
  "headline": "No One Wants to Pick Up the Phone for an Unfamiliar Number—and It’s Hurting Contact Tracing",
  "id": "1606212600",
  "imageFilename": "trusting-caller-id-904x712",
  "slug":"no-one-wants-to-pick-up-the-phone-for-an-unfamiliar-number-and-its-hurting-contact-tracing",
  "sourceName": "Slate",
  "sourceArticleUrl": "https://slate.com/technology/2020/11/coronavirus-contact-tracing-robocalling.html",
  "tags": ["Call Authentication", "Caller-ID Spoofing"]
},
{
  "content": {
    "html": "<h2>Some exemptions for voice service providers took effect Nov. 17, while other components of the rule will start Dec. 17.</h2><p>- The final rule is part of requirements in the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act.</p><p>- Caller ID authentication is designed to stop caller ID spoofing and illegal robocalls. ACA has advocated on behalf of the industry to ensure legitimate calls are not impacted by these mitigation efforts.</p><p>The Federal Communications Commission on Tuesday adopted a final rule implementing the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act requirements on caller ID authentication technology.</p><p>Several components in the rule take effect Dec. 17, while others were delayed indefinitely. Certain exemptions from caller ID authentication for voice service providers took effect Nov. 17, according to the rule published in the Federal Register on that date.</p><p>As a refresher, the FCC&rsquo;s caller ID authentication framework is designed to stop illegal caller ID spoofing and robocalls. Caller ID authentication is often referred to as STIR/SHAKEN, a “framework of interconnected standards” that allows carriers to sign or label calls as legitimate and that they are in fact from the number displayed on the caller ID before reaching consumers, according to the FCC</p><p>Under the TRACED Act, voice service providers are required to fully implement the STIR/SHAKEN caller ID authentication by June 30, 2021.</p><p>According to the final rule, the component that takes effect Nov. 17 focuses on how a voice service provider may seek a voluntary exemption from the June 2021 caller ID authentication deadline by certifying on or before Dec. 1, 2020, that it has already made substantial progress toward adoption.</p><p>The final rule states that to obtain exemption, voice service providers must, by Dec. 1:</p><ul><li>Adopt the STIR/SHAKEN authentication framework for calls on the Internet Protocol networks of the voice service provider, by completing the network preparations necessary to deploy the STIR/SHAKEN protocols on its network, including but not limited to participation in test beds and lab testing, or completion of commensurate network adjustments to enable the authentication and validation of calls on its network consistent with the STIR/SHAKEN framework;</li><li>Agree voluntarily to participate with other voice service providers in the STIR/SHAKEN authentication framework;</li><li>Begin to implement the STIR/SHAKEN authentication framework by completing the necessary network upgrades to at least one network element—e.g., a single switch or session border controller—to enable the authentication and verification of caller identification information consistent with the STIR/SHAKEN standards; and</li><li>Be capable of fully implementing the STIR/SHAKEN authentication framework not later than June 30, 2021, which it may only determine if it reasonably foresees that it will have completed all necessary network upgrades to its network infrastructure to enable the authentication and verification of caller identification information for all Session Initiation Protocol (SIP) calls exchanged with STIR/SHAKEN-enabled partners by June 30, 2021.</li></ul><p>The FCC adopted the new rule on implementation of STIR/SHAKEN in September, ACA International previously reported. The rule approved by the FCC Sept. 29 is part of a second report and order titled ::quot::Promoting Caller ID Authentication to Combat Spoofed Robocalls .</p><p>The report and order are part of the FCC&rsquo;s work to implement the TRACED Act and promote the deployment of caller ID authentication technology to combat spoofed robocalls.</p><p>ACA is reviewing the rule and will provide an update on the components that take effect in December.</p><p></p>"
  },
  "date": "2020-11-18T10:21:00-06:00",
  "featured": false,
  "headline": "FCC Issues Final Rule on Caller ID Authentication",
  "id": "1605694860",
  "imageFilename": "fcc-caller-id-authentication-904x712",
  "slug":"fcc-issues-final-rule-on-caller-id-authentication",
  "sourceName": "ACA International",
  "sourceArticleUrl": "https://www.acainternational.org/news/fcc-final-rule-caller-id-authentication-traced-act-robocalls-stir-shaken",
  "tags": ["Caller-ID Spoofing"]
},
{
  "content": {
    "html": "<p>IRVINE, Calif., Nov. 10, 2020 /PRNewswire/ -- Americans received over 4.25 billion robocalls in October, an approximately 12% increase from September. In October, robocalls averaged 137.2 million calls/day or roughly 1,588 calls/second, up 8% from 126.9 million calls/day and 1,469 calls/second in September. There have been just over 38 billion robocalls so far in the first 10 months of the year, a pace that suggests a yearly total of around 46 billion robocalls, down from almost 58.5 billion robocalls last year.</p><p>These latest monthly figures come from YouMail, a robocall blocking app and call protection service for mobile phones.</p><p>“Robocalls have continued to grow steadily as the economy recovers,” said YouMail CEO Alex Quilici. “Unfortunately, if they continue this pace, they will have returned to pre-pandemic levels in the before the end of the year.”</p><p>Robocall Categories Saw Spam and Telemarketing Increase Materially</p><p>In October, there were nearly 2.6 billion scam and telemarketing calls combined, accounting for over 62% of the month&rsquo;s total robocall volume. There were nearly as many of these calls in October as there were all types of robocalls in April.</p><figure><table><tbody><tr><td>Type ofRobocall</td><td>Estimated OctoberRobocalls</td><td>Percentage October Robocalls</td></tr><tr><td>Scams</td><td>2.07 billion (+14%).</td><td>50% (+2%)</td></tr><tr><td>Alerts and Reminders</td><td>1.01 billion (+3%)</td><td>24% (-2%)</td></tr><tr><td>Payment Reminders</td><td>.57 billion (+6%)</td><td>14% (flat)</td></tr><tr><td>Telemarketing</td><td>.52 billion (+11%)</td><td>12% (flat)</td></tr></tbody></table></figure><p>Top Illegal Robocalls in October 2020</p><p>In October, Car Warranty Scams, Health-Related Scams, and Government Imposter scams each had over 100 million illegal robocalls, with Car Warranty Scams growing nearly 50% month over month.</p><figure><table><tbody><tr><td>Rank</td><td>Type of Scam</td><td>Estimated October Robocalls</td><td>Summary of Scam</td></tr><tr><td>1</td><td>Warranty Scams</td><td>356 million</td><td>Scam payments/illegal solicitations</td></tr><tr><td>2</td><td>Health-Related Scams</td><td>235 million</td><td>Identity theft/scam payments/illegal solicitations</td></tr><tr><td>3</td><td>Gov&rsquo;t. Imposter Scams</td><td>122 million</td><td>Identify theft/scam payments</td></tr></tbody></table></figure><p>“Winners” in October 2020</p><p>The cities, area codes and states with the highest volumes of robocalls in October were similar to what we&rsquo;ve seen over the past few months. Interestingly, while Washington DC remains the city with the most robocalls/person with over 36, Macon, Georgia was a close second with just under 32, and Baton Rouge, Louisiana was third with over 28/person.</p><figure><table><tbody><tr><td>City with the Most Robocalls:</td><td>Atlanta, GA (167 million, +16%)</td></tr><tr><td>City with the Most Robocalls/Person:</td><td>Washington, D.C. (36.2/person, +9%)</td></tr><tr><td>Area Code with the Most Robocalls:</td><td>404 in Atlanta, GA (72 million, +13%)</td></tr><tr><td>Area Code with the Most Robocalls/Person:</td><td>404 in Atlanta, GA (55.9/person, +13%)</td></tr><tr><td>State with the Most Robocalls:</td><td>Texas (484.8 million, +12%)</td></tr><tr><td>State with the Most Robocalls/Person:</td><td>South Carolina (23.6, +10%)</td></tr></tbody></table></figure>"
  },
  "date": "2020-11-11T09:52:00-06:00",
  "featured": false,
  "headline": "Over 4.25 Billion Robocalls in October Mark Nearly 12% Monthly Increase",
  "id": "1605088320",
  "imageFilename": "nov-2020-robocalls-report-904x712",
  "slug":"over-4-25-billion-robocalls-in-october-mark-nearly-12-monthly-increase",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/over-4-25-billion-robocalls-in-october-mark-nearly-12-monthly-increase-says-youmail-robocall-index-301169783.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>As the world of AI and deepfake technology grows more complex, the risk that deepfakes pose to firms and individuals grows increasingly potent. This growing sophistication of the latest software and algorithms has allowed malicious hackers, scammers and cyber criminals who work tirelessly behind the scenes to stay one step ahead of the authorities, making the threat of attacks increasingly difficult to both prepare for and defend against.</p><p>Most readers probably believe they&rsquo;re more or less familiar with the nature of traditional cyber attacks that involve system hacking, viruses and ransomware. However, the realm of cyber crime took a vast leap forward in 2019 when the CEO of a UK-based energy firm fell victim to a scam built upon a phone call using deepfake audio technology.</p><p>Believing he was speaking to his boss, the CEO victim sent almost $250k as a result of being told to do so by a AI-generated deepfake audio file. In the aftermath, some cybersecurity experts have been left wondering whether deepfake audio technology represents the next major security concern, and the wider world is left scrambling for ways to spot this looming threat.</p><h3>Voice Cloning and AI Audio: A New Frontier For Cybercrime</h3><p>The audio deepfake scam is, without a doubt, one of the more bizarre applications of deepfake technology. However, as we&rsquo;ve seen, it&rsquo;s one which can clearly be applied successfully ­– so successfully and convincingly, in fact, that the CEO who fell victim to the cyberattack stated on the record that he recognized his boss&rsquo;s voice by its &lsquo;slight German accent&rsquo; and &lsquo;melodic lilt.&rsquo; Furthermore, by all accounts, the cybercriminals&rsquo; tech is becoming more difficult to detect by the month.</p><p>Sophisticated technology aside, the process behind the construction of audio deepfakes is a surprisingly simple one. Hackers have tweaked machine learning technology in such a way as to clone an individual&rsquo;s voice, usually by utilizing spyware and devices that allow the cyber attacker to gather several hours of recordings of their victim speaking. The more data they are able to collect – and the better the quality of the recordings – the more accurate and potentially harmful the voice clone will be in practice.</p><p>Once a voice model has been created, the malicious hacker&rsquo;s AI gets to work &lsquo;learning&rsquo; how to mimic the target. The AI will use what are known as generative adversarial networks (GAN), systems which continuously compete against one another through which one creates a fake and the other attempts to identify its flaws. With each new attempt, the AI is able to exponentially improve upon itself. This process continues until a reliable mimic is achieved and often succeeds after analyzing as few as twenty minutes of recordings.</p><p>Worryingly for many executives (most notably those at large firms), such recordings are woefully easy to gather. Speeches are recorded online and shared via social media, while phone calls, interviews and everyday conversations are relatively simple to gain access to. With enough data in the bank, the level of accuracy achieved by audio deepfake files is as impressive as it is a truly frightening prospect, and the criminals are able to get the deepfake to say whatever it is they want it to.</p><p>At present, many of the recorded examples of deepfake audio scams have been those which were ultimately unsuccessful in their aims. However, when one considers that the 2019 attempted coup in Gabon is believed to have been triggered by a deepfake audio call, it becomes devastatingly clear how impactful this technology can be.</p><h3>Next-Level Phishing Meets Next-Gen Security</h3><p>Regular, non-deepfake based phishing scams remain remarkably popular and successful, with as many as 85% of organizations finding themselves targeted. However, one of the key reasons why voice phishers present such a potent threat to the big-monied world of corporate security is because deepfake audio hackers are able to circumvent that most fabled of cybersecurity protections: the corporate VPN.</p><p>Your computer network can be protected against the majority of sophisticated malware and viruses, and VPN software is consistently updated to look out for new concerns and virus types. AI-generated phone calls, however, depend solely upon human error, gullibility, and trust… and that&rsquo;s what makes them potentially so dangerous.</p><p>When one considers that even the smart phones we keep perma-clutched in our hands are nowhere near as secure as we believe, it isn&rsquo;t difficult to see a multitude of ways in which cyber criminals can penetrate our defenses. It stands to reason, therefore, that the answer to defending our privacy and vulnerabilities from deepfake audio may come in the form of AI solutions specifically formulated to root it out.</p><p>Scientists are working on complex and far-reaching algorithms that have the capacity to learn human speech patterns and peculiarities and that can be used to detect deepfake audio tracks.</p><p>By seeking out &lsquo;deformities&rsquo; in speech and automatically comparing the recordings with authentic speech files, they&rsquo;ll be included in anti-voice cloning security devices that are likely to become widespread in the coming years. Essentially, the security systems of the very near future will be advanced imitations of the same AI tools which malicious hackers are using in their attempts to defraud their victims.</p><p>Experts are also keen to highlight practical steps that we can all undertake to protect ourselves from deepfake audio scams. One of the easiest – and most effective – ways to identify a deepfake scam is to simply hang up your phone and call the number back. The majority of deepfake scams are carried out with the use of a burner VOIP account, set up to contact targets on the hackers&rsquo; behalf. By calling back, victims should be able to figure out straight away whether or not they were talking to a real person.</p><h3>Deepfake Audio Scams: A Very Real Threat on the Horizon</h3><p>At present, deepfake audio scams are seemingly few and far between, with the technology simply not widespread enough for them to be a far-reaching concern for the majority of professionals and private individuals. This is, of course, likely to change in the near future. AI advancements evolve at an eye-watering rate, and the tech which makes deepfaking possible is becoming more accessible and easier to use.</p><p>While private security systems and international efforts to tackle cybercrime are quickly catching up with malicious hackers, they are a creative bunch who will never stop searching for ways to move one step ahead. With that in mind, the best advice is to remain vigilant and prepared, as deepfake audio scams could very much become the next big issue for cybersecurity to deal with.</p>"
  },
  "date": "2020-11-09T08:20:32-06:00",
  "featured": false,
  "headline": "Deepfake Voice Technology Iterates on Old Phishing Strategies",
  "id": "1604910032",
  "imageFilename": "voice-deepfake-904x712",
  "slug":"deepfake-voice-technology-iterates-on-old-phishing-strategies",
  "sourceName": "The State of Security",
  "sourceArticleUrl": "https://www.tripwire.com/state-of-security/featured/deepfake-voice-technology-phishing-strategies/",
  "tags": ["Deepfake", "Phishing", "Vishing", "Voice Security"]
},
{
  "content": {
    "html": "<p>Two young men from the eastern United States have been hit with identity theft and conspiracy charges for allegedly stealing bitcoin and social media accounts by tricking employees at wireless phone companies into giving away credentials needed to remotely access and modify customer account information.</p><p>Prosecutors say Jordan K. Milleson, 21 of Timonium, Md. and 19-year-old Kingston, Pa. resident Kyell A. Bryan hijacked social media and bitcoin accounts using a mix of voice phishing or “vishing” attacks and “SIM swapping,” a form of fraud that involves bribing or tricking employees at mobile phone companies.</p><p>Investigators allege the duo set up phishing websites that mimicked legitimate employee portals belonging to wireless providers, and then emailed and/or called employees at these providers in a bid to trick them into logging in at these fake portals.</p><p>According to the indictment (PDF), Milleson and Bryan used their phished access to wireless company employee tools to reassign the subscriber identity module (SIM) tied to a target&rsquo;s mobile device. A SIM card is a small, removable smart chip in mobile phones that links the device to the customer&rsquo;s phone number, and their purloined access to employee tools meant they could reassign any customer&rsquo;s phone number to a SIM card in a mobile device they controlled.</p><p>That allowed them to seize control over a target&rsquo;s incoming phone calls and text messages, which were used to reset the password for email, social media and cryptocurrency accounts tied to those numbers.</p><p>Interestingly, the conspiracy appears to have unraveled over a business dispute between the two men. Prosecutors say on June 26, 2019, “Bryan called the Baltimore County Police Department and falsely reported that he, purporting to be a resident of the Milleson family residence, had shot his father at the residence.”</p><p>“During the call, Bryan, posing as the purported shooter, threatened to shoot himself and to shoot at police officers if they attempted to confront him,” reads a statement from the U.S. Attorney&rsquo;s Office for the District of Maryland. “The call was a &lsquo;swatting&rsquo; attack, a criminal harassment tactic in which a person places a false call to authorities that will trigger a police or special weapons and tactics (SWAT) team response — thereby causing a life-threatening situation.”</p><p>The indictment alleges Bryan swatted his alleged partner in retaliation for Milleson failing to share the proceeds of a digital currency theft. Milleson and Bryan are facing charges of wire fraud, unauthorized access to protected computers, aggravated identity theft and wire fraud conspiracy.</p><p>The indictment doesn&rsquo;t specify the wireless companies targeted by the phishing and vishing schemes, but sources close to the investigation tell KrebsOnSecurity the two men were active members of OGusers, an online forum that caters to people selling access to hijacked social media accounts.</p><p>Bryan allegedly used the nickname “Champagne” on OGusers. On at least two occasions in the past few years, the OGusers forum was hacked and its user database — including private messages between forum members — were posted online. In a private message dated Nov. 15, 2019, Champagne can be seen asking another OGusers member to create a phishing site mimicking T-Mobile&rsquo;s employee login page (t-mobileupdates[.]com).</p><p>Sources tell KrebsOnSecurity the two men are part of a larger conspiracy involving individuals from the United States and United Kingdom who&rsquo;ve used vishing and phishing to trick work-at-home employees into giving away credentials needed to remotely access their employers&rsquo; networks.</p>"
  },
  "date": "2020-11-08T06:09:32-06:00",
  "featured": false,
  "headline": "Two Charged in SIM Swapping, Vishing Scams",
  "id": "1604815772",
  "imageFilename": "sim-swapping-vishing-scam",
  "slug":"two-charged-in-sim-swapping-vishing-scams",
  "sourceName": "Krebs on Security",
  "sourceArticleUrl": "https://krebsonsecurity.com/2020/11/two-charged-in-sim-swapping-vishing-scams/",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>Widespread VoIP hack is costing businesses thousands of dollars</p><p>Security researchers at Check Point have discovered a huge cyber-fraud operation targeting VoIP phone systems worldwide. Hackers based in Gaza, the West Bank and Egypt are targeting servers used by more than 1,200 organizations based across over 60 countries. According to researchers, more than half of the targets are located in the UK.</p><p>Hackers have managed to exploit vulnerabilities found within two popular VoIP systems: Sangoma and Asterisk. Once they infiltrate the system, they generate huge sums of money by forcing systems to call premium numbers that they own or by selling auto-generated calls.</p><p>In addition, it appears that the hackers have created a community across various social networks to share resources and advice regarding vulnerable systems. They have also been known to sell live access to compromised VoIP platforms, creating another route to monetization.</p><h2>Wrong number</h2><p>“This cyber fraud operation is a quick way to make large sums of money,” said Derek Middlemiss, Security Evangelist for the EMEA region at Check Point. </p><p>“More broadly, we&rsquo;re seeing a widespread phenomenon of hackers using social media to scale the hacking and monetization of VoIP systems this year. Hackers are creating dedicated social media groups to share insights, technical know-how and advertise their conquests. This is how these hackers from Gaza, West Bank and Egypt were able to organize themselves to scale a global cyber fraud operation. I expect this phenomenon to continue into 2021.”</p><p>Aside from the UK, the other top targets for the hackers were the Netherlands, Belgium, the USA and Colombia. In total, Check Point has documented more than 10,000 VoIP attacks since the start of 2020.</p><p>Businesses that use VoIP communications are advised to make sure that their systems have the latest security patches installed, regularly analyze their call billings, maintain a robust password policy and implement an intrusion prevention system.</p>"
  },
  "date": "2020-11-06T14:46:45-06:00",
  "featured": false,
  "headline": "VoIP Business Phone System Hack Hits Over a Thousand Businesses",
  "id": "1604674005",
  "imageFilename": "voip-hack-904x712",
  "slug":"voip-business-phone-system-hack-hits-over-a-thousand-businesses",
  "sourceName": "Tech Radar",
  "sourceArticleUrl": "https://www.techradar.com/news/voip-business-phone-system-hack-hits-over-a-thousand-businesses",
  "tags": ["Hackers", "Voice Security", "VoIP Security"]
},
{
  "content": {
    "html": "<p>The Federal Communications Commission has voted to overhaul reimbursement for routing toll-free numbers, its latest move cracking down on fraud in the phone network compensation system.</p><p>An Oct. 7 order released Friday transitions most phone network charges for toll-free calls to a “bill-and-keep system,” in which carriers are paid by subscribers for routing the calls, not other carriers.</p><p>The order is aimed at stopping bad actors who have taken advantage of the legacy compensation system by flooding phone networks with robocalls to receive inflated payments from phone companies.</p><p>“The gravy train is over,” FCC Chairman Ajit Pai said in a...</p>"
  },
  "date": "2020-11-05T14:54:00-06:00",
  "featured": false,
  "headline": "FCC Moves to Crack Down on Gaming of Toll-Free Call Charges",
  "id": "1604588040",
  "imageFilename": "fcc-toll-fraud-904x712",
  "slug":"fcc-moves-to-crack-down-on-gaming-of-toll-free-call-charges",
  "sourceName": "Bloomberg",
  "sourceArticleUrl": "https://news.bloomberglaw.com/tech-and-telecom-law/fcc-moves-to-crack-down-on-gaming-of-toll-free-call-charges",
  "tags": ["Toll Fraud & Call Pumping"]
},
{
  "content": {
    "html": "<h3>A Department of Homeland Security official said the FBI was investigating the call, which, along with new robotexts that surfaced in Michigan, prompted warnings about misinformation</h3><p>A wave of suspicious robocalls and texts bombarded voters as they began to cast their ballots on Tuesday, sparking fresh concerns about the extent to which malicious actors might harness Americans&rsquo; smartphones to scare people from the polls.</p><p>Across the country, voters have received an estimated 10 million automated, spam calls in recent days telling them to “stay safe and stay home,” according to experts who track the telecom industry. In Michigan, government officials on Tuesday said they had witnessed additional attempts to deceive their state&rsquo;s voters in particular, including one robocall campaign targeting the city of Flint that inaccurately told people to vote tomorrow if they hoped to avoid long lines today.</p><p>The origins of the each of the calls and texts remain unclear, reflecting the sophisticated tactics that robocallers typically deploy in order to reach Americans en masse across a wide array of devices and services. State election officials have scrambled to reassure voters in response, with Michigan Gov. Gretchen Whitmer pledging Tuesday to “work quickly to stamp out misinformation.” The FBI also has opened an investigation into the Michigan robocalls, a Trump administration official said.</p><p>The reach and timing of the “stay home” calls similarly caught the attention of state and federal government leaders, including New York Attorney General Letitia James (D), who said she had already sent subpoenas to investigate the source of the intrusion. Data prepared for The Washington Post by YouMail, a tech company that offers a robocall-blocking app for smartphones, shows that the calls have reached 280 of the country&rsquo;s 317 area codes since the campaign began in the summer. The country&rsquo;s top telecom carriers believe the calls are foreign in origin.</p><p>While the robocall did not explicitly mention the 2020 presidential election or issues that might affect voters&rsquo; well-being, including the coronavirus pandemic, it still created the potential for widespread panic or confusion. And it illustrated lingering, worrisome vulnerabilities in the country&rsquo;s phone system, said Alex Quilici, YouMail&rsquo;s chief executive.AD</p><p>“If you wanted to cause havoc in America for the elections, one way to do it is clearly robocalling,” he said. “This whole thing is exposing [that] it can be very difficult to react quickly to a large calling volume campaign.”</p><p>When Zach McMullen received a call Monday telling him it was “time to stay home,” he assumed the warning was related to the coronavirus. His co-workers at an Atlanta bakery had received the same message, and they initially figured it was the city government enforcing its public health guidelines.</p><p>But the “robotic voice” gave McMullen pause, as did the second call — and then the third, and the fourth — delivering the same monotone message on the same day.</p><p>“I think they mean stay home and don&rsquo;t vote,” the 37-year-old concluded.</p><p>The torrent of calls illustrated the wide array of technologies that voters say are being used to convince and confuse them in the closing days of a dizzying presidential campaign. Four years after Russian agents exploited social media to spread divisive messages, Americans have come to expect similar efforts everywhere — including on their phones.AD</p><p>Robocalls long have represented a national scourge: Scammers contributed greatly to the 4 billion automated calls placed to Americans just last month, outwitting years of efforts by Washington regulators to crack down on the spam. But these tactics — dialing Americans en masse, sometimes illegally and without their consent — have taken on greater significance given the contentiousness of the 2020 presidential race. The same tools that have helped candidates and their allies reach their supporters properly also represent new avenues for falsehoods to spread widely and without much visibility.</p><p>“Election Day itself is the most vulnerable time for those kinds of suppressive efforts to really show up,” said Chris Deluzio, policy director at the University of Pittsburgh&rsquo;s Institute for Cyber Law, Policy, and Security.</p><p>On Tuesday morning, Michigan Attorney General Dana Nessel warned local voters about a suspicious calls and texts that sought to sow confusion about the voting process. One text said a “typographical error” meant that people who are “intending on voting for Joe Biden” instead had to select President Trump, and vice versa. The text, which Nessel&rsquo;s office shared with The Washington Post, attributed the information to the “Federal Berue [sic] of Investigation.”AD</p><p>“Dearborn voters, text messages are reportedly being sent to trick you into thinking there are ballot sensor issues,” Nessel tweeted. “Do not fall for it, it&rsquo;s a trick!”</p><p>A senior official at the Department of Homeland Security said Tuesday that the FBI is investigating the robocalls, operating through its “normal criminal process.” The official added that he&rsquo;d expect to see more such efforts, noting that prior elections have been occasions for similar tactics.</p><p>The Federal Communications Commission, which regulates the country&rsquo;s telecom giants, declined to say if it is probing the matter. AT&amp;T, Verizon and T-Mobile also did not respond to requests for comment. In New York, the state&rsquo;s attorney general pledged to hold perpetrators accountable “to the fullest extent of the law.”</p><p>“Attempts to hinder voters from exercising their right to cast their ballots are disheartening, disturbing, and wrong,” James said in a statement. “What&rsquo;s more is that it is illegal, and it will not be tolerated.”AD</p><p>The “stay home” robocall appears to have bombarded Americans since the summer, sometimes yielding a roughly estimated half-million calls each day, according to data collected by YouMail. They all feature the same short, recorded message: A computerized female voice says it is a “test call” before twice encouraging people to remain inside. The robocalls have come from a slew of fake or unknown numbers, peaked in October and affected some other countries as well.</p><p>USTelecom, a trade association for AT&amp;T, Verizon and other telecom giants, has sought to trace and combat the campaign in recent days, according to Brian Weiss, the group&rsquo;s spokesman. He said early evidence suggests that the calls are “possibly coming from Europe,” though they are sometimes routed through other foreign telecom providers.</p><p>The unidentified actor behind the robocall campaign also appears to have relied on additional sophisticated tactics to ensure that the companies behind the country&rsquo;s phone systems could not easily stop it, according to USTelecom and other robocall experts. That includes cycling through phone numbers, often using a number similar to the one owned by the person they are trying to dial, a practice known as spoofing.AD</p><p>Unlike most robocall scams, which seek to swindle Americans into returning the calls and surrendering sensitive information, the “stay home” campaign also has raised suspicions because the calls include no such effort.</p><p>“They&rsquo;re usually threatening you to provide your Social Security number or something will happen to you,” said Giulia Porter, the vice president of marketing at TelTech, which owns the smartphone blocking app RoboKiller. “From this robocall, we can&rsquo;t see anything that is indicating they&rsquo;re actually trying to get something from you.”</p><p>The nature of the message raised alarms Tuesday with some state election officials, who sought to reassure local voters that their local polling places are safe. “Our voters and our poll workers will be kept safe,” said Robert Evnen, the secretary of state for Nebraska, in a tweet warning people about the robocall.AD</p><p>The concerns that they expressed — that it might succeed in turning people off from voting — reflect long-standing fears that the pandemic could undermine participation in the 2020 election. Numerous states have expanded opportunities to vote by mail in response to safety concerns, and election administrators have taken pains to retrofit in-person voting for the coronavirus, supplying hand sanitizer and other safeguards.</p><p>“My reaction was this is likely an attempt to get people not to vote,” said Kevin Porman, a 40-year-old living outside Indianapolis.</p><p>For some recipients, there was no risk of that.</p><p>Laurie Chiambalero, a nurse in Philadelphia who has a Boston area code, said she answered the call out of a belief that it might be a friendly public health reminder.</p><p>“But when I got it a second time,” she said, “it really felt like it was telling me to stay indoors the next few days because of the election.”</p><p>Chiambalero, however, said she&rsquo;d already cast her ballot. “They&rsquo;re not intimidating me,” she announced.Updated November 3, 2020</p>"
  },
  "date": "2020-11-04T09:13:39-06:00",
  "featured": false,
  "headline": "Suspicious robocall campaign warning people to ‘stay home’ spooks voters nationwide",
  "id": "1604481219",
  "imageFilename": "captial-dome-904x712",
  "slug":"suspicious-robocall-campaign-warning-people-to-stay-home-spooks-voters-nationwide",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://www.washingtonpost.com/technology/2020/11/03/robocall-election-day/",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>On Tuesday the Federal Communications Commission (FCC) announced that it fined Affordable Enterprises of Arizona $37.5 million for making at least 2.3 million illegal spoofed telemarketing calls in a 14-month period starting in 2016 in violation of the Truth in Caller ID Act.</p><p>According to the FCC, the company either used unassigned phone numbers or phone numbers that in most cases “belonged to innocent Arizona consumers and placed them in the caller ID of their telemarketing calls.” As a result of this purported conduct, Affordable Enterprises of Arizona “was able to appear to be calling from local phone numbers and to avoid receiving angry callbacks when making spoofed telemarketing calls to sell home improvement and remodeling services.” Moreover, the FCC stated that the caller ID was manipulated to appear to come from a number not connected to the company. Additionally, calls also came from pre-paid “burner phones. Regardless, Affordable Enterprises of Arizona allegedly spoofed the caller ID, so consumers were not able to correctly identify the caller.</p><p>The FCC claimed that one Arizona resident ”received more than five calls per day on her cell phone from consumers complaining about telemarketing calls they thought she had made.“ In reality, the FCC averred that records indicate that the company made spoofed calls and made it look like the calls were coming from this Arizonan&rsquo;s phone number. The FCC stated that this conduct harms consumers – both receiving the spoofed calls and those whose numbers are spoofed.</p><p>The FCC&rsquo;s Enforcement Bureau investigated the company after a tip from a former Affordable Enterprises of Arizona employee; the FCC relied on subpoenaed phone records and consumer complaints. The FCC rejected the company&rsquo;s defense as to why the Commission should not impose a forfeiture on it. Specifically, the company alleged that it did not know that its caller ID information was misleading or inaccurate, but the FCC noted that the facts suggested otherwise, indicating that the company knew and made a concerted effort to not have the company name on the caller ID. Subsequently, Affordable Enterprises of Arizona is accused of violating the Truth in Caller ID Act, which ”prohibits anyone from transmitting misleading or inaccurate caller ID information with the intent to defraud, cause harm or wrongly obtain anything of value.“</p><p>Chairman Pai noted that ”Today, we continue our full court press to combat unwanted and unlawful spoofed telemarketing calls.“ The Chairman added that while the company ”seeks a slap on the wrist“ and argued that its penalty should only be $3,752.50, which is ”0.01% of the proposed forfeiture.“ Chairman Pai stated that ”[t]he facts, Commission precedent, and statutory guidelines warrant a $37,525,000 penalty.::quot::</p><p>Chairman Pai and Commissioners Carr, Rosenworcel, and Starks approved this enforcement and forfeiture. Commissioner O&rsquo;Rielly approved and dissented in part.</p><p>This specific forfeiture order example comes after the FCC has taken widespread measures to combat spoofed calls, for example, in September the Commission adopted more rules to combat illegal robocalls relying on the STIR/SHAKEN caller ID framework and implementing the TRACED Act. Additionally, in April the FCC required phone companies to combat spoofed calls.</p>"
  },
  "date": "2020-10-27T05:34:00-05:00",
  "featured": false,
  "headline": "FCC Fines Company $37.5M For Spoofing Calls",
  "id": "1603776840",
  "imageFilename": "FCC-fines-company-for-spoofing-904x712",
  "slug":"fcc-fines-company-37-5m-for-spoofing-calls",
  "sourceName": "Law Street",
  "sourceArticleUrl": "https://lawstreetmedia.com/tech/fcc-fines-company-37-5m-for-spoofing-calls/",
  "tags": ["Spoofing"]
},
{
  "content": {
    "html": "<p>NEW YORK, Oct. 27, 2020 /PRNewswire/ -- Politics aside, one thing that nearly all Americans can agree on is that robocalls are the worst. So far this year, Americans have received an estimated 9.4 <em>billion</em> political robocalls, according to robocall blocking service Nomorobo.</p><p>“Political robocalls are out of control. 9.4 billion is a gigantic number,” says Aaron Foss, Nomorobo&rsquo;s founder. “That means that every person in the U.S. received over 28 robocalls from politicians and their campaigns this year. And the election is still a full week away.”</p><p>Are Robocalls Spreading Misinformation and Suppressing Voter Turnout?</p><p>Absolutely. One such robocall fraudulently gave a laundry list of ways that the database of mail-in voters would be used: by police to find people with outstanding warrants, by credit card companies to collect debts, and by the CDC to give “mandatory” vaccines. Robocalls like this one are clear attempts to persuade voters and influence the election.</p><p>In early September, Nomorobo immediately blocked this attempt to influence the election and helped the Michigan Attorney General&rsquo;s office to track down the responsible parties.</p><p>Swing States Are Receiving the Most Political Robocalls</p><p>While all states are being saturated with political robocalls, the battleground states and those that offer early voting have been getting special attention. California, Texas and Florida have garnered millions more political robocalls compared to other states.</p><p>Here is a chart of the top 15 states that have received the most political robocalls in 2020:</p><figure ><table><tbody><tr><td>State</td><td>Calls Estimated Across US</td></tr><tr><td>CA</td><td>1,167,911,000</td></tr><tr><td>TX</td><td>732,285,250</td></tr><tr><td>FL</td><td>612,226,750</td></tr><tr><td>NC</td><td>583,297,750</td></tr><tr><td>NY</td><td>531,345,000</td></tr><tr><td>PA</td><td>503,354,250</td></tr><tr><td>OH</td><td>481,121,500</td></tr><tr><td>MA</td><td>334,598,000</td></tr><tr><td>AZ</td><td>310,304,500</td></tr><tr><td>VA</td><td>307,155,500</td></tr><tr><td>GA</td><td>306,166,750</td></tr><tr><td>MI</td><td>293,974,000</td></tr><tr><td>WI</td><td>253,253,500</td></tr><tr><td>CO</td><td>245,712,750</td></tr><tr><td>NJ</td><td>234,963,000</td></tr></tbody></table></figure><p>“Even though many types of robocalls are illegal, political robocalls are exempt from most anti-robocall laws,” said Foss. “Even carrier-provided robocall blocking products won&rsquo;t stop these types of calls – but this doesn&rsquo;t mean that American citizens should have to put up with fraudulent or misleading information.”</p>"
  },
  "date": "2020-10-26T05:59:00-05:00",
  "featured": false,
  "headline": "Americans Bombarded by 9.4 Billion Political Robocalls This Year",
  "id": "1603691940",
  "imageFilename": "political-robocalls-904x712",
  "slug":"americans-bombarded-by-9-4-billion-political-robocalls-this-year",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/americans-bombarded-by-9-4-billion-political-robocalls-this-year-says-nomorobo-report-301160197.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>Internet service providers are seeing a spike in Voice-over Internet Protocol (VoIP) usage driven by the increased adoption of working from home during the COVID-19 pandemic. This has been reported by many companies in the space including Comcast, which has said that VoIP and video conferencing usage is up 210-285 percent since the start of the pandemic. With this in mind, it&rsquo;s important to remember that whether VoIP systems are maintained internally or outsourced to a third-party vendor, they remain an extension of organizations&rsquo; attack surface that can fall victim to attackers.</p><p>VoIP systems are vulnerable to many threats including denial-of-service, metadata theft, traffic interception, and premium number scams. Threat actors can also use an insecure VoIP system as an entry point to compromise more sensitive networks or to divert attention from malicious activity elsewhere. Despite these vulnerabilities, VoIP systems do not typically receive much attention from IT departments. These systems often retain default or shared credentials and they may be overlooked when searching for and fixing vulnerabilities. So even though VoIP infrastructure plays a key role in business operations, the issue for many enterprises remains whether they would notice VoIP malware at all.</p><p>Mandiant Threat Intelligence often finds adversaries attempting to gain access to VoIP administrator user accounts through stolen or brute-forced credentials. These credential collection tools are widely accessible, meaning actors without sophisticated development expertise can compromise VoIP infrastructure. Given the breadth of activity facilitated by VoIP compromise, network defenders should consider the following possible outcomes for attackers.</p><p><em>Metadata Targeting and Voicemail Theft</em></p><p>VoIP calling systems generate voice recordings and related metadata that is sought after by espionage- and financially motivated actors. In September 2020, ESET researchers discovered a new and rare piece of Linux malware dubbed “CDRThief” being used in attacks targeting VoIP telephony switches in campaigns designed to steal call metadata. In August 2019, Microsoft reported APT28 attempting to compromise VoIP-based phone systems as well as other Internet of Things devices. Mandiant Threat Intelligence observed threat activity we believe used FINSPY variants capable of capturing VoIP file recording, and in a separate campaign, espionage actors sent a phishing email that included a legitimate voicemail message, possibly stolen from a corporate VoIP service.</p><p><em>Premium Number Fraud </em></p><p>&lsquo;Call pumping&rsquo; scams are one of the most common threats to companies from compromised VoIP systems. The Communications Fraud Control Association recently estimated the losses associated with premium number fraud, or International Revenue Share Fraud (IRSF), to be between $4 billion and $6.1 billion. The scheme involves making calls from compromised phone systems to phone numbers that bill callers. The actor registers a premium call number, often overseas to charge higher rates, where they receive a cut of the charges. They then will have compromised phone systems call these premium numbers, running up charges on the victim&rsquo;s account.</p><p>These scams can cost affected companies millions of dollars in illegitimate premium number charges in a short period, making it attractive to cybercrime actors. The malicious actors will often choose premium number services that bill and pay out on a weekly schedule, while most phone companies bill monthly. This way the actor can run up significant charges before the fraud is discovered.</p><p><em>Telephony Denial-of-Service </em></p><p>VoIP phone systems are vulnerable to telephony denial-of-service (TDoS) attacks, where a large number of illegitimate calls prevents legitimate calls from going through. VoIP systems are also potentially vulnerable to denial-of-service conditions from additional vectors, including being flooded with “invite” requests, “goodbye,” or “unavailable” messages or similar flooding attacks. This technique is high-volume and hard to miss, which can be advantageous for attackers—these systems can be used as diversionary measures to burden network defenders while other fraud activity is taking place.</p><p><em>Call Manipulation</em></p><p>A successful man-in-the-middle (MitM) attack that enables call manipulation could be used to facilitate almost any phone-based social engineering activity, including vishing (voice-based phishing) or bypassing phone-based authentication methods. For example, if a malicious actor compromised a bank&rsquo;s phone system, they could redirect incoming calls from customers to instead connect to attacker-controlled infrastructure and, under the guise of verifying the customer&rsquo;s identity, compromise their account. A malicious actor could also redirect a call from a financial institution to a customer attempting to confirm a transaction and impersonate the customer to confirm the transaction.</p><p><em>Extortion: The Future of VoIP Abuse?</em></p><p>The compromise of VoIP infrastructure can provide actors with access to sensitive corporate information and empower them to drive denial-of-service conditions. Actors have historically used this to fuel extortion attacks, as seen with the adoption of public data disclosure websites for victims of ransomware. Even the theft of large volumes of call data may be more susceptible to extortion as automated transcription and processing of audio files could help actors identify sensitive business data quicker.</p><p><em>Mitigation Considerations</em></p><p>The biggest step an enterprise can take to mitigate risks for VoIP is to seriously consider VoIP infrastructure as part of the attack surface, regardless of whether it is managed internally or by a third-party. Simply put, VoIP infrastructure is an extension of IT infrastructure, and as such it demands monitoring, maintenance and auditing like any other area. Here are some tips on how to protect VoIP networks:</p><ul><li>Firmware for VoIP phones and infrastructure should be patched regularly, and passwords should be changed from the default.</li><li>Multifactor authentication should be required to access VoIP accounts, especially those with administrative privileges.</li><li>Calls to international or premium numbers can be restricted to defeat call pumping schemes, and elements such as duration, frequency and time placed should be monitored for outliers and patterns of abuse.</li><li>Having VoIP phones run on a separate network can prevent a compromised phone from exposing data sent over the network or providing access to other machines on the network.</li><li>Organizations should have a plan for communication methods in the event VoIP systems are unavailable—either through TDoS activity or other denial-of-service scenarios such as ransomware or destructive malware.</li></ul><p>The pandemic has caused more employees to work from home than ever before. This scenario has driven VoIP usage upwards during the pandemic and provided a reminder of how reliant most of us are on global connectivity. Malicious actors can, and will, seize upon this dependency to damage business operations, distract from the incident response work of security teams, and profit from fraud. Organizations cannot afford to leave VoIP infrastructure out of their defensive operations.</p>"
  },
  "date": "2020-10-23T05:50:00-05:00",
  "featured": false,
  "headline": "Threats Targeting VoIP Networks As Usage Surges During Pandemic",
  "id": "1603432200",
  "imageFilename": "voip-security-threats-904x712",
  "slug":"threats-targeting-voip-networks-as-usage-surges-during-pandemic",
  "sourceName": "Information Security Buzz",
  "sourceArticleUrl": "https://www.informationsecuritybuzz.com/articles/threats-targeting-voip-networks-as-usage-surges-during-pandemic/",
  "tags": ["Hackers", "TDoS", "Toll Fraud & Call Pumping", "VoIP Security"]
},
{
  "content": {
    "html": "<h3>Robocall Volumes Slowly Increase From Their Lows During the Spring Quarantine</h3><hr /><p>Americans received just over 3.8 billion robocalls in September, an approximately 4% increase from August. In September, robocalls averaged 126.9 million calls/day or roughly 1,469 calls/second, up 7% from 118.3 million calls/day and 1,370 calls/second in August. There have been just over 33.9 billion robocalls so far in the first 9 months of the year, a pace that indicates a projected yearly total of around 50 billion robocalls, down from almost 58.5 billion robocalls last year.</p><p>These latest monthly figures come from YouMail, a robocall blocking app and call protection service for mobile phones.</p><p>“Robocalls continue to grow more slowly than we expected as the world reopens,” said YouMail CEO Alex Quilici. “The issue is that if the rate of calls per day keeps growing at 5% to 10% per month, robocalls will become a more and more noticeable problem throughout the rest of the year.”</p><p>Robocall Categories Were Similar in September</p><p>The breakdown of categories was similar in September compared to August. Scams and telemarketing together continue to be a big headache, with roughly 2.3 billion calls between them and comprising roughly 60% of the month&rsquo;s total robocall volume.</p><figure><table><tbody><tr><td>Type ofRobocall</td><td>Estimated SeptemberRobocalls</td><td>Percentage September Robocalls</td></tr><tr><td>Scams</td><td>1.8 billion (+5%).</td><td>48% (+2%)</td></tr><tr><td>Alerts and Reminders</td><td>.98 billion (+3%)</td><td>26% (+0%)</td></tr><tr><td>Payment Reminders</td><td>.54 billion (flat)</td><td>14% (-1%)</td></tr><tr><td>Telemarketing</td><td>.47 billion (-5%)</td><td>12% (-1%)</td></tr></tbody></table></figure><p>Top Illegal Robocalls in September 2020</p><p>In September, Car Warranty Scam calls remained the most frequently made illegal robocall type for the third consecutive month, while Medical Scams continued to represent the next most frequent category of illegal robocalls. The month also saw a third type of scam gain significant traction: government imposter scams from fraudsters pretending to be the Internal Revenue Service or Social Security Administration, or some other government agency calling.</p><figure><table><tbody><tr><td>Rank</td><td>Type of Scam</td><td>Estimated September Robocalls</td><td>Summary of Scam</td></tr><tr><td>1</td><td>Warranty Scams</td><td>244.2 million</td><td>Scam payments/illegal solicitations</td></tr><tr><td>2</td><td>Health-Related Scams</td><td>218.4 million</td><td>Identity theft/scam payments/illegal solicitations</td></tr><tr><td>3</td><td>Gov&rsquo;t. Imposter Scams</td><td>110.4 million</td><td>Identify theft/scam payments</td></tr></tbody></table></figure><p>“Winners” in September 2020</p><p>The cities, area codes and states with the highest volumes of robocalls in September were similar to what we&rsquo;ve seen the past few months. The main change is that South Carolina took over as the state with the most robocalls per person in the past month, replacing Louisiana.</p><figure><table><tbody><tr><td>City with the Most Robocalls:</td><td>Atlanta, GA (149.7 million, +2%)</td></tr><tr><td>City with the Most Robocalls/Person:</td><td>Washington, D.C. (33.3/person, -1%)</td></tr><tr><td>Area Code with the Most Robocalls:</td><td>404 in Atlanta, GA (63.0 million, +1%)</td></tr><tr><td>Area Code with the Most Robocalls/Person:</td><td>404 in Atlanta, GA (51.6/person, +1%)</td></tr><tr><td>State with the Most Robocalls:</td><td>Texas (432.8 million, +5%)</td></tr><tr><td>State with the Most Robocalls/Person:</td><td>South Carolina (21.5, +4%)</td></tr></tbody></table></figure>"
  },
  "date": "2020-10-12T06:16:00-05:00",
  "featured": false,
  "headline": "More Than 3.8 Billion Robocalls in September Mark 4% Monthly Increase",
  "id": "1602483360",
  "imageFilename": "september-robocalls-904x712",
  "slug":"more-than-3-8-billion-robocalls-in-september-mark-4-monthly-increase",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/more-than-3-8-billion-robocalls-in-september-mark-4-monthly-increase-says-youmail-robocall-index-301147569.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>The Department of Homeland Security&rsquo;s (DHS) Small Business Innovation Research (SBIR) Program has awarded $1.96 million to a pair of businesses to aid emergency communication network risk management assessments.</p><p>Orem, Utah-based Achilles Heel Technologies and SecureLogix, of San Antonio, Texas, were selected to participate in Phase II of the program based on demonstration of feasibility in Phase I for Network Modeling for Risk Assessment technology solutions.</p><p>During Phase II, each company is slated to continue its research and development efforts. Achilles Heel Technologies would further develop a software tool suite for holistic cyber risk management of Next-Generation 9-1-1 (NG9-1-1) systems. SecureLogix would continue developing a modeling tool aiding 9-1-1 decision makers in planning mitigations for Telephony Denial of Service (TDoS) attacks and support awareness and education demonstrations.</p><p>“There should never be any doubt that if you don&rsquo;t identify risks to your security operations, a bad actor will do it for you,” William N. Bryan, DHS senior official Performing the Duties of the Under Secretary for Science and Technology, said. “Through the DHS SBIR Program, we are able to develop innovative new tools that will help secure Next Generation 9-1-1 communication networks.”</p><p>Ann Cox, DHS S&amp;T SBIR topic manager, said supporting improvements to NG9-1-1 is one of the best uses of taxpayer dollars. It benefits the entire homeland security enterprise.</p><p>“Legacy 9-1-1 systems were not connected to the internet, and in some ways were less vulnerable than NG9-1-1,” she said. “Now, many new data types are accepted by NG9-1-1 centers, such as text, video, images, and even information directly from an automobile in the event of an accident. This modeling effort allows risk assessment for NG9-1-1 when there is not an emergency occurring, to allow for planning and training as needed.”</p>"
  },
  "date": "2020-10-02T08:48:00-05:00",
  "featured": false,
  "headline": "DHS Funds SecureLogix to Develop Risk Assessment Modeling Tool",
  "id": "1601628480",
  "imageFilename": "risk-assessment-modeling-tool-904x712",
  "slug":"dhs-funds-securelogix-to-develop-risk-assessment-modeling-tool",
  "sourceName": "Homeland Preparedness News",
  "sourceArticleUrl": "https://homelandprepnews.com/stories/56260-dhs-funds-risk-assessment-modeling-tool-development/",
  "tags": ["Homeland Security", "Risk Assessment Modeling"]
},
{
  "content": {
    "html": "<p>The rules approved in a report and order are part of the FCC&rsquo;s requirements to implement the TRACED Act.</p><p>The Federal Communications Commission has adopted new rules to further promote implementation of the STIR/SHAKEN caller ID authentication framework to protect consumers against malicious caller ID spoofing, according to a news release .</p><p>The FCC was slated to consider the rules at its meeting Sept. 30, but they were adopted before the scheduled teleconference and removed from the agenda .</p><p>In March, the FCC issued a report and order and further notice of proposed rulemaking on mandating adoption of STIR/SHAKEN by voice service providers and additional measures to combat spoofed calls, ACA International previously reported.</p><p>ACA and a group of industry trades filed comments on that order.</p><p>Most recently, in September, ACA and industry trade groups filed comments urging the regulator to ensure redress options are in place for businesses experiencing call blocking and labeling.</p><p>On Sept. 29, ACA and the industry trade groups also filed reply comments focusing on the FCC&rsquo;s legal obligation under the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act to establish a real-time notification requirement to adversely inform callers that their calls have been blocked or adversely labeled.</p><p>The rules approved by the FCC Sept. 29 are part of a second report and order titled “Promoting Caller ID Authentication to Combat Spoofed Robocalls .</p><p>The report and order are part of the FCC&rsquo;s work to implement the TRACED Act and promote the deployment of caller ID authentication technology to combat spoofed robocalls.</p><p>According to the FCC news release issued Sept. 29 :</p><p>”The new rules make clear the obligations and deadlines for voice service providers regarding caller ID authentication, advance the use of caller ID authentication across the nation&rsquo;s phone networks, and prohibit voice service providers from adding any line item charges to the bills of consumer or small business customer subscribers for caller ID authentication technology. Earlier this year, the FCC required that the STIR / SHAKEN framework—an Internet Protocol (IP) based standard—be implemented on IP-based phone networks by June 30, 2021.“</p><p>The second report and order adopted Sept. 29 continues the FCC&rsquo;s work to combat illegally spoofed robocalls and implement the TRACED Act. The new rules require voice service providers to either upgrade their non-IP networks to IP and implement STIR/SHAKEN, or work to develop a non-IP caller ID authentication solution, according to the news release.</p><p>They also require intermediate providers to implement STIR/SHAKEN so that IP calls retain caller ID authentication throughout the call path. The new rules prohibit carriers from adding a line item to the bills of consumers and small businesses for caller ID authentication technology, according to the FCC.</p><p>In the order, the FCC grants limited extensions of the STIR/SHAKEN implementation deadline to small voice providers, voice service providers that are currently incapable of obtaining a ”certificate::quot:: necessary to implement STIR/SHAKEN, services scheduled for discontinuance, and non-IP networks. The new rules stipulate that providers receiving an extension must implement robocall mitigation programs.</p><p>ACA is reviewing the rule to provide updates for members.</p><p>ACA and its advocacy team in Washington, D.C. continue to work for the industry&rsquo;s needs to ensure legitimate calls are not improperly impacted by call blocking and labeling.</p>"
  },
  "date": "2020-10-01T13:18:45-05:00",
  "featured": false,
  "headline": "FCC Adopts Caller ID Authentication Rules in Advance of Meeting",
  "id": "1601558325",
  "imageFilename": "fcc-adopts-caller-id-rules-904x712",
  "slug":"fcc-adopts-caller-id-authentication-rules-in-advance-of-meeting",
  "sourceName": "ACA International",
  "sourceArticleUrl": "https://www.acainternational.org/news/fcc-adopts-caller-id-authentication-rules-in-advance-of-meeting",
  "tags": ["Caller-ID Spoofing", "FCC"]
},
{
  "content": {
    "html": "<p>There&rsquo;s another clever fraud tactic to add to your library of security threats. Imagine a call or voice message that appears to come from a trusted source but is really a disguised attempt to compromise your identity, credentials or financial information. More of a social engineering scheme than a vulnerability, “vishing” is a highly effective and targeted form of phishing that uses voice as a means to lure victims into disclosing private information.</p><p>A recent data breach at the Ritz in London that evolved into vishing attacks on hotel guests demonstrates how conniving cybercriminals have become in this social engineering scam. The prominence of the Ritz attack, among other high-profile events, indicates that the phishing attack landscape has grown as remote working has taken hold of company environments. At $3000 a night, the Ritz customers fit a certain socio-economic profile; hence, the voice messages were highly targeted and well-choreographed. The attackers went after business clientele for credit card details and information, impersonating the Ritz. According to Digital Trends, one target was convinced by the ruse because the incoming phone number was spoofed to appear as the hotel&rsquo;s actual number.</p><p>Hotels are a perfect target for cyberattacks. Not only are there many vulnerabilities that come with managing hundreds of new customers each day, but hotels have access to a massive amount of customer personal data. In the Ritz case, the vishing attack was so effective because they don&rsquo;t train customers about what calls to expect regarding their patronage in their normal course of business.</p><h2>Beyond Email: The Hacker Game Has Changed</h2><p>Users have gotten reasonably good at spotting scam emails, and popular email systems help detect these efforts&rsquo; email items. However, email is not the only game in town. Scammers now exploit social media networks, online file-sharing systems, messaging platforms and applications and phone systems. Compared to email, these channels of opportunity are highly personalized and focused on sharing.</p><p>Scammers also leverage sophisticated and ready-to-launch phishing kits, including social, voice, email and enterprise channels. With a bit of time and dedication, an attacker can choose the target(s) of choice, mimicking login portals, official company pages and web pages. The threat condition here is now a scaled, repeatable and convincing operation. Armed with any available ill-gotten or publicly sourced data, the results can be disastrous.</p><h2>Vishing Exploits Trust</h2><p>You might recognize the low-level, even common criminal vishing attacks that consist of phony tech support staff, purporting to be from Microsoft or Apple. In other well-known case types, scammers impersonate the Internal Revenue Service (IRS) or the local utility company under the threat of disconnection, severe penalties and, in some cases, jail. Although the label of vishing may be relatively new for most individuals, the tactic is familiar.</p><p>At an estimated yearly global loss approaching $50 billion, vishing and the sort of fraud that scammers leverage against the unsuspecting public is unacceptable. When launched against a company, the impact could be devastating in compromising:</p><ul><li>Data integrity</li><li>Privileged and competitive data</li><li>Financial payments</li><li>Account integrity</li></ul><p>Riding on the coattails of the first attacks, vishing hackers mount a nefarious second wave perfectly timed to hit victims where it already hurts.</p><h2>Motivation and Human Opportunity</h2><p>Phishing, vishing and various other forms of cyberattack continue to be driven by financial motivations. Data is valuable, trust is valuable and a converted target can pay dividends. To those ends, cybercriminals have developed increasingly sophisticated attacks, exploiting vulnerabilities and loopholes in technology, validations even flaws in how html language is exchanged.</p><p>Cybercrime threats are here to stay, and the situation appears to be getting worse as we let our guards down due to distractions related to the pandemic. The bottom line is that humans are vulnerable and gullible, and these attacks continue to work.</p><h2>The Pandemic Effects</h2><p>As many industries and workers took a hit during the pandemic, cyber threat actors thrived many opportunities following the shift to remote work. The lines between work and home are now blurred in many cases, wherein in some circumstances, corporate devices became personal tools and vice-versa.</p><p>Corporate applications now run on home networks. Video and dial-in conferencing are everywhere. A precarious security gap exists between what a company expects is happening in a data stream versus what is actually happening. Video games, shopping, streaming and mobile banking are all attack vectors and opportunities for cybercrime. These circumstances highlight the immediate need for heightened corporate cybersecurity and data protection practices, especially as opportunities to breach across audiences increases.</p>"
  },
  "date": "2020-10-01T10:01:00-05:00",
  "featured": false,
  "headline": "Vishing At The Ritz: There’s A New Type Of Cybercrime In Town",
  "id": "1601546460",
  "slug":"vishing-at-the-ritz-theres-a-new-type-of-cybercrime-in-town",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/emilsayegh/2020/09/30/vishing-at-the-ritz-theres-a-new-type-of-cybercrime-in-town/#503d6cf4700d",
  "tags": ["Hackers", "Vishing"]
},
{
  "content": {
    "html": "<p>Assessing networks for potential vulnerabilities is an important responsibility for every organization, and it is especially critical for emergency communications at 9-1-1 centers to identify network security risks. Recently, two U.S. small businesses were awarded a total of $1.96 million in funding through the Department of Homeland Security (DHS) Small Business Innovation Research (SBIR) Program to develop tools that will support dynamic network modeling for risk management to emergency communication networks.</p><p>“There should never be any doubt that if you don&rsquo;t identify risks to your security operations, a bad actor will do it for you,” said William N. Bryan, DHS Senior Official Performing the Duties of the Under Secretary for Science and Technology. “Through the DHS SBIR Program we are able to develop innovative new tools that will help secure Next Generation 9-1-1 communication networks. I look forward to seeing the work performed by America&rsquo;s small businesses.”</p><p>The DHS SBIR Program, administered by the DHS Science and Technology Directorate (S&amp;T), selected Achilles Heel Technologies and SecureLogix to participate in Phase II of the program based on the successful demonstration of feasibility in Phase I for their Network Modeling for Risk Assessment technology solutions.</p><p>In Phase II, both companies will continue their research and development efforts. Achilles Heel Technologies, headquartered in Orem, Utah, will further develop a software tool suite for holistic cyber risk management of Next-Generation 9-1-1 (NG9-1-1) systems, including dynamic network models and advanced analytics. SecureLogix, headquartered in San Antonio, Texas, will continue development of a modeling tool that will help 9-1-1 decision makers plan mitigations for Telephony Denial of Service (TDoS) attacks and support awareness and education demonstrations, network planning through use of “what if” scenarios, and active training of Public Safety Answering Points call takers.</p><p>“Supporting improvements to NG9-1-1 is one of the best uses of taxpayer dollars, as it benefits the entire homeland security enterprise,” said Ann Cox, DHS S&amp;T SBIR Topic Manager. “Legacy 9-1-1 systems were not connected to the internet, and in some ways were less vulnerable than NG9-1-1. Now, many new data types are accepted by NG9-1-1 centers, such as text, video, images, and even information directly from an automobile in the event of an accident. All these data types increase the attack surface in cyberspace, in addition to the traditional TDoS and other attacks that originate in the phone system at 9-1-1 centers. This modeling effort allows risk assessment for NG9-1-1 when there is not an emergency occurring, to allow for planning and training as needed.”</p><p>At the completion of the 24-month Phase II contract, SBIR awardees will have developed a prototype to facilitate the pursuit of Phase III funding. For Phase III, SBIR performers seek to secure funding from private or a non-SBIR government source and pursue technology commercialization resulting from their Phase I and II efforts.</p><p>For more information on the DHS SBIR Program, visit: https://sbir2.st.dhs.gov or contact STSBIR.Program@hq.dhs.gov.</p><p>For more information on S&amp;T&rsquo;s innovation programs and tools, visit:https://www.dhs.gov/science-and-technology/business-opportunities.</p>"
  },
  "date": "2020-09-29T08:11:00-05:00",
  "featured": false,
  "headline": "DHS Awards $1.96M to SecureLogix and Achilles Heel Technologies to Develop Network Modeling Tools",
  "id": "1601367060",
  "imageFilename": "dhs-network-modeling-904x712",
  "slug":"dhs-awards-1-96m-to-securelogix-and-achilles-heel-technologies-to-develop-network-modeling-tools",
  "sourceName": "Newswise",
  "sourceArticleUrl": "https://www.newswise.com/articles/dhs-awards-1-96m-to-small-businesses-to-develop-network-modeling-tools-for-risk-assessment",
  "tags": ["Emergency Services & 911 Systems", "Homeland Security", "Network Modeling"]
},
{
  "content": {
    "html": "<p>Two accused credit card con artists used Globex Telecom to make calls using spoofed numbers</p><p>WASHINGTON -- The Federal Trade Commission said Tuesday that Globex Telecom, Inc. of Canada and an affiliated company will pay $1.95 million to settle charges that Globex allowed a robocaller to use its equipment to swindle consumers out of millions of dollars. The FTC and the state of Ohio said Globex allowed a telemarketer, Educare Centre Services, to make illegal robocalls, peddling bogus and illegal services to reduce consumers&rsquo; credit card interest rates for an upfront fee.</p><p>The settlement is the FTC&rsquo;s first consumer protection case against a Voice over Internet Protocol (VoIP) service provider. The FTC said it may not be the last. “”We will continue to go after companies like Educare that target people using these unlawful practices, and VoIP service providers like Globex who knowingly help them violate the law,“ said Andrew Smith, director of the FTC&rsquo;s Bureau of Consumer Protection. Most phone lines that aren&rsquo;t cell lines use VoIP these days.</p><p>Under the settlement, Globex and its subsidiaries must block spoofed calls and various suspicious calls, including calls with a Caller ID of 911. Spoofed calls use a fabricated phone number to make it seem like the call is coming from someone else, such as the IRS, your local police department or a neighbor. Most spoofed calls have bad intentions. </p><p>In response, U.S. PIRG Education Fund Consumer Watchdog Teresa Murray issued the following statement:</p><p>”Going after companies that make robocalls possible is a first step, but federal regulators must do much more. Robocalls are the No. 1 complaint reported to the Federal Communications Commission and have been for many years. Robocallers place about 5 billion illegal calls to U.S. consumers and businesses every month. </p><p>“What&rsquo;s worse is that fraud from these intrusive and unwanted calls costs consumers about $10 billion a year, according to the FTC. That&rsquo;s a staggering $26 million that con artists get from innocent consumers every single day. Not to mention, these fraudsters often target the most vulnerable among us: senior citizens, young adults, the poor and people who are in debt or unemployed.</p><p>”While the FCC last year started allowing cell phone and home phone companies to block calls if they believe they are scams or are spoofing another phone number, it has not made it mandatory to block calls that are spoofing numbers. This is infuriating. If a caller is pretending to be someone else, such as a major bank or your local police department or a government agency, isn&rsquo;t that a pretty good indication the call could be trouble?</p><p>“This FTC settlement must be a wake-up call to phone service providers so they do more to protect consumers. If not, the FTC must be vigilant in going after companies that enable this immoral practice. And the FCC should require providers to block spoofed calls that we all know are scams.”</p>"
  },
  "date": "2020-09-23T09:12:00-05:00",
  "featured": false,
  "headline": "FTC Settles First Case Against VOIP Provider for Allowing Illegal Robocalls",
  "id": "1600852320",
  "imageFilename": "ftc-settlement-in-voip-robocalls-suit-904x712",
  "slug":"ftc-settles-first-case-against-voip-provider-for-allowing-illegal-robocalls",
  "sourceName": "US PIRG",
  "sourceArticleUrl": "https://uspirg.org/news/usp/ftc-settles-first-case-against-voip-provider-allowing-illegal-robocalls",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>The report and order are part of the FCC&rsquo;s requirements to implement the TRACED Act.</p><p>The Federal Communications Commission will consider a second report and order, “Promoting Caller ID Authentication to Combat Spoofed Robocalls ,” during its next meeting Sept. 30.</p><p>The report and order are part of the FCC&rsquo;s work to implement the Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), and promote the deployment of caller ID authentication technology to combat spoofed robocalls, according to a news release from the FCC.</p><p>In March, the FCC issued a report and order and further notice of proposed rulemaking on mandating adoption of STIR/SHAKEN by voice service providers and additional measures to combat spoofed calls, ACA International previously reported.</p><p>ACA and a group of industry trades filed comments on that order.</p><p>The FCC&rsquo;s second report and order set for consideration this month would:</p><ul><li>Require voice service providers to either upgrade their non-IP networks to IP and implement STIR/SHAKEN, or work to develop a non-IP caller ID authentication solution.</li><li>Establish extensions of the June 30, 2021, caller ID authentication implementation deadline for small voice service providers, voice service providers that are currently incapable of obtaining a “certificate” necessary to implement STIR/SHAKEN, services scheduled for discontinuance, and non-IP networks.</li><li>Require voice service providers subject to an extension to implement a robocall mitigation program on the non-STIR/SHAKEN-enabled portions of their networks.</li><li>Require all voice service providers to file a certification in a commission database showing how they are acting to stem the origination of illegal robocalls.</li><li>Establish a process by which providers that make early progress on caller ID authentication implementation can obtain an exemption from the June 30, 2021, deadline, as required by the TRACED Act.</li><li>Prohibit voice service providers from adding any line item charges to the bills of consumer or small business customer subscribers for caller ID authentication technology, as required by the TRACED Act.</li><li>Require intermediate providers to implement the STIR/SHAKEN caller ID authentication framework in the IP portions of their networks by June 30, 2021.</li></ul><p>Comments on the second report and order are due 30 days after publication in the <em>Federal Register</em>.</p>"
  },
  "date": "2020-09-22T10:23:36-05:00",
  "featured": false,
  "headline": "FCC to Consider Caller ID Authentication Report and Order at Sept. 30 Meeting",
  "id": "1600770216",
  "imageFilename": "capitol-hill-904x712",
  "slug":"fcc-to-consider-caller-id-authentication-report-and-order-at-sept-30-meeting",
  "sourceName": "ACA International",
  "sourceArticleUrl": "https://www.acainternational.org/news/fcc-to-consider-caller-id-authentication-report-and-order",
  "tags": ["Caller-ID Spoofing", "FCC"]
},
{
  "content": {
    "html": "<p>It&rsquo;s no secret that robocalls, spam and call spoofing have all but destroyed Americans&rsquo; trust in telephone calls -- to the point that many individuals have essentially stopped answering the phone. A widely cited <em>Consumer Reports</em> survey conducted in December 2018 suggests that 70 percent of U.S. adults will not respond if they do not recognize the number or if the caller&rsquo;s number is anonymous.</p><p>This refusal to answer is certainly understandable from the consumer&rsquo;s point of view (and we&rsquo;re all consumers, after all), but it is costly for organizations that need to conduct business over the phone and have difficulty connecting with their customers.</p><p>It also represents a significant potential threat to public health and safety, as illustrated by health department&rsquo;s contact tracers&rsquo; current challenges in getting individuals exposed to COVID-19 to pick up the phone. According to a Reuters investigation in August, more than three dozen public health departments were hindered largely due to some residents&rsquo; failure to answer their phones.</p><h2>Authentication to Tackle Unwanted Calls</h2><p>In March 2020, in response to growing consumer complaints and newly passed legislation to combat malicious robocalling and illegal spoofing, the Federal Communications Commission (FCC) mandated that service providers implement call authentication based on the STIR/SHAKEN framework, which authenticates caller identity via digital certificates, by June 2021.</p><p>Many carriers have already implemented the standards and are working with analytics partners to refine their algorithms to determine which calls are suspicious and deserve to be marked as spam or blocked entirely. These algorithms use STIR/SHAKEN attestation ratings (which are based on the originating service provider&rsquo;s relationship to the telephone number) along with many other variables such as complaints and calling patterns.</p><p>The goal is, of course, to stop abusive and unwanted calls without hindering organizations&rsquo; ability to call consumers for valid reasons. But aggressive algorithms also introduce the risk that legitimate business calls may be mistakenly filtered out. In fact, many companies have seen their answer rates drop even further as their outbound calls are blocked or marked as spam.</p><p>So, what can businesses do to make sure their calls get through -- and then encourage their customers to answer?</p><p>Following are seven steps that organizations can take to combat erroneous call blocking and increase answer rates. These measures will help businesses optimize contact operations, increase call performance, and protect and promote their brands by restoring trust in calls.</p><p>STEP 1. CENTRALIZATION: Validate Identity Across the Calling Environment</p><p>The first step to reestablishing trust in the phone channel is to make sure your company&rsquo;s numbers and contact information have been validated across the calling environment. Organizations often have several phone numbers sourced from different service providers. All these details need to be kept up to date across service providers and phone carriers so every number from your business is validated and doesn&rsquo;t wrongly show up on phone screens as spam or, worse, get blocked.</p><p>Start by validating each number across service providers and phone carriers so your organization is seen as the legitimate call originator for all your numbers.</p><p>STEP 2. CONTACT: Connect with confidence</p><p>Some calls fail to connect because the number on file is incorrect or the call is placed at a time when the customer is unlikely to answer. One way to effectively address these issues and improve right-party contact rates is to incorporate predictive phone behavior intelligence into your CRM system.</p><p>This means making sure customer contact information is up to date, including which number is most likely to be answered (prioritizing the customer&rsquo;s preference for landline or mobile calls, for example) and what days and times to call to increase the likelihood of a response. These types of solutions have been shown to increase right-party contact rates for outbound calls by an average of 33 percent.</p><p>STEP 3. CONSISTENCY: Enable an accurate call display</p><p>When calling customers, most enterprises use many telephone numbers beyond the few main published contact numbers. However, these additional numbers -- especially internal extensions and corporate mobile numbers -- often display inconsistent, inaccurate, or even blank caller ID names due to variations across internal systems and processes. But, as noted above, customers are much less likely to answer if they aren&rsquo;t sure who is calling.</p><p>Managing the way your company&rsquo;s brand is displayed on outbound calls is critical to creating confidence in who is calling. Make sure the correct information is displayed, and measure call performance to see if certain caller names are more effective -- and, if so, make adjustments to increase answer rates.</p><p>STEP 4. CONNECTION: Ensure that your outbound calls get through</p><p>Anti-robocall and anti-spoofing regulations, designed to protect consumers from unwanted and fraudulent telephone calls, have led service providers to implement measures that can mistakenly block legitimate business calls or flag them as spam. Many organizations do not even realize that their calls are being blocked or flagged until they receive negative feedback from their customers.</p><p>To make sure calls from your telephone numbers are being accurately assessed as legitimate business calls by service providers and caller ID apps, you should register all your numbers across the caller ID ecosystem of carriers and app providers. You will also need to understand your baseline call patterns (How are telephone numbers assigned to campaigns? Which carriers terminate your calls? Are call answer rates similar across carriers?) to identify any telephone numbers that are being wrongly blocked or flagged.</p><p>There is no central location to check which calls are being blocked, but you can perform regular test calls and monitor any changes to your registered telephone numbers&rsquo; reputation across carriers, which will allow you to respond promptly if calls are being incorrectly blocked or marked as spam. You will need to report any suspected inaccurate spam labels or mistaken blocking to the individual voice service (mobile, landline or VoIP) or app provider.</p><p>STEP 5. CERTAINTY: Protect your brand from abuse by spoofers</p><p>Fraudsters often use spoofed calls to impersonate legitimate businesses and swindle consumers or trick them into handing over personal information. If your business telephone numbers are being used by spoofers, the fraudulent calls can damage your brand reputation and destroy customer loyalty and trust. Depending on the applicable consumer protection legislation, spoofing may also expose you to fines or penalties for purportedly making unwanted calls.</p><p>To protect your brand&rsquo;s reputation and your customers -- and reduce your liability risk -- you should monitor the use of your brand across the caller ID ecosystem. Designate inbound, outbound, or bidirectional telephone numbers, and register inbound-only numbers as do-not-originate (DNO) numbers across the ecosystem, to prevent fraudsters from using these numbers. Also monitor the assigned caller names for third-party numbers, so you can identify attempts to spoof your organization&rsquo;s caller name.</p><p>STEP 6. CERTIFICATION: Authenticate the caller identity</p><p>Congress and the FCC have now mandated that voice service providers deploy STIR/SHAKEN call authentication by June 2021. By applying this digital certificate technology, carriers can notify recipients that a call has been verified using a symbol, a verification keyword, or another visual alert. If the call cannot be verified, the carrier may block the call and/or mark it as potential spam.</p><p>However, enterprise networks can introduce complications. When an enterprise acquires phone numbers from one carrier but originates calls on a different carrier&rsquo;s network, the attestation level -- essentially a confidence score indicating how reliably a carrier can identify the caller and source of the call -- can take different values. The concern is that anything other than the highest level of attestation may not be accepted as trustworthy by consumers, or even downstream carriers.</p><p>To take control of how your calls will be signed and with what attestation level, make sure your call operations staff understand the impacts and limitations of the STIR/SHAKEN standards, verify your STIR/SHAKEN attestation levels, and integrate STIR/SHAKEN standards into your network and mobile applications. This will allow you to sign outbound calls, verify inbound calls and secure end-to-end calls.</p><p>STEP 7. CONTEXT: Enhance the mobile call display</p><p>Beyond providing an accurate calling name and number, most landline caller ID displays offer limited opportunity to add context. Mobile displays, however, are an entirely different matter. Smartphone users have become accustomed to a steadily improving digital customer experience -- one that far outpaces the typical current call experience. Enterprises can enhance this experience by providing richer content on the mobile phone display, giving customers more reason to answer.</p><p>Beyond visually displaying the call authentication or verification result to increase customer confidence that the caller is legitimate, businesses can provide a customized brand display using logos, images and digital business cards to deliver expanded name information and the caller&rsquo;s title, department and location, for example.</p><p>You can also add a targeted message -- about the purpose of the call, for instance, or a URL to visit for more information -- for a personalized brand experience. This enhanced context can be included in the call history to make sure customers see the information even for calls they don&rsquo;t answer.</p><h2>The Impact of Restoring Trust</h2><p>While digital communications are extremely popular among both businesses and customers (research suggests that customers often prefer to initiate contact via a web portal or email), everyone needs to speak with a real person sometimes.</p><p>The phone channel is frequently used at a more critical point in a relationship, such as when a complex issue escalates or in a high-priority interaction. Businesses regularly use voice calls for urgent or sensitive communications.</p><p>For enterprises, protecting and improving the customer experience, with the goal of boosting both customer retention and growth, is a key motivation for putting an end to robocalls and call spoofing.</p><p>Enabling organizations to reliably engage in high-value communications by phone -- whether the dialing organization is a business nurturing an important client relationship, a health department tracing the contacts of a COVID patient, or a bank notifying a customer of attempted account fraud -- will lead to both customer and operational business benefits.</p><p>Even more importantly, restoring trust in the phone is the first step in reenergizing a vital communication channel that, especially in today&rsquo;s world, offers the next best option to being there. </p>"
  },
  "date": "2020-09-18T09:04:00-05:00",
  "featured": false,
  "headline": "7 Steps to Restoring Trust in Business Telephone Calls",
  "id": "1600419840",
  "imageFilename": "restoring-trust-in-business-calls-904x712",
  "slug":"7-steps-to-restoring-trust-in-business-telephone-calls",
  "sourceName": "eCommerce Times",
  "sourceArticleUrl": "https://www.ecommercetimes.com/story/86851.html",
  "tags": ["Call Authentication", "Caller-ID Spoofing", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Robocalls Continue to Creep Back Upwards After Declining Under the Spring Quarantine</p><hr /><p>Americans received just under 3.7 billion robocalls in August, an approximately 1% increase from July. In August, robocalls averaged 118.3 million calls / day or roughly 1,370 calls / second, up from 117.1 million calls / day and 1,356 calls / second in July. There have been just over 30.1 billion robocalls so far in the first 8 months of the year, averaging 3.8 billion / month, or 18% lower than the 2019 average of 4.9 billion robocalls/month.</p><p>These latest monthly figures come from YouMail, a robocall blocking app and call protection service for mobile phones.</p><p>“Robocalls grew at a surprisingly low rate in August, despite economies continuing to reopen,” said YouMail CEO Alex Quilici. “While we would love for this slow rate of growth to continue, we expect this is just a pleasant hiccup as robocalls continue a steady rise.”</p><h4>Robocall Categories Were Similar in August</h4><p>The breakdown of categories was similar in August compared to July. Scams and telemarketing together remained a big headache, with roughly 2.2 billion calls between them, and nearly 60% of the month&rsquo;s total robocall volume.</p><figure><table><tbody><tr><th>Type</th><th># Robocalls</th><th>% Robocalls</th></tr><tr><td>Scams</td><td>1.7 B (+0%)</td><td>46% (+0%)</td></tr><tr><td>Alerts and Reminders</td><td>.95 B(+5%)</td><td>26% (+1%)</td></tr><tr><td>Payment Reminders</td><td>.54 B (-3%)</td><td>15% (-1%)</td></tr><tr><td>Telemarketing</td><td>.49 B (-3%)</td><td>13% (+0%)</td></tr></tbody></table></figure><h4>Top Illegal Robocalls in August 2020</h4><p>In August, Car Warranty Scam calls remained the most frequently made illegal robocall for the second consecutive month, while Medical Scams continued to represent the next most frequent category of illegal robocalls.</p><figure><table><tbody><tr><th>Rank</th><th>Type</th><th># Robocalls</th><th>Summary</th></tr><tr><td>1</td><td>Warranty Scams</td><td>211.8 M</td><td>Scam payments / illegal solicitations</td></tr><tr><td>2</td><td>Health-Related Scams</td><td>204.0 M</td><td>Identity theft / scam payments / illegal solicitations</td></tr></tbody></table></figure><h4>“Winners” in August 2020</h4><p>The cities, area codes and states with the highest volumes of robocalls in August were similar to what we&rsquo;ve seen the past few months. The main changes are that Washington DC is now the city getting the most robocalls/person, wresting that title from Baton Rouge, Louisiana.</p><figure><table><tbody><tr><td>Most robocalls - city</td><td>Atlanta, GA (147 million)</td></tr><tr><td>Most per person - city</td><td>Washington, D.C. (33.7 / person)</td></tr><tr><td>Most robocalls - area code</td><td>404 - Atlanta, GA (62.7 M)</td></tr><tr><td>Most per person - area code</td><td>404 - Atlanta, GA (51.3 / person)</td></tr><tr><td>Most robocalls - state</td><td>Texas (411.8 million)</td></tr><tr><td>Most per person - state</td><td>Louisiana (21.1)</td></tr></tbody></table></figure>"
  },
  "date": "2020-09-09T08:55:00-05:00",
  "featured": false,
  "headline": "Almost 3.7 Billion Robocalls in August Mark 1% Monthly Increase",
  "id": "1599641700",
  "imageFilename": "august-2020-robocalls-904x712",
  "slug":"almost-3-7-billion-robocalls-in-august-mark-1-monthly-increase-says-youmail-robocall-index",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/almost-3-7-billion-robocalls-in-august-mark-1-monthly-increase-says-youmail-robocall-index-301126426.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>The Eastern District of New York has ruled in the case “United States v. Nicholas Palumbo, et al” effectively putting TollFreeDeals.com and SIPRetail.com out of business. These are the “Voice Over IP” companies that have allowed millions of overseas calls per day to be routed to Americans, often for the purposes of facilitating fraud, often by imitating either the Social Security Administration or the IRS. The case, originally filed 28JAN2020 ( 1:2020cv00473) announced their final “permanent injunction” ruling on 26AUG2020, as conveyed by the Office of the Inspector General of the Social Security Administration. </p><p>In the 62-page criminal complaint against the two companies, the government explains that the major fraud types facilitated by the Palumbos were: </p><p>a. Social Security Administration (“SSA”) Imposters</p><p>b. Internal Revenue Service (“IRS”) Imposters </p><p>c. United States Citizenship and Immigration Services (“USCIS”) Imposters </p><p>d. Tech Support Imposters — often claiming to be Apple or Microsoft </p><p>e. Loan Approval Scams</p><p>Through the use of the Palumbos&rsquo; companies, the callers were able to spoof their caller ID to seem to originate from a U.S. Federal government agency, local police department, or technical support organization. </p><p>From October 1, 2018 to September 30, 2019, the SSA received more than 465,000 complaint related to these types of calls and documented losses of more than $14 million. The Federal Trade Commission&rsquo;s Consumer Sentinel Database documented 166,000 such calls with losses of $37 million just in calendar 2019. When all types of government impersonation calls were included, the FTC Consumer Sentinel reported 255,223 complaints causing $128 Million in fraud losses in 2018 and 389,563 complaints resulting in $152 Million in fraud losses in 2019!</p><h3>The Social Security Calls</h3><p>According to the government&rsquo;s complaint one such robocall, sent to millions of American telephone numbers in early 2019 used this text: “Hello this call is from Department of Social Security Administration the reason you have received this phone call from our department is to inform you that there is a legal enforcement actions filed on your social security number for fraudulent activities so when you get this message kindly call back at the earliest possible on our number before we begin the legal proceedings that is 619-XXX-XXXX. I repeat 619-XXX-XXXX. Thank you.”</p><h3>The Technology </h3><p>How does the technology work? The foreign call center uses Voice Over IP (VoIP) to connect via broadband Internet to a U.S. based telecommunications company called a “gateway carrier.” The gateway carrier then routes the call to a “common carrier” such as AT&amp;T or Verizon. Because of the need to bill for these services, both the gateway carrier and the common carrier keep logs of these calls. Part of the service provided by the Gateway Carrier is to perform “least-cost routing” – basically real-time auctioning the call so that the call is routed to the cheapest bidder. These logs provide: timestamp =&gt; destination consumer # =&gt; gateway carrier =&gt; caller-id presented (often spoofed) =&gt; downstream customer (usually the foreign call center) . </p><p>In just 23 days in May and June of 2019, TollFreeDeals transmitted more than SEVEN HUNDRED TWENTY MILLION calls! (720,000,000 calls!!!!) 425 million of these calls lasted less than one second. More than 24 million of these calls were placed to residents of the Eastern District of New York.</p><p>182 Million of these TollFreeDeals calls were originated from a single India-based VoIP carrier co-conspirator in the United States. One thousand different source numbers accounted for 90% of these calls. 79% of these 1,000 numbers were listed as fraudulent robocall numbers by a robocall blocking company (YouMail). Of these 143 million calls, 20% were Social Security imposter calls, 35% were loan approval scams, and 14% were Microsoft refund calls. Other calls imitated the IRS, the U.S. Treasury, and additional tech support scams.</p><p>In May 2017, Nicholas Palumbo was notified by AT&amp;T and others that his company was routing fraud government imposter calls. Palumbo promised to block two particular telephone numbers, but continued to allow the others. </p><p>In February 2019, AT&amp;T notified Palumbo that calls spoofing the USCIS and attempting to extort money had been traced to his company. Again, Palumbo blamed his India-based VoIP carrier customer, even though this was the same company for which he had already received many warnings. </p><p>A telecommunications industry trade association, USTelecom, provided an additional 144 notifications of fraudulent call origination to the Palumbos&rsquo; companies from May 2019 to January 2020, including 83 SSA Imposter fraud call cases, 24 Tech Support imposter fraud cases, 10 IRS imposter fraud cases, and 1 USCIS impersonation fraud calls. USTelecom&rsquo;s notices estimated that TollFreeDeals was placing “more than 1 million fraudulent calls per day.” Palumbo logged in to the USTelecom portal and repeatedly indicated the calls had been placed by the same India-based customers of TollFreeDeals.</p><p>USTelecom also formally notified SIP Retail of similar traffic, including 35 traceback investigations from August 2019 to January 2020, including 19 SSA Impersonation cases, 3 Tech Support impersonation cases, and 1 USCIS Impersonation case.</p><h3>Elder Fraud Task Force Reports</h3><p>To put a human face on the crimes, a Postal Inspector working for the Elder Fraud Task Force in the Consumer Protection Branch of the Department of Justice investigated many example calls facilitated via the Palumbos&rsquo; companies.</p><p>Palumbo received at least nineteen large cash deposits into Wells Fargo Bank accounts that he controlled from May 28, 2019 to September 11, 2019, totalling $130,250. The deposits were made in Minnesota, South Carolina, Florida, Alabama, and New Jersey. After each cash deposit, Palumbo would move the funds to his Ecommerce National LLC accounts at JP Morgan Chase. These activities are characterized by the Postal Inspector as “Interstate Funnel Account” transactions, a form of laundering money.</p><p>Some of the victims interviewed by the Postal Inspector included: </p><p>J.K – an 84 year old veteran of the US Marine Corps from Belle Harbor, NY. He received a call claiming to be from the U.S. Marshals Service with a wrarant for his arrest. He then was told by a “SSA Employee” that someone had used his SSN to rent a car in Texas and that the car was used in drug trafficking and money laundering. The “SSA Employee” then forced J.K to wire all of the money in his bank accounts to him – $9,800. </p><p>C.E. – a 36 year old man who was a brand-new U.S. citizen. He was told be “George” from SSA that he was being investigated for money laundering. He was told to drive to a Best Buy in Queens, NY and buy $700 worth of Hotels.com gift cards. </p><p>L.U. – a man in his 40s from Roosevelt, NY lost $2,200 in an SSA Imposter scam </p><h3>More on Call Routing</h3><p>Another Affidavit related to this case was the Declaration of a Special Agent of the Social Security Administration&rsquo;s Office of the Inspector General, who provided the diagram above to explain the complication of Least-Call Routing Tracebacks. </p><p>From 2016 to 2020, TollFreeDeals.com was offering VoIP termination services specializing in servicing foreign call center call originators. Their website specifically stated: </p><p>“TollFreeDeals.com is your premier connection for call center and dialer termination. We are always looking for the best call center routes in the telecom industry. We specialize in short call duration traffic or call center traffic. We understand there is a need for it and we want to help you find all the channels you need!” </p><p>They were proud of the number of call minutes they had “terminated” (which means, facilitated the call from VoIP to a Common Carrier call completion.) As of January 23, 2020, they boasted that they had helped to completed 10,491,500,323 minutes of calls! That&rsquo;s TEN BILLION MINUTES of mostly fraud calls! </p>"
  },
  "date": "2020-09-08T10:07:00-05:00",
  "featured": false,
  "headline": "RoboCallers Hit with Permanent Injunction by Courts",
  "id": "1599559620",
  "imageFilename": "robocallers-hit-with-injunction-904x712",
  "slug":"robocallers-hit-with-permanent-injunction-by-courts",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2020/09/robocallers-hit-with-permanent-injunction-by-courts/",
  "tags": ["Department of Justice", "Robocalls"]
},
{
  "content": {
    "html": "<p>Between paycheck protection loans, economic stimulus payments and mounting job losses, consumers have questions for their financial institutions. At the same time, call center employees working for those institutions are having to quickly adjust to working from home — with all the distractions and security risks that entails.</p><p>“Fraudsters love to take advantage of times of disruption and confusion,” said Shirley Inscoe, a senior analyst at Aite Group.</p><p>Executives at the financial institutions Inscoe is in touch with are reporting higher volumes of customer calls, she said, and security vendors are reporting increases in the number of fraudulent calls they&rsquo;re receiving.</p><h3>Working from home changes everything </h3><p>Software security vendors are a financial institution&rsquo;s first line of defense against fraud. These tools can be used to detect spoofed phone numbers, determine higher- and lower-risk callers, and use voice biometrics to identify both known callers and fraudulent voices. But using existing fraud prevention tools correctly — even from home — is key to fighting off attacks. In today&rsquo;s work from home environment, that could require reconfigurations to match the rerouting of calls to agents&rsquo; homes.</p><p>Inscoe recommends call center employees working from home turn off their smart home devices, like Amazon Echo and Google Home. She also recommends call-center workers avoid using tools like baby monitors that could provide access to their home networks.</p><p>“We think of our homes as secure as we lock our doors, but in this age of smart homes all of these systems can be compromised,” Inscoe said. “That&rsquo;s something in the rush to enable people that could easily be overlooked.”</p><p>Even before COVID-19 closed economies around the world, call center fraud had been on the rise. The security vendor Pindrop found call center fraud rose 45% between 2013 and 2016.</p><p>In 2019, one in every 700 calls to call centers were fraudulent, according to Pindrop. Customers also are increasingly being targeted by scammers posing as their financial institutions and contacting them via email and text.</p><p>“Your customer base is going to get spoof email and spoof text messages that will look and sound like your company,” said Brian St. John, Pindrop&rsquo;s fraud operations manager. “The key is understanding your customers are being attacked this way.”</p><p>The consulting firm Gartner suspects call center fraud is actually higher and that some attempts to defraud customers aren&rsquo;t being traced back to call centers. “Humans are often the weakest link in security and fraud prevention programs,” Gartner wrote. People can be manipulated by fraudsters posing as customers or trying to win them over with flirtation or flattery.</p><p>Inscoe also believes call centers are linked with more attempts to defraud consumers than banks may realize.</p><p>Financial institutions often lack the staff to dig deep enough into fraud to connect it with call centers. Sometimes, they misattribute fraud to other customer contact channels. “You have to recognize the problem in order to solve it,” Inscoe said. “In many cases they&rsquo;re not recognizing the problem.”</p><h3>Fraud prevention focuses on digital</h3><p>Call centers tend to operate separately from other customer interaction channels like chat and websites. They often fall just outside of fraud prevention efforts that focus more on digital customer communication channels hackers are likely to target.</p><p>Omnichannel consumer relationships and employees operating in silos complicate fraud tracking efforts at a time when the account takeover fraud has gotten more sophisticated.</p><p>Years of data breaches, combined with the popularity of social media sites that incorporate key personal information like birth dates, high schools and colleges, have made it easier to fool knowledge-based identity verification systems.</p><p>Gartner estimates as many as 2 billion identities obtained through malware and data breaches are available through organized crime groups. That information includes mobile phone numbers, bank account details and other information can be used to answer knowledge-based security questions and spoof mobile numbers to trick unwitting call center operators.</p><p>With so much data having been leaked, previous street addresses, the make and models of past cars and other personal information is no longer so personal.</p><p>Even one-time passwords can&rsquo;t provide an adequate buffer of security for consumers. By cloning a consumer&rsquo;s phone number, fraud perpetrators can intercept one-time messages meant to go to the real customer&rsquo;s phone.</p><p>Armed with information and technology, fraud perpetrators targeting call centers don&rsquo;t need to outsmart algorithms. They just need to convince one person they&rsquo;re a legitimate customer — the call center agent they&rsquo;re targeting.</p><p>Should those call center agents be more frazzled than usual — maybe because they&rsquo;re simultaneously trying to juggle housework and families — they become easier targets, especially as institutions loosen some security measures to serve customers during this time of crisis.</p><p>“You have to be aware that &lsquo;Yes, you&rsquo;re doing the right thing for your customers,&rsquo; but also realize bad guys are going to take advantage of that,” St. John said. “Especially in a time of chaos like now.”</p>"
  },
  "date": "2020-09-02T11:02:00-05:00",
  "featured": false,
  "headline": "Work-from-home call centers have the attention of fraudsters",
  "id": "1599044520",
  "slug":"work-from-home-call-centers-have-the-attention-of-fraudsters",
  "sourceName": "BAI",
  "sourceArticleUrl": "https://www.bai.org/banking-strategies/article-detail/work-from-home-call-centers-have-the-attention-of-fraudsters/",
  "tags": ["Call Center Security", "Financial Fraud"]
},
{
  "content": {
    "html": "<p>Sure, we may have a lower investment in the collective good, but we&rsquo;ve also been basically conditioned to avoid answering the phone at any and all costs.</p><p>An article published in <em>The Atlantic</em> this morning pointed out that Americans absolutely suck at being contact traced for coronavirus, so far. There are a number of reasons given: There are too many cases, test results take too long, and people don&rsquo;t trust the government; and after this completely botched handling of a pandemic where the government has allowed nearly 200,000 people to die, who would? But we dug this contact-tracing-by-phone grave long ago, when we allowed our phone system to be ruined by spam calls.</p><p>Contact tracing, we are told here in our destitute country, works beautifully in Europe, where people dutifully hand out their phone numbers to businesses they visit, and then dutifully answer the phone when they are contacted about any potential risk from other people they might have come into contact with. People in Europe can safely give out their phone numbers and safely answer the phone because the European Union prohibits calling people to solicit services without their explicit consent.</p><p>In South Korea, the system is a little different. While telemarketing and robocalls are a problem there, the contact tracing system works largely by text message, according to a reported piece from the New Yorker in April. Both contact tracing efforts and COVID-19 test results are delivered by text. In the case of test results, they arrive within hours of the test&rsquo;s administration, another delightful contrast to the U.S., where test results throughout most of the country take around a week to arrive.</p><p>Here in the U.S., meanwhile, people almost never answer the phone when an unknown caller rings, and for good reason. As of 2018, roughly 30 percent of all cell phone calls in the United States were spam, which can be annoying at best and actively dangerous at worst. That number was up from just 3.7 percent in 2017.</p><p>Texting could actually work a bit better in terms of getting people to respond. But still there remains the issue of trust, that the person who is contacting you is who they say they are. Without a government that can even figure out how to get its own phone number to reliably show up as, say “New York Health Dept,” instead of “Spam Risk” when reaches out to people, we&rsquo;re not positioned super-well to build trust. Even then, new developments in scamming technology allow for scammers to spoof the numbers of anyone, meaning that even that wouldn&rsquo;t be foolproof. Until the United States takes its scam and spam call problem seriously, we&rsquo;re probably going to be in the contact-tracing dark ages for a very long time.</p>"
  },
  "date": "2020-09-02T08:51:00-05:00",
  "featured": false,
  "headline": "The Real Reason Contact Tracing Is Doomed in the US: Spam Calls",
  "id": "1599036660",
  "imageFilename": "americans-stop-answering-the-phone-904x712",
  "slug":"the-real-reason-contact-tracing-is-doomed-in-the-us-spam-calls",
  "sourceName": "Vice",
  "sourceArticleUrl": "https://www.vice.com/en_us/article/935vvz/the-real-reason-contact-tracing-is-doomed-in-the-us-spam-calls",
  "tags": ["Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>This new wrinkle in cybercrime can create a target for your enterprise. Follow these six tips to avoid falling victim.</p><p>As if these times weren&rsquo;t sufficiently challenging without creative criminals, it&rsquo;s time for the introduction of a new bad word/cybercrime called –vishing. Late last week, the FBI and the Cybersecurity &amp; Infrastructure Security Agency (CISA) issued an advisory to address a new wrinkle in cybercrime—that of vishing—a problem that has been exacerbated by the large number of people who are working remotely in the COVID-19 environment. </p><p>Entitled “Cyber Criminals Take Advantage of Increased Telework through Vishing Campaign,” the law enforcement agencies took this step to warn enterprises of the increased presence of voice phishing or vishing activities. These have significantly as ever-larger numbers of employees have been working from remote locations. Specifically, vishing is defined as “any message—such as an email, text, phone call, or direct-chat message—that appears to be from a trusted source, but isn&rsquo;t,” according to the Norton definition. </p><p>The goal of the sophisticated cybercriminals behind this relatively new twist is to get access to enterprise-sensitive information and then sell that access. With just enough knowledge gained from what the advisory calls “mass scraping of public profiles on social media platforms” to target potential soft targets, these cyber crooks get to work. </p><p>As is well known in the security world, employees are often the most vulnerable and valuable target for those who wish to perpetrate fraud against a single enterprise. Let alone giant enterprises. For those on a “vishing expedition,” they are the definition of a prime catch. </p><p>Prior to contacting enterprise insiders, cybercriminals have created fake profiles and spoofed numbers, so that when these masqueraders reach out and touch unsuspecting employees, those initiating the call look legit. That is, to any reasonable employee or contractor. When a call from Ms. X from the enterprise security office comes in (often over a VoIP-based configuration where a number can be spoofed without great hardship), it&rsquo;s l normally answered. Once the bad guy, masquerading as the good guy, reaches the target recipient, he or she poses carefully scripted questions to the call recipient. As a result, once the caller seems legit, otherwise unsuspecting employees have disclosed seemingly appropriate—but sensitive—information to the bad guys (keywords here are “seem” and “seemingly”). </p><p>Employees and authorized contractors—particularly those new to the enterprise—are often directly targeted because they have less knowledge about the organization, its inner workings and security practices, and are thus more likely to fall for what seems real. Currently, since many of these employees are working remotely, there is a greater risk that additional security protocols that exist in the actual workplace do not exist at home. </p><p>In a particularly brazen (and slimy IMHO) move, according to a recent article from former Washington Post reporter and security expert Brian Krebs (see Krebs on Security), a subgroup of “vishermen” is offering to go one step beyond. That is, this group is marketing a service that offers to take information obtained from one-on-one phone calls and combine it with knowledge culled from highly sophisticated phishing sites to actually “steal VPN credentials from employees.” Further, it can pay bounties for such information, and has been used by enterprises—including some very large and well-known entities—to obtain valuable information from competitors&rsquo; employees. Thus far, the industries targeted have been financial, telecommunications and social media companies, but like a contagious illness, this technique is likely to spread. </p><p>With these risks heightened by the pandemic, enterprises are well-advised to make sure that employees, contractors, and guests understand in-house security policies, particularly concerning seemingly random contact from the outside. Additionally, many enterprises have taken the step of periodically sending out test phishing or vishing messages to employees to check their compliance and readiness to respond or not as appropriate. </p><p>Also, the FBI/CISA Cybersecurity Advisory issued jointly last week includes a number of recommendations for end users to consider the following six tips in this environment:</p><ol><li>Verify that web links do not have misspellings or contain the wrong domain name.</li><li>Bookmark the correct corporate VPN URL and avoid alternative URLs simply because a caller who sounds legit suggests one.</li><li>Be suspicious of unsolicited phone calls, visits, or email messages from unknown individuals claiming to be from what appears to be a legitimate organization. Do not provide personal or enterprise information, including its structure or networks, unless you can be sure of the caller&rsquo;s authority to give them access. If you&rsquo;re unsure, verify the caller&rsquo;s information with the company itself.</li><li>If you receive a vishing call, document the phone number as well as the domain that the caller or contactor tried to send and relay this information to law enforcement ASAP.</li><li>Limit the amount of personal information posted on social networking sites. How many times have you seen this warning?</li><li>Evaluate security and privacy settings to make sure that the choices in place remain appropriate.</li></ol><p>As always, the best advice is to be ever-vigilant about privacy and in-house data security issues. The bad guys are coming at it from all angles, and the best defense, in this case, is good planning and ongoing monitoring. For additional tips and suggestions on avoiding social engineering and phishing attacks, see this related article, “Avoiding Social Engineering and Phishing Attacks.”</p>"
  },
  "date": "2020-09-01T09:58:00-05:00",
  "featured": false,
  "headline": "Why “Vishing” is the Bad Word of the Week",
  "id": "1598954280",
  "imageFilename": "vishing-904x712",
  "slug":"why-vishing-is-the-bad-word-of-the-week",
  "sourceName": "No Jitter",
  "sourceArticleUrl": "",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “vishing” attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic.</p><p>“The COVID-19 pandemic has resulted in a mass shift to working from home, resulting in increased use of corporate virtual private networks (VPNs) and elimination of in-person verification,” the alert reads. “In mid-July 2020, cybercriminals started a vishing campaign—gaining access to employee tools at multiple companies with indiscriminate targeting — with the end goal of monetizing the access.”</p><p>As noted in Wednesday&rsquo;s story, the agencies said the phishing sites set up by the attackers tend to include hyphens, the target company&rsquo;s name, and certain words — such as “support,” “ticket,” and “employee.” The perpetrators focus on social engineering new hires at the targeted company, and impersonate staff at the target company&rsquo;s IT helpdesk.</p><p>The joint FBI/CISA alert (PDF) says the vishing gang also compiles dossiers on employees at the specific companies using mass scraping of public profiles on social media platforms, recruiter and marketing tools, publicly available background check services, and open-source research. From the alert:</p><blockquote><p>“Actors first began using unattributed Voice over Internet Protocol (VoIP) numbers to call targeted employees on their personal cellphones, and later began incorporating spoofed numbers of other offices and employees in the victim company. The actors used social engineering techniques and, in some cases, posed as members of the victim company&rsquo;s IT help desk, using their knowledge of the employee&rsquo;s personally identifiable information—including name, position, duration at company, and home address—to gain the trust of the targeted employee.”</p><p>“The actors then convinced the targeted employee that a new VPN link would be sent and required their login, including any 2FA [2-factor authentication] or OTP [one-time passwords]. The actor logged the information provided by the employee and used it in real-time to gain access to corporate tools using the employee&rsquo;s account.”</p></blockquote><p>The alert notes that in some cases the unsuspecting employees approved the 2FA or OTP prompt, either accidentally or believing it was the result of the earlier access granted to the help desk impersonator. In other cases, the attackers were able to intercept the one-time codes by targeting the employee with SIM swapping, which involves social engineering people at mobile phone companies into giving them control of the target&rsquo;s phone number.</p><p>The agencies said crooks use the vished VPN credentials to mine the victim company databases for their customers&rsquo; personal information to leverage in other attacks.</p><p>“The actors then used the employee access to conduct further research on victims, and/or to fraudulently obtain funds using varying methods dependent on the platform being accessed,” the alert reads. “The monetizing method varied depending on the company but was highly aggressive with a tight timeline between the initial breach and the disruptive cashout scheme.”</p><p>The advisory includes a number of suggestions that companies can implement to help mitigate the threat from these vishing attacks, including:</p><p>• Restrict VPN connections to managed devices only, using mechanisms like hardware checks or installed certificates, so user input alone is not enough to access the corporate VPN.</p><p>• Restrict VPN access hours, where applicable, to mitigate access outside of allowed times.</p><p>• Employ domain monitoring to track the creation of, or changes to, corporate, brand-name domains.</p><p>• Actively scan and monitor web applications for unauthorized access, modification, and anomalous activities.</p><p>• Employ the principle of least privilege and implement software restriction policies or other controls; monitor authorized user accesses and usage.</p><p>• Consider using a formalized authentication process for employee-to-employee communications made over the public telephone network where a second factor is used to<br>authenticate the phone call before sensitive information can be discussed.</p><p>• Improve 2FA and OTP messaging to reduce confusion about employee authentication attempts.</p><p>• Verify web links do not have misspellings or contain the wrong domain.</p><p>• Bookmark the correct corporate VPN URL and do not visit alternative URLs on the sole basis of an inbound phone call.</p><p>• Be suspicious of unsolicited phone calls, visits, or email messages from unknown individuals claiming to be from a legitimate organization. Do not provide personal information or information about your organization, including its structure or networks, unless you are certain of a person&rsquo;s authority to have the information. If possible, try to verify the caller&rsquo;s identity directly with the company.</p><p>• If you receive a vishing call, document the phone number of the caller as well as the domain that the actor tried to send you to and relay this information to law enforcement.</p><p>• Limit the amount of personal information you post on social networking sites. The internet is a public resource; only post information you are comfortable with anyone seeing.</p><p>• Evaluate your settings: sites may change their options periodically, so review your security and privacy settings regularly to make sure that your choices are still appropriate.</p>"
  },
  "date": "2020-08-25T10:48:18-05:00",
  "featured": false,
  "headline": "FBI, CISA Echo Warnings on Vishing Threat",
  "id": "1598352498",
  "slug":"fbi-cisa-echo-warnings-on-vishing-threat",
  "sourceName": "Krebs on Security",
  "sourceArticleUrl": "https://krebsonsecurity.com/2020/08/fbi-cisa-echo-warnings-on-vishing-threat/",
  "tags": ["CISA", "Covid-19", "FBI", "Vishing"]
},
{
  "content": {
    "html": "<p>The COVID-19 epidemic has brought a wave of email phishing attacks that try to trick work-at-home employees into giving away credentials needed to remotely access their employers&rsquo; networks. But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees.</p><p>According to interviews with several sources, this hybrid phishing gang has a remarkably high success rate, and operates primarily through paid requests or “bounties,” where customers seeking access to specific companies or accounts can hire them to target employees working remotely at home.</p><p>And over the past six months, the criminals responsible have created dozens if not hundreds of phishing pages targeting some of the world&rsquo;s biggest corporations. For now at least, they appear to be focusing primarily on companies in the financial, telecommunications and social media industries.</p><p>“For a number of reasons, this kind of attack is really effective,” said Allison Nixon, chief research officer at New York-based cyber investigations firm Unit 221B. “Because of the Coronavirus, we have all these major corporations that previously had entire warehouses full of people who are now working remotely. As a result the attack surface has just exploded.”</p><h4>TARGET: NEW HIRES</h4><p>A typical engagement begins with a series of phone calls to employees working remotely at a targeted organization. The phishers will explain that they&rsquo;re calling from the employer&rsquo;s IT department to help troubleshoot issues with the company&rsquo;s virtual private networking (VPN) technology.</p><p>The goal is to convince the target either to divulge their credentials over the phone or to input them manually at a website set up by the attackers that mimics the organization&rsquo;s corporate email or VPN portal.</p><p>Zack Allen is director of threat intelligence for ZeroFOX, a Baltimore-based company that helps customers detect and respond to risks found on social media and other digital channels. Allen has been working with Nixon and several dozen other researchers from various security firms to monitor the activities of this prolific phishing gang in a bid to disrupt their operations.</p><p>Allen said the attackers tend to focus on phishing new hires at targeted companies, and will often pose as new employees themselves working in the company&rsquo;s IT division. To make that claim more believable, the phishers will create LinkedIn profiles and seek to connect those profiles with other employees from that same organization to support the illusion that the phony profile actually belongs to someone inside the targeted firm.</p><p>“They&rsquo;ll say &lsquo;Hey, I&rsquo;m new to the company, but you can check me out on LinkedIn&rsquo; or Microsoft Teams or Slack, or whatever platform the company uses for internal communications,” Allen said. “There tends to be a lot of pretext in these conversations around the communications and work-from-home applications that companies are using. But eventually, they tell the employee they have to fix their VPN and can they please log into this website.”</p><h4>SPEAR VISHING</h4><p>The domains used for these pages often invoke the company&rsquo;s name, followed or preceded by hyphenated terms such as “vpn,” “ticket,” “employee,” or “portal.” The phishing sites also may include working links to the organization&rsquo;s other internal online resources to make the scheme seem more believable if a target starts hovering over links on the page.</p><p>Allen said a typical voice phishing or “vishing” attack by this group involves at least two perpetrators: One who is social engineering the target over the phone, and another co-conspirator who takes any credentials entered at the phishing page and quickly uses them to log in to the target company&rsquo;s VPN platform in real-time.</p><p>Time is of the essence in these attacks because many companies that rely on VPNs for remote employee access also require employees to supply some type of multi-factor authentication in addition to a username and password — such as a one-time numeric code generated by a mobile app or text message. And in many cases, those codes are only good for a short duration — often measured in seconds or minutes.</p><p>But these vishers can easily sidestep that layer of protection, because their phishing pages simply request the one-time code as well.</p><p>Allen said it matters little to the attackers if the first few social engineering attempts fail. Most targeted employees are working from home or can be reached on a mobile device. If at first the attackers don&rsquo;t succeed, they simply try again with a different employee.</p><p>And with each passing attempt, the phishers can glean important details from employees about the target&rsquo;s operations, such as company-specific lingo used to describe its various online assets, or its corporate hierarchy.</p><p>Thus, each unsuccessful attempt actually teaches the fraudsters how to refine their social engineering approach with the next mark within the targeted organization, Nixon said.</p><p>“These guys are calling companies over and over, trying to learn how the corporation works from the inside,” she said.</p><h4>NOW YOU SEE IT, NOW YOU DON&rsquo;T</h4><p>All of the security researchers interviewed for this story said the phishing gang is pseudonymously registering their domains at just a handful of domain registrars that accept bitcoin, and that the crooks typically create just one domain per registrar account.</p><p>“They&rsquo;ll do this because that way if one domain gets burned or taken down, they won&rsquo;t lose the rest of their domains,” Allen said.</p><p>More importantly, the attackers are careful to do nothing with the phishing domain until they are ready to initiate a vishing call to a potential victim. And when the attack or call is complete, they disable the website tied to the domain.</p><p>This is key because many domain registrars will only respond to external requests to take down a phishing website if the site is live at the time of the abuse complaint. This requirement can stymie efforts by companies like ZeroFOX that focus on identifying newly-registered phishing domains <em>before</em> they can be used for fraud.</p><p>“They&rsquo;ll only boot up the website and have it respond at the time of the attack,” Allen said. “And it&rsquo;s super frustrating because if you file an abuse ticket with the registrar and say, &lsquo;Please take this domain away because we&rsquo;re 100 percent confident this site is going to be used for badness,&rsquo; they won&rsquo;t do that if they don&rsquo;t see an active attack going on. They&rsquo;ll respond that according to their policies, the domain has to be a live phishing site for them to take it down. And these bad actors know that, and they&rsquo;re exploiting that policy very effectively.”</p><h4>SCHOOL OF HACKS</h4><p>Both Nixon and Allen said the object of these phishing attacks seems to be to gain access to as many internal company tools as possible, and to use those tools to seize control over digital assets that can quickly be turned into cash. Primarily, that includes any social media and email accounts, as well as associated financial instruments such as bank accounts and any cryptocurrencies.</p><p>Nixon said she and others in her research group believe the people behind these sophisticated vishing campaigns hail from a community of young men who have spent years learning how to social engineer employees at mobile phone companies and social media firms into giving up access to internal company tools.</p><p>Traditionally, the goal of these attacks has been gaining control over highly-prized social media accounts, which can sometimes fetch thousands of dollars when resold in the cybercrime underground. But this activity gradually has evolved toward more direct and aggressive monetization of such access.</p><p>On July 15, a number of high-profile Twitter accounts were used to tweet out a bitcoin scam that earned more than $100,000 in a few hours. According to Twitter, that attack succeeded because the perpetrators were able to social engineer several Twitter employees over the phone into giving away access to internal Twitter tools.</p><p>Nixon said it&rsquo;s not clear whether any of the people involved in the Twitter compromise are associated with this vishing gang, but she noted that the group showed no signs of slacking off after federal authorities charged several people with taking part in the Twitter hack.</p><p>“A lot of people just shut their brains off when they hear the latest big hack wasn&rsquo;t done by hackers in North Korea or Russia but instead some teenagers in the United States,” Nixon said. “When people hear it&rsquo;s just teenagers involved, they tend to discount it. But the kinds of people responsible for these voice phishing attacks have now been doing this for several years. And unfortunately, they&rsquo;ve gotten pretty advanced, and their operational security is much better now.”</p><h4>PROPER ADULT MONEY-LAUNDERING</h4><p>While it may seem amateurish or myopic for attackers who gain access to a Fortune 100 company&rsquo;s internal systems to focus mainly on stealing bitcoin and social media accounts, that access — once established — can be re-used and re-sold to others in a variety of ways.</p><p>“These guys do intrusion work for hire, and will accept money for any purpose,” Nixon said. “This stuff can very quickly branch out to other purposes for hacking.”</p><p>For example, Allen said he suspects that once inside of a target company&rsquo;s VPN, the attackers may try to add a new mobile device or phone number to the phished employee&rsquo;s account as a way to generate additional one-time codes for future access by the phishers themselves or anyone else willing to pay for that access.</p><p>Nixon and Allen said the activities of this vishing gang have drawn the attention of U.S. federal authorities, who are growing concerned over indications that those responsible are starting to expand their operations to include criminal organizations overseas...</p>"
  },
  "date": "2020-08-20T10:58:00-05:00",
  "featured": false,
  "headline": "Voice Phishers Targeting Corporate VPNs",
  "id": "1597921080",
  "imageFilename": "voice-fishers-target-corporate-employees-904x712",
  "slug":"voice-phishers-targeting-corporate-vpns",
  "sourceName": "Krebs on Security",
  "sourceArticleUrl": "https://krebsonsecurity.com/2020/08/voice-phishers-targeting-corporate-vpns/",
  "tags": ["Hackers", "Phishing", "Phone Scam", "Vishing", "Voice Security"]
},
{
  "content": {
    "html": "<p>WHEN LAW ENFORCEMENT arrested three alleged young hackers in the US and the UK last month, the story of the worst-known hack of Twitter&rsquo;s systems seemed to have drawn to a tidy close. But in fact, the technique that allowed hackers to take control of the accounts of Joe Biden, Jeff Bezos, Elon Musk, and dozens of others is still in use against a broad array of victims, in a series of attacks that began well before Twitter&rsquo;s blowup, and in recent weeks has escalated into a full-blown crime wave.</p><p>In mid-July, Twitter revealed that hackers had used a technique against it called “phone spear phishing,” allowing the attackers to target the accounts of 130 people including CEOs, celebrities, and politicians. The hackers successfully took control of 45 of those accounts and used them send tweets promoting a basic bitcoin scam. The hackers, Twitter wrote in a postmortem blog post about the incident, had called up Twitter staffers and, using false identities, tricked them into giving up credentials that gave the attackers access to an internal company tool that let them reset the passwords and two-factor authentication setups of targeted user accounts.</p><blockquote><p>“I&rsquo;ve never seen anything like this before.”</p></blockquote><p>ZACK ALLEN, ZEROFOX</p><p>But Twitter is hardly the only recent target of “phone spear phishing,” also sometimes known as “vishing,” for “voice phishing,” a form of social engineering. In just the past month since the Twitter hack unfolded, dozens of companies—including banks, cryptocurrency exchanges, and web hosting firms—have been targeted with the same hacking playbook, according to three investigators in a cybersecurity industry group that&rsquo;s been working with victims and law enforcement to track the attacks. As in the Twitter hack, employees of those targets have received phone calls from hackers posing as IT staff to trick them into giving up their passwords to internal tools. Then the attackers have sold that access to others who have typically used it to target high-net-worth users of the company&rsquo;s services—most often aiming to steal large amounts of cryptocurrency, but also sometimes targeting non-crypto accounts on traditional financial services.</p><p>“Simultaneous with the Twitter hack and in the days that followed, we saw this big increase in this type of phishing, fanning out and targeting a bunch of different industries,” says Allison Nixon, who serves as chief research officer at cybersecurity firm Unit 221b and assisted the FBI in its investigation into the Twitter hack. “I&rsquo;ve seen some unsettling stuff in the past couple of weeks, companies getting broken into that you wouldn&rsquo;t think are soft targets. And it&rsquo;s happening repeatedly, like the companies can&rsquo;t keep them out.”</p><h3>Branching Out</h3><p>As in the Twitter hack, the perpetrators don&rsquo;t appear to be state-sponsored hackers or foreign cybercrime organizations, but young, English-speaking hackers organizing on forums like the website OGUsers.com and the chat service Discord, says Zack Allen, the director of threat intelligence at security firm ZeroFox, who has also worked with the industry group tracking the incidents. He says he&rsquo;s been shocked by the level of research that the hackers have put into their social engineering, scraping LinkedIn and using other data-collection tools to map out company org charts, find new and inexperienced employees—some even starting their very first day on the job—and convincingly impersonating IT staff to trick them.</p><p>“I&rsquo;ve never seen anything like this before, nothing this targeted,” says Allen. He warns that the hackers&rsquo; tactics have been so effective, it may be only a matter of time until they&rsquo;re adopted by foreign ransomware groups or even state-sponsored hackers who simply contract out the phone calls to English-speaking phone phishers. “It&rsquo;s like what you&rsquo;d expect from a whole team of intelligence professionals building dossiers and executing attacks, but it all seems to be done by teenagers on Discord.”</p><p>A security staffer at one targeted organization who asked that WIRED not use his name or identify his employer described a more wholesale approach: At least three callers appeared to be working their way through the company directory, trying hundreds of employees over just a 24-hour period. The organization wasn&rsquo;t breached, the staffer said, thanks to a warning that the company had received from another target of the same hacking campaign and passed on to its staff prior to the hacking attempts. “They just keep trying. It&rsquo;s a numbers game,” he says. “If we hadn&rsquo;t had a day or two&rsquo;s notice, it could have been a different story.”</p><p>Phone-based phishing is hardly a new practice for hackers. But until recently, investigators like Allen and Nixon say, the attacks have focused on phone carriers, largely in service of so-called “SIM swap” attacks in which a hacker would convince a telecom employee to transfer a victim&rsquo;s phone service to a SIM card in their possession. They&rsquo;d use that phone number to intercept two-factor authentication codes, or as a starting point to reset the passwords to cryptocurrency exchange accounts.</p><p>The Twitter hack&rsquo;s use of those same phone-based social engineering methods shows how those phishers have expanded their target lists beyond telcos, says Unit 221b&rsquo;s Nixon. She posits that while this might be due to phone carriers hardening their defenses against SIM swaps, it&rsquo;s more likely spurred by companies becoming newly vulnerable during the Covid-19 pandemic. With so many firms hastily shifting to remote work, she says, phone-based social engineering has become far more powerful.</p><p>The same hackers who honed their skills against telecoms have found other industries that are less well prepared for their tricks, Nixon says. “All of a sudden you&rsquo;ve got these people that are highly trained, highly effective, efficient, and organized, suddenly hitting a bunch of soft targets,” she says. “And that&rsquo;s probably a big reason why there&rsquo;s such a problem right now.”</p><p>Despite the apparent youth of the hackers involved, Nixon says the ongoing attacks seem well coordinated, with multiple collaborators working together and hiring independent hackers offering specialized services from reconnaissance to voice acting. “Need someone that has experience with social engineering over call, great pay,” wrote one OGUser forum member in March named “biggas,” as captured in a collection of OGUser messages leaked on Telegram in April. “Looking for a social engineering god that is from USA and has a clear &amp; normal adult voice. No little kids,” the same user wrote back in November.</p><h3>Gone Vishing</h3><p>In their social engineering calls with victims—including in one recorded call reviewed by WIRED—the hackers typically use a VoIP service that allows them to spoof their phone number. They attempt to establish trust with the victim by referencing seemingly private data such as the victim&rsquo;s role at the company, their start date, or the names of their coworkers. In some cases, they&rsquo;ll even ask the victim to confirm that they&rsquo;re a “real” IT person, suggesting they look up their spoofed identity in the company&rsquo;s directory or its collaboration software. When the victim seems convinced, they ask them to navigate to a fake login page address—usually for a single sign-on portal like Duo or Okta—and enter their credentials.</p><p>Another member of the hacking group immediately obtains those details and enters them into the real login page. The real login page then prompts the victim to enter their two-factor authentication code. When the user is fooled into typing that code into the fake site, it&rsquo;s also relayed to the second hacker, who enters it into the real login page, allowing them to fully take over the account. The hackers&rsquo; phishing site that allows that spoofing, unlike the kind usually linked in a phishing email, is usually created only for that specific phone call and is taken down immediately after the hackers steal the victim&rsquo;s credentials. The vanishing website and the lack of email evidence makes this sort of phone-based engineering often harder to detect than traditional phishing.</p>"
  },
  "date": "2020-08-18T11:41:00-05:00",
  "featured": false,
  "headline": "Sophisticated Phone Spear Phishing Attacks are Targeting Top Companies",
  "id": "1597750860",
  "slug":"sophisticated-phone-spear-phishing-attacks-are-targeting-top-companies",
  "sourceName": "Wired",
  "sourceArticleUrl": "https://www.wired.com/story/phone-spear-phishing-twitter-crime-wave/",
  "tags": ["Phishing", "Spear Phishing", "Vishing"]
},
{
  "content": {
    "html": "<p>Researchers say that most campaigns take place in short-burst storms and that answering a robocall doesn&rsquo;t mean you&rsquo;ll be targeted more often in the future.</p><p>In an award-winning paper presented at the USENIX security conference this week, a team of academics from North Carolina State University presented a list of findings from operating a massive telephony honeypot for 11 months for the sole purpose of tracking, identifying, and analyzing the robocalling phenomenon in the US.</p><p>NCSU researchers said they ran 66,606 telephone lines between March 2019 and January 2020, during which time they said to have received 1,481,201 unsolicited calls -- even if they never made their phone numbers public via any source.</p><p>The research team said they usually received an unsolicited call every 8.42 days, but most of the robocall traffic came in sudden surges they called “storms” that happened at regular intervals, suggesting that robocallers operated using a tactic of short-burst and well-organized campaigns.</p><p>In total, the NCSU team said it tracked 650 storms over 11 months, with most storms being of the same size.</p><figure><img src=“https://zdnet2.cbsistatic.com/hub/i/r/2020/08/14/4b0d5663-6ab6-47bf-9e69-8988da52c538/resize/1200xauto/9a70c7a21f07043d7dab4c781563c3da/ncsu-storm.png” alt=“ncsu-storm.png”/><figcaption>Image: Prasad et al.</figcaption></figure><p>But the research team also said that not all calls during a storm were from the robocallers themselves and that a large chunk of calls also came from real persons.</p><p>Researchers believe this happened because, at the time of the storm, the robocalling operation had been using a technique known as “caller ID spoofing” to hide their real phone numbers and pass as real persons.</p><p>If victims of the robocalling campaign missed the call and called back the spoofed number, they&rsquo;d eventually end up calling the research team&rsquo;s honeypot telephone numbers.</p><p>Ironically, researchers also caught a storm outside of their honeypot network.</p><blockquote><p>“Interestingly, a colleague in our lab was a victim of a storm event. He was overwhelmed with calls from hundreds of strangers complaining that they had received a call from him! Needless to say, he was unable to use his phone for a few days until the calls died down.”</p></blockquote><p>But the NCSU team also recorded a 10% sample (~150,000) of the robocalls they received, which they later analyzed using audio processing tools to determine the source and content of the robocall itself.</p><p>Academics said they detected 2,687 unique robocalling campaigns, with the largest ones promoting student loans, health insurance, Google search promotion services, and Social Security scams.</p><figure><img src=“https://zdnet1.cbsistatic.com/hub/i/2020/08/14/f960ee78-8964-43f1-bcd6-d5854fcf33a7/ncsu-campaigns.png” alt=“ncsu-campaigns.png”/><figcaption>Image: Prasad et al.</figcaption></figure><p>However, the research team&rsquo;s biggest finding was that after answering 1.5 million robocalls across 66,000 phone numbers, researchers said they didn&rsquo;t see a spike in subsequent robocalls.</p><p>“News reports and regulatory agencies recommend phone users to avoid answering calls from unknown numbers to reduce the number of robocalls,” researchers said.</p><p>“Surprisingly, we found that answering phone calls does not necessarily increase the number of robocalls you would receive. Phone users should be cautious when you get a call from an unknown number. However, occasionally answering an unsolicited phone call does not mean you will receive more robocalls.”</p><p></p>"
  },
  "date": "2020-08-14T11:24:00-05:00",
  "featured": false,
  "headline": "Telephony honeypot receives 1.5 million robocalls in less than a year",
  "id": "1597404240",
  "imageFilename": "telephony-honeypot-904x712",
  "slug":"telephony-honeypot-receives-1-5-million-robocalls-in-less-than-a-year",
  "sourceName": "ZDNet",
  "sourceArticleUrl": "https://www.zdnet.com/article/a-simple-telephony-honeypot-received-1-5-million-robocalls-across-11-months/",
  "tags": ["Honeypot", "Robocalls"]
},
{
  "content": {
    "html": "<p>Criminals use so-called Russian, encrypted, or white SIMs to change their phone number, add voice manipulation to their calls, and try to stay ahead of law enforcement.</p><p>The unsolicited call came from France. Or at least that&rsquo;s what my phone said. When I picked up, a man asked if I worked with the National Crime Agency, the UK&rsquo;s version of the FBI. When I explained, no, as a journalist I don&rsquo;t give information to the police, he said why he had contacted me.</p><p>“There are these special SIM cards out there,” he said, referring to the small piece of hardware that slips inside a cell phone. “I&rsquo;m actually ringing from one now,” he added, before later explaining he runs an underground site that sells these cards.</p><p>This SIM card, the caller said, allowed him to spoof any phone number he wanted. Want to look like you&rsquo;re calling from a bank in order to scam a target? Easy. Want to change it to a random series of digits so that the recipient&rsquo;s phone won&rsquo;t record your real number? That just takes a few seconds to set up, according to tutorials of how to use the cards available online.</p><p>Russian SIMs. Encrypted SIMs. White SIMs. These cards go by different names in the criminal underground, and vary widely in quality and features. But all are generally designed to give the user some sort of security or privacy benefit, even if what that particular SIM does is more theatre than substance. Beyond spoofing phone numbers, some SIMs let a caller manipulate their voice in real-time, adding a baritone or shrill cloak to their phone calls that is often unintentionally funny. Other cards have the more worthwhile benefit of being worldwide, unlimited data SIMs that criminals source anonymously from suppliers without having to give up identifying information and by paying in Bitcoin.</p><p>The SIM cards themselves aren&rsquo;t inherently illegal, but criminals certainly make a noticeable chunk of the companies&rsquo; customer bases. The NCA told Motherboard it has seized so-called Russian SIMs from suspects during investigations. The existence of this bustling industry highlights how crime figures continue to try and leverage different technologies, and comes as government agencies successfully crack down on other parts of criminal technical infrastructure.ADVERTISEMENT</p><p>“They are the most popular SIMs in crime,” a source close to the criminal world told Motherboard, referring to the anonymously sourced data SIMs. Motherboard granted multiple sources in this story anonymity to protect them from retaliation or to speak more candidly about industry practices.</p><hr /><p>Criminals often make use of so-called encrypted phones, customized devices that in some cases have the microphone, GPS, and camera functionality removed. Some of these companies also offer Russian or encrypted SIM cards, letting customers buy not just a handset, but the data and roaming capability they would need to actually use the phone quickly, as well as some extra features from the SIM if they like. Companies or individuals don&rsquo;t always sell both the phone and the SIM, but the industries do overlap.</p><p>To test the process of obtaining such a SIM, Motherboard purchased a so-called white SIM, known for not having any branding or labelling, through a source close to the criminal world. After sending the supplier around $100 in Bitcoin, a package arrived the next day.</p><p>A list of countries where this particular SIM worked and shared with Motherboard included Colombia, the UK, Morocco, Mexico, the UAE, and the U.S.</p><p>After receiving the SIM card and putting it into an unlocked phone, a user has to change the Access Point Name or “APN” on the device. An APN is a collection of settings a phone uses to set up a connection between the carrier&rsquo;s cell network and the wider internet. Essentially, entering this tells a user&rsquo;s phone that they want to connect to a particular phone network, one that it may not ordinarily recognize.</p><p>n one video uploaded to YouTube in April, a SIM vendor demonstrated how to spoof phone numbers with their product. The vendor typed a series of digits on their phone, followed by an asterisk, and then the number they wanted to mimic and then the hash symbol. After a pause, a second phone displayed an incoming call from the spoofed number.</p><p>In another video, a second vendor, this time wearing what appears to be black rubber gloves, demonstrated how to do the same with their own SIM.</p><p>“Contacting Server,” the message on a Nokia handset read. Moments later, they received a call from 07777 777777; an obviously spoofed number.</p><p>A SCREENSHOT FROM A YOUTUBE VIDEO DEMONSTRATING NUMBER SPOOFING ON A SO-CALLED RUSSIAN SIM. IMAGE: SCREENSHOT.</p><p>“Scammers use [it] to to call people so it shows [a] bank number or eBay,” one alleged vendor, who went by the handle Captain on the messaging app Telegram, told Motherboard. “They get sold worldwide. Spain. Morocco. Europe shit loads,” they added.</p><p>“You can actually pick any number that you want,” the person who said they phoned me from one of the SIMs said. “I could change it every call and keep running from a different number every time,” they added, making blocking a caller difficult.</p><p>Though some of these SIMs are sold clandestinely, through messaging apps and via people in-the-know, public facing companies also sell these cards.</p><p>“After the call has ended, your interlocutor is left with the randomly generated number in his/her call log,” the website for Secure SIMs, one company selling the cards, reads. And some sellers advertise their SIM cards on more clearly crime-focused marketplaces. The underground site Motherboard accessed sold so-called “fullz,” which are pieces of credit card data, as well as access to hacked PayPal and bank accounts alongside SIM cards.</p><p>Other videos online show similar SIM cards and their voice changing feature. In one, a seller briefly shows some of the options available, such as “Man,” “Woman,” “Child,” and “Cartoon.”</p><p>Karsten Nohl, a security researcher from SRLabs focused on telecommunications security, told Motherboard in an email that operators of the SIM cards likely run their own Mobile Virtual Network Operator (MVNO), which is essentially a telecom company piggy backing off of the infrastructure of a more established network. Many MVNOs exist, including Google&rsquo;s Fi, which runs on top of T-Mobile&rsquo;s infrastructure.</p><p>In order to obtain SIMs and data to sell, smaller companies can go to different carriers around the world and buy the data in bulk, according to a source who currently works in the secure communications industry.</p><p>“Then you start selling these SIM cards as pooled data,” the source said. To enter relationships with telecos in the United States or Canada, companies will likely need to create an MVNO, but may not need to in some other countries, the source said.</p><p>Dominic Gingras, CEO and founder of privacy-focused phone company Secure Group, told Motherboard in a phone call this may not be necessary, and said some companies could sign a deal with providers and gain access to APIs that would allow the number changing because they can be used for legitimate purposes.</p><p>Captain said the SIMs work by first connecting to a private server, which then makes the call itself on the user&rsquo;s behalf. They said the server is run by a Russian company—hence the street term Russian SIMs, as many users appear to think their calls are being routed through the country—but did not provide any evidence to corroborate the actual location of the server. At least some of the numbers associated with similar SIM cards come from Estonia, the source who currently works in the secure phone industry said. The person who owned the underground website selling SIM cards said the calls are instead going through “poor countries” where people can cheaply buy access to the phone network.</p>"
  },
  "date": "2020-08-12T11:33:00-05:00",
  "featured": false,
  "headline": "The Secret SIMs Used By Criminals to Spoof Any Number",
  "id": "1597231980",
  "imageFilename": "sim-card-904x712",
  "slug":"the-secret-sims-used-by-criminals-to-spoof-any-number",
  "sourceName": "Vice",
  "sourceArticleUrl": "https://www.vice.com/en_us/article/n7w9pw/russian-sims-encrypted",
  "tags": ["Caller-ID Spoofing", "Sim Swapping"]
},
{
  "content": {
    "html": "<p>IRVINE, Calif., Aug. 6, 2020 /PRNewswire/ -- Americans received just over 3.6 billion robocalls in July, an approximately 9% increase from June. In July, robocalls averaged just over 117.1 million calls per day, or roughly 1,356 calls per second. The good news is that the July robocall volume is still 36% below the all-time monthly peak of 5.7 billion calls in October 2019. The bad news is that we are now 27% above the April trough of roughly 2.8 billion robocalls.</p><p>These latest monthly figures come from YouMail, a totally free robocall blocking app and call protection service for mobile phones.</p><p>“Robocalls continue to grow as countries around the world open up again, which is not unexpected,” said YouMail CEO Alex Quilici. “While we don&rsquo;t anticipate robocalls going back to peak levels, we fully expect the rising monthly trend to continue for some time.”</p><h3>July&rsquo;s Increase Driven by Scams and Telemarketing</h3><p>In July, Scam robocalls increased by 12%, to roughly 1.7 billion calls, and we saw a substantial 22% increase in Telemarketing calls to nearly 500 million calls. This trend was driven by call centers continuing to open, where there are now people to handle return calls or “press 1” when called.</p><figure><table><tbody><tr><td>Type ofRobocall</td><td>Estimated JulyRobocalls</td><td>Percentage July Robocalls</td></tr><tr><td>Scams</td><td>1.7 billion (+12%)</td><td>46% (+1%)</td></tr><tr><td>Alerts and Reminders</td><td>.90 billion (+1%)</td><td>25% (-1%)</td></tr><tr><td>Payment Reminders</td><td>.56 billion (flat)</td><td>16% (-1%)</td></tr><tr><td>Telemarketing</td><td>.49 billion (+22%)</td><td>13% (+1%)</td></tr></tbody></table></figure><h3>Top Illegal Robocalls in July 2020</h3><p>In July, Car Warranty Scam calls became the most frequently made robocalls for the first time, finally surpassing Health-Related Scams. This is likely due to the main health insurance campaigns having been fined by the FCC and the traffic being shut down by various wholesale carriers.</p><figure><table><tbody><tr><td>Rank</td><td>Type of Scam</td><td>Estimated July Robocalls</td><td>Summary of Scam</td></tr><tr><td>1</td><td>Warranty Scams</td><td>208.4 million</td><td>Scam payments/illegal solicitations</td></tr><tr><td>2</td><td>Health-Related Scams</td><td>192.6 million</td><td>Identity theft/scam payments/illegal solicitations</td></tr></tbody></table></figure><h3>“Winners” in July 2020</h3><p>The cities, area codes and states with the highest volumes of robocalls in July were identical to last month, albeit all at higher volumes.</p><figure><table><tbody><tr><td>City with the Most Robocalls:</td><td>Atlanta, GA (143 million, +6%)</td></tr><tr><td>City with the Most Robocalls/Person:</td><td>Baton Rouge (32.9/person, +12%)</td></tr><tr><td>Area Code with the Most Robocalls:</td><td>404 in Atlanta, GA (62.7 million, +11%)</td></tr><tr><td>Area Code with the Most Robocalls/Person:</td><td>404 in Atlanta, GA (51.3/person, +11%)</td></tr><tr><td>State with the Most Robocalls:</td><td>Texas (412.5 million, +7%)</td></tr><tr><td>State with the Most Robocalls/Person:</td><td>Louisiana (21.4, +11%)</td></tr></tbody></table></figure>"
  },
  "date": "2020-08-06T11:08:00-05:00",
  "featured": false,
  "headline": "3.6 Billion Robocalls in July Mark 9% Monthly Increase",
  "id": "1596712080",
  "imageFilename": "robocalls-increase-july-2020-904x712",
  "slug":"3-6-billion-robocalls-in-july-mark-9-monthly-increase",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/over-3-6-billion-robocalls-in-july-mark-9-monthly-increase-says-youmail-robocall-index-301107799.html",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>Health care institutions have reported a rise in the number of robocalls and I.D.-spoofed calls during the COVID-19 pandemic.</p><p>The number of robocalls has drastically increased since January, according to Dave Summit, chair of the Hospital Robocall Protection Group. Speaking at the group&rsquo;s inaugural meeting on Monday, Summit said many of these calls abuse topics surrounding the pandemic with the intent to gain access to information.</p><p>HRPG is a federal advisory committee dedicated to combatting robocalls to hospitals, required by the Telephone Robocall Abuse Criminal Enforcement and Deterrence Act, which gave the FCC additional tools and flexibility to combat malicious spoofing and scam robocalls.</p><p>The agency tasked the group with developing best practices on preventing unlawful robocalls to hospitals, protecting hospitals from these calls. The group will decide what federal and state governments can do to help over the next 180 days.</p><p>“Robocalls pose significant risks to medical professionals and facilities that rely on voice services to do their job and address the ongoing health crisis,” said Federal Communication Commission Chairman Ajit Pai.</p><p>Summit described the many ways in which robocalls are affecting health care institutions. Some calls are spoofed to confuse health care workers, appearing like they come from legitimate extensions within the workers&rsquo; own institutions. Other calls are placed to individuals across the country, using the hospital&rsquo;s name as the caller I.D.</p><p>SecureLogix CTO Mark Collier offered a solution for preventing malicious calls, suggesting the utilization of technology that monitors traffic for various types of voice attacks, including robocalls and spoofing.</p><p>SecureLogix offers a technology facilitating a call firewall that sits at the edge of hospital networks, in order to block calls that would affect the administrative portions of the networks.</p>"
  },
  "date": "2020-07-28T13:01:00-05:00",
  "featured": false,
  "headline": "Robocall Protection Group Tasked With Preventing Unlawful Robocalls to Hospitals",
  "id": "1595941260",
  "imageFilename": "hospitals-targeted-with-robocalls-904x712",
  "slug":"hospital-robocall-protection-group-tasked-with-preventing-unlawful-robocalls-to-hospitals",
  "sourceName": "Broadband Breakfast",
  "sourceArticleUrl": "http://broadbandbreakfast.com/2020/07/hospital-robocall-protection-group-undertakes-responsibilities-in-inaugural-meeting/",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>One of the stranger applications of deepfakes — AI technology used to manipulate audiovisual content — is the audio deepfake scam. Hackers use machine learning to clone someone&rsquo;s voice and then combine that voice clone with social engineering techniques to convince people to move money where it shouldn&rsquo;t be. Such scams have been successful in the past, but how good are the voice clones being used in these attacks? We&rsquo;ve never actually heard the audio from a deepfake scam — until now.</p><p>Security consulting firm NISOS has released a report analyzing one such attempted fraud, and shared the audio with <em>Motherboard</em>. The clip below is part of a voicemail sent to an employee at an unnamed tech firm, in which a voice that sounds like the company&rsquo;s CEO asks the employee for “immediate assistance to finalize an urgent business deal.”</p><figure><iframe width=“100%” height=“400” src=“https://w.soundcloud.com/player/?visual=true&amp;url=https%3A%2F%2Fapi.soundcloud.com%2Ftracks%2F863098048&amp;show_artwork=true&amp;=&amp;color=%2523ff5500&amp;auto_play=false&amp;hide_related=false&amp;show_comments=true&amp;show_user=true&amp;show_reposts=false&amp;show_teaser=true”></iframe></figure><p>The quality is certainly not great. Even under the cover of a bad phone signal, the voice is a little robotic. But it&rsquo;s passable. And if you were a junior employee, worried after receiving a supposedly urgent message from your boss, you might not be thinking too hard about audio quality. “It definitely sounds human. They checked that box as far as: does it sound more robotic or more human? I would say more human,” Rob Volkert, a researcher at NISOS, told <em>Motherboard</em>. “But it doesn&rsquo;t sound like the CEO enough.”<q>THE TARGET “IMMEDIATELY THOUGHT IT SUSPICIOUS”</q></p><p>The attack was ultimately unsuccessful, as the employee who received the voicemail “immediately thought it suspicious” and flagged it to the firm&rsquo;s legal department. But such attacks will be more common as deepfake tools become increasingly accessible.</p><p>All you need to create a voice clone is access to lots of recordings of your target. The more data you have and the better quality the audio, the better the resulting voice clone will be. And for many executives at large firms, such recordings can be easily collected from earnings calls, interviews, and speeches. With enough time and data, the highest-quality audio deepfakes are much more convincing than the example above.</p><p>The best known and first reported example of an audio deepfake scam took place in 2019, where the chief executive of a UK energy firm was tricked into sending €220,000 ($240,000) to a Hungarian supplier after receiving a phone call supposedly from the CEO of his company&rsquo;s parent firm in Germany. The executive was told that the transfer was urgent and the funds had to be sent within the hour. He did so. The attackers were never caught.</p><p>Earlier this year, the FTC warned about the rise of such scams, but experts say there&rsquo;s one easy way to beat them. As Patrick Traynor of the Herbert Wertheim College of Engineering told <em>The Verge</em> in January, all you need to do is hang up the phone and call the person back. In many scams, including the one reported by NISOS, the attackers are using a burner VOIP account to contact their targets.</p>"
  },
  "date": "2020-07-27T10:14:51-05:00",
  "featured": false,
  "headline": "This is what a Deepfake Voice Clone Used in a Fraud Attempt Sounds Like",
  "id": "1595844891",
  "slug":"this-is-what-a-deepfake-voice-clone-used-in-a-fraud-attempt-sounds-like",
  "sourceName": "The Verge",
  "sourceArticleUrl": "https://www.theverge.com/2020/7/27/21339898/deepfake-audio-voice-clone-scam-attempt-nisos",
  "tags": ["Deepfake", "Fraud Prevention", "Hackers", "Phone Scam"]
},
{
  "content": {
    "html": "<p>“Bad-actor” phone companies that profit from robocalls could be blocked by more legitimate carriers under rules approved unanimously yesterday by the Federal Communications Commission.</p><p>Under the change, the FCC said carriers can block calls “from bad-actor upstream voice service providers that pass illegal or unwanted calls along to other providers, when those upstream providers have been notified but fail to take action to stop these calls.” Carriers that impose this type of blocking will get a safe harbor from liability “for the unintended or inadvertent blocking of wanted calls, thus eliminating a concern that kept some companies from implementing robust robocall blocking efforts.”</p><p>This expanded level of blocking—spurred by a new law in which Congress directed the FCC to expand safe harbors—could be implemented by companies that sell phone service directly to consumers. That includes mobile carriers Verizon, AT&amp;T, and T-Mobile, traditional landline companies, and VoIP providers.</p><p>Carriers won&rsquo;t be able to block calls from just any provider. As Chairman Ajit Pai explained, the safe harbor will be available in cases when the “bad-actor” telecom has been notified by the FCC that it is carrying illegal traffic and “fails either to effectively mitigate such traffic or to implement effective measures to prevent customers from using its network to originate illegal calls.”</p><p>Allowing carriers to block virtually all calls from a particular provider is a significant change in policy, the FCC said in a draft of yesterday&rsquo;s order:</p><blockquote><p>Until very recently, we have only authorized call blocking for particular calls, not based on the provider. In April of this year, the Commission&rsquo;s Enforcement Bureau and the FTC jointly issued letters making clear that, in some instances, provider-based blocking is appropriate. Today, we clarify that voice service providers are permitted to block calls from “bad-actor” upstream voice service providers... The safe harbor thus provides protection to a voice service provider that blocks all calls from a bad-actor voice service provider.</p></blockquote><p>Accused phone providers would be given 48 hours to “take effective mitigation measures” before other carriers can block their call traffic. The FCC identifies these bad-actor providers using traceback technology, in collaboration with the telecom industry. The new rules are scheduled to take effect 30 days after the FCC order is published in the Federal Register.</p><p>Despite the safe harbor, carriers will still have to “make all reasonable efforts to avoid blocking emergency public safety calls,” the FCC said.</p><h2>FCC threats have been effective</h2><p>Yesterday&rsquo;s vote follows other US government efforts to cut robocalls off closer to the source. The FCC sent letters in April and May to six gateway phone companies, telling them to cut off scam robocalls or have all their calls blocked by other phone providers. “Within 48 hours of receiving the letters, each of the gateway providers confirmed they had terminated the robocall traffic,” the FCC said in the draft of yesterday&rsquo;s order. The Department of Justice also sued two small companies that allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.</p><h3>FURTHER READING</h3><p>FCC requires anti-robocall tech after “voluntary” plan didn&rsquo;t work out [Updated]</p><p>The new safe harbor is one of several measures adopted in yesterday&rsquo;s FCC order. Another new safe harbor “protects phone companies that use reasonable analytics, including caller ID authentication information, to identify and block illegal or unwanted calls.” The FCC also laid the groundwork for future rulings by voting to seek public comment “on whether to obligate phone companies to better police their networks against illegal calls, and whether to require them to provide information about blocked calls to consumers for free.”</p>"
  },
  "date": "2020-07-17T10:54:18-05:00",
  "featured": false,
  "headline": "FCC: Phone Carriers that Profit from Robocalls Could Have All Calls Blocked",
  "id": "1594983258",
  "imageFilename": "blocking-carriers-who-profit-from-robocalls-904x712",
  "slug":"fcc-phone-carriers-that-profit-from-robocalls-could-have-all-calls-blocked",
  "sourceName": "ars Technica",
  "sourceArticleUrl": "https://arstechnica.com/tech-policy/2020/07/fcc-phone-carriers-that-profit-from-robocalls-could-have-all-calls-blocked/",
  "tags": ["Department of Justice", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>GAINESVILLE, Fla. (WCJB) - As a result of a cyber attack, residents won&rsquo;t be able to reach the Levy County Sheriff&rsquo;s Office non-emergency line for an indefinite amount of time. We&rsquo;ll show you how the attack escalated.</p><p>TV20&rsquo;s Landon Harrar reported, “basically how a denial of service cyber attack works is a number calls the sheriff&rsquo;s office every tenth of a second which immediately jams up all the lines. This means nobody calling in can get through because all the lines are full and also means nobody inside the sheriff&rsquo;s office can call out even to deputies working in the field.”</p><p>The attack initially started Thursday around noon and even forced a night time deputy to relay messages back and forth from those in the field by cell phone. Sheriff Bobby McCallum said, “the deputies if they had to call in they would call his cell phone so they could communicate and we could keep the one line that we had for dispatch to call out on open.”</p><p>It was thought the issue was resolved around 1 am Friday morning but once they announced the lines were open again around 10 am the attack resumed and this time with a voice on the other end of the phone. Sheriff Mccallum explained, “they identified themselves as a group and that they have 3 million lines to tie up and take over our phone system and then they made a ransom demand for millions of dollars.”</p><p></p>"
  },
  "date": "2020-07-17T10:21:00-05:00",
  "featured": false,
  "headline": "Florida Sheriff’s Office Phone Lines Held for Ransom",
  "id": "1594981260",
  "imageFilename": "tdos-attack-904x712",
  "slug":"florida-sheriffs-office-phone-lines-held-for-ransom",
  "sourceName": "ABC News",
  "sourceArticleUrl": "",
  "tags": ["TDoS"]
},
{
  "content": {
    "html": "<p>It just got a little bit easier for your phone service to block those irritating robocalls. But it may also end up inadvertently blocking some calls you were expecting.</p><p>The Federal Communications Commission approved new rules Thursday that would encourage phone companies to block robocalls before they reach consumers, strengthening a long-term fight against automated annoyances.</p><p>When these rules come into play, 30 days after they&rsquo;re published on the Federal Register, major phone companies that provide services directly to consumers will be able to block potential robocalls without being liable for unintentionally blocking wanted calls, thanks to two specific “safe harbors” set out by the FCC. Though the official release doesn&rsquo;t name them specifically, that would likely pertain to major phone companies such as AT&amp;T, Verizon, and T-Mobile.</p><p>The FCC&rsquo;s protections apply as long as the phone companies in question use “reasonable analytics” (such as Caller ID) to identify and block unwanted calls and block call traffic from bad-actor gateway providers that are prone to knowingly pass unwanted calls over to them. The agency highlighted that emergency calls should never be blocked.</p><p>“These safe harbors are meant to provide further assurance to phone companies and allow them to strengthen their efforts in the battle against illegal and unwanted robocalls,” the FCC statement read.</p><p>“Protecting American consumers from illegal and unwanted calls remains the FCC&rsquo;s top consumer protection priority,” it continued.</p><p>In 2019 Congress signed into law the TRACED Act, a bipartisan bill that extends the FCC&rsquo;s statute of limitations on robocall offenses, and requests a yearly FCC report on robocalls, among other requirements. Separately, earlier this year, the FCC sent letters to six bad-actor companies, directing them to cut off robocalls, while the Department of Justice sued two companies that were connecting robocalls from India to the U.S.</p>"
  },
  "date": "2020-07-17T09:52:00-05:00",
  "featured": false,
  "headline": "FCC Boosts Ability of Phone Companies to Block Robocalls",
  "id": "1594979520",
  "slug":"fcc-boosts-ability-of-phone-companies-to-block-robocalls",
  "sourceName": "Fast Company",
  "sourceArticleUrl": "https://www.fastcompany.com/90530847/were-about-to-run-out-of-new-movies-and-tv-shows-and-i-cant-wait",
  "tags": ["Department of Justice", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>Telephony denial of service (TDoS) is a type of cyberattack that can be used to disable telephony systems. Similar in concept to a typical data network DoS (denial of service), its purpose is to deny users access to a particular telephony service. In this article, we will discuss how TDoS attacks are conducted and what measures you and your telco can take to protect your systems.</p><p>What is a DoS attack?</p><p>The goal of a DoS attack is to make a system unavailable to its legitimate users by temporarily or permanently disrupting its services. This is typically done by overwhelming the system with a swarm of fake machine-generated requests for system resources, thus incapacitating the system from responding to the requests of legitimate users. In the case of a web server, for example, tens of thousands of fake HTTP requests can be sent to such a server, from hundreds or thousands of computers on the internet. This results in the web server&rsquo;s resources (memory, CPU cycles, network bandwidth) becoming too overwhelmed to respond to genuine requests for content, rendering the service unavailable to users.</p><p>To use a brick-and-mortar analogy, a DoS attack would be like a group of people who have no intention of purchasing anything crowding around the entry door of a shop, making it difficult or impossible for legitimate customers to enter, resulting in a disruption of trade.</p><p>What is a TDoS attack?</p><p>A TDoS attack is a DoS attack on a telephony system. Unlike attacks on network servers, the primary resource targeted by TDoS schemes is the voice channels themselves. For example, an enterprise telephony network has a finite number of voice channels to the PSTN. If all of those channels are engaged, no additional calls can be routed, either in or out. TDoS attackers find ingenious ways of creating bogus calls that can quickly saturate PSTN connections.</p><p>TDoS attackers and their targets</p><p>TDoS targets can be either enterprise telephone systems, contact centers, or even the telcos themselves. 911 emergency services have also been targeted. There have been examples of attackers using TDoS to either advance a particular political agenda, or to exact revenge against a specific company or group of people. Sometimes TDoS is used as leverage for extortion, where attacks will continue unless a ransom is paid. There are also documented cases where a TDoS occurred unintentionally, as is the case in 1981 when the song 867-5309/Jenny was released and became a hit, prompting callers all over the U.S. to call the number asking for Jenny.</p><p>TDoS techniques</p><p>The most common way in which telephone systems are attacked involve the saturation of the voice channels of that system. For contact centers, enterprise networks, and emergency services, this can be done in various ways:</p><ul><li>Machine dialers – Also known as robo-dialers, these are machines connected to the PSTN that can generate multiple calls to particular numbers, saturating telephone lines. They can either take the form of an older stand-alone device connected directly to a phone line, or in the form of a program in a computer, which takes advantage of VoIP, making robo-dialers generally inexpensive and readily automated to perform their attacks.</li><li>Caller ID Spoofing – Using machine dialers, calls can be made simultaneously to thousands of telephone numbers, all with a fake or spoofed caller ID – specifically, the caller ID of the victim. These calls are immediately hung up when they are answered, or if the call is not answered after a certain amount of time. When these thousands of subscribers see the caller ID, some will attempt to call back, causing a temporary saturation of calls on the victim&rsquo;s telephone system.</li><li>Brute force – Attackers simply hire telemarketers or even just anyone, to make calls to a particular number at a specific time to intentionally overwhelm their systems.</li></ul><p><br>How VoIP and conventional telephone networks differ when it comes to TDoS</p><p>Both conventional and VoIP telephone networks are vulnerable to TDoS attacks. However, they are affected by them in different ways:</p><ul><li>Traditional telephony systems<ul><li>These are comprised of a fixed number of voice channels provided over either analog lines or ISDN PRI trunks. Once these are saturated, communication in and out of the system is essentially disabled.</li><li>Since there is no other type of network connectivity, traditional PBXs are not subject to other types of network attacks.</li></ul></li><li>VoIP telephony systems<ul><li>These use SIP trunks for their connection to the PSTN. Although configured with a specific number of voice paths, the number of these paths is not fixed and can be dynamically changed. This provides a greater level of protection, as described below.</li><li>Such systems are typically connected to an IP network and thus may be vulnerable to traditional DoS and other data network attacks, if insufficiently protected.</li></ul></li></ul><p><br>How to protect systems against TDoS</p><p>Regardless of what kind of system you have, the first line of defense is the telco. It is responsible for having systems in place that will detect TDoS attempts and protect your network from them. Establish an effective partnership with your telco and find out more about what kind of protection services it provides.</p><p>Telco protection features can include:</p><ul><li>The blocking of known malicious caller IDs.</li><li>Enabling algorithms on SIP trunks that can recognize TDoS events and dynamically block calls, while temporarily increasing the number of available voice paths, ensuring at least partial service for legitimate users during an attack.</li><li>Cooperation with authorities by disclosing caller IDs and call routing information within the telco&rsquo;s network to discover, halt, and prosecute TDoS attackers.</li></ul><p>Because no mitigation techniques can truly be 100% effective, some additional preparation tasks you should execute include:</p><ul><li>Ensure you have a backup means of communication with the PSTN for a limited number of internal telephone devices. This is good practice not only for TDoS mitigation, but also for redundancy and emergency services reachability in the event of other types of failures.</li><li>Train employees to recognize, record, and report suspicious caller IDs, such as those seen on calls that routinely hang up as soon as the call is made.</li><li>For VoIP systems, ensure that the appropriate network security measures are put into place, especially on the network edge, to protect against network attacks.</li></ul><p>Recommended actions to take during a TDoS attack include:</p><ul><li>Limit the number of internal phones that the attack is targeting, focusing on hunt groups, busy-no-answer forwarding, and voicemail termination.</li><li>Use social media and other channels to advertise an alternative number to call in the event that the main number is under attack.</li><li>Determine if the calls may be coming from a legitimate source whose systems have been compromised for use in the TDoS attack.</li><li>Remember that TDoS attacks are illegal and subject to prosecution with serious repercussions. Get the authorities involved as soon as possible.</li></ul><p><br>Conclusion</p><p>TDoS attacks can be a scary prospect, especially for enterprises whose primary source of income depends heavily on telephony service. Being prepared for such attacks can go a long way towards mitigating and resolving them, as well as finding the perpetrators.</p>"
  },
  "date": "2020-07-15T10:22:00-05:00",
  "featured": false,
  "headline": "How to protect against TDoS attacks",
  "id": "1594808520",
  "slug":"how-to-protect-against-tdos-attacks",
  "sourceName": "Telecom Reseller",
  "sourceArticleUrl": "https://telecomreseller.com/2020/07/15/how-to-protect-against-tdos-attacks/",
  "tags": ["TDoS"]
},
{
  "content": {
    "html": "<p>RVINE<em>, </em>Calif., July 8, 2020 /PRNewswire/ -- Americans received just over 3.3 billion robocalls in June, an 11% increase from May. In June, robocalls averaged just over 111.2 million calls per day, or roughly 1,297 calls per second. The good news is that the June robocall volume is still 41% below the all-time monthly peak of 5.7 billion calls in October 2019. Further, we have seen only 22.8 billion total robocalls at the midway point of 2020, equaling an annual pace of 45.6 billion which is slightly below what we saw in 2018.</p><p>These latest monthly figures come from YouMail, a totally free robocall blocking app and call protection service for mobile phones.</p><p>“As expected, starting to reopen economies in the US and elsewhere is leading to more robocalls,” said YouMail CEO Alex Quilici. “We&rsquo;re not out of the robocall woods yet.”</p><p>June Saw Increases in All Categories of Robocalls</p><p>In June, Scam robocalls increased by 17%, to roughly 1.5 billion calls. However, we also saw substantial increases in Payment Reminders, which were up 14%, and Telemarketing Calls, up 11%. This trend was driven by call centers starting to open, where there are now people to handle return calls or “press 1” when called.</p><figure><table><tbody><tr><td>Type ofRobocall</td><td>Estimated JuneRobocalls</td><td>Percentage June<br>Robocalls</td></tr><tr><td>Scams</td><td>1.5 billion (+17%)</td><td>45% (+2%)</td></tr><tr><td>Alerts and Reminders</td><td>.89 billion (+7%)</td><td>26% (-2%)</td></tr><tr><td>Payment Reminders</td><td>.56 billion (+14%)</td><td>17% (flat)</td></tr><tr><td>Telemarketing</td><td>.40 billion (+11%)</td><td>12% (flat)</td></tr></tbody></table></figure><p>Top Illegal Robocalls in June 2020</p><p>As in April and May, we are seeing the same two types of illegal calls exceeding 100 million calls for the month: Health-Related Scams and Car Warranty Scams.</p><figure><table><tbody><tr><td>Rank</td><td>Type of Scam</td><td>Estimated June<br>Robocalls</td><td>Summary of Scam</td></tr><tr><td>1</td><td>Health-Related Scams</td><td>223.1 million</td><td>Identity theft/scam payments/illegal solicitations</td></tr><tr><td>2</td><td>Warranty Scams</td><td>147.2 million</td><td>Scam payments</td></tr></tbody></table></figure><p>“Winners” in June 2020</p><p>The cities, area codes and states with the highest volumes of robocalls in June were mostly similar to past months, with a few changes. Baton Rouge replaced Washington DC as the city where people get the most robocalls per person. And South Carolina joined Louisiana as the states with the highest-per capital robocalls for their residents.</p><figure><table><tbody><tr><td>City with the Most Robocalls:</td><td>Atlanta, GA (135.5 million, +5%)</td></tr><tr><td>City with the Most Robocalls/Person:</td><td>Baton Rouge (29.5/person, +12%)</td></tr><tr><td>Area Code with the Most Robocalls:</td><td>404 in Atlanta, GA (56.7 million, +8%)</td></tr><tr><td>Area Code with the Most Robocalls/Person:</td><td>404 in Atlanta, GA (46.4/person, +8%)</td></tr><tr><td>State with the Most Robocalls:</td><td>Texas (386.4 million, +13%)</td></tr><tr><td>State with the Most Robocalls/Person:</td><td>Louisiana (19.2, +13%), South Carolina (19.2, +14%)</td></tr></tbody></table></figure>"
  },
  "date": "2020-07-08T10:38:00-05:00",
  "featured": false,
  "headline": "Over 3.3 Billion Robocalls in June Mark 11% Monthly Increase",
  "id": "1594204680",
  "imageFilename": "robocalls-rise-in-june-904x712",
  "slug":"over-3-3-billion-robocalls-in-june-mark-11-monthly-increase",
  "sourceName": "PRNewswire",
  "sourceArticleUrl": "https://www.prnewswire.com/news-releases/over-3-3-billion-robocalls-in-june-mark-11-monthly-increase-says-youmail-robocall-index-301089892.html",
  "tags": []
},
{
  "content": {
    "html": "<h3>SUMMARY</h3><p>Rapid advances in artificial intelligence (AI) are enabling novel forms of deception. AI algorithms can produce realistic “deepfake” videos, as well as authentic-looking fake photos and writing. Collectively called synthetic media, these tools have triggered widespread concern about their potential in spreading political disinformation. Yet the same technology can also facilitate financial harm. Recent months have seen the first publicly documented cases of deepfakes used for fraud and extortion.</p><p>Today the financial threat from synthetic media is low, so the key policy question is how much this threat will grow over time. Leading industry experts diverge widely in their assessments. Some believe firms and regulators should act now to head off serious risks. Others believe the threat will likely remain minor and the financial system should focus on more pressing technology challenges. A lack of data has stymied the discussion.</p><h5>Jon Bateman</h5><p>Jon Bateman is a fellow in the Cyber Policy Initiative of the Technology and International Affairs Program at the Carnegie Endowment for International Peace.@JONKBATEMAN</p><p>In the absence of hard data, a close analysis of potential scenarios can help to better gauge the problem. In this paper, ten scenarios illustrate how criminals and other bad actors could abuse synthetic media technology to inflict financial harm on a broad swath of targets. Based on today&rsquo;s synthetic media technology and the realities of financial crime, the scenarios explore whether and how synthetic media could alter the threat landscape.</p><p>The analysis yields multiple lessons for policymakers in the financial sector and beyond:</p><ul><li>Deepfakes and synthetic media do not pose a serious threat to the stability of the global financial system or national markets in mature, healthy economies. But they could cause varying degrees of harm to individually targeted people, businesses, and government regulators; emerging markets; and developed countries experiencing financial crises.</li><li>Technically savvy bad actors who favor tailored schemes are more likely to incorporate synthetic media, but many others will continue relying on older, simpler techniques. Synthetic media are highly realistic, scalable, and customizable. Yet they are also less proven and sometimes more complicated to produce than “cheapfakes”—traditional forms of deceptive media that do not use AI. A bad actor&rsquo;s choice between deepfakes and cheapfakes will depend on the actor&rsquo;s strategy and capabilities.</li><li>Financial threats from synthetic media appear more diverse than political threats but may in some ways be easier to combat. Some financial harm scenarios resemble classic political disinformation scenarios that seek to sway mass opinion. Other financial scenarios involve the direct targeting of private entities through point-to-point communication. On the other hand, more legal tools exist to fight financial crime, and societies are more likely to unite behind common standards of truth in the financial sphere than in the political arena.</li><li>These ten scenarios fall into two categories, each presenting different kinds of challenges and opportunities for policymakers. Six scenarios involve “broadcast” synthetic media, designed for mass consumption and disseminated widely via public channels. Four scenarios involve “narrowcast” synthetic media, tailored for small, specific audiences and delivered directly via private channels. The financial sector should help lead a much-needed public conversation about narrowcast threats.</li><li>Organizations facing public relations crises are especially vulnerable to synthetic media. Broadcast synthetic media will tend to be most powerful when they amplify pre-existing negative narratives or events. As part of planning for and managing crises of all kinds, organizations should consider the possibility of synthetic media attacks emerging to amplify the crises. Steps taken in advance could help mitigate the damage.</li><li>Three malicious techniques appear in multiple scenarios and should be prioritized in any response. <em>Deepfake voice phishing (vishing)</em> uses cloned voices to impersonate trusted individuals over the phone, exploiting victims&rsquo; professional or personal relationships. <em>Fabricated private remarks</em> are deepfake clips that falsely depict public figures making damaging comments behind the scenes, challenging victims to refute them. <em>Synthetic social botnets</em> are fake social media accounts made from AI-generated photographs and text, improving upon the stealth and effectiveness of today&rsquo;s social bots.</li><li>Effective policy responses will require a range of actions and actors. As in the political arena, no single stakeholder or solution can fully address synthetic media in the financial system. Successful efforts will involve changes in technology, organizational practices, and society at large. The financial sector should consider its role in the broader policymaking process around synthetic media.</li><li>Financial institutions and regulators should divide their policy efforts into three complementary tracks: internal action, such as organizational controls and training; industry-wide action, such as information sharing; and multistakeholder action with key outside entities, including tech platforms, AI researchers, journalists, civil society, and government bodies. Many notional responses could draw on existing measures for countering financial harm and disinformation.</li></ul><h3>INTRODUCTION</h3><p>The advent of deepfakes and other synthetic, AI-generated media has triggered widespread concern about their use in spreading disinformation (see box 1). Most attention so far has focused on how deepfakes could threaten political discourse. Carnegie, for example, has extensively researched how to protect elections against malicious deepfakes.<sup>1</sup> In contrast, there has been relatively little analysis of how deepfakes might impact the financial system.</p><p>Disinformation is hardly new to the financial world. Crimes of deceit, such as fraud, forgery, and market manipulation, are endemic challenges in every economy. Moreover, bad actors often incorporate new technologies into their schemes. It is therefore worth considering how novel deception tools like deepfakes could enable financial crimes or other forms of financial harm.</p><p>This paper merges two of Carnegie&rsquo;s research areas. The FinCyber project works to better protect the financial system against cyber threats and to strengthen its resilience. The Deepfakes project has sought to develop safeguards against malicious deepfakes and other AI-generated disinformation. Through both projects, Carnegie has engaged extensively with leading stakeholders from industry, government, and academia.</p><p>In February 2020, Carnegie convened a private roundtable to discuss deepfakes in the financial sector. More than thirty international experts from the financial sector, tech industry, and regulatory community participated. This paper is informed by their collective insights, though it does not attempt to reflect any consensus.</p><p>Experts disagree sharply about the magnitude of financial threats posed by deepfakes. There have been only a handful of documented cases to date, making future trends difficult to judge. Some in the financial industry rank deepfakes as a top-tier technology challenge, predicting that they will corrode trust across the financial system and require significant policy changes. Others believe that deepfakes have been overhyped and that existing systems of trust and authentication can readily adapt to this new technology.</p>"
  },
  "date": "2020-07-08T10:14:59-05:00",
  "featured": false,
  "headline": "Deepfakes and Synthetic Media in the Financial System: Assessing Threat Scenarios",
  "id": "1594203299",
  "imageFilename": "deepfakes-in-the-financial-system-904x712",
  "slug":"deepfakes-and-synthetic-media-in-the-financial-system-assessing-threat-scenarios",
  "sourceName": "Carnegie Endowment",
  "sourceArticleUrl": "https://carnegieendowment.org/2020/07/08/deepfakes-and-synthetic-media-in-financial-system-assessing-threat-scenarios-pub-82237",
  "tags": ["AI", "Deepfake", "Financial Fraud"]
},
{
  "content": {
    "html": "<p>The Supreme Court ruled Monday that a 2015 law allowing federal debt collectors to make robocalls violates the Constitution. That&rsquo;s because those debt collectors were allowed to make automated calls while other groups weren&rsquo;t given the same treatment.</p><p>Congress generally isn&rsquo;t allowed to favor certain speech over others, but that&rsquo;s precisely what Congress did, wrote Justice Brett Kavanaugh for the six-member majority. “A robocall that says, &rsquo;Please pay your government debt&rsquo; is legal,” Kavanaugh wrote. “A robocall that says, &rsquo;Please donate to our political campaign&rsquo; is illegal. That is about as content-based as it gets.</p><p>”Congress has impermissibly favored debt-collection speech over political and other speech, in violation of the First Amendment,“ Kavanaugh wrote. Political groups ”still may not make political robocalls to cell phones, but their speech is now treated equally with debt-collection speech.“</p><p>For nearly 30 years, robocalls have generally been prohibited under the Telephone Consumer Protection Act. But in 2015, Congress passed the Bipartisan Budget Act, amending the law to let debt collectors make automated calls to collect money owed to the federal government, including many student loan and mortgage debts.</p><h2>Sign Up For The NPR Daily Newsletter</h2><p>Catch up on the latest headlines and unique NPR stories, sent every weekday.E-mail addressSUBSCRIBE</p><p>By subscribing, you agree to NPR&rsquo;s terms of use and privacy policy. NPR may share your name and email address with your NPR station. See Details. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.</p><p>The Supreme Court challenge was brought by political advocacy groups who didn&rsquo;t think it was fair that only those debt collectors could make robocalls to cellphones. The groups, including the American Association of Political Consultants, wanted to make robocalls to discuss candidates and issues, solicit donations, and encourage voter participation. So they tried to argue that the entire robocall ban was invalid, a suppression of otherwise permissible speech.</p><p>The court allowed the general robocall ban to stand. But the 2015 exception for debt collectors was a violation of the First Amendment, the court said.</p><p>”Although collecting government debt is no doubt a worthy goal, the Government concedes that it has not sufficiently justified the differentiation between government-debt collection speech and other important categories of robocall speech, such as political speech, charitable fundraising, issue advocacy, commercial advertising, and the like,“ Kavanaugh wrote.</p><p>Justices Stephen Breyer, Ruth Bader Ginsburg and Elena Kagan dissented, saying they thought the government had justified special treatment for federal debt collectors. ”The speech-related harm at issue here — and any related effect on the marketplace of ideas — is modest,“ Breyer wrote for the dissenters.</p><p>FCC Chairman Ajit Pai commended the court&rsquo;s ruling. ”Thanks to the Supreme Court, the carve-out is no more,“ he said in a statement. ”Today, the Court found that the last Administration&rsquo;s attempt to create a special exemption for favored debt collectors was not only bad policy but unconstitutional. I am glad to hear that Americans, who are sick and tired of unwanted robocalls, will now get the relief from federal-debt-collector robocalls they have long deserved.::quot::</p>"
  },
  "date": "2020-07-06T10:48:00-05:00",
  "featured": false,
  "headline": "Supreme Court Prohibits Mobile Phone Robocalls To Collect Federal Debt",
  "id": "1594032480",
  "imageFilename": "supreme-court-bans-federal-debt-collection-robocalls-904x712",
  "slug":"supreme-court-prohibits-mobile-phone-robocalls-to-collect-federal-debt",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://www.npr.org/2020/07/06/887963258/supreme-court-prohibits-mobile-phone-robocalls-to-collect-federal-debt",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>Continuing its campaign against illegal robocalls, particularly the spoofed variety, the Federal Communications Commission (FCC) on June 9, 2020, proposed a $225 million fine – the “largest in the FCC&rsquo;s 86-year history” – against Texas-based health insurance telemarketers for apparently making approximately 1 billion illegally spoofed robocalls.</p><p>The FCC accuses “John C. Spiller and Jakob A. Mears, who used business names including Rising Eagle and JSquared Telecom” in connection with Rising Eagle making “approximately 1 billion spoofed robocalls across the country during the first four-and-a-half months of 2019 on behalf of clients that sell short-term, limited-duration health insurance plans.”</p><p>In its lengthy and detailed Notice of Proposed Liability For Forfeiture (NALF) the agency outlines how the “The robocalls falsely claimed to offer health insurance plans from well-known health insurance companies such as Aetna, Blue Cross Blue Shield, Cigna, and UnitedHealth Group”. According to the FCC&rsquo;s investigation, which was assisted by the USTelecom Industry Traceback Group, a consumer who indicated an interest in speaking with a representative of one of those companies was “transferred to a call center with no affiliation to the named companies, where call center representatives then would attempt to convince the consumer to purchase an insurance product sold by one of Rising Eagle&rsquo;s clients.”</p><p>Further, as a result of the spoofing, which the NALF asserts violated the Truth In Caller ID Act component of the Telephone Consumer Protection Act (TCPA), the FCC found that the calls “targeted millions of Do Not Call list participants, and were received on many wireless phones without prior consumer consent.” Moreover, “the scam also caused the companies whose caller IDs were spoofed to become overwhelmed with angry call-backs from aggrieved consumers. At least one company was hit with several lawsuits because its number was spoofed, and another was so overwhelmed with calls that its telephone network became unusable.”</p>"
  },
  "date": "2020-06-10T13:51:00-05:00",
  "featured": false,
  "headline": "FCC Proposes $225M Fine for Spoofed Robocalls",
  "id": "1591797060",
  "imageFilename": "fcc-judgement",
  "slug":"fcc-proposes-225m-fine-for-spoofed-robocalls",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://www.natlawreview.com/article/fcc-proposes-225m-fine-spoofed-robocalls-and-state-ags-follow-suit",
  "tags": ["Caller-ID Spoofing", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>The Cybersecurity and Infrastructure Security Agency (CISA) has released a fact sheet on telephony denial of service attacks (TDoS) and how stakeholders can prevent these threats from disrupting public safety operations. CISA said Tuesday that TDoS attacks are meant to overload the networks of emergency communications facilities such as 911 dispatch centers through various attack vectors.</p><p>The guide, titled “Cyber Risks to 911: Telephony Denial of Service”, provides details on such vectors including botnets, manipulated landline phones, compromised private messaging and mobile phone-based breaches. The fact sheet additionally covers real-life TDoS scenarios and highlights best practices to help agencies prevent TDoS attacks.</p><p>Telephony denial of service attacks (TDoS) present a unique risk to public safety communications stakeholders, including Emergency Communications Centers (ECC), Publics Safety Answering Points (PSAP), and other 911 dispatch centers. TDoS events overload communications network elements with telephone calls—disrupting a jurisdiction&rsquo;s ability to provide emergency response services. In response, the Cybersecurity and Infrastructure Security Agency (CISA) developed the <em>Cyber Risks to 911: Telephony Denial of Service</em> fact sheet to educate the public safety community on TDoS threats. </p><p>Public safety organizations can leverage this fact sheet to familiarize themselves with TDoS threats and mitigation best practices. Specifically, the fact sheet:</p><ul><li>Overviews common TDoS attack vectors, including mobile phones, botnets, voice over Internet Protocol services, compromised private branch exchanges, preprogrammed landline phones, and variable security standards,</li><li>Highlights real-world TDoS incidents and impacts, and</li><li>Provides best practices to mitigate TDoS vulnerabilities.</li></ul><p>CISA developed the fact sheet in coordination with public safety stakeholders and cybersecurity subject matter experts to ensure the best practices support the public safety operations environment.</p><p></p>"
  },
  "date": "2020-06-10T13:41:00-05:00",
  "featured": false,
  "headline": "CISA Releases Guide on TDoS-Based Attacks to Emergency 911",
  "id": "1591796460",
  "imageFilename": "emergency-911-tdos-guide",
  "slug":"cisa-releases-guide-on-tdos-based-attacks-to-emergency-911",
  "sourceName": "DHS",
  "sourceArticleUrl": "https://www.cisa.gov/blog/2020/06/09/cisa-releases-cyber-risks-911-tdos-fact-sheet",
  "tags": ["Emergency Services & 911 Systems", "TDoS"]
},
{
  "content": {
    "html": "<p>Americans received just under three billion robocalls in May, a 3 percent increase from April. </p><p>However, the number of calls per day in May was almost identical to the number of calls in April, again averaging just over 95 million calls per day, or roughly 1,104 calls per second, according to figures from YouMail, a free robocall blocking app for mobile phones. </p><p>The slight increase was due to one more day in the month of May versus April, company officials said. Calls are still 48 percent below the all-time monthly peak of 5.7 billion calls in October 2019, the officials said. </p><p>After South Carolina emerged for a single month as the state with the most robocalls per person, that crown has returned to Louisiana for the first time, the officials said.</p><p>“May&rsquo;s continuing steady volume of robocalls shows that Covid-19 continues to stem the tide of robocalls,” said YouMail CEO Alex Quilici. “However, we fully expect robocalls to increase in line with decreasing lockdowns and an improving economy.”</p><p>May Saw Increases in Payment Reminders and Telemarketing Robocalls</p><p>May was relatively stable compared with April. The major changes saw payment reminders up 11 percent, and telemarketing calls up 13 percent, according to YouMail. </p><figure><table><tbody><tr><td>Type of Robocall</td><td>Estimated May Robocalls</td><td>Percentage May<br>Robocalls</td></tr><tr><td>Scams</td><td>1.3 billion (flat)</td><td>43 percent (-2 percent)</td></tr><tr><td>Alerts and Reminders</td><td>.83 billion (+3 percent)</td><td>28 percent</td></tr><tr><td>Payment Reminders</td><td>.49 billion (+11 percent)</td><td>17 percent (+1 percent)</td></tr><tr><td>Telemarketing</td><td>.36 billion (+13 percent)</td><td>12 percent (+1 percent)</td></tr></tbody></table></figure><p>Top Robocalls in May 2020</p><p>YouMail officials said May was similar to April in registering the same two types of calls that exceeded 100 million calls for the month: health-related scams and car warranty scams. </p><figure><table><tbody><tr><td>Rank</td><td>Type of Scam</td><td>Estimated May Robocalls</td><td>Summary of Scam</td></tr><tr><td>1</td><td>Health-Related Scams</td><td>245 million</td><td>Identity theft/scam payments/illegal solicitations</td></tr><tr><td>2</td><td>Warranty Scams</td><td>149.5 million</td><td>Scam payments</td></tr></tbody></table></figure><p>“Winners” in May 2020</p><p>The cities, area codes and states with the highest volumes of robocalls in May were similar to past months, and most had slight increases in volume. </p><figure><table><tbody><tr><td>City with the Most Robocalls:</td><td>Atlanta, GA (129.1 million, +7 percent)</td></tr><tr><td>City with the Most Robocalls/Person:</td><td>Washington, DC (27/person, -1 percent)</td></tr><tr><td>Area Code with the Most Robocalls:</td><td>404 in Atlanta, GA (52.5 million, +8 percent)</td></tr><tr><td>Area Code with the Most Robocalls/Person:</td><td>404 in Atlanta, GA (42.9/person, +8 percent)</td></tr><tr><td>State with the Most Robocalls:</td><td>Texas (345 million, +5 percent)</td></tr><tr><td>State with the Most Robocalls/Person:</td><td>Louisiana (17.1/person, +4 percent)</td></tr></tbody></table></figure><p>YouMail provides the YouMail Robocall Index to estimate robocall volume across the country and for specific area codes every month. The estimate is formed by extrapolating from the behavior of the billions of calls YouMail has handled for its users, and these statistics are regularly cited by the FCC as a source for national data trends. </p><p>For a full ranking of cities, states and area codes, as well as details on the behavior of robocallers in each area code, go to http://robocallindex.com. </p>"
  },
  "date": "2020-06-09T14:14:00-05:00",
  "featured": false,
  "headline": "Three Billion Robocalls In May – A Three Percent Monthly Increase",
  "id": "1591712040",
  "imageFilename": "robocalls-increase",
  "slug":"three-billion-robocalls-in-may-a-three-percent-monthly-increase",
  "sourceName": "Greenville Business Magazine",
  "sourceArticleUrl": "http://www.greenvillebusinessmag.com/2020/06/09/317741/three-billion-robocalls-in-may-a-three-percent-monthly-increase",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>Call center operations have increasingly gone remote, but the pandemic has accelerated the WFH CX support trend, as IT leaders at T-Mobile and American Express attest.</p><p>he coronavirus pandemic has pushed IT leaders to move at breakneck pace and accomplish objectives they never conceived likely, let alone possible. Perhaps nowhere has this been more acute than in the call center.</p><p>T-Mobile, for instance, sent 12,000 customer representatives located in 17 call centers around the globe to work from home in the wake of the pandemic, says Cody Sanford, the telecommunications company&rsquo;s CIO and chief product officer. The shift, which took two and a half weeks to complete, required painstaking procedures to “hygienically” ship hardware and software to employees&rsquo; residences, a task Sanford describes as one of the toughest rapid-fire turnarounds during his tenure as CIO. “We had to rebuild our entire customer care operations forensically,” Sanford tells CIO.com.</p><p>The pandemic has accelerated the virtualized call center, which had been a growing trend facilitated by the cloud, crowdsourcing and the gig economy. Thirty-five percent of the customer experience (CX) workforce will WFH by 2023, up from 5 percent in 2017, according to Gartner, which cites changes in labor practices and business continuity planning as chief factors motivating the trend.</p><p>But when COVID-19 hit, most CX organizations did not have plans for enabling staff to work from home. Within days of shuttering call centers, companies had to have CX professionals fielding customer calls remotely. Many struggled to replicate their CX working environment, including the proper hardware and software necessary to provide call support....</p>"
  },
  "date": "2020-06-08T05:49:00-05:00",
  "featured": false,
  "headline": "COVID-19 Crisis Accelerates Rise of Virtual Call Centers",
  "id": "1591595340",
  "imageFilename": "remote-call-center-904x712",
  "slug":"covid-19-crisis-accelerates-rise-of-virtual-call-centers",
  "sourceName": "CIO.com",
  "sourceArticleUrl": "https://www.cio.com/article/3561588/covid-19-crisis-accelerates-rise-of-virtual-call-centers.html",
  "tags": ["Call Center Security", "Covid-19"]
},
{
  "content": {
    "html": "<p>Vishing (voice phishing) is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone.</p><h2>What is vishing? </h2><p><em>Vishing </em>is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone. While that makes it sound like an old-fashioned scam, vishing attacks have high-tech elements: they involve automated voice simulation technology, for instance, or the scammer may use personal information about the victim harvested from earlier cyberattacks to put them at ease.</p><p>No matter what technology is used, the setup for the attack follows a familiar social engineering script: An attacker creates a scenario to prey on human emotions, commonly greed or fear, and convinces the victim to disclose sensitive information, like credit card numbers or passwords. In that sense, vishing techniques mirror the phishing scams that have been around since the 1990s. But vishing calls exploit the fact that we&rsquo;re more likely to trust a human voice — and may target the elderly and technophobic who are naive and have no experience with these types of scams.</p><h2>Vishing statistics</h2><p>These notable numbers offer a sense of the state of vishing and why it can be a lucrative business for attackers.</p><ul><li>Vishing attacks have been on the rise over the past few years. In 2018, scam calls represented nearly 30% of all incoming mobile calls.</li><li>So it shouldn&rsquo;t come as a surprise that this weird term is starting to be more widely recognized. Proofpoint&rsquo;s 2020 State of the Phish report found that 25% of workers in their worldwide survey could correctly define the term.</li><li>75% of scam victims report that vishers already had some personal information about them, which they used to target them and get yet more information.</li><li>Of people who report government imposter vishing scams to the FTC, only 6% had actually lost money — but those who did lost quite a bit, with the median loss being $960.</li></ul><h2>Vishing vs. phishing vs. smishing: What&rsquo;s the difference?</h2><p>Phishing is the granddaddy of them all, and CSO has a complete explainer with all the details, but in essence it involves sending targeted email messages to trick recipients. “Phish” is pronounced just like it&rsquo;s spelled, which is to say like the word “fish” — the analogy is of an angler throwing a baited hook out there (the phishing email) and hoping you bite. The term arose in the mid-1990s among hackers aiming to trick AOL users into giving up their login information. The “ph” is part of a tradition of whimsical hacker spelling, and was probably influenced by the term “phreaking,” short for “phone phreaking,” an early form of hacking that involved playing sound tones into telephone handsets to get free phone calls.<img src=“blob:https://securelogix.com/cde9b96f-ad03-42f8-aadd-e044e15be40f”></p><p>Volume 0% </p><p>Vishing is, essentially, phishing via phone calls. Just as phishing is considered a subset of spam, so vishing is an outgrowth of VoIP spam, also known as spam over telephony, or SPIT. The term “vishing” itself has been around since the late &rsquo;00s.</p><p>“Smishing” is a similar type of attack that uses text messages instead of emails or voice calls; the word is a portmanteau of “SMS” and “phishing.” For more on smishing, check out our explainer on the subject.</p><h2>Vishing techniques</h2><p>Almost all vishing attacks have a few things in common. The phone calls are initially placed via voice over IP (VoIP) services, which makes them easier for the vishers to automate some or all of the process and more difficult for victims or law enforcement to trace. And the attackers&rsquo; ultimate goal is to profit from you in some way — either by harvesting bank account information or other personal details they can use to access your bank accounts, or by tricking you into paying them directly...</p>"
  },
  "date": "2020-06-01T05:15:00-05:00",
  "featured": false,
  "headline": "Vishing Explained: How Voice Phishing Attacks Scam Victims",
  "id": "1590988500",
  "imageFilename": "vishing-victim-904x712",
  "slug":"vishing-explained-how-voice-phishing-attacks-scam-victims",
  "sourceName": "CSO",
  "sourceArticleUrl": "https://www.csoonline.com/article/3543771/vishing-explained-how-voice-phishing-attacks-scam-victims.html",
  "tags": ["Vishing"]
},
{
  "content": {
    "html": "<p>As millions began working from home due to the coronavirus pandemic, local cybersecurity expert David Heard started noticing his company&rsquo;s workload pick up.</p><p>Heard serves as the chief marketing officer for San Antonio-based SecureLogix, a company that helps protects corporate clients from “call attacks” – robocalls or spoof calls from criminals trying to steal information. Over the course of 2019, SecureLogix blocked about 100,000 call attacks for one of its clients, a major national insurance provider, Heard said. In just the first few months of 2020, SecureLogix has had to block 140,000 call attacks for the same client. </p><p>Knowing potential victims are more stressed right now because of the virus has led to an increase in attacks, Heard said. As companies await Paycheck Protection Program funding, and individuals try to continue to make ends meet in an economic downturn, criminals are trying to take advantage of everyone&rsquo;s online vulnerability, he said.</p><p>“Cybersecurity threats are spiking globally, and we are identifying and blocking a striking increase in attacks against our customer enterprise and contact center phone lines,” said Heard, who is also CEO of Tech Bloc, the local tech sector&rsquo;s advocacy group. </p><p>Another of SecureLogix&rsquo;s clients, a global financial institution, has seen call attacks increase more than 1,500 percent over the past month, Heard said. A third client, a national health care provider network, has experienced a 55 percent increase in call attacks during just the past three weeks. </p><p>It&rsquo;s not only big companies SecureLogix is seeing attacked more often, Heard said. A regional hospital network that uses SecureLogix has seen a 300 percent increase in call attacks. In February, just 3 percent of its inbound calls were attacks, whereas in April that number is up to 10 percent, Heard said. </p>"
  },
  "date": "2020-05-19T06:55:00-05:00",
  "featured": false,
  "headline": "SecureLogix on Alert for Coronavirus-Related Attacks",
  "id": "1589871300",
  "imageFilename": "coronavirus-related-call-attacks-904x712",
  "slug":"securelogix-on-alert-for-coronavirus-related-attacks",
  "sourceName": "Rivard Report",
  "sourceArticleUrl": "https://therivardreport.com/san-antonio-cybersecurity-coronavirus-cyberattacks/",
  "tags": ["Call Attacks", "Call Security", "Covid-19", "SecureLogix"]
},
{
  "content": {
    "html": "<p>Digital Defense, Inc. today announced a free, $1 million dollar offer to help healthcare organizations prevent ransomware attacks and maintain focus on important, life-saving endeavors. Cybercriminals are currently using a weapon known as ransomware to create panic in an industry already stressed by the global pandemic. Even more sinister with these crimes is that the thieves are financially benefiting from the chaos by ransoming payment in exchange for the release of keys necessary for IT teams to restore systems disabled by attacks. To help, Digital Defense is offering healthcare institutions free assessments to identify ransomware vulnerabilities before they are exploited.</p><p>Hospitals and healthcare entities are being attacked digitally during a time when their resources are stretched and attentions are diverted. Successful ransomware attacks can take confidential data and hold critical technology systems hostage, crippling vital healthcare operations. Digital Defense understands these threats as well as budget constraints hospitals and healthcare businesses currently face. The company is offering a complimentary external and internal ransomware vulnerability assessment to help rapidly identify and prioritize existing vulnerabilities. The goal is to pinpoint weaknesses that are susceptible to a ransomware attack, including CryptoLocker vulnerabilities, and pave the way for swift, proactive remediation.</p><p>“The recent strain on healthcare organizations and added stress to these members of our communities whose primary focus is to help others makes them a prime target for cybercriminals and state-run attacks,” said Larry Hurtado, CEO of Digital Defense, Inc. “We want to help. We not only have an ability to help organizations prevent ransomware outages and/or make devastating data hostage payments, but we also have a contactless solution delivery approach with our SaaS technology hosted in AWS. With this free offering, we want to do everything we can to reduce the risk that nurses and physicians cannot access the information they need to deliver effective care to patients while at the same time not put IT staff in harm&rsquo;s way with our contactless solution turn-up capabilities. We are working closely with our partners to get this solution working for the healthcare community as fast as possible.”</p>"
  },
  "date": "2020-05-18T19:06:00-05:00",
  "featured": false,
  "headline": "Digital Defense Offers Free Ransomware Assessments for Healthcare",
  "id": "1589828760",
  "imageFilename": "ransomware-vulnerability-assessments-for-healthcare",
  "slug":"digital-defense-offers-free-vulnerability-assessments-for-healthcare-orgs",
  "sourceName": "Enterprise Talk",
  "sourceArticleUrl": "https://enterprisetalk.com/news/digital-defense-inc-offering-1-million-in-free-ransomware-vulnerability-assessments-to-help-healthcare-organizations-during-pandemic/",
  "tags": ["Covid-19", "Cybersecurity", "Healthcare and Hospitals"]
},
{
  "content": {
    "html": "<p>What&rsquo;s your share of the over 58.5 billion robocalls received across the U.S. in 2019? Depending on where you live, you averaged 13-18 calls per month.</p><p>The sad news is those figures have continued to climb over the last few years, with the number of robocalls in 2019 almost 20% higher than the 47.8 billion received in 2018 and 48% over those in 2017.</p><p>Recently, robocalls have been on the decline, much to the relief of American consumers. However, experts warn the respite may be short-lived, as robocalls are about to make a big comeback. Here&rsquo;s why.</p><h2>FTC actions fall short</h2><p>Between December of 2019 and April of this year, the FTC stepped up its attack on robocalls with warning letters and lawsuits to VoIP providers that help scammers break the law.</p><p>While this has lessened the number of robocalls, one thing had a greater impact on the reduction — COVID-19. </p><p>YouMail (a robocall-blocking service) reports that Americans received just over 2.8 billion robocalls in April which is down from 4.1 billion in March and 4.8 in February. That&rsquo;s a decline of about 2 billion robocalls in three months.</p><p>The reason behind such a drastic drop in such a short period? The coronavirus either shut down call centers or reduced their workforce.</p><p>Like other businesses, it&rsquo;s only a matter of time before these call centers fully open up and return to placing millions of robocalls every day, once again inundating your phone and life.</p>"
  },
  "date": "2020-05-13T14:07:00-05:00",
  "featured": false,
  "headline": "Robocalls are about to get a lot worse – here’s why",
  "id": "1589378820",
  "imageFilename": "robocalls-get-worse",
  "slug":"robocalls-are-about-to-get-a-lot-worse-heres-why",
  "sourceName": "Komando",
  "sourceArticleUrl": "https://www.komando.com/security-privacy/robocalls-are-about-to-get-worse/739876/",
  "tags": ["Covid-19", "Robocalls"]
},
{
  "content": {
    "html": "<p>There is an effort underway, spearheaded by the United States Telecom Association (USTelecom), a nonprofit organization representing U.S.-based telecommunication-related companies, to stop the billions of illegitimate robocalls being made, or to at least put a significant dent in those numbers. </p><p>USTelecom counts among its members large and small communications providers, from AT&amp;T T and Verizon VZ to Ironton Telephone and Kalida Telephone Company.</p><p>Together, USTelecom and its members have formed the Industry Traceback Group (ITG), which comprises communications companies providing wired, wireless, VoIP, and cable services. Operating under section 222(d)(2) of the Communications Act, which permits “carriers to disclose and/or permit access to customer proprietary network information if suspected fraud, abuse or unlawful use of services exists,” the ITG is a platform for communications companies to “trace and identify the source of illegal robocalls.”</p><p>The traceback process begins with a terminating service provider that possesses information about suspicious phone traffic. The call is then traced back through the various communication provider networks until it reaches a nonresponsive communications provider or the originator of the call. This information is shared with federal and state law enforcement agencies.</p><p>According to the 2019 USTelecom Progress Report, approximately 110 tracebacks were conducted per month, which translates to robocall campaigns responsible for “tens of millions of calls.” </p><p>USTelecom also collaborates with YouMail, which identifies the most prolific robocall campaigns, enabling the ITG to focus its traceback efforts to locate the source.</p><p>The effort appears to be working. Alex Quilici, CEO of YouMail, directed me to a recent article in <em>The Wall Street Journal</em> reporting that on March 13 YouMail picked up a surge of calls that mentioned novel coronavirus testing kits.</p><p>On March 17 U.S. communications companies traced the calls to a Philippines VoIP provider. ITG notified the provider, which responded within 24 hours that it had cut off services to the customer responsible for the calls.</p><p>Moreover, YouMail reports that between March 17 and March 18 the volume of robocalls pitching the testing kits had dropped 75%, and after March 20 they had almost disappeared...</p>"
  },
  "date": "2020-05-13T14:01:00-05:00",
  "featured": false,
  "headline": "The Telecom Industry Strikes Back Against Robocalls",
  "id": "1589378460",
  "imageFilename": "telecom-industry-fights-robocalls",
  "slug":"the-telecom-industry-strikes-back-against-robocalls",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/taxnotes/2020/05/20/robocalls-is-a-solution-finally-at-hand/",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>In this podcast Angie White, Senior Product Marketing Manager at TransUnion, explores ATO and social engineering attacks and offers some suggestions on how to address these threats including device-based authentication.</p><p>Episode Transcript (Excerpt):</p><p>Hello. This is Angie White, Senior Product Marketing Manager for TransUnion Global Fraud and Identity Solutions. Today we&rsquo;re going to dive into how COVID-19 is driving an increase in account takeover as well as providing some suggestions on how to combat.</p><p>Before we get too into the weeds, let&rsquo;s just quickly level set on a definition of account takeover or ATO. Account takeover is when a legitimate customer&rsquo;s account is accessed through illicit means for the purpose of committing fraud. Account takeover isn&rsquo;t a new phenomenon. It&rsquo;s something that&rsquo;s been around in financial services and banking for a long time, but we&rsquo;ve seen a rapid increase in segments such as e-commerce, insurance, telecommunications in recent years.</p><p>How is COVID-19 driving an increase in account takeover? We&rsquo;re seeing two primary factors. First off is just the increase in volume, as consumers have been forced to turn to digital channels because they can no longer go to their local bank, go to their local store. It&rsquo;s really made it easier for fraudsters to hide in that uptick of volume. Secondly, you see that fraudsters are taking advantage of the chaos using the uncertainty to victimize consumers.</p><p>Looking at our data, we&rsquo;re seeing big spikes for sectors such as banking, telecommunications, e-commerce. As an example, we saw a 23% increase in e-commerce traffic the week of March 11th to 18th, so that was the week following the declaration by the World Health Organization of the pandemic. This left many businesses trying to shore up work from home operations, secure their sites and deal with increases in volume both on their sites but also in their contact centers.</p><p>The Aite group estimates that banks have seen spikes in call center volume at around 40%, so that&rsquo;s quite the increase. Likewise, telecommunications providers have seen spikes ranging around 25%. Never missing an opportunity, fraudsters have also taken advantage of a chaos to perpetrate more fraud, and in an analysis of transactions we protect, we found a 14% increase in risky transactions for financial services since March 11th. So, we&rsquo;re definitely seeing that already play out for our customers.</p><p>Also, looking at the consumer impact, TransUnion pulled over 3000 Americans, 18 and older, on how COVID-19 is impacting them. 28% of respondents indicated that they had already been targeted by a digital fraud scam related to COVID-19, and this was up from the previous week where 23% had indicated that they had already been targeted. So, a 5% increase in one week. This really highlights that this trend is likely to accelerate. Of those consumers, 10% of Gen-Z and 9% of Millennials indicated that they had already fallen victim to a COVID-19 scam. So, we&rsquo;re seeing approximately a third of those scams be successful.</p><p>There are a number of attack methods used to perpetrate account takeover, but for our purposes I&rsquo;m only going to hit on three of the most common methods: phishing scams, social engineering and credential stuffing.</p><p>Phishing scams. You&rsquo;ve likely all seen these emails, they look very legitimate or it could be a phone call or legitimate looking website. Fraudsters are using the current crisis to send out prevention tips for COVID-19, news updates, promising information about stimulus checks, using that to steal login credentials and personal data through various means. Unfortunately, consumers have a bad habit of reusing login credentials. That means that such compromises will likely lead to an uptick in account takeover across all industries and across the board.</p><p>Social engineering can come in a number of flavors. One attack method is to gather information that is publicly available about a consumer, from sources such as social media or that have been gained from phishing attacks. In the age of social media, consumers have gotten in the habit of oversharing, so publicly posting about things like attending a high school reunion, that makes it very easy for a fraudster to then go and search on that high school, find out who their mascot is, find out what their hometown is. Those are all pieces of information that can be used in social engineering to answer KBA questions, to socially engineer contact center agents and gain access to an account.</p><p>Another flavor of social engineering that we see is what we term romance scams. This is where a bad actor ingratiates themselves with an intended victim. We actually had a real use case with one of our customers, a very large telcom provider, where fraudsters were going out ingratiating themselves with lonely people on dating sites and getting them to give them their login credentials with the promise that they would go and add a phone line, get a phone so that they could talk more.</p><p>Of course, the fraudsters go in, they add 10 lines, order 10 new phones and create big losses for the business and a lot of dissatisfaction for that customer. I&rsquo;ll talk through some ways that they shut that down in just a moment.</p><p>Lastly, credential stuffing. This is when fraudsters, they take stolen credentials, gained through phishing attacks or in many cases simply bought off the dark web, and they test those stolen credentials against a site to see what accounts they can gain access to. These attacks are often automated using bots. When they find a good account, they go in, they can take it over. And what&rsquo;s more is they use those good credentials, not only on that site, they move from site to site, seeing if they&rsquo;ll work on other platforms.</p><p>So again, with the attacks that we&rsquo;re seeing due to COVID-19, with the increase in phishing scams, increased breached credentials, personal data, that&rsquo;s all going to drive more credential stuffing attacks.</p><p>There&rsquo;s a number of measures that businesses can take to mitigate account takeover. I&rsquo;m going to break it out by customer touch points. So let&rsquo;s start at login.</p><p>You really do need to go beyond username and password to secure customer accounts. With all the breaches, all the phishing attacks, you really do need to move forward with the assumption that your consumer&rsquo;s credentials have been compromised. There&rsquo;s a number of options that are easy to layer onto existing authentication solutions depending on the need of your business. Things such as one-time passcodes, or OTP, multifactor authentication, captcha. At TransUnion, we recommend device-based authentication. This essentially pairs the consumer device to their account using it as a mode of authentication.</p><p>I touched on the romance scams a little earlier. This is exactly how that telcom provider shut down account takeover in their service, so they implemented device-based authentication. They were able to pair good user devices to their accounts, that way, if a fraudster came in, even with the correct credentials, they could see that that device was not authorized to access that account, so very effective for them in shutting down account takeover.</p><p>Device-based authentication also gives you a lot of risk insight that isn&rsquo;t available for most other authentication methods. Things like unusual velocities, geolocation mismatches, or the use of anonymizing proxy, so somebody&rsquo;s trying to make it look like they&rsquo;re coming from a mobile device when you can really see that they&rsquo;re using an emulator and coming from a laptop.</p><p>The next point of risk is account management. Once fraudsters have gained access to an account, they of course want to change account details such as email or shipping address so they can take over the account.</p><p>Again, there&rsquo;s a number of methods where you can protect account management. You can add verification checks such as verifying email, phone, address. Another very effective method is using push authentication. With this, you can push an authentication request to the user&rsquo;s device to authenticate with, say, a thumbprint or a PIN that they did initiated that change to their account.</p><p>One of the benefits of this is that you can use it for any channel. So, if somebody is requesting changes via the web, via your application, or even via the contact center, you can push that authentication request directly to the user&rsquo;s device to authenticate before proceeding with the change.</p><p>As your business starts to operate in the new normal that is COVID-19, it&rsquo;s really important to think through what are your points of risk across your customer journey and how can you add protection without adding too much friction. Unfortunately, there isn&rsquo;t a silver bullet for shutting down ATO because there are many points of risk across the customer journey and many different attack methods.</p><p>Businesses are really going to have to examine what are their points of risk in the customer journey, how can they protect those points of risk without adding too much friction and create the new normal in the COVID-19 era. Stay safe out there.</p>"
  },
  "date": "2020-05-05T10:30:18-05:00",
  "featured": false,
  "headline": "Preventing Account Takeover and Social Engineering Attacks",
  "id": "1588674618",
  "imageFilename": "credit-card-closeup-02",
  "slug":"preventing-account-takeover-and-social-engineering-attacks",
  "sourceName": "HelpNet Security",
  "sourceArticleUrl": "",
  "tags": ["Account Takeover(ATO)", "Authentication", "Podcast", "Social Engineering"]
},
{
  "content": {
    "html": "<p>One of the biggest consumer headaches has eased up at least in part due to the pandemic.Americans experienced a drop in the amount of robocalls flooding their phones in April, helped byinternational call centers being shut down during the global pandemic and government efforts to stop Covid-19-related scams.The number of robocalls made to US phone numbers last month was the lowest in two years, according to new data provided to CNN Business from YouMail, a robocall-prevention service that tracks robocall traffic across the country. This includes both scam and legitimate calls, such as payment reminders from banks.YouMailsaidAmericans received about 2.86 billion calls in April, a 30% drop from the month before and down 40% from February. At their peak in October 2019, about 5.66 billion robocalls were placed to the US in a one-month period.The decline coincides with the shuttering of call centers in countries such as India, Pakistan and the Philippines, where workerswho are placing unwanted robocalls don&rsquo;t own laptops to support working from home and some have lost their jobs or been furloughed.</p>"
  },
  "date": "2020-05-05T09:45:26-05:00",
  "featured": false,
  "headline": "Robocalls dropped by 30% in April because of the pandemic",
  "id": "1588671926",
  "slug":"robocalls-dropped-by-30-in-april-because-of-the-pandemic",
  "sourceName": "CNN",
  "sourceArticleUrl": "https://www.cnn.com/2020/05/05/tech/robocalls-decline-coronavirus/index.html",
  "tags": ["Covid-19", "Robocalls"]
},
{
  "content": {
    "html": "<p>The rules are part of the new TRACED Act requirements and increase fines for intentional unlawful calls, among other changes.</p><p>The Federal Communications Commission on Friday implemented part of the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act that ends the FCC&rsquo;s practice of warning most robocallers before issuing penalties for violating the law, according to a news release from the FCC .</p><p>“We have taken unprecedented action against spoofing violations in recent years and removing this outdated &lsquo;warning&rsquo; requirement will help us speed up enforcement to protect consumers. With strong enforcement and policy changes like mandating STIR/SHAKEN caller ID authentication and authorizing robocall blocking, we are making real progress in our fight against fraudsters,” Chairman Ajit Pai said in the news release.</p><p>The order also extends the statute of limitations of fines for TCPA and spoofing violations to four years.</p><p>Previously, the FCC had one year for TCPA violations and two years for spoofing violations.</p><p>Under the new order, fines will also increase to up to $10,000 per intentional unlawful robocall, plus the forfeiture penalty amount.</p><p>The rules adopted in the FCC&rsquo;s order will be effective 30 days after publication in the <em>Federal Register</em>.</p>"
  },
  "date": "2020-05-04T09:32:00-05:00",
  "featured": false,
  "headline": "FCC Adopts Rules Strengthening Penalties for Illegal Robocalls",
  "id": "1588584720",
  "imageFilename": "judgement-400x315.png",
  "slug":"fcc-adopts-rules-strengthening-penalties-for-illegal-robocalls",
  "sourceName": "ACA International",
  "sourceArticleUrl": "https://www.acainternational.org/news/fcc-adopts-rules-strengthening-penalties",
  "tags": ["FCC", "Robocalls", "TRACED Act"]
},
{
  "content": {
    "html": "<p>New research by ISACA has found that only 59% of cybersecurity teams are equipped to perform their jobs effectively while working from home.</p><p>The finding emerged from the recent COVID-19 Study in which more than 3700 IT audit, governance, and cybersecurity professionals from 123 countries were questioned about the impact of the global health crisis on their organizations and their own jobs. </p><p>Only 51% of technology professionals and leaders surveyed said they were “highly confident” that their cybersecurity teams were ready to detect and respond to the surge in cybersecurity attacks that has accompanied the spread of the novel coronavirus.</p><p>Just 59% said that their cybersecurity teams had the necessary tools and resources at home to perform their jobs effectively.</p><p>The survey, which was conducted in mid-April, found that the rapid mass transition to remote working triggered by lockdown measures imposed to slow the spread of COVID-19 has made businesses more vulnerable to cybersecurity threats.</p><p>While 80% of organizations shared cyber-risk best practices for working at home as shelter-in-place orders began, 87% of respondents said the rapid transition to remote work had increased data protection and privacy risk. </p><p>This presents a problem, as 58% of respondents say threat actors are taking advantage of the pandemic to disrupt organizations, and 92% say cyber-attacks on individuals are increasing.</p><p>“Organizations are rapidly and aggressively moving toward new ways of doing business during this time, which is a very positive thing, but it can also lead to making compromises that can leave them vulnerable to threats,” said ISACA CEO David Samuelson. </p><p>“A surge in the number of remote workers means there is a greater attack surface. Remote work is critically important right now, so security has to be at the forefront along with employee education. ISACA professionals have an especially critical role to play in protecting their enterprises, customers and stakeholders during this pandemic.”</p><p>Questioned over the security of their jobs, 10% of respondents feared that they may be fired as a result of the health pandemic, and 1% of respondents had been furloughed. </p><p>On a positive note, the majority of respondents predicted normal business operations to resume by Q3 2020.</p>"
  },
  "date": "2020-05-01T08:10:00-05:00",
  "featured": false,
  "headline": "Only 41% of Cybersecurity Teams Can Securely Work Remotely",
  "id": "1588320600",
  "imageFilename": "remote-working-02",
  "slug":"only-41-of-cybersecurity-teams-can-securely-work-remotely",
  "sourceName": "Info-Security Group",
  "sourceArticleUrl": "https://www.infosecurity-magazine.com/news/isaca-covid-19-study/",
  "tags": ["Covid-19", "Cybersecurity", "Remote Security"]
},
{
  "content": {
    "html": "<p><em>“With all the talk about social engineering, phishing, and other types of cyberattacks, no one is talking about vishing -  the telephone equivalent of phishing. ”</em></p><p>The COVID-19 pandemic has resulted in an upshot of all types of scams. </p><p>In the midst of a pandemic, the website of the Champaign-Urbana Public Health District was hacked and infected with ransomware. Recently, the World Health Organization (WHO) warned it has seen a five-fold increase in the number of cyberattacks directed at its staff, and email scams targeting the public at large. </p><p>The Federal Trade Commission says that since January 2020 until mid-April, they received 18,235 reports related to COVID-19, and people reported losing $13.44 million dollars to fraud. The top complaint categories relate to travel and vacations, online shopping, bogus text messages, and all kinds of imposters. While reports of robocalls are way down overall, says the FTC, they&rsquo;re now hearing about callers invoking the COVID-19 pandemic to pretend to be from the government, or making illegal medical or health care pitches, among other topics.</p><p>With all the talk about social engineering, phishing, and other types of cyberattacks, no one is talking about vishing - the telephone equivalent of phishing. </p><p>According to Daniel Norman, Research Analyst at the Information Security Forum, vishing attacks are a very cost-effective mechanism for manipulating individuals, using the voice to humanize the delivery and make the attacker seem more believable. “To ensure success, attackers build up profiles of their targets using a blend of Open Source Intelligence (OSINT) techniques, particularly online,” explains Norman.</p><p>“A surprising amount of information is publicly available to attackers, meaning they do not necessarily have to delve into the Dark Web in every reconnaissance mission,” says Norman. “When building these target profiles, attackers typically scour social media platforms, such as LinkedIn, Twitter, Instagram and especially Facebook, to gather as much public information as possible, as well as other associated websites, such as work or sports teams. Information found can range from home addresses to email addresses and even telephone numbers.”</p><p>Vishing scams often hook their victims with a legitimate piece of information, like a Social Security or bank account number, says Sam Rubin, Vice President at the Crypsis Group. “Often a partial number—like the last four digits of a Social Security number—is enough to do the trick. More elaborate scams (or more security-savvy individuals) may require more detailed personal information for vishing success,” he says. </p><p>Norman adds that by diving a little deeper into social media profiles one can build up a repository of information, such as what college the target attended, what qualifications they have or training they&rsquo;ve done, what their favorite brands are, recent purchases and recent vacations... Automated screen-scrapers and other targeted machine learning technologies can all speed this process up tenfold.</p><p>“Social security numbers, bank account details and other more intimate information is slightly harder to find but armed with the right tools and contacts, it is easy,” notes Norman. </p><p>More often than not, notes Rui Lopes, Engineering and Technical Support Director at Panda Security, the information comes from “insider employees in companies or institutions that have some level of access to the victims&rsquo; personal information or ”customer details“ (e.g., contact centers). Databases can be sold per record by these ”agents“ but also obtained in the course of coordinated data theft attacks by malicious actors.”</p><p>Rubin adds that in the wake of many large-scale data breaches, this data is widely available for sale on the dark web. “An individual&rsquo;s name and Social Security number, for example, can cost around $1.00, but large lists with partially masked numbers go for much less in terms of the per-person costs. Threat actors must know how to navigate this online black market—using an anonymizing browser, finding trustworthy markets offering the information for sale, and sometimes gaining access to use the sites.”</p><p>“Once in, these dark web markets work like any commercial site connecting buyers and sellers—think eBay or Craigslist, but with stolen PII instead of old furniture and transactions, leveraging the anonymity of cryptocurrency,” notes Rubin.</p><p>Imagine now the attacker has a 70 percent complete digital profile of their target, says Norman. “They know from the social media profiles roughly what they&rsquo;ve bought over the last year and roughly when, indicating potentially when a credit card was used. On the Dark Web, they can then post questions like: Has anyone hacked X organization&rsquo;s customer service platform between this date and this date and do they have account details for X target. By narrowing the search, it reduces the price they need to pay for the details as it&rsquo;s just one key target, rather than buying in bulk. One profile with credit card details or the social security number can range anywhere from $50 - $200 – a small price to pay for access to potentially thousands of dollars.”</p>"
  },
  "date": "2020-04-30T09:17:00-05:00",
  "featured": false,
  "headline": "Vishing Attacks Increase During COVID-19",
  "id": "1588238220",
  "imageFilename": "attacked-400x315.png",
  "slug":"vishing-attacks-increase-during-covid-19",
  "sourceName": "Security Magazine",
  "sourceArticleUrl": "https://www.securitymagazine.com/articles/92277-vishing-and-cybercriminals-during-covid-19",
  "tags": ["Account Takeover(ATO)", "Covid-19", "Cybersecurity", "Vishing"]
},
{
  "content": {
    "html": "<p><em>“The person we spoke with at Citi&rsquo;s fraud department kept insisting that yes, it was my wife that called because the call came from her mobile number,” Jim said. “The Citi employee was alarmed because she didn&rsquo;t understand the whole notion of caller ID spoofing. And we both found it kind of disturbing that someone in fraud at such a major bank didn&rsquo;t even understand that such a thing was possible.”</em></p><p>You may have heard that today&rsquo;s phone fraudsters like to use caller ID spoofing services to make their scam calls seem more believable. But you probably didn&rsquo;t know that these fraudsters also can use caller ID spoofing to trick your bank into giving up information about recent transactions on your account — data that can then be abused to make their phone scams more believable and expose you to additional forms of identity theft.</p><p>Last week, KrebsOnSecurity told the harrowing tale of a reader (a security expert, no less) who tried to turn the tables on his telephonic tormentors and failed spectacularly. In that episode, the people impersonating his bank not only spoofed the bank&rsquo;s real phone number, but they were also pretending to be him on a separate call at the same time with his bank.</p><p>This foiled his efforts to make sure it was really his bank that called him, because he called his bank with another phone and the bank confirmed they currently were in a separate call with him discussing fraud on his account (however, the other call was the fraudster pretending to be him).</p><p>Shortly after that story ran, I heard from another reader — we&rsquo;ll call him “Jim” since he didn&rsquo;t want his real name used for this story — whose wife was the target of a similar scam, albeit with an important twist: The scammers were armed with information about a number of her recent financial transactions, which he claims they got from the bank&rsquo;s own automated phone system just by spoofing her phone number.</p><p>“When they originally called my wife, there were no fraudulent transactions on her account, but they were able to specify the last three transactions she had made, which combined with the caller-ID had mistakenly earned her trust,” Jim explained. “After we figured out what was going on, we were left asking ourselves how the crooks had obtained her last three transactions without breaking into her account online. As it turned out, calling the phone number on the back of the credit card from the phone number linked with the card provided the most recent transactions without providing any form of authentication.”</p><p>Jim said he was so aghast at this realization that he called the same number from his phone and tried accessing his account, which is also at Citi but wholly separate from his spouse&rsquo;s. Sure enough, he said, as long as he was calling from the number on file for his account, the automated system let him review recent transactions without any further authentication.</p><blockquote><p>So, it seemed the crooks would spoof caller ID when calling Citibank, as well as when calling the target/victim.</p></blockquote><p>“I confirmed on my separate Citi card that they often (but not quite always) were providing the transaction details,” Jim said. “I was appalled that Citi would do that. So, it seemed the crooks would spoof caller ID when calling Citibank, as well as when calling the target/victim.”</p><p>The incident Jim described happened in late January 2020, and Citi may have changed its procedures since then. But in a phone interview with KrebsOnSecurity earlier this week, Jim made a call to Citi&rsquo;s automated system from his mobile phone on file with the bank, and I could hear Citi&rsquo;s systems asking him to enter the last four digits of his credit card number before he could review recent transactions.</p><p>The request for the last four of the customer&rsquo;s credit card number was consistent with my own testing, which relied on a caller ID spoofing service advertised in the cybercrime underground and aimed at a Citi account controlled by this author.</p><p>In one test, the spoofed call let KrebsOnSecurity hear recent transaction data — where and when the transaction was made, and how much was spent — after providing the automated system the last four digits of the account&rsquo;s credit card number. In another test, the automated system asked for the account holder&rsquo;s full Social Security number.</p><p></p>"
  },
  "date": "2020-04-28T08:26:00-05:00",
  "featured": false,
  "headline": "Phone Spoofing Fraud Scam Tricks Security Expert and his Bank",
  "id": "1588062360",
  "imageFilename": "bank-fraud-400x315.png",
  "slug":"phone-spoofing-fraud-scam-tricks-security-expert-and-his-bank",
  "sourceName": "Krebs on Security",
  "sourceArticleUrl": "https://krebsonsecurity.com/2020/04/would-you-have-fallen-for-this-phone-scam/",
  "tags": ["Account Takeover(ATO)", "Caller-ID Spoofing", "Financial Fraud"]
},
{
  "content": {
    "html": "<p>As hospitals face a surge in patients and critical equipment shortages stemming from the coronavirus pandemic, they are increasingly becoming the target of hackers who see health care facilities as easy prey. </p><p>Ransomware attacks, in which hackers lock up a network and demand payment to return access to these systems, have presented a growing threat to hospitals since January. </p><p>Experts are warning that they expect these attacks to increase and that the threat has captured the attention of top intelligence lawmakers, who warn the outbreak and the ransomware attacks create the perfect storm.</p><p>“A major policy focus of mine before the onset of this health emergency was the cybersecurity posture of the health care sector, where we often found major hospital systems ill-equipped to handle ransomware incidents and data breaches,” Sen. Mark Warner (D-Va.), the vice chairman of the Senate Intelligence Committee, told The Hill in a statement.</p><p>“COVID-19 has only made that situation worse, with increased attacks and hospital resources stretched perilously thin,” Warner added.</p><p>Sen. Michael Bennet (D-Colo.), who expressed concerns following attacks on health agencies including the Department of Health and Human Services last month, told The Hill that he could see the Department of Homeland Security (DHS) having a role to play in protecting hospitals from cyberattacks.</p>"
  },
  "date": "2020-04-20T07:34:01-05:00",
  "featured": false,
  "headline": "Healthcare system braces for increase in cyberattacks",
  "id": "1587368041",
  "slug":"healthcare-system-braces-for-increase-in-cyberattacks",
  "sourceName": "The Hill",
  "sourceArticleUrl": "https://thehill.com/policy/cybersecurity/493410-hospitals-brace-for-increase-in-cyberattacks",
  "tags": ["Covid-19", "Cybersecurity", "Hackers", "Healthcare and Hospitals", "TDoS"]
},
{
  "content": {
    "html": "<p>If you get a text message saying you&rsquo;ve come into contact with someone who&rsquo;s tested positive for Covid-19, don&rsquo;t click the link. It&rsquo;s a scam, officials say. Warnings about such texts have been circulating from Kansas to Maine. And it&rsquo;s just one of numerous coronavirus-related scams that local, state and federal officials report are attempting to prey on vulnerable Americans.</p><p>Law enforcement facing onslaught of coronavirus scams that could last for yearsText messages and robocalls offering testing kits, bogus treatments or financial relief and claiming to be from government agencies have been reported to the Federal Trade Commission (FTC) and other government agencies. Other text message hoaxes may instruct people to stock up on supplies. And now that stimulus checks are in the mail, scammers are trying new tactics to get their hands on that money and people&rsquo;s personal information.The FTC, the main national agency that tracks and responds to alleged consumer scams, has already collected more than 20,000 complaints from all 50 states related to coronavirus, according to data the agency released last week. Almost half of the complaints from consumers say they&rsquo;ve lost money, at a midpoint of about $560 per reported scam.Here are some common scams floating around and how to avoid them.</p><h3>The Covid-19 contact scam</h3><p>One of the scams going around is a text message that tells the recipient that they&rsquo;ve come into contact with someone who has tested positive or shown symptoms for Covid-19.“Someone who came in contact with you tested positive or has shown symptoms for COVID-19 &amp; recommends you self-isolate/get tested,” one text reported to the Kansas Attorney General&rsquo;s office reads.</p><h3>The fake messages from government agencies</h3><p>Be on the lookout for emails, text messages or calls that claim they&rsquo;re from the US Centers for Disease Control and Prevention, the World Health Organization (WHO) or other governmental agencies.Here&rsquo;s one robocall reported by the FTC claiming to be from the Social Security Administration:“Hello. This is a call from the Social Security Administration. During the difficult times of the coronavirus, we regret to inform you that we have got an order to suspend your socials immediately within 24 hours due to suspicious and fraudulent activity found on your social. We are contacting you as this case is critical and needs your urgent attention,” the caller says, followed by a phone number that the recipient is urged to call for more information about the case.One text scam that the Federal Communications Commission says it recently learned of claims to be from the “FCC Financial Care Center” and offers $30,000 in Covid-19 relief -- even though the FCC is providing no such relief to consumers. The agency says the text is “likely a phishing attempt to get personal or banking information from unsuspecting victims.”</p>"
  },
  "date": "2020-04-19T10:06:00-05:00",
  "featured": false,
  "headline": "Beware of these fake text messages and robocalls going around about the coronavirus",
  "id": "1587290760",
  "imageFilename": "covid-19-robocall-scam-400x315.png",
  "slug":"beware-of-these-fake-text-messages-and-robocalls-going-around-about-the-coronavirus",
  "sourceName": "CNN",
  "sourceArticleUrl": "https://www.cnn.com/2020/04/19/us/coronavirus-text-message-scam-trnd/index.html",
  "tags": ["Caller-ID Spoofing", "Covid-19", "Crisis Exploitation", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p><em>Though banks are a favorite target of cyber criminals — “because bad guys go where the money is” — health care organizations are quickly closing the gap.</em></p><p>Cyber criminals are increasingly launching malicious software attacks against health care organizations, including those in Boston, disrupting medical treatment and threatening the vast amounts of private patient information housed at doctors&rsquo; offices and hospitals.</p><p>And even as health care providers are a growing target for hackers, the health care industry as a whole is lagging in security measures to prevent and respond to attacks, according to cybersecurity experts.</p><p>The risk has only increased amid the coronavirus pandemic, with hackers attempting to hamstring hospitals that are already stressed and scrambling to treat surging numbers of patients sick with the virus. In early April, Interpol alerted police forces in 194 countries to the heightened threat of cyber attacks targeting hospitals.</p>"
  },
  "date": "2020-04-19T07:37:00-05:00",
  "featured": false,
  "headline": "As cyber attacks grow, doctors and hospitals struggle to update security measures",
  "id": "1587281820",
  "slug":"as-cyber-attacks-grow-doctors-and-hospitals-struggle-to-update-security-measures",
  "sourceName": "Boston Globe",
  "sourceArticleUrl": "https://www.bostonglobe.com/2020/04/19/business/cyber-attacks-grow-doctors-hospitals-struggle-update-security-measures",
  "tags": ["Covid-19", "Cybersecurity", "Healthcare and Hospitals"]
},
{
  "content": {
    "html": "<p>The FBI has seen a spike in cyber crimes reported to its Internet Crime Complaint Center (IC3) since the beginning of the COVID-19 pandemic, as both domestic and international hackers look to take advantage of Americans&rsquo; daily activities moving increasingly online. </p><p>Tonya Ugoretz, the deputy assistant director of the FBI&rsquo;s Cyber Division, said Thursday that the IC3 was receiving between 3,000 and 4,000 cybersecurity complaints each day, a major jump from prior to the COVID-19 pandemic when about 1,000 complaints were received daily.</p><p>“We have increased vulnerabilities online, and increased interest from threat actors to exploit those,” Ugoretz said during a webinar hosted by the Aspen Institute on Thursday. </p><p>Ugoretz said many of the hackers are from nation states that have a “desire to gain insight” into COVID-19-related research, and that the “rapid shift to telework” has opened up a huge amount of cyber vulnerabilities for hackers to exploit.</p><p>“Countries have a very high interest in information on the virus … such as information on a vaccine,” Ugoretz said. “We have certainly seen reconnaissance activity and some intrusions into some of those institutions, especially those who have identified themselves as working on COVID research.”</p><p>The FBI was among a group of federal agencies that on Wednesday put out a joint alert warning of North Korean cyber threats, particularly to financial institutions, with the goal to fund North Korean weapons programs and get around international sanctions. </p>"
  },
  "date": "2020-04-16T09:33:00-05:00",
  "featured": false,
  "headline": "FBI sees 400% spike in cyber crime reports during coronavirus pandemic",
  "id": "1587029580",
  "imageFilename": "cyber-attacks-on-the-rise-400x315.png",
  "slug":"fbi-sees-400-spike-in-cyber-crime-reports-during-coronavirus-pandemic",
  "sourceName": "The Hill",
  "sourceArticleUrl": "https://thehill.com/policy/cybersecurity/493198-fbi-sees-spike-in-cyber-crime-reports-during-coronavirus-pandemic",
  "tags": ["Covid-19", "Cybersecurity", "FBI", "Hackers"]
},
{
  "content": {
    "html": "<p>Account takeover for employees, customers, and users has become a real issue since the COVID-19 outbreak. Here is why that is and what organizations can do about it.</p><p>Since its discovery in December 2019, the novel Coronavirus, Covid-19, has spread throughout the world and caused significant disruption. This disruption has taken many forms. Of course, the most serious consequence of the pandemic has been the loss of life and the economic impact. Measures such as social distancing and self-isolation are considered necessary. It&rsquo;s because of this that some authorities and conscientious employers moved to home-working.</p><p>The way we work has fundamentally changed, at least for the time being. We are now witnessing remote working at levels never seen in the past. This shift towards home working has allowed many thousands of businesses to continue operating through these unprecedented and uncertain times. However, this shift has also created opportunities for nefarious individuals to exploit companies. Work-from-home threats are a pressing and real concern.</p><h4>Account Takeover &amp; Attacks on the Rise during COVID-19 Crisis</h4><p>Cybersecurity experts and government officials have warned that companies transitioning to large scale remote working are at risk of cyberattacks, employee account takeover attacks, and customer account takeover attacks. Although remote working isn&rsquo;t new, many companies only had limited home-working capabilities, if any. The best way to ensure protection from cyber attacks is to have an educated workforce, robust cybersecurity systems and tools, and a thorough implementation of policies. However, unprecedented times call for unprecedented measures. The coronavirus pandemic hit swiftly and as such many businesses were ill-prepared to make this switch to remote working. Companies acted quickly to make this switch to prioritize the safety of their employees and the wider community. Unfortunately, this type of rapid change does leave companies vulnerable to cyber-attacks</p><p>The following factors contribute to increased cyberattack threat:</p><ul><li>Inexperienced workers – Many thousands of people are now working from home who have no (or very little) experience with remote working.</li><li>Fluidity in job roles – The evolving economic impact of the pandemic has caused businesses to make tough financial decisions. Some of these decisions involve cutting staff numbers or reducing the active workforce. These choices can significantly disrupt the usual way of working and cause job roles to become more fluid. Employees may find themselves taking on new responsibilities they are unfamiliar with. Cybercriminals can exploit this vulnerability by conducting social engineering or phishing attacks. These attacks are more likely to be successful when employees are less certain of their responsibilities or less able to spot an unusual request due to inexperience.</li><li>The strain on IT staff – Shifting large numbers of the workforce onto new IT systems that they are unfamiliar with naturally causes teething issues. IT staff will be spending more time fixing remote-working IT complications and have less time to dedicate to cybersecurity efforts.</li><li>Mistakes – A rushed implementation of new software or policies can lead to errors being made. Cybercriminals will be looking to exploit these errors before they are noticed and patched.</li><li>New scams and techniques – Many people are familiar with traditional scams like malicious fake invoice emails or calls to action that involve clicking on a malicious link for a familiar service. The more people are exposed to these scams or educated on them, the easier they are to spot and avoid. This is why hackers constantly work to adapt their methods to trick people. The coronavirus situation has allowed hackers to invent entirely new ways of encouraging employees to hand over their account details. During a crisis of this scale, communications from external bodies are more frequent and people are often more motivated to comply with requests from sources they deem authoritative.</li><li>Exposed data – Exposed information, such as user name and password, make it easy for cybercriminals to take over accounts. Don&rsquo;t let your users use compromised credentials, especially not during the COVID-19 pandemic.</li></ul>"
  },
  "date": "2020-04-15T10:26:00-05:00",
  "featured": false,
  "headline": "Employee Account Takeover in the Age of COVID-19",
  "id": "1586946360",
  "imageFilename": "account-takeover-attack-400x315.png",
  "slug":"employee-account-takeover-in-the-age-of-covid-19",
  "sourceName": "Security Boulevard",
  "sourceArticleUrl": "https://securityboulevard.com/2020/04/employee-account-takeover-in-the-age-of-covid-19/",
  "tags": ["Account Takeover(ATO)", "Covid-19", "Hackers"]
},
{
  "content": {
    "html": "<p>Hospitals that are already pushed to their limit dealing with a patient surge from the novel coronavirus pandemic are getting slammed with cyberattacks and digital scams, as well. </p><p>Among the most damaging are ransomware attacks that aim to shut down entire hospitals until they pay a fee that can cost millions of dollars. </p><p>Such attacks shut down computers at the Champaign-Urbana Public Health District in Illinois for three days in March and forced the district to shell out $300,000 in ransom, as reported by the Pew Charitable Trust&rsquo;s Stateline service. Another attack shut down computers at a university hospital in the Czech Republic, which was forced to turn away patients.</p><p>The attacks have prompted stark warnings to hospitals from the Department of Homeland Security and from Interpol, which warned of a “significant increase” in cyberattacks targeting hospitals around the globe. Interpol issued a “purple notice” — basically a warning about a criminal trend and its methods — alerting police in 194 countries about the heightened ransomware threat. </p><p>The attacks are part of a surge in hacks and scams prompted by the coronavirus pandemic aimed at taking advantage of people&rsquo;s dislocation and fears. But they&rsquo;re particularly effective against hospitals where the intense pressure created by the pandemic might make workers more likely to slip up and click a link they shouldn&rsquo;t, Jen Miller-Osborn, deputy director of Palo Alto Networks&rsquo;s Unit 42 threat intelligence unit, told me. </p><p>“People are stressed, and it might short-circuit the logic in their brain that says I shouldn&rsquo;t click that,” she said. </p><p>Miller-Osborn&rsquo;s group found hackers trying to lock up computers at a Canadian government health organization and a Canadian medical research university by posing as officials from the World Health Organization in a report out yesterday. The group also logged attempted digital attacks against medical research facilities in Canada and Japan, but it didn&rsquo;t name any of the victims.</p>"
  },
  "date": "2020-04-15T07:43:00-05:00",
  "featured": false,
  "headline": "Hospitals face a surge of cyberattacks during the Covid-19 pandemic",
  "id": "1586936580",
  "imageFilename": "hospitals-face-a-surge-of-cyberattacks-400x315.png",
  "slug":"hospitals-face-a-surge-of-cyberattacks-during-the-covid-19-pandemic",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2020/04/15/the-cybersecurity-202-hospitals-face-a-surge-of-cyberattacks-during-the-novel-coronavirus-pandemic/5e95fbc9602ff10d49ae4ba4/",
  "tags": ["Covid-19", "Cybersecurity", "Hackers", "Healthcare and Hospitals"]
},
{
  "content": {
    "html": "<p>As TCPAWorld reported a while back, the Department of Justice is now pursuing quasi-criminal injunctive relief proceedings against U.S. based phone carriers that are allegedly serving as gateways for fraudulent robocall traffic. This is a new tactic in the ongoing war on fraudulent robocalls in this nation, and one that treats phone carriers as potential aiders and abettors of fraudulent traffic on their networks—a real departure from the traditional immunity enjoyed by so-called common carriers. Indeed, for decades phone carriers were <em>prohibited </em>from making assessments about the desirability of calls under federal law. Well, no more.</p><p>In <em>United States v. Palumbo</em>, 20-cv-0473 (EK) (RLM), 2020 U.S. Dist. LEXIS 61466 (E.D.N.Y. March 24, 2020) a federal district court issued a preliminary injunction against so-called intermediary carriers TollFreeDeals and SIP Retail requiring, in essence, that these companies cease operations because they are “key participants in a large, ongoing telecommunications fraud.” And depending on your point of view this is either an excellent win in the fight against scam calls, or an order that throws the baby out with the bath water and threatens to shut down small legitimate carriers based upon third-party reports of potentially fraudulent calls traversing their networks.</p><p>Hold onto your hats folks, this one is cutting edge and just fascinating.</p><p>Defendants in <em>Palumbo </em>are/were phone carriers that carry telecommunications traffic and sell return phone numbers (so called DIDs) to customers in exchange for a fee. In a vacuum, this conduct is no different than what numerous (all?) other phone carriers do across the nation. The problem for these Defendants, however, is that the folks using their networks and phone numbers were engaging in highly-illegal conduct—scam robocalls.</p>"
  },
  "date": "2020-04-10T09:56:00-05:00",
  "featured": false,
  "headline": "SHUT DOWN: Court Relies On YouMail and Nomorobo Data to Issue Nation’s First Order Shutting Down a US Telecommunication Carrier for Allowing Fraudulent Robocalls",
  "id": "1586512560",
  "imageFilename": "supreme-court-building-400x315.png",
  "slug":"shut-down-court-relies-on-youmail-and-nomorobo-data-to-issue-nations-first-order-shutting-down-a-us-telecommunication-carrier-for-allowing-fraudulent-robocalls",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://www.natlawreview.com/article/shut-down-court-relies-youmail-and-nomorobo-data-to-issue-nation-s-first-order",
  "tags": ["Department of Justice", "Robocalls", "Stopping Bad Robocalls Act"]
},
{
  "content": {
    "html": "<p>Cyber criminals are preying on anxieties around the coronavirus outbreak in an effort to maximise the impact of their attacks – with some operations intensifying ransomware and DDoS attacks at a time when remote access to computer networks and online services is more vital than ever.</p><p>A new paper from Europol – based on contributions from European Union member states and partners – examines how cyber criminals have reacted and evolved since the beginning of the COVID-19 pandemic and how they&rsquo;re seeking to exploit vulnerabilities that have emerged.</p><p>It warns that crooks are stepping up ransomware attacks, even in a time of international crisis.</p><p>“The types of criminals exploiting the COVID-19 pandemic online were also active in the area of cybercrime before. However, some are believed to have intensified their activities and are actively recruiting collaborators to maximise the impact of their attacks or schemes,” says the report.</p><p>Last month, a Czech hospital serving as a COVID-19 testing centre was hit with a cyberattack in in the midst of a coronavirus outbreak, forcing some services to be temporarily shut down.</p>"
  },
  "date": "2020-04-03T07:23:00-05:00",
  "featured": false,
  "headline": "Ransomware and DDoS attacks: Cybercrooks are stepping up their activities in the midst of coronavirus",
  "id": "1585898580",
  "imageFilename": "news-hospital-400x315.png",
  "slug":"ransomware-and-ddos-attacks-cybercrooks-are-stepping-up-their-activities-in-the-midst-of-coronavirus",
  "sourceName": "ZDNet",
  "sourceArticleUrl": "https://www.zdnet.com/article/ransomware-and-ddos-attacks-cybercrooks-are-stepping-up-their-activities-in-the-midst-of-coronavirus/",
  "tags": ["Covid-19", "Cybersecurity"]
},
{
  "content": {
    "html": "<p>Like most of us, Elaine Regus and her husband have adapted to being home most of the day, except for the occasional walk around the neighborhood.</p><p>The San Dimas resident told me that in the past, they&rsquo;d typically find several messages from robocallers awaiting them any time they returned home.</p><p>“These days, nothing,” said Regus, 68. “We&rsquo;re wondering what happened.”</p><p>What happened is there&rsquo;s finally something good to say about the otherwise rotten coronavirus pandemic.</p><p>The volume of robocalls nationwide has plunged as overseas call centers have closed for lockdowns and social distancing, according to YouMail, an Irvine tech company that tracks robocall volume on a monthly basis.</p><p>Robocalls are automated, of course, but the most annoying ones often try to connect you with a live operator to close the deal, such as signing you up for a high-interest credit card or, worse, committing some act of fraud.</p><p>With call centers in India, the Philippines and elsewhere shut down for the coronavirus, many of these scammy companies have simply stopped making calls.</p><p>“The pandemic is disrupting everything,” said Alex Quilici, chief executive of YouMail. “So you can say this is a benefit of the coronavirus.”</p><p>He told me that about 4.1 billion robocalls were received by U.S. households in March — more than 132 million a day.</p><p>That might sound like a lot — and it is — but it&rsquo;s 700 million fewer than the 4.8 billion robocalls logged in February, and way less than the record 5.7 billion registered in October.</p>"
  },
  "date": "2020-04-02T09:42:00-05:00",
  "featured": false,
  "headline": "You Can Thank the Coronavirus for Plunge in Robocalls",
  "id": "1585820520",
  "imageFilename": "robocalls-decrease-during-pandemic-400x315.png",
  "slug":"you-can-thank-the-coronavirus-for-plunge-in-robocalls",
  "sourceName": "LA Times",
  "sourceArticleUrl": "https://www.latimes.com/business/story/2020-04-02/column-coronavirus-robocalls",
  "tags": ["Covid-19", "Robocalls"]
},
{
  "content": {
    "html": "<p>The Department of Justice recently announced that the U.S. District Court for the Eastern District of New York has entered orders in two separate civil actions, barring eight individuals and entities from allegedly continuing to facilitate the transmission of large volumes of fraudulent robocalls to consumers in the United States.</p><p>In one of the matters, <em>United States v. Nicholas Palumbo, et al.</em>, the District Court entered a preliminary injunction that bars two individuals and two entities from operating as intermediate voice-over-internet-protocol (VoIP) carriers during the pendency of the civil action. In the other matter, <em>United States v. John Kahen, et al.</em>, the District Court entered consent decrees that permanently bar an individual and three entities from operating as intermediate VoIP carriers conveying any telephone calls into the U.S. telephone system.</p><p>“These massive robocall fraud schemes target telephones of residents across our country, many of whom are elderly or are otherwise potentially vulnerable to such schemes,” said Assistant Attorney General Jody Hunt of the Department of Justice&rsquo;s Civil Division. “The department is committed to stopping this unlawful conduct and pursuing those who knowingly facilitate these schemes for their own financial gain.”</p><p>“This office will take all appropriate measures to stop fraudulent robocalling schemes responsible for causing catastrophic losses to victims, including seeking to permanently shut down the U.S.-based enablers of such schemes,” said United States Attorney Richard P. Donoghue for the Eastern District of New York. “Protecting elderly and vulnerable individuals from being conned by foreign call center scammers remains a priority of this office and the Department of Justice.”</p><p>The complaints alleged that the defendants in both cases operated as VoIP carriers, receiving internet-based calls from other entities, often located abroad, and transmitting those calls first to other carriers within the United States and, ultimately, to the phones of individuals. </p><p>Numerous foreign-based call centers are alleged to have used the defendants&rsquo; VoIP carrier services to pass fraudulent government- and business-imposter robocalls to victims in the United States. </p><p>The defendants also allegedly sold U.S. phone numbers to foreign entities, which were used as victim call-back numbers as part of massive robocalling fraud schemes.</p><p>As also alleged in the complaints, the defendants were warned numerous times that they were carrying fraudulent robocalls, including calls impersonating government agencies, such as the Social Security Administration, the IRS, and legitimate businesses, such as Microsoft. The complaints allege that the defendants continued to carry those calls and facilitate fraud schemes targeting individuals in the United States. </p>"
  },
  "date": "2020-03-30T09:50:00-05:00",
  "featured": false,
  "headline": "Justice Department Obtains Injunctions against Telecom Carriers for Transmission of Robocalls",
  "id": "1585561800",
  "slug":"justice-department-obtains-injunctions-against-telecom-carriers-for-transmission-of-robocalls",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://www.natlawreview.com/article/justice-department-obtains-first-their-kind-injunctions-against-telecom-carriers",
  "tags": ["Call Security", "Department of Justice", "Robocalls", "Toll Fraud & Call Pumping"]
},
{
  "content": {
    "html": "<p>As people around the world are faced with fears and concerns over the COVID-19 virus, criminals are also taking note. And unfortunately, they are using this as an opportunity to try and steal money and personal information by generating social engineering scams via email, text, and phone calls.</p><p>Over the past few weeks, there has been an increase in attempts to lure unsuspecting victims into going to malicious sites, clicking on malicious links, or providing personal information over the phone under the auspices of COVID-19. Many of these scams attempt to impersonate legitimate organizations, such as the Center for Disease Control or the World Health Organization, by offering fake informational updates and even promises of access to vaccines – all for a price, of course!</p><p>Social engineering constantly preys on the only vulnerability that cannot be patched, humans – you and me</p><p>Moreover, nobody is safe from these efforts – from administrative employees, contractors, and interns on up to the C-Suite and even business partners can be targets to obtain access to our networks and sensitive information. And for those of us now connecting to the office through our home networks, even our children are potential targets. It is a perpetual bombardment, every day, every minute of the day, 24/7/365.</p><p>Threat actors prefer the path of least of resistance. They hack the psyche of targets (who rarely realize the disguises) as well as rely on publically available intelligence and interactions to generate victim profiles. Cybercriminals are experts in the art of masquerading, manipulating, influencing, and devising lures to trick targets into divulging sensitive data, and/or giving them access to our networks and/or facilities.</p><p>Why waste an expensive 0-day when social engineering is so effective?</p><p>Understanding the primary attack vectors used by the adversary is key when it comes to deterrence; examples of social engineering based attacks include the following.</p><p><em>Digital Attacks</em></p><ul><li>Phishing/Spearphishing – Email-based attacks that target everyone or a specific person or role within an organization in order to entice individuals to click on malicious links or enter credentials or other personal information.</li><li>Social Media Deception – Adversaries create fake profiles to befriend victims while posing as a current or former co-worker, job recruiter, or someone with a shared interest on social media, especially LinkedIn. Their goal is to trick the victim into providing sensitive information or downloading malware to their device.</li><li>Pretexting – Attackers focus on creating a good pretext, or a false but believable fabricated story, so that they can use it to pretend to need certain information from their target in order to confirm their identity.</li><li>WaterHoling – An attack strategy where attackers gather information about a targeted group of individuals within a certain organization, industry, or region as to what legitimate websites they often visit. Attackers look for vulnerabilities in these sites in order to infect them with malware. Eventually individuals in the targeted group will visit those sites and then become infected.</li></ul><p><em>Phone Based Attacks</em></p><ul><li>Smishing – A text-based message attack that impersonates a legitimate source in order to lure a victim into downloading viruses and malware onto their cell phone or other mobile device.</li><li>Vishing – Phone-based attack in which adversaries call a cell phone pretending to be from a legitimate source, such as a bank, as a means to try and convince the target into divulging sensitive information such as credit card information or social security numbers. Tactics used by these scammers often rely on what&rsquo;s known as “caller ID spoofing”. ID spoofing allows them to generate phone calls that appear to be from a legitimate or local sources.</li></ul><p></p>"
  },
  "date": "2020-03-23T10:32:00-05:00",
  "featured": false,
  "headline": "COVID-19 Social Engineering Attacks",
  "id": "1584959520",
  "imageFilename": "phising-attack-400x315.png",
  "slug":"covid-19-social-engineering-attacks",
  "sourceName": "CSO",
  "sourceArticleUrl": "https://www.csoonline.com/article/3533339/covid-19-social-engineering-attacks.html",
  "tags": ["Caller-ID Spoofing", "Spoofing", "Vishing"]
},
{
  "content": {
    "html": "<p>Threat researchers at Microsoft, ClearSky Cyber Security, and Okta are among the hundreds of security experts helping the medical community fight COVID-19 cyberattacks through the COVID-19 CTI League.</p><p>Ohad Zaidenberg, lead cyber intelligence researcher at ClearSky Cyber Security, founded the group this week (CTI stands for cyber threat intelligence). And in just nine days, the league counts more than 450 members from more than 35 countries worldwide, he said.</p><p>“Since the corona crisis came out, I started to notice more and more hackers use it to gain profit,” he told SDxCentral. “When the pandemic became a global crisis, I understood these malicious activities can cause deaths. I thought that we, the cyber threat intelligence community, should stop sitting on the fence and volunteer to help the medical sector in its most challenging and sensitive time. We established this community to do it.”</p>"
  },
  "date": "2020-03-20T07:53:00-05:00",
  "featured": false,
  "headline": "Security Experts Battle Hackers, COVID-19 Cyberattacks",
  "id": "1584690780",
  "imageFilename": "security-experts-battle-cyberattacks-400x315.png",
  "slug":"security-experts-battle-hackers-covid-19-cyberattacks",
  "sourceName": "SDXcentral",
  "sourceArticleUrl": "https://www.sdxcentral.com/articles/news/security-experts-battle-hackers-covid-19-cyberattacks/2020/03/",
  "tags": ["Covid-19", "Cybersecurity", "Hackers"]
},
{
  "content": {
    "html": "<p>Cyber Advisory: <br><br><em>The NTIC Cyber Center assesses with high confidence that organizations within the Healthcare and Public Health Sector are at high risk of targeted and opportunistic cyber attacks exploiting the COVID-19 pandemic to disrupt operations, steal sensitive data, and generate illicit revenue for profit-motivated cyber threat actors.</em></p><p><br>Healthcare Sector Targeted<br><br>Over the past several years, Healthcare and Public Health Sector organizations have become increasingly attractive targets for cyber threat actors not only because of the treasure trove of sensitive personal and medical data collected and stored on their servers, but also because of the critical functions they perform. Unauthorized access of sensitive data and the disruption of operations can have a devastating and debilitating effect on those in need of the life-sustaining services these organizations provide. Historically, successful cyber attacks launched against organizations within this sector have resulted in stolen, inaccessible, or destroyed patient electronic health information, the unavailability of organization websites, servers, and email systems, disabled or disrupted telephone communications, and the cancellation or delay of scheduled medical procedures and other appointments.</p><p>COVID-19 Cybersecurity Risks Emerge <br><br>As the rapid emergence of COVID-19 within the US has already begun to place a strain on healthcare facilities, disruptive and destructive cyber attacks could potentially delay or cease critical services as the demand for COVID-19 testing and treatment increases. To reduce the risk of this scenario occurring, the NTIC Cyber Center urges cybersecurity professionals and IT administrators working in the Healthcare and Public Health Sector to take steps now to secure their networks and devices against cyber attacks.</p><p></p><p><br>TDOS is one of the top Cyber Threats Most Likely to Impact the Healthcare and Public Health Sector During the COVID-19 Epidemic<br><br>Telephony Denial-of-Service (TDoS): the attempt to make a targeted telephone system unavailable to legitimate incoming or outgoing calls by flooding it with call traffic or compromising a Voice-over-IP (VoIP) system. TDoS attacks are commonly launched against public safety answering points (PSAPs) and emergency call centers. An unintended TDoS condition can also occur when many people attempt to call a phone number at the same time, or a malicious mobile application generates a high volume of outgoing calls without the mobile phone user&rsquo;s interaction.</p><p>• In 2018, security researchers assessed that it only takes approximately 6,000 smart phones to disable 9-1-1 emergency services or PSAPs.</p>"
  },
  "date": "2020-03-17T11:34:34-05:00",
  "featured": false,
  "headline": "Health Sector at High Risk for COVID-19 TDoS Attacks",
  "id": "1584444874",
  "imageFilename": "Slide-Healthcare-min-400x315",
  "slug":"health-sector-at-high-risk-for-covid-19-tdos-attacks",
  "sourceName": "NTIC",
  "sourceArticleUrl": "https://securelogix.com/news/health-sector-at-high-risk-for-covid-19-tdos-attacks/ntic-cyber-center-advisory-health-sector-at-high-risk-of-cyber-attacks-exploiting-covid-19/",
  "tags": ["Covid-19", "Healthcare and Hospitals", "TDoS"]
},
{
  "content": {
    "html": "<p>Hackers are already impersonating the UN&rsquo;s health agency in an effort to carry out a variety of scams, from account takeovers to phony donation requests and the spread of malware. The FTC is also warning of “spoofed” emails, text messages, and phone calls that claim to be from the Centers for Disease Control (CDC).</p><p>Consumers can expect to see a wide range of coronavirus-related “phishing” (fake email), “smishing” (text message phishing), and “vishing” (phone fraud) scams over the coming weeks and months. These scams will prey on our insecurities about how and where the virus is spreading, and they could take several forms — such as fake health agency warnings about infections in your local area, vaccine and treatment offers, medical test results, health insurance cancellation, alerts about critical supply shortages, and more. </p>"
  },
  "date": "2020-03-17T08:15:20-05:00",
  "featured": false,
  "headline": "FTC Warns of “spoofed” emails, text messages, and phone calls that claim to be from the Centers for Disease Control (CDC).",
  "id": "1584432920",
  "slug":"ftc-warns-of-spoofed-emails-text-messages-and-phone-calls-that-claim-to-be-from-the-centers-for-disease-control-cdc",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "",
  "tags": ["Account Takeover(ATO)", "Caller-ID Spoofing", "Covid-19", "Spoofing"]
},
{
  "content": {
    "html": "<p>“In this study, we found that only 6,000 bots are sufficient to significantly compromise the availability of a state&rsquo;s 911 services and only 200,000 bots can jeopardize the entire United States,” Dr. Guri explains.</p>"
  },
  "date": "2020-03-17T07:30:53-05:00",
  "featured": false,
  "headline": "Study: Next Generation 911 Services ‘Highly Vulnerable to Cyber Attack’",
  "id": "1584430253",
  "slug":"study-next-generation-911-services-highly-vulnerable-to-cyber-attack",
  "sourceName": "Homeland Security Today",
  "sourceArticleUrl": "",
  "tags": ["TDoS"]
},
{
  "content": {
    "html": "<p>This week, the BBC showed scammers at work in an Indian call centre, recorded by an activist who hacked into the company&rsquo;s security cameras. Staff were seen laughing at their victims in the US and the UK. But who are these scammers, and how do they justify their actions?</p><p>Behind a pair of mirrored sunglasses, Piyush is telling me how he made a quarter of a million dollars.</p><p>“It was easy money,” he says, detailing how he bought fancy cars and wore designer clothes.</p><p>From a modest background, Piyush made a fortune by defrauding innocent victims at the other end of a phone.</p><p>“To become a rock star we have to do something,” he says.</p><p>“Become a thief?” I ask.</p><p>“Right,” he replies coolly.</p><p>Piyush meets me in a friend&rsquo;s apartment, in one of Delhi&rsquo;s richest neighbourhoods. The group of young men I&rsquo;ve come to talk to all have one thing in common - they&rsquo;ve worked in India&rsquo;s scam call-centre industry.</p><p>The country is well-known for outsourcing jobs from Western countries to legitimate call centres, but there&rsquo;s also a thriving dark side.</p><p>For nine years after leaving college, Piyush was part of it. “I wasn&rsquo;t getting a job anywhere else and the money and the incentives were good,” he says.</p><p>The company Piyush worked for ran what is known as a “tech support scam”. It would send a pop-up to people&rsquo;s screens, telling them their computer had been infected by a “pornographic virus” or other malware, and giving them a helpline number to call.</p><p>As panicking customers rang in, Piyush and his colleagues would milk them for money, to fix a problem that didn&rsquo;t actually exist.</p><p>Piyush tells me that tricking people is an “art”.</p><p>“We used to target the old people,” he says.</p><p>“There are many old people in the US who don&rsquo;t have families, are alone and are disabled, so it&rsquo;s very easy to trick them.”</p><p>I look at this man sitting opposite me in his baggy jeans and hipster T-shirt and wonder how he could be so cold-hearted. How would he feel if his own grandparents were victims of scamming, I ask?</p><p>“Yeah, I will feel bad,” he says. “I did it because I needed money and that&rsquo;s it.”</p><p>Piyush tells me how once he forced a woman to hand over her last $100, just so he could meet a target. For her, on the other side of the world, it was Christmas. “I took that $100 and she cried a lot while making the payment. Yeah, this was the worst call I ever had,” he says.</p><p>Piyush went on to set up his own call centre. He tells me it was easy. He rented office space and told the landlord he was starting a marketing firm. His staff worked late hours due to the time difference with the US, so there were few other people around to ask questions about what they were up to.</p><p>As the boss, Piyush was constantly thinking of new ways to con customers out of cash. He drew up a script for another fraudulent scheme, known as the IRS scam, which involved cold-calling people in the US and telling them they&rsquo;d get a tax refund of thousands if they first handed over $184.</p><p>“We used to tell them that the police will go to their house and arrest them if they didn&rsquo;t pay!” he says.</p><p>When he started out, Piyush was paid one rupee for every dollar he made in sales. So for a $100 dollar scam, he&rsquo;d only get $1.25 (£1).</p><p>But once he became the boss the money flooded in. Some “lucky months” he took home $50,000 (£40,000).</p><p>Another ex-scammer, Sam, got into the business unintentionally.</p><p>Unemployment in India is now higher than it has been for decades, so when Sam was looking for his first job he thanked a friend for telling him about a place he could earn good money without working too hard.</p><p>At the interview he was told it was a sales job, pitching products to customers in the USA.</p><p>It was only while he was being trained in how to talk to customers that he realised what he was getting into.</p><p>“After a month, when we actually made it to the floor, when we were supposed to go live, that&rsquo;s when we figured out the entire thing was a scam,” he tells me.</p><p>By that point Sam felt it was too late to back out.</p><p>“I was making more money than an MBA graduate and I don&rsquo;t have a college degree,” he remembers.</p><p>“I used to drink a lot, party a lot, what are you going to do with all that money when you literally you don&rsquo;t have any future plans?”</p><p>Like some other scammers I&rsquo;ve talked to, Sam wrestled with his conscience but told himself he was only targeting the wealthy.</p><p>“I just had to be sure that the customers weren&rsquo;t handing me the money for their food… so I always used to pitch to the big guys who can afford it,” he says.</p><p>He could work someone&rsquo;s income out, he says, from “the way they talk, the sort of things they have on their computer”.</p><p>“Is it OK to steal from people if you think they can afford it,” I ask?</p><p>“Yeah,” he replies confidently.</p><p>Sam says he&rsquo;s still in touch with some of the people he decided were too poor to be scammed, including a mother of three who worked in a fast food restaurant in the US.</p><p>He now helps her with any computer issues she might have, and is on her Christmas card list.</p><p>Sam says his high salary won him respect from his father, whom he no longer had to rely on for cash.</p><p>As we talk, he leans over and shows me the watch on his wrist, worth about $400. It was a gift from his boss for meeting his targets.</p><p>But his father - and friends - didn&rsquo;t know how he had come into such wealth. “When they asked what I did, I told them I worked for an IT company as a salesman,” he says.</p><p>Six months into the job, the call centre Sam worked at was raided by the police and was forced to shut down. Sam escaped arrest and within days secured employment in another similar business.</p><p>His bosses were detained for less than a day and he believes they just restarted the business under a different name. It&rsquo;s easy for such companies to operate under the radar, he tells me, which is why they continue to do so.</p><p>Sam now has a job with a reputable tech company and has long left the world of scamming. He says he decided to talk to me openly to appeal to others like him to pursue legal jobs, which offer better prospects in the long term - and where you don&rsquo;t run the risk of arrest.</p>"
  },
  "date": "2020-03-08T05:25:00-05:00",
  "featured": false,
  "headline": "Confessions of a Call Center Scammer",
  "id": "1583645100",
  "slug":"confessions-of-a-call-center-scammer",
  "sourceName": "BBC",
  "sourceArticleUrl": "",
  "tags": ["Call Center Fraud"]
},
{
  "content": {
    "html": "<p>Phone companies would be required to deploy technology that prevents spoofing of Caller ID under a plan announced today by Federal Communications Commission Chairman Ajit Pai.Pai follows Congress&rsquo; orders, requires carriers to verify Caller ID accuracy.</p><p>The STIR and SHAKEN protocols use digital certificates, based on public-key cryptography, to verify the accuracy of Caller ID. STIR/SHAKEN would work best if all phone companies adopt it because it can only verify Caller ID when both the sending carrier and receiving carrier have deployed the technology. Robocallers who spoof real numbers to hide their identities would get flagged by STIR/SHAKEN. Depending on how each carrier implements it, flagged calls could be passed on to consumers with a warning or be blocked entirely.</p><p>Carriers have already been adopting STIR/SHAKEN, but Pai said not all companies have done so. “Last year, I demanded that major phone companies voluntarily deploy STIR/SHAKEN, and a number of them did,” Pai said. “But it&rsquo;s clear that FCC action is needed to spur across-the-board deployment of this important technology.”</p><p>While STIR/SHAKEN might help reduce robocalls or slow their growth, it&rsquo;s not enough on its own to solve the large and complicated robocall problem. For one thing, a lot of robocalls originate from overseas. The FCC recently sent letters to seven US-based voice providers “that accept foreign call traffic and terminate it to US consumers,” saying these companies&rsquo; services are “being used as a gateway into the United States for many apparently illegal robocalls that originate overseas.” In a related action, the Department of Justice sued two small companies that allegedly connected hundreds of millions of fraudulent robocalls from Indian call centers to US residents.</p><p></p>"
  },
  "date": "2020-03-06T07:36:00-06:00",
  "featured": false,
  "headline": "FCC to require anti-robocall tech after “voluntary” plan didn’t work out",
  "id": "1583480160",
  "imageFilename": "phone-spam-400x315",
  "slug":"fcc-to-require-anti-robocall-tech-after-voluntary-plan-didnt-work-out",
  "sourceName": "ars Technica",
  "sourceArticleUrl": "https://arstechnica.com/tech-policy/2020/03/ajit-pai-follows-congress-instructions-requires-new-anti-robocall-tech/",
  "tags": ["Department of Justice", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>The U.S. Department of Homeland Security (DHS) Office of Inspector<br> General (OIG) joins the Social Security Administration (SSA) OIG and other<br> Federal agencies on March 5, 2020 for National “Slam the Scam” Day, to<br> raise public awareness of government imposter telephone scams across the<br> United States.</p><p> SSA OIG is engaging other Federal agencies and the private sector to<br> promote a National “Slam the Scam Day” as a National Consumer<br> Protection Week initiative. On March 5, SSA will participate in a USA.govhosted Twitter chat, and a Facebook Live event at Social Security.<br> Both DHS OIG and SSA OIG would like to warn all Americans to hang up<br> on all government imposters, and ask them to spread the word to family<br> and friends. These pervasive scams—in which callers pretend to be<br> government employees to mislead victims into providing personal<br> information or making payments—have become a scourge on the American public. The Federal Trade Commission recently reported victims lost nearly $153 million to government imposter scams last year.</p><p>DHS telephone numbers have been used in the past as part of a telephone<br> spoofing scam targeting individuals throughout the country. Spoofing is<br> the deliberate falsifying of information transmitted to a caller ID display to<br> disguise an identity. The perpetrators of the DHS-related scam represent<br> themselves as employees with “U.S. Immigration” or other government<br> entities. They alter caller ID systems to make it appear that the call is<br> coming from the DHS HQ Operator number (202-282-8000) or the DHS<br> Civil Rights and Civil Liberties (CRCL) number (202-401-1474). The<br> scammers obtain or verify personally identifiable information from their<br> victims through various tactics, including by telling individuals that they<br> are the victims of identity theft. The scammers also pose as law<br> enforcement or immigration officials and threaten victims with arrest<br> unless they make payments to the scammers using a variety of methods.<br> The scammers have also emailed victims from email addresses ending in<br> “uscis.org.” Many of the scammers reportedly have pronounced accents.</p><p>OFFICE OF INSPECTOR GENERAL<br> Department of Homeland Security<br> As a reminder, DHS never uses its HQ Operator or CRCL number to make<br> outgoing calls of this nature. Individuals receiving phone calls from these<br> numbers should not provide any personal information. It continues to be<br> perfectly safe to place calls to the DHS HQ Operator and CRCL numbers<br> and DHS officials may continue to be contacted by dialing the DHS HQ<br> Operator number.</p><p><br> DHS OIG takes these matters very seriously. Anyone who believes they<br> may have been a victim of this telephone spoofing scam is urged to call the<br> DHS OIG Hotline (1-800-323-8603) or file a complaint online via the DHS<br> OIG website www.oig.dhs.gov.</p><p>You may also contact the Federal Trade<br> Commission to file a complaint and/or report identity theft.</p>"
  },
  "date": "2020-03-05T08:32:00-06:00",
  "featured": false,
  "headline": "DHS Alerts Public of Phone Spoofing Scams on National ‘Slam the Scam’ Day",
  "id": "1583397120",
  "slug":"dhs-alerts-public-of-phone-spoofing-scams-on-national-slam-the-scam-day",
  "sourceName": "",
  "sourceArticleUrl": "https://www.oig.dhs.gov",
  "tags": ["Homeland Security", "Spoofing"]
},
{
  "content": {
    "html": "<p>Criminals are using concerns about the coronavirus epidemic to spread infections of their own.</p><p>They are forging emails mentioning the outbreak that appear to be from business partners or public institutions in an effort to get users to open the messages, unleashing malware.</p><p>The number of malicious emails mentioning the coronavirus has increased significantly since the end of January, according to cybersecurity firm Proofpoint Inc., which is monitoring the activity. The company recently assigned an analyst to track coronavirus threats, something it hasn&rsquo;t done for prior hacking campaigns related to disasters or major public events, said Sherrod DeGrippo, Proofpoint&rsquo;s senior director of threat research and detection. Proofpoint analysts now see multiple email campaigns mentioning the coronavirus every workday.</p><p></p>"
  },
  "date": "2020-03-04T08:15:00-06:00",
  "featured": false,
  "headline": "Hackers Target Companies with Coronavirus Scams",
  "id": "1583309700",
  "slug":"hackers-target-companies-with-coronavirus-scams",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "https://www.wsj.com/articles/hackers-target-companies-with-fake-coronavirus-warnings-11583267812",
  "tags": ["Covid-19", "Hackers"]
},
{
  "content": {
    "html": "<p>Despite ongoing efforts by industry and regulators to stem the flood of unwanted robocalls, a Transaction Network Services report has found that the number of such robocalls jumped by 49% from 2018 to 2019, and grew even faster in the second half of 2019 than they did in the first. The average consumer received 325 unwanted robocalls in 2019, and Americans as a whole now receive more than 300 million of those calls each day.</p><p>As the volume of calls continues to increase, scammers are also going all-out in tactics that try to fool users into answering their calls. So-called “neighbor spoofing,” in which a recipient&rsquo;s local exchange is spoofed, rose 40% year-over-year. Legitimate toll-free numbers are also being spoofed to disguise fraudulent calls, with high-risk calls from toll-free numbers more than doubling between 2018 to 2019 as robocall operations shifted from spoofing Voice over IP numbers to spoofing toll-free numbers. TNS found that they are “increasingly spoofing legitimate customer-care numbers from trusted brands to try to trick consumers.”</p>"
  },
  "date": "2020-03-04T08:01:00-06:00",
  "featured": false,
  "headline": "Study Finds Unwanted Robocalls up 49% in One Year",
  "id": "1583308860",
  "slug":"study-finds-unwanted-robocalls-up-49-in-one-year",
  "sourceName": "RCR Wireless News",
  "sourceArticleUrl": "https://www.rcrwireless.com/20200304/policy/unwanted-robocalls-up-49-in-one-year-tns-finds",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>Until now, the majority of us might have simply hung up on robocallers. However, there&rsquo;s now a way to get back at the companies who torment you with endless robocalls that ask you for your information or try to sell you stuff. The solution is called Robo Revenge, a service that lets you sue the unwanted caller for up to $3,000 per call.</p><p>Robo Revenge is the latest service offered by DoNotPay, a robot lawyer app that lets consumers do things like appeal parking tickets, cancel services or subscriptions or schedule appointments at government offices, among others. Joshua Browder, DoNotPay&rsquo;s founder and CEO, told Motherboard that big companies have failed to protect consumers from robocalls. This means that they have to take measures for themselves.</p>"
  },
  "date": "2020-02-16T07:51:00-06:00",
  "featured": false,
  "headline": "New App Helps Consumers Sue Robocallers",
  "id": "1581839460",
  "imageFilename": "sue-robocallers-400x315",
  "slug":"new-app-helps-consumers-sue-robocallers",
  "sourceName": "Gizmodo",
  "sourceArticleUrl": "https://gizmodo.com/hate-those-robocalls-this-service-lets-you-sue-them-fo-1841730699",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>The New York Times probes a rash of swatting attacks targeting industry leaders and their families, while the police struggle to find a solution.</p><p>“Over the first week of November, the police in San Francisco and New York responded to a series of telephone calls claiming that hostages were being held in the homes of Adam Mosseri, a senior Facebook executive.</p><p>The calls appeared to be coming from inside the homes. Officers arrived in force and barricaded the streets outside. Twice. But after tense, hourslong standoffs, they realized the calls were hoaxes. There were no hostages, and no one in the homes had called the police.”</p>"
  },
  "date": "2020-01-23T09:04:12-06:00",
  "featured": false,
  "headline": "Swatting Attacks Target Facebook and Other Tech Execs",
  "id": "1579770252",
  "slug":"swatting-attacks-target-facebook-and-other-tech-execs",
  "sourceName": "New York Times",
  "sourceArticleUrl": "https://www.nytimes.com/2020/01/23/technology/fake-swat-calls-swatting.html",
  "tags": ["Caller-ID Spoofing", "Swatting"]
},
{
  "content": {
    "html": "<p>A team of Chinese researchers has recently revealed the findings of a ground-breaking investigation into Android&rsquo;s voice-over-internet-protocol (VoIP) components. The team from OPPO ZIWU Cyber Security Lab, the Chinese University of Hong Kong and Singapore Management University, found no fewer than eight vulnerabilities.</p><p>Cybercriminals minded to exploit those vulnerabilities could do any of the following:</p><ul><li>Transfer calls without the recipient&rsquo;s knowledge</li><li>Spoof caller IDs</li><li>Crash VoIP devices</li><li>Run malicious code on a victim&rsquo;s device</li></ul><p>The unique nature of the study is what uncovered these severe cybersecurity risks. There has been other research into cybersecurity as related to a VoIP phone system. All those previous tests, though, concentrated on VoIP equipment, servers, and mobile apps.</p><p>The researchers from China, Hong Kong, and Singapore focused on the VoIP components in the Android OS itself. To assess the security of those components, the team devised a unique three-stage method.</p>"
  },
  "date": "2020-01-15T10:32:00-06:00",
  "featured": false,
  "headline": "Cybersecurity Researchers find Spoofing Vulnerability in Android’s VoIP Components",
  "id": "1579084320",
  "slug":"cybersecurity-researchers-find-spoofing-vulnerability-in-androids-voip-components",
  "sourceName": "Martech Series",
  "sourceArticleUrl": "https://martechseries.com/mts-insights/guest-authors/8-cybersecurity-risks-androids-voip-components/",
  "tags": ["Caller-ID Spoofing"]
},
{
  "content": {
    "html": "<p>Researchers find that 17 of 140 major online services are vulnerable to SIM swapping attacks.</p><p>A Princeton University academic study published yesterday found that five major US prepaid wireless carriers are vulnerable to SIM swapping attacks.</p><p>A SIM swap is when an attacker calls a mobile provider and tricks the telco&rsquo;s staff into changing a victim&rsquo;s phone number to an attacker-controlled SIM card.</p><p>This allows the attacker to reset passwords and gain access to sensitive online accounts, like email inboxes, e-banking portals, or cryptocurrency trading systems.</p><p>All last year, Princeton academics spent their time testing five major US telco providers to see if they could trick call center employees into changing a user&rsquo;s phone number to another SIM without providing proper credentials.</p><p>According to the research team, AT&amp;T, T-Mobile, Tracfone, US Mobile, and Verizon Wireless were found to be using vulnerable procedures with their customer support centers, procedures that attackers could use to conduct SIM swapping attacks.<br></p>"
  },
  "date": "2020-01-11T10:08:00-06:00",
  "featured": false,
  "headline": "Academic research finds five US telcos vulnerable to SIM swapping attacks",
  "id": "1578737280",
  "slug":"academic-research-finds-five-us-telcos-vulnerable-to-sim-swapping-attacks",
  "sourceName": "ZDNet",
  "sourceArticleUrl": "https://www.zdnet.com/article/academic-research-finds-five-us-telcos-vulnerable-to-sim-swapping-attacks/",
  "tags": ["Caller-ID Spoofing", "Sim Swapping", "Spoofing"]
},
{
  "content": {
    "html": "<p>An Indian national pleaded guilty in the Southern District of Texas Thursday for his role in operating an India-based call center that defrauded U.S. citizens out of millions.</p><p>Hitesh Madhubhai Patel, 43, pleaded guilty to wire fraud conspiracy, general conspiracy to commit identification fraud, access device fraud, money laundering and impersonation of a federal officer, the Department of Justice (DOJ) said.</p><p>“Hitesh Patel played a prominent role in this massive, India-based fraud scheme that bilked vulnerable Americans out of millions of dollars,” Assistant Attorney General Brian Benczkowski said.</p><p>Patel&rsquo;s sentencing is scheduled for April 3. He faces up to 20 years in prison for the wire fraud conspiracy and five years for the general conspiracy, both of which carry also the possibility of a fine of up to $250,000.</p>"
  },
  "date": "2020-01-09T09:32:00-06:00",
  "featured": false,
  "headline": "Indian man convicted in call-center fraud case scamming Americans out of millions",
  "id": "1578562320",
  "slug":"indian-man-convicted-in-call-center-fraud-case-scamming-americans-out-of-millions",
  "sourceName": "Fox News",
  "sourceArticleUrl": "https://www.foxnews.com/world/indian-man-convicted-call-center-fraud-case-scammed-americans-out-of-millions",
  "tags": ["Call Center Fraud", "Department of Justice"]
},
{
  "content": {
    "html": "<p>Trump signed the anti-robocall act following its bipartisan support in Congress.</p><p>President Donald Trump has signed a new law aimed at tackling the scourge of illegal robocalls.</p><p>The bipartisan legislation expanded the power of the Federal Communications Commission to deter spam calls and reinforced the responsibility of individual phone companies to protect their own consumers.</p><p>“With this legislation, phone companies will be required to give all consumers meaningful new protections against these calls and Americans will finally get some relief from the ringing telephone,” Maureen Mahoney, policy analyst with Consumer Reports, told The Associated Press.</p>"
  },
  "date": "2020-01-01T09:13:22-06:00",
  "featured": false,
  "headline": "Here’s what you need to know about the new law on robocalls",
  "id": "1577870002",
  "slug":"heres-what-you-need-to-know-about-the-new-law-on-robocalls",
  "sourceName": "ABC News",
  "sourceArticleUrl": "https://abcnews.go.com/Politics/law-robocalls/story?id=68008423",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>A new state law imposes civil penalties of up to $5,000 for calls that pretend to be coming from a different number, such as somebody on your phone contact list or a familiar-looking number that begins with 603. This practice is known as spoofing and used by scammers and unscrupulous marketers to fool people into answering their calls.</p><p>Realistically the law is unlikely to have much effect, since the state can prosecute only calls that originate within New Hampshire, but it&rsquo;s indicative of a push to use laws and technology to throttle the tidal wave of spoofed robocalls that is inundating the phone system.</p><p>“It&rsquo;s not going to be an easy law to enforce, but let&rsquo;s start with at least a law,” said Rep. David Luneau, D-Hopkinton, the main sponsor of the bill that strengthens an existing law, RSA 359-E. “It&rsquo;s part of a larger, more national initiative to go after these sort of practices.”</p><p>The new law covers robocalls and calls “for solicitation,” which includes calls from political campaigns, but does not cover individuals making calls via spoofing apps or other methods. Some groups, such as advocates for survivors of domestic abuse, say that individual call spoofing can be an important safety tool.</p>"
  },
  "date": "2019-12-31T09:13:00-06:00",
  "featured": false,
  "headline": "Robocalls that pretend to be from someone you know are now officially illegal in N.H.",
  "id": "1577783580",
  "slug":"robocalls-that-pretend-to-be-from-someone-you-know-are-now-officially-illegal-in-n-h",
  "sourceName": "Concord Monitor",
  "sourceArticleUrl": "https://www.concordmonitor.com/jan-1-phone-spoofing-law-nh-31650650",
  "tags": ["Caller-ID Spoofing", "Spoofing"]
},
{
  "content": {
    "html": "<p>Some robocalls are legitimate, and additional prosecutions don&rsquo;t prevent more bad actors from popping up</p><p>In a rare bipartisan achievement, Congress has moved to combat the scourge of robocalls inundating Americans.</p><p>Just don&rsquo;t expect the phone to stop ringing any time soon.</p><p>The robocall law, which passed both the House and Senate by wide margins, prods phone companies to cut off illegal marketers or scammers before the phone rings by spotting suspect traffic.</p><p>The legislation also boosts penalties for breakers of telephone consumer-protection laws and mandates that government agencies and companies work more closely together in stemming robocalls. The bill must still be signed by President Trump, which is expected given the near-unanimous support by both parties.</p><p>Lawmakers, industry and consumer groups say the bill represents significant steps forward, but they also concede that the calls are likely to continue—a reflection of how a lasting solution continues to elude the companies and regulators that control the telephone system.</p><p>“This isn&rsquo;t going to eliminate every robocall,” said Sen. John Thune (R., S.D.), one of the bill&rsquo;s prime sponsors, in an interview. “But we think it will go a long way toward getting at some of these not only annoying nuisance calls, but more importantly a lot of scam artists that prey on vulnerable populations.”</p>"
  },
  "date": "2019-12-26T09:19:00-06:00",
  "featured": false,
  "headline": "Washington’s New Anti-Robocall Law Won’t Stop the Calls. Here’s Why.",
  "id": "1577351940",
  "slug":"washingtons-new-anti-robocall-law-wont-stop-the-calls-heres-why",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "https://www.wsj.com/articles/washingtons-new-anti-robocall-law-wont-stop-the-calls-heres-why-11577367931",
  "tags": ["Robocalls", "Stopping Bad Robocalls Act"]
},
{
  "content": {
    "html": "<p>TDOS Attacks – whether an attempt to extort money or just a nuisance, Telephony Denial of Service attacks are increasing in occurrence and hurting businesses, governments and consumers.   Particularly vulnerable are 9-1-1 PSAPs, requiring agents to wade through false calls and overwhelmed infrastructure, preventing real emergencies from getting prompt emergency services.  Watch for enterprises and governments to invest more in 2020 on preventative software and systems, making their businesses more productive and avoiding service failures.</p>"
  },
  "date": "2019-11-20T10:39:00-06:00",
  "featured": false,
  "headline": "TDoS Attacks Named One of the Top 8 Trends to Watch in Telecom during 2020",
  "id": "1574246340",
  "slug":"tdos-attacks-named-one-of-the-top-8-trends-to-watch-in-telecom-during-2020",
  "sourceName": "",
  "sourceArticleUrl": "https://telecomreseller.com/2019/12/20/8-things-to-watch-in-telecom-during-2020/",
  "tags": ["TDoS"]
},
{
  "content": {
    "html": "<p>Fighting fraud is often compared to a game of whack-a-mole: Improve security in one area, and criminals will find a new way to breach a company&rsquo;s defenses in another area. In recent years, for example, the introduction of security chips has greatly reduced the fraudulent use of physical credit cards, but criminals have not responded by throwing up their hands and going home.</p><p>Instead, they&rsquo;re increasingly turning their attention to account takeovers.</p><p>Fraudsters sometimes gain access to victims&rsquo; bank and e-commerce accounts by cracking weak passwords or using stolen credentials, but more and more attacks are targeting what is emerging as the weak link in many organizations&rsquo; security systems: the phone channel.</p><p>In a recent study, 51% of the financial services companies we surveyed identified the call center as the vector of choice for account takeover attacks. Jim Hickman, assistant vice president of Financial Crimes Operations at USAA, and Tom Poole, senior vice president for digital payments and identity at Capital One, have also pinpointed the call center as the location where most fraud starts. At the Money 20/20 USA conference in 2018, they agreed that while account takeovers tend to show up in the online channel, the job usually begins by socially engineering call center agents.</p><p>Social Engineering And The Rise Of Account Takeovers</p><p>Call centers often use knowledge-based authentication -- asking callers to prove their identity by supplying personal information such as their account number and mother&rsquo;s maiden name -- to grant access to customer accounts. This process is highly vulnerable to social engineering, which is shorthand for when a scammer manipulates an agent into inappropriately granting access to an account, particularly now that vast troves of consumer data are available for sale on the dark web.</p><p>As the VP of technology for a company that works with financial institutions and other enterprises needing to authenticate callers to protect account access, I know this scenario all too well. Armed with personal information purchased on the dark web or gleaned from social media, a criminal can phone an organization&rsquo;s call center (perhaps using a spoofed number or a virtual call service to disguise the call&rsquo;s origins) and, posing as a customer, correctly respond to the agent&rsquo;s identity interrogation to convince him or her to reset the account&rsquo;s online password or change the associated email address.<br></p><p>Treating Everyone As A Suspect</p><p>Because these systems are not foolproof, and they merely flag risks rather than positively confirm a legitimate caller&rsquo;s identity, organizations end up treating every caller as a suspect while doing little to actually catch fraudsters.</p><p>This process asks agents to subject every caller to time-consuming (and often annoying) identity interrogation while spreading the organization&rsquo;s fraud-detection resources across all incoming calls, even though the vast majority of callers are actual customers. There is a better approach.</p><p>When detectives begin investigating a crime, one of their first steps is to confirm alibis and rule out suspects who don&rsquo;t match the forensic evidence at the scene. If they can rapidly eliminate 80% of the potential suspects, they can concentrate all their resources on the remaining 20%. This same principle applies to separating good and bad actors<em> before</em> they can commit a crime.</p><p>If an organization can immediately confirm the majority of callers as legitimate, the call center&rsquo;s fraud-detection staff and tools can be directed toward assessing the significantly smaller subset of non-authenticated calls, thus dramatically improving fraud-fighting return on investment. Agents receiving non-authenticated calls will be more alert to potential social engineering attempts, and the use of tools to assess inbound call data or caller voices can be much more focused.</p><p>But how can call centers confidently focus their fraud-fighting efforts if knowledge-based authentication is ineffective?</p><p>The first thing organizations need to do is fight fraud where it starts, not where it ends. They should build systems to accurately track fraud events back to the source. This will very often be the call center and will require an ability to record and replay activity on an account to determine the moment of account takeover.</p><p>A second approach is to augment the training of agents. A strong line of defense is an informed call center staff. Employees should be able to recognize the signs of a social engineering attempt, being wary of behaviors like a strong sense of urgency, pressure to make a quick decision or seeking empathy. Agents should be empowered to react to attempts, regularly retrained and apprised of the latest fraudster techniques.</p><p>And finally, companies should look into implementing stronger authentication methods. Organizations can choose from a growing range of multifactor authentication solutions using technologies that can verify customers&rsquo; identities and route them into a trusted caller flow. For example, an inherence factor (a voiceprint) can be combined with a physical ownership factor (the customer&rsquo;s smartphone) to create a solution that automatically and accurately authenticates callers before they reach an agent.</p>"
  },
  "date": "2019-11-13T10:01:00-06:00",
  "featured": false,
  "headline": "Why The Call Center Is The Vector Of Choice For Fraudsters",
  "id": "1573639260",
  "slug":"why-the-call-center-is-the-vector-of-choice-for-fraudsters",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.forbes.com/sites/forbestechcouncil/2019/11/13/why-the-call-center-is-the-vector-of-choice-for-fraudsters/#20630b5a6a61",
  "tags": ["Account Takeover(ATO)", "Call Center Fraud"]
},
{
  "content": {
    "html": "<p>The ubiquitous Caller ID hasn&rsquo;t changed much over the years, but the technology to exploit it has exploded. That may be about to change.</p><p>Fraud and abuse in the form of robocalling, and more specifically illegally spoofed calling, is the No. 1 consumer complaint to the Federal Communications Commission (FCC). Robocalls make up nearly half of all phone calls, so frustrated consumers simply don&rsquo;t answer incoming calls and businesses can&rsquo;t get through to customers when they need to reach them.</p><p>At the root of the problem is the ease of spoofing caller IDs. Anyone can spoof their outbound Caller ID by using an online service like Spooftel or SpoofCard. These services are meant to protect the caller&rsquo;s number from being displayed and claim they aren&rsquo;t intended for malicious purposes, but the fact that they exist indicates the breadth of the problem.</p><p>For cybersecurity professionals, Caller ID spoofing is a particularly pernicious problem. To gain the trust of their intended victim, hackers hide behind a friend, company, or institution associated with their target&rsquo;s information. Typically, they will find a trusted number and spoof it.</p><p>Caller identifications are determined during the second ring of a call. In this short period, spoofers use frequency shift keying to alter the binary format of the number, a process that can be automated. Current Caller ID technology was developed without any consideration that it could be used nefariously and hasn&rsquo;t changed much, while the technology to exploit it has exploded.</p><p>The FCC Steps in with SHAKEN and STIR<br>FCC chairman Ajit Pai challenged the telecommunications industry in November 2018 to adopt a caller authentication system to combat this growing nuisance or face regulatory intervention. This has spurred the telecommunications industry to develop a framework of interconnected standards called SHAKEN (Secure Handling of Asserted information using toKENs) and STIR (Secure Telephony Identity Revisited) that defines how telephone service providers should work together to ensure calling numbers have not been spoofed.</p>"
  },
  "date": "2019-11-11T10:22:00-06:00",
  "featured": false,
  "headline": "SHAKEN/STIR: Finally! A Solution to Caller ID Spoofing?",
  "id": "1573467720",
  "slug":"shaken-stir-finally-a-solution-to-caller-id-spoofing",
  "sourceName": "",
  "sourceArticleUrl": "https://www.darkreading.com/endpoint/shaken-stir-finally!-a-solution-to-caller-id-spoofing/a/d-id/1336285",
  "tags": ["Spoofing", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Call centers are starting to move away from KBA as new technologies emerge. The number of facilities looking for alternatives has doubled since 2018, with 17 percent utilizing MFA to better protect against fraud. The need for newer, stringent authentication comes as call centers — especially those for banks and other financial services — are getting hit with increasingly sophisticated fraud. A recent survey found that 51 percent of financial service professionals believe that phone channels see the greatest number of ATO attempts.</p><p>The healthcare industry is also busy fending off fraudsters in its contact centers, especially as seniors face an increase in phishing attempts and robocalls. Fraud protection is thus a high priority for all call centers, regardless of their industries. Call center leaders know this, as shown by the 91 percent who cited it as important.</p><p>Consumers are losing faith in passwords, PINs and similar KBA verification methods, but they also refuse to sacrifice speed and convenience for greater security — quick and easy user enrollment remains a top priority for that same 91 percent of call center industry leaders. Many call centers are looking to marry passwords and PINs with tools like biometrics because of this. Solutions like these rely more on who customers are rather than what they know. Users&rsquo; voices, how they hold their phones or type and their fingerprints are all factors call centers are examining for more secure authentication.</p><p>Call centers must maintain the ease of use customers have come to expect, while still protecting them from fraudsters. Implementing biometric verification in tandem with other tools could help call centers looking to move away from KBA. What is most notable about these newer authentication methods is that they do not always rely on the customers themselves. They instead work on the back end to ensure customers actually are who they say they are.</p>"
  },
  "date": "2019-10-23T10:15:00-05:00",
  "featured": false,
  "headline": "Call Centers Move Away From KBA With MFA Solutions",
  "id": "1571825700",
  "slug":"call-centers-move-away-from-kba-with-mfa-solutions",
  "sourceName": "PYMNTS",
  "sourceArticleUrl": "https://www.pymnts.com/call-center-commerce/2019/contact-centers-kba-mfa-solutions-technology/",
  "tags": ["Authentication", "Call Authentication", "KBA", "MFA"]
},
{
  "content": {
    "html": "<p>September 30, 2019</p><p>Given the recent media attention on combating robocalls, we need a reality check: We can&rsquo;t completely eradicate these “nuisance” calls. But we do have the technology and regulatory framework here in the United States to block the most egregious robocalls that put consumers at risk.</p><p>While there&rsquo;s not a panacea for robocalls, we can take huge strides in shutting down illegal robocalls run by fraudsters who use autodialed, pre-recorded messages to prey on unsuspecting victims to steal money or personal data, or both. Some quick clarity on terminology: If you answer the phone and hear a recording rather than a live person, then it&rsquo;s a robocall. And if the call is trying to sell you something, then it&rsquo;s illegal -- unless you&rsquo;ve given written permission to allow it. More information on robocalls from the Federal Trade Commission (FTC) can be found here.<br></p>"
  },
  "date": "2019-09-30T09:22:04-05:00",
  "featured": false,
  "headline": "Can We Stop The Scourge Of Robocalls?",
  "id": "1569835324",
  "slug":"can-we-stop-the-scourge-of-robocalls",
  "sourceName": "Forbes",
  "sourceArticleUrl": "http://bit.ly/33empPk",
  "tags": ["Authentication", "Caller-ID Spoofing", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>September 16, 2019</p><p>As No Jitter contributor Joyce Osenbaugh noted earlier this year, telecom fraud is on the rise. The Communications Fraud Control Association (CFCA)&rsquo;s annual survey of telecom fraud noted 2018 losses amounted to around $28 billion. While that&rsquo;s down a bit over the last few years, bad actors can still attack enterprise phone systems by fraudulent means...</p>"
  },
  "date": "2019-09-16T09:22:32-05:00",
  "featured": false,
  "headline": "The Threat of Toll Fraud Persists",
  "id": "1568625752",
  "slug":"the-threat-of-toll-fraud-persists",
  "sourceName": "No Jitter",
  "sourceArticleUrl": "http://bit.ly/2kQfOKb",
  "tags": ["Toll Fraud & Call Pumping"]
},
{
  "content": {
    "html": "<p>September 14, 2019</p><p>A new report highlights how nimble scammers and spammers are in the face efforts to combat robocalls.</p><p>Despite new initiatives by the Federal Communications Commission (FCC) and carriers, robocalls aren&rsquo;t on the wane. Americans are still facing a scourge of 200 million unwanted robocalls a day, according to a report from Transaction Network Services (TNS), a major telecommunications network and services company...</p>"
  },
  "date": "2019-09-14T09:26:49-05:00",
  "featured": false,
  "headline": "Robocalls Keep Pouring In As Hijacking Threat Emerges — How To Stop",
  "id": "1568453209",
  "slug":"robocalls-keep-pouring-in-as-hijacking-threat-emerges-how-to-stop",
  "sourceName": "Forbes",
  "sourceArticleUrl": "http://bit.ly/2lUiC9t",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>September 12, 2019</p><p>A new report suggests that the United States&rsquo; top mobile carriers are making headway in the fight against annoying robocalls.</p><p>The data analytics company Transaction Network Services (TNS) released its bi-annual “Robocall Report” on Thursday, and some of the emerging unwanted call trends included an increase in hijacking mobile numbers and a shift to spoofing toll-free numbers.</p><p>However, the most promising news for consumers was that only 12% of high-risk calls received during the first six months of 2019 originated from numbers owned by AT&amp;T, CenturyLink, Comcast, Sprint, T-Mobile and Verizon...</p>"
  },
  "date": "2019-09-12T09:29:49-05:00",
  "featured": false,
  "headline": "Most of the robocalls you get aren’t coming from AT&T, Sprint and T-Mobile numbers",
  "id": "1568280589",
  "slug":"most-of-the-robocalls-you-get-arent-coming-from-att-sprint-and-t-mobile-numbers",
  "sourceName": "USA Today",
  "sourceArticleUrl": "http://bit.ly/2kQGyu5",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>September 8, 2019</p><p>Four Peruvians who ran call centers as part of a $550,000 phone scam that targeted elderly Spanish-speaking U.S. residents can call the United States home for the next few years.</p><p>Soon, you can find their addresses in the federal prison inmate locator database. Each has been sentenced in Fort Lauderdale federal court.</p><p>Jesus Gutierrez Rojas, 37, got four years, three months and $921,740 in restitution on Tuesday after pleading guilty to three counts of extortion. Also Tuesday, 38-year-old Maria De Guadalupe Alexandra Podesta Bengoa and 43-year-old Virgilio Polo Davila each got three years, 10 months each after pleading guilty to one count of extortion. Podesta owes $114,717 in restitution and Polo Davila owes $619,014...</p>"
  },
  "date": "2019-09-08T09:33:13-05:00",
  "featured": false,
  "headline": "Phone calls from Peru got $550K from Spanish-speaking U.S. residents. The callers got prison",
  "id": "1567935193",
  "slug":"phone-calls-from-peru-got-550k-from-spanish-speaking-u-s-residents-the-callers-got-prison",
  "sourceName": "Miami Herald",
  "sourceArticleUrl": "http://bit.ly/2ko2X1A",
  "tags": ["Phone Scam"]
},
{
  "content": {
    "html": "<p>September 4, 2019</p><p>Thieves used voice-mimicking software to imitate a company executive&rsquo;s speech and dupe his subordinate into sending hundreds of thousands of dollars to a secret account, the company&rsquo;s insurer said, in a remarkable case that some researchers are calling one of the world&rsquo;s first publicly reported artificial-intelligence heists.</p><p>The managing director of a British energy company, believing his boss was on the phone, followed orders one Friday afternoon in March to wire more than $240,000 to an account in Hungary, said representatives from the French insurance giant Euler Hermes, which declined to name the company...</p>"
  },
  "date": "2019-09-04T09:37:07-05:00",
  "featured": false,
  "headline": "An artificial-intelligence first: Voice-mimicking software reportedly used in a major theft",
  "id": "1567589827",
  "slug":"an-artificial-intelligence-first-voice-mimicking-software-reportedly-used-in-a-major-theft",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "http://bit.ly/2mnrkNE",
  "tags": ["AI", "Financial Fraud", "Phone Scam"]
},
{
  "content": {
    "html": "<p>September 2, 2019</p><p>Spam and robocalls are such a nuisance and a widespread problem -- Americans endured over 26 billion of them in 2018 -- that the FCC has stepped in, fining four companies responsible for billions of robocalls. Stopping robocalls on your own is one thing, but the FCC has also tasked the communications industry with curbing the number of robocalls we all receive on a daily basis. Recently, 12 phone companies and 51 state attorneys general announced a plan to implement technology to identify, and eventually block robocalls. This is where STIR/SHAKEN (also called SHAKEN/STIR) comes in. </p><p>SHAKEN/STIR is a two-pronged protocol that AT&amp;T and T-Mobile will use to verify that the incoming caller is legit. It will also work with home phones running on Comcast&rsquo;s service. The end result is that Comcast, T-Mobile and AT&amp;T will authenticate caller ID among one another, so you have more assurance that the person who&rsquo;s calling you is real. </p>"
  },
  "date": "2019-09-02T13:52:18-05:00",
  "featured": false,
  "headline": "Inside your phone company’s plan to stop robocalls",
  "id": "1567432338",
  "slug":"inside-your-phone-companys-plan-to-stop-robocalls",
  "sourceName": "CNET",
  "sourceArticleUrl": "https://cnet.co/2ms9yIX",
  "tags": ["AT&T", "Authentication", "Call Authentication", "FCC", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>Spam calls are a plague, and carriers are finally starting to fight back, but there&rsquo;s been an unexpected casualty: Google Voice&rsquo;s “get voicemail via message” feature. The company is pulling it because the messages are getting flagged as spam, via Brian Krebs on Twitter.</p><p>The feature transcribes voicemails from a Google Voice number and texts them to the recipient. But because so many of these voicemails contained automated transcripts of spammy robocalls, those SMS messages were starting to get flagged as spam. In order to avoid further issues, Google is shutting down the feature, which is expected to be completed by August 9th.<br></p>"
  },
  "date": "2019-09-01T09:25:00-05:00",
  "featured": false,
  "headline": "Google Voice forced to shut down SMS voicemail forwarding as carriers fight spam calls",
  "id": "1567329900",
  "slug":"google-voice-forced-to-shut-down-sms-voicemail-forwarding-as-carriers-fight-spam-calls",
  "sourceName": "The Verge",
  "sourceArticleUrl": "https://www.theverge.com/2019/8/6/20757119/google-voice-sms-voicemail-forwarding-feature-carriers-fight-spam-calls",
  "tags": ["Voice Spam"]
},
{
  "content": {
    "html": "<p>August 29, 2019</p><p>The FBI is warning the public about a nationwide scam involving perpetrators impersonating its agents, according to information released by the agency this month.</p><p>In targeting unsuspecting victims, the fraudulent caller uses technology to “spoof” the phone number from an actual FBI field office, so victims believe the inbound call is coming from federal law enforcement.</p><p>The agency indicated scammers have mimicked telephone numbers belonging to FBI field offices in California, Montana, Colorado, Texas, Wisconsin, Oklahoma, and Kentucky...</p>"
  },
  "date": "2019-08-29T09:47:16-05:00",
  "featured": false,
  "headline": "Scammers are impersonating FBI phone numbers and agents, agency says",
  "id": "1567072036",
  "slug":"scammers-are-impersonating-fbi-phone-numbers-and-agents-agency-says",
  "sourceName": "CNN",
  "sourceArticleUrl": "http://bit.ly/2kT8ZHF",
  "tags": ["Caller-ID Spoofing", "FBI", "Fraud Prevention", "Phone Scam"]
},
{
  "content": {
    "html": "<p>August 29, 2019</p><p>Your cellphone rings from a number you don&rsquo;t recognize. Reluctantly, you pick it up and discover it&rsquo;s an automated call from your credit card company, warning you that someone has fraudulently used your card to buy 10 plane tickets to Singapore. You won&rsquo;t have to pay the charges. Whew!</p><p>Amid state and federal efforts to crack down on scam robocalls, legitimate robocallers worry that calls like this one will be blocked too.</p><p>Last week, attorneys general from all 50 states plus the District of Columbia announced a new agreement with telecom companies to crack down on illegal calls and scams. The U.S. House and Senate both have approved measures to curb the scam calls and are currently ironing out the differences between them, and the Federal Communications Commission is working on its own anti-scammer rules...</p>"
  },
  "date": "2019-08-29T09:40:31-05:00",
  "featured": false,
  "headline": "Legitimate phone calls are getting blocked in crackdown on robocalls",
  "id": "1567071631",
  "slug":"legitimate-phone-calls-are-getting-blocked-in-crackdown-on-robocalls",
  "sourceName": "USA Today",
  "sourceArticleUrl": "http://bit.ly/2m0uoiE",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>August 26, 2019</p><p>Three men were busted Monday in New York for running an Indian call-center con that fleeced more than $2 million from US victims — including a 76-year-old woman who lost her savings, prosecutors said.</p><p>Long Island brothers Kamal Zafar, 51, and Jamal Zafar, 48, and Queens man Armughanul Asar, 68, were hauled before a federal judge in Central Islip, where they pleaded not guilty to charges of conspiracy to commit wire fraud and money-laundering conspiracy.</p><p>Prosecutors say the trio worked with “co-conspirators” at a call center in India, where scammers would badger Americans on their home phones by posing as employees of the IRS, the DEA or the Social Security Administration.</p>"
  },
  "date": "2019-08-26T13:31:09-05:00",
  "featured": false,
  "headline": "New York men busted in $2.3M call center scam: feds",
  "id": "1566826269",
  "slug":"new-york-men-busted-in-2-3m-call-center-scam-feds",
  "sourceName": "New York Post",
  "sourceArticleUrl": "http://bit.ly/2mh9P1h",
  "tags": ["Call Center Fraud", "Call Center Security", "IRS"]
},
{
  "content": {
    "html": "<p>August 23, 2019</p><p>AT&amp;T Inc., Verizon Communications Inc. and 10 other large phone companies have struck an agreement with 51 attorneys general to enact technology to block robocalls before they reach people.</p><p>The deal, announced Thursday, will help protect consumers from receiving illegal robocalls and will assist law enforcement in investigating and prosecuting bad actors, said North Carolina Atty. Gen. Josh Stein, who is leading the effort that includes all 50 states and the District of Columbia.</p><p>Under the nonbinding deal, the companies will launch the call-blocking technology at no cost to consumers and will make other anti-robocall devices and apps available free of charge to subscribers.</p>"
  },
  "date": "2019-08-23T13:41:51-05:00",
  "featured": false,
  "headline": "Phone companies and all 50 states strike deal to fight robocalls",
  "id": "1566567711",
  "slug":"phone-companies-and-all-50-states-strike-deal-to-fight-robocalls",
  "sourceName": "LA Times",
  "sourceArticleUrl": "http://bit.ly/2kH7e0q",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>August 23, 2019</p><p>NEW YORK (AP) — Major phone companies have pledged to do more to fight robocalls plaguing Americans, the country&rsquo;s state attorneys general says.</p><p>It&rsquo;s the latest step from government and industry to combat the growing problem. Americans get nearly 5 billion automated calls from scammers, telemarketers, debt collectors, and others every month. Parts of the agreement echo steps already taken by regulators and Congress, which is working on anti-robocall bills.</p><p>There&rsquo;s no timeline, though, for the 12 major phone companies in the pact to fulfill the promises announced Thursday by attorneys general from all 50 states and the District of Columbia.</p>"
  },
  "date": "2019-08-23T13:37:44-05:00",
  "featured": false,
  "headline": "Major Carriers, State AGs Will Work to Combat Robocalls",
  "id": "1566567464",
  "slug":"major-carriers-state-ags-will-work-to-combat-robocalls",
  "sourceName": "CBN News",
  "sourceArticleUrl": "http://bit.ly/2mhaZtF",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>August 21, 2019</p><p>Lately, Congress has been known more for all its partisan gridlock and infighting than for getting things done. But lawmakers have leapt at the chance to provide relief from robocalls to their constituents. The passage of the bipartisan Traced Act in the Senate was soon followed by the near unanimous approval of the Stopping Bad Robocalls Act in the House.</p><p>The Senate bill provided an important step in protecting us from spoofed calls with fake caller IDs, but the House bill takes the fight to the next level by requiring rules that will actually stop the abusive and unwanted robocalls from being made in the first place. To preserve the value of the national telephone system, we need the provisions of both bills signed into law.</p>"
  },
  "date": "2019-08-21T13:46:44-05:00",
  "featured": false,
  "headline": "Will Congress act to stop robocalls?",
  "id": "1566395204",
  "slug":"will-congress-act-to-stop-robocalls",
  "sourceName": "The Hill",
  "sourceArticleUrl": "http://bit.ly/2mtYJWN",
  "tags": ["Robocalls", "Stopping Bad Robocalls Act", "TRACED Act"]
},
{
  "content": {
    "html": "<p>August 14, 2019</p><p>As the Federal Communications Commission wages war on robocalls, phone carriers are working together to ensure their customers are protected from scams.</p><p>AT&amp;T and T-Mobile announced today calls across both networks would be verified, a step toward meeting the industry-wide SHAKEN/STIR standard.</p><p>SHAKEN/STIR verifies the authenticity of a call and alerts you if it is suspected as a spoof or scam. The call is verified at the network level and a symbol such as a check mark will appear to let you know if the call is not spoofed. With AT&amp;T and T-Mobile, you will see “Call Verified” on your screen when you get a call.</p>"
  },
  "date": "2019-08-14T13:58:23-05:00",
  "featured": false,
  "headline": "AT&T and T-Mobile team up in a first step toward identifying robocalls across networks",
  "id": "1565791103",
  "slug":"att-and-t-mobile-team-up-in-a-first-step-toward-identifying-robocalls-across-networks",
  "sourceName": "USA Today",
  "sourceArticleUrl": "http://bit.ly/2m6iDXW",
  "tags": ["Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>August 7, 2019</p><p>Acting to implement a Congressional legislative directive, the Federal Communications Commission (FCC) last week “adopted new rules banning malicious caller ID spoofing of text messages and foreign calls.” The ruling further implements amendments to the Truth in Caller ID Act of 2009, codified in 47 U.S.C. 227(e), enacted last year in the RAY BAUM&rsquo;S Act.</p><p>The Truth in Caller ID Act “prohibits anyone from causing a caller ID service to knowingly transmit misleading or inaccurate caller ID information (&lsquo;spoofing&rsquo;) with the intent to defraud, cause harm or obtain anything of value.” However, until last year&rsquo;s Congressional action, that prohibition did not extend to text messages or international calls. The new FCC rules will effect that extension, including to “additional types of voice calls, such as one-way VoIP calls.” </p>"
  },
  "date": "2019-08-07T14:12:44-05:00",
  "featured": false,
  "headline": "FCC Adopts Rules to Ban Malicious Spoofing of Texts and International Calls",
  "id": "1565187164",
  "slug":"fcc-adopts-rules-to-ban-malicious-spoofing-of-texts-and-international-calls",
  "sourceName": "Inside ARM",
  "sourceArticleUrl": "http://bit.ly/2m8WKai",
  "tags": ["FCC", "Robocalls", "Spoofing", "Truth in Caller ID Act"]
},
{
  "content": {
    "html": "<p>August 4, 2019</p><p>CHICAGO (CBS) — Americans receive around 150 million robocalls every day by some estimates, and last week the Federal Communications Commission (FCC) put new measures in place to crack down.</p><p>But as CBS News&rsquo; Lisa Mateo reported Sunday evening, experts say it will not put an end to those unwanted calls.</p><p>Robocalls are a daily annoyance. Patricia Juhasz said she got 14, all of which were spoofed.</p><p>“All from a 216 phone number, which is our area code, so it looks like it&rsquo;s a local number,” Juhasz said.</p><p>If the calls weren&rsquo;t bad enough, earlier this year, Juhasz also received a series of robo texts promising cash loans.</p>"
  },
  "date": "2019-08-04T14:15:28-05:00",
  "featured": false,
  "headline": "FCC Cracking Down On Robocalls, But Expert Warns New Rules Won’t End Them",
  "id": "1564928128",
  "slug":"fcc-cracking-down-on-robocalls-but-expert-warns-new-rules-wont-end-them",
  "sourceName": "CBS Chicago",
  "sourceArticleUrl": "https://cbsloc.al/2l6kLyH",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>August 1, 2019</p><p>It is legal for robocallers overseas to trick U.S. consumers by disguising their phone numbers. The Federal Communications Commission just voted to change that.</p><p>The regulator voted Thursday on a change to caller-ID rules that will extend a ban on faking caller information for malicious purposes to calls coming from abroad. Scammers often...</p>"
  },
  "date": "2019-08-01T14:19:12-05:00",
  "featured": false,
  "headline": "Duped by a Robocall From Overseas? It Was Legal",
  "id": "1564669152",
  "slug":"duped-by-a-robocall-from-overseas-it-was-legal",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "https://on.wsj.com/2l5GOp3",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>August 1, 2019</p><p>The Federal Communications Commission took another step on Thursday in the ongoing battle to end the scourge of robocalls Americans receive. It would bar spoofed calls from overseas scammers.</p>"
  },
  "date": "2019-08-01T14:17:49-05:00",
  "featured": false,
  "headline": "Federal Communications Commission Takes Another Step To Try And Stop Robocalls",
  "id": "1564669069",
  "slug":"federal-communications-commission-takes-another-step-to-try-and-stop-robocalls",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://n.pr/2kveVXc",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 17, 2019</p><p>A House panel on Wednesday voted to advance legislation aimed at protecting U.S. consumers from the billions of illegal robocalls made every year.</p><p>The Stopping Bad Robocalls Act had accrued 152 co-sponsors and passed the House Energy and Commerce Committee, 49-0.The bipartisan legislation takes aim at the illegal spam calls, often from scammers seeking to collect personal information on vulnerable consumers, by toughening up the Federal Communications Commission&rsquo;s (FCC) ability to crack down on the scourge.</p><p>It would require telephone carriers to implement technology that verifies caller identity without charging customers an extra fee.</p>"
  },
  "date": "2019-07-17T14:27:40-05:00",
  "featured": false,
  "headline": "House panel advances anti-robocall bill",
  "id": "1563373660",
  "slug":"house-panel-advances-anti-robocall-bill",
  "sourceName": "The Hill",
  "sourceArticleUrl": "http://bit.ly/2me8lop",
  "tags": ["FCC", "Stopping Bad Robocalls Act"]
},
{
  "content": {
    "html": "<p>July 12, 2019</p><p>The Federal Communications Commission is lauding the progress that phone carriers are making in the fight against unwanted robocalls, but also warning that if they fail to meet a deadline, the agency will move to impose new regulations.</p><p>This week the FCC held a summit on combating robocalls, a broadly acknowledged problem that has eroded trust in the phone system and put consumers -- particularly the elderly -- at risk of falling prey to scammers.</p><p>The FCC has alighted on a technical approach to fight the spoofed calls that often show up on your caller ID with your own area code and, often, the same first three numbers as your own phone number. Those calls, by spoofing your own number, aim to trick you into answering what appears to be a legitimate, local call, but in more likelihood originates from an overseas auto-dialing operation. The result, officials have lamented, is that we have become a “nation of call screeners.”</p>"
  },
  "date": "2019-07-12T10:42:52-05:00",
  "featured": false,
  "headline": "FCC To Phone Companies: Knock Off The Robocalls Or Else",
  "id": "1562928172",
  "slug":"fcc-to-phone-companies-knock-off-the-robocalls-or-else",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://bit.ly/2o9xfGV",
  "tags": ["Caller-ID Spoofing", "FCC", "Spoofing"]
},
{
  "content": {
    "html": "<p>December 20, 2018</p><p>On December 14, the Florida Attorney General (AG) and the Federal Trade Commission (FTC) announceda $23 million federal district court judgment against the owner of an Orlando-based “robocall” operation. The massive robocall operation tricked consumers into paying upfront fees of $500 to $1500 for false credit card interest-rate-reduction and debt-elimination services, allegedly causing $23 million in consumer harm.</p><p>The settlement follows litigation filed in June 2016 alleging that the owner and 19 other defendants operated an illegal robocall scheme in violation of the FTC Act, 15 U.S.C. § 53(b), the FTC&rsquo;s Telemarketing Sales Rule, 15 U.S.C. § 45(a), and the Telemarketing and Consumer Fraud and Abuse Prevention Act, 15 U.S.C. §§ 6101-6108. The Orlando federal district court judge temporarily enjoined the operation in 2016. Settlements with the remaining 19 defendants are pending court approval…</p>"
  },
  "date": "2019-07-11T14:04:48-05:00",
  "featured": false,
  "headline": "Florida AG and FTC Obtain $23 Million Judgment in Robocall Enforcement Action",
  "id": "1562853888",
  "slug":"florida-ag-and-ftc-obtain-23-million-judgment-in-robocall-enforcement-action",
  "sourceName": "JD Supra",
  "sourceArticleUrl": "https://bit.ly/2BYOQok",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 10, 2019</p><p>IRVINE<em>,</em> Calif., July 10, 2019 /PRNewswire/ -- Americans received 4.35 billion robocalls in June, down nearly 17% from the all-time high of 5.23 billion in March, marking the nation&rsquo;s third consecutive month with reduced robocall volumes. Despite the decrease, the U.S. has received over 29 billion robocalls already this year and averaged over 145 million robocalls per day in June alone, or 1,678 robocalls per second. These latest monthly figures come from YouMail, a totally free robocall blocking solution for mobile phones.</p><p>“This three-month decline in robocall volumes is a positive development,” said YouMail CEO Alex Quilici. “However, we have already exceeded 29 billion robocalls so far this year, which is still nearly 90 calls per person in the U.S.”</p>"
  },
  "date": "2019-07-10T10:40:33-05:00",
  "featured": false,
  "headline": "U.S. Gets 4.35 Billion Robocalls in June, According to YouMail Robocall Index",
  "id": "1562755233",
  "slug":"u-s-gets-4-35-billion-robocalls-in-june-according-to-youmail-robocall-index",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "https://yhoo.it/2nu9464",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>July 10, 2019</p><p>AT&amp;T said Tuesday it will start to automatically block robocalls and alert customers of suspected spam calls for free.</p><p>The company already offers a “Call Protect” service, but customers have to manually opt-in. Now AT&amp;T customers will be automatically enrolled, the company announced.</p><p>New customers will have the service automatically and existing customers will have it added to their accounts “over the coming months.”</p><p>Customers who want to decline the service will be able to opt-out.</p>"
  },
  "date": "2019-07-10T10:34:41-05:00",
  "featured": false,
  "headline": "AT&T promises to automatically block robocalls in ‘coming months’",
  "id": "1562754881",
  "slug":"att-promises-to-automatically-block-robocalls-in-coming-months",
  "sourceName": "Fox Business",
  "sourceArticleUrl": "https://fxn.ws/2xEwpU4",
  "tags": ["AT&T", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 9, 2019</p><p>Major companies have been victimized in recent years by massive data breaches that exposed billions of customers&rsquo; personal identifiable information. Fraudsters are now using this stolen personal data to masquerade as trusted companies in a new, more effective scam strategy called Enterprise Spoofing. In a 2018 Scam Report, First Orion reported that nearly half of all mobile calls would be scam in 2019, and while volume remains high--still trending to over 40% on the year--it turns out that scammers are now shifting to a &rsquo;quality over quantity&rsquo; approach for the first time using more sophisticated techniques than ever.</p><p>To examine this issue in-depth, First Orion analyzed over 40 billion calls made to customers in 2019 (year to date) and commissioned a blind study of 5,000 mobile phone subscribers in the United States who had spoken to scam callers to create the second annual Scam Report for 2019.</p>"
  },
  "date": "2019-07-09T10:31:39-05:00",
  "featured": false,
  "headline": "First Orion Reports Scam Callers Now Leveraging Data Breaches in New “Enterprise Spoofing” Strategy",
  "id": "1562668299",
  "slug":"first-orion-reports-scam-callers-now-leveraging-data-breaches-in-new-enterprise-spoofing-strategy",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "https://yhoo.it/2oat91p",
  "tags": ["Data Breach", "Enterprise", "Phone Scam", "Spoofing"]
},
{
  "content": {
    "html": "<p>July 9, 2019</p><p>LOS ANGELES—Your phone rings, and, for the third time today, you see a spam call is coming through. You send the call to voicemail and think, “<em>Who </em>is calling me?” </p><p>Chances are, the call is coming from inside the United States. </p><p>Alex Quilici, CEO of YouMail robocall blocking app, estimates hundreds of millions of telemarketing and student loan scam calls originating from the U.S. The Federal Trade Commission cracked down on robocallers inside the country in June, taking 94 actions on a variety of scams. The majority of the callers were based in Florida and California and used robocalling technology to deploy interest rate reduction, weight loss and medical alert system scams. </p>"
  },
  "date": "2019-07-09T10:25:42-05:00",
  "featured": false,
  "headline": "This is where robocalls are coming from (and where they are targeting)",
  "id": "1562667942",
  "slug":"this-is-where-robocalls-are-coming-from-and-where-they-are-targeting",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://bit.ly/2JsYd4k",
  "tags": ["FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 8,2019</p><p>The Federal Communications Commission is expanding its war on robocalls.</p><p>New rules, proposed by FCC Chairman Ajit Pai and expected to be voted on at the agency&rsquo;s Aug. 1 meeting, would ban the use of fake numbers in international robocalls and text messages.</p><p>This “spoofing” technique uses a false caller ID, to make it appear as if the perpetrator is calling or texting from a nearby location, as a way to get recipients to answer or respond.</p><p>As regulators combat robocalls, more are coming from overseas, they say. In the first half of 2019, the FCC got more than 35,000 complaints about caller ID spoofing.</p>"
  },
  "date": "2019-07-08T10:20:18-05:00",
  "featured": false,
  "headline": "The FCC’s robocall offensive: text messages and international ‘spoofed’ calls targeted",
  "id": "1562581218",
  "slug":"the-fccs-robocall-offensive-text-messages-and-international-spoofed-calls-targeted",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://bit.ly/2mIbyxo",
  "tags": ["Caller-ID Spoofing", "FCC", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>July 5, 2019</p><p>The Federal Trade Commission announced last week a crackdown on robocallers, giving one of the clearest pictures yet of the people and organizations behind the avalanche of nuisance phone calls to consumers.</p><p>The actions are important because they draw the connection between robocalls, which may seem like mere annoyances, to the fraudulent organizations or illegal mass-calling schemes behind them.</p><p>“We have a strong robocalling enforcement program, which is meant to protect wider consumers from abuse and abusive calls,” said Ian Barlow, program coordinator for the FTC&rsquo;s Do Not Call program...</p>"
  },
  "date": "2019-07-05T18:53:35-05:00",
  "featured": false,
  "headline": "Robocalls are not only annoying — there’s an entire dirty industry behind them, FTC reveals",
  "id": "1562352815",
  "slug":"robocalls-are-not-only-annoying-theres-an-entire-dirty-industry-behind-them-ftc-reveals",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://cnb.cx/2YGyQS3",
  "tags": ["Do Not Call", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 2, 2019</p><p>The Federal Communications Commission (“FCC” or “Commission”) has released a Declaratory Ruling and Third Further Notice of Proposed Rulemaking on June 7, 2019 in an attempt to further protect consumers from illegal, including spoofed, robocalls. (Docket Nos. CG 17-59 and WC 17-97) The FCC clarifies that voice service providers may utilize “reasonable analytics” to identify and block robocalls on a default basis. At the same time, the FCC is proposing to adopt a rule mandating the implementation (for those voice providers who have not already voluntarily done so) of the industry&rsquo;s SHAKEN/STIR Caller ID authentication and protections for critical calls, including calls to Public Safety Answer Points (“PSAPs”)...</p>"
  },
  "date": "2019-07-02T18:54:12-05:00",
  "featured": false,
  "headline": "FCC Proposes New Rules to Protect Consumers From Illegal Robocalls, To Include a Safe Harbor for Blocked Calls that Fail Caller ID Authentication",
  "id": "1562093652",
  "slug":"fcc-proposes-new-rules-to-protect-consumers-from-illegal-robocalls-to-include-a-safe-harbor-for-blocked-calls-that-fail-caller-id-authentication",
  "sourceName": "Lexology",
  "sourceArticleUrl": "https://bit.ly/2G0ARkO",
  "tags": ["Authentication", "Call Authentication", "Caller-ID Spoofing", "FCC", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>After Addressing Concerns from Stakeholders, FCC Adopts Revised Declaratory Ruling and Third Further Notice on Default Call Blocking</p><p>It&rsquo;s been a busy month on the robocall front! Since our last monthly digest, the FCC circulated a draft and later adopted a final version of a Declaratory Ruling and Third Further Notice of Proposed Rulemaking addressing robocall blocking. In the Declaratory Ruling, the FCC clarified that voice service providers may offer default call blocking to their customers, so long as their customers are informed and have the opportunity to <em>opt-out</em> of the blocking...</p>"
  },
  "date": "2019-07-02T15:39:20-05:00",
  "featured": false,
  "headline": "TCPA Regulatory Update: FCC Allows Default Call Blocking Services, Plans SHAKEN/STIR Summit",
  "id": "1562081960",
  "slug":"tcpa-regulatory-update-fcc-allows-default-call-blocking-services-plans-shaken-stir-summit",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://bit.ly/2XKs9kD",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>Julianne Stafford, a special education teacher in Massachusetts, recently got a terrifying phone call: someone claiming to be a Social Security official said a number of bank accounts opened in her name in El Paso, Texas, had been linked to drug trafficking — and that Boston police had a warrant for her arrest.</p><p>The only way to clear her name, the caller said, was to pay -- by buying two $500 Google Play gift cards and giving the activation codes over the phone...</p>"
  },
  "date": "2019-07-01T15:30:18-05:00",
  "featured": false,
  "headline": "FTC reports a sharp increase in phone scams from criminals impersonating IRS, Social Security",
  "id": "1561995018",
  "slug":"ftc-reports-a-sharp-increase-in-phone-scams-from-criminals-impersonating-irs-social-security",
  "sourceName": "CNN",
  "sourceArticleUrl": "https://cnn.it/2XKdsOh",
  "tags": ["FTC", "IRS", "Phone Scam", "Robocalls", "Social Security"]
},
{
  "content": {
    "html": "<p>July 31, 2019</p><p>Your heart races as your cellphone on the bedside table comes alive and wakes you in the middle of the night. Through blurry eyes, you see the number flash across your screen and recognize it instantly — the cancer center where your loved one is being treated. Your anxiety rises as you answer the phone.</p><p>Only it&rsquo;s a fraud. A scam robocall has been able to make it appear that the number of origin is the hospital&rsquo;s, and to try to use the fear and urgency of the situation to pry sensitive personal and financial information from the unwitting person who receives the call.</p>"
  },
  "date": "2019-07-01T14:22:55-05:00",
  "featured": false,
  "headline": "Scam robocalls are even fooling hospitals. Here’s how Congress can make that can stop.",
  "id": "1561990975",
  "slug":"scam-robocalls-are-even-fooling-hospitals-heres-how-congress-can-make-that-can-stop",
  "sourceName": "NBC News",
  "sourceArticleUrl": "https://nbcnews.to/2mzYtFV",
  "tags": ["Healthcare and Hospitals", "Robocalls"]
},
{
  "content": {
    "html": "<p>The Federal Trade Commission and law enforcement plan to file charges against several companies and individuals as part of a major government clampdown on illegal robocalls. </p><p>The mission, known as “Operation Call it Quits,” includes two FTC commissioners from the opposite ends of the political spectrum: Rebecca Kelly Slaughter, a Democrat, and Noah Phillips, a Republican.<br> <br>The government says that there are tens of billions of robocalls made every year -- and when it comes to those calls, Phillips said, there&rsquo;s no political disagreement “whatsoever...”</p>"
  },
  "date": "2019-06-25T15:36:16-05:00",
  "featured": false,
  "headline": "FTC announces major crackdown on robocalls",
  "id": "1561476976",
  "slug":"ftc-announces-major-crackdown-on-robocalls",
  "sourceName": "CBS News",
  "sourceArticleUrl": "https://cbsn.ws/30eYcXD",
  "tags": ["FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>Federal and state authorities on Tuesday announced that they had targeted dozens of robocallers accused of placing an estimated 1 billion spam calls to consumers, a crackdown they said should send a signal about the government&rsquo;s heightened attention to Americans harmed by such scams.</p><p>Some of the robocallers sought to deceive people into paying fees or surrendering their personal information for fraudulent services, such as lowering their credit card interest rates or providing help with health insurance, according to the Federal Trade Commission, which worked alongside state attorneys general and other local law enforcement officials...</p>"
  },
  "date": "2019-06-25T15:33:30-05:00",
  "featured": false,
  "headline": "Crackdown targets robocallers that placed 1 billion calls, federal and state officials say",
  "id": "1561476810",
  "slug":"crackdown-targets-robocallers-that-placed-1-billion-calls-federal-and-state-officials-say",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://wapo.st/2XmUhLm",
  "tags": ["FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>In the heart of Boston, Tufts Medical Center treats scores of health conditions, from administering measles vaccines for children to pioneering next-generation tools that can eradicate the rarest of cancers.</p><p>But doctors, administrators and other hospital staff struggled to contain a much different kind of epidemic one April morning last year: a wave of thousands of robocalls that spread, like a virus, from one phone line to the next, disrupting communications for hours to come.</p><p>For most Americans, such robocalls represent an unavoidable digital-age nuisance, resulting in constant interruptions targeting their phones each month. For hospitals, though, the spam calls amount to a literal life-or-death challenge, one that increasingly is threatening doctors and patients in a setting where every second can count.</p><p>Source: https://www.denverpost.com/2019/06/23/hospital-robocall-health-crisis/</p>"
  },
  "date": "2019-06-23T15:53:57-05:00",
  "featured": false,
  "headline": "Robocalls are overwhelming hospitals and patients, threatening a new kind of health crisis",
  "id": "1561305237",
  "slug":"robocalls-are-overwhelming-hospitals-and-patients-threatening-a-new-kind-of-health-crisis",
  "sourceName": "The Denver Post",
  "sourceArticleUrl": " https://www.denverpost.com/2019/06/23/hospital-robocall-health-crisis/",
  "tags": ["Healthcare and Hospitals", "Robocalls"]
},
{
  "content": {
    "html": "<p>Imagine this: During a major public health crisis, such as an outbreak – when doctors, administrators and health care field workers need to be in contact – a hospital&rsquo;s phone system goes down, potentially putting lives at risk.</p><p>That&rsquo;s a scenario that officials at Tufts Medical Center, located in Boston, as well as other health care facilities, are likely concerned about as they struggle with an inundation of robocalls.</p><p>The hospital, which is a center for biomedical research and the main teaching hospital for Tufts University School of Medicine, received more than 4,500 robocalls in a two-hour period the morning of April 30, 2018, according to The Washington Post. The messages featured a voice speaking in Mandarin and threatened deportation if someone did not provide certain personal information...<br></p>"
  },
  "date": "2019-06-18T15:47:56-05:00",
  "featured": false,
  "headline": "Robocalls wreak havoc at hospitals and put patients’ lives in danger: report",
  "id": "1560872876",
  "slug":"robocalls-wreak-havoc-at-hospitals-and-put-patients-lives-in-danger-report",
  "sourceName": "Fox News",
  "sourceArticleUrl": "https://fxn.ws/2LAZVlG",
  "tags": ["Healthcare and Hospitals", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>In the heart of Boston, Tufts Medical Center treats scores of health conditions, administering measles vaccines for children and pioneering next-generation tools that can eradicate the rarest of cancers.</p><p>But doctors, administrators and other hospital staff struggled to contain a much different kind of epidemic one April morning last year: a wave of thousands of robocalls that spread like a virus from one phone line to the next, disrupting communications for hours...</p>"
  },
  "date": "2019-06-17T15:41:48-05:00",
  "featured": false,
  "headline": "Tech Policy Robocalls are overwhelming hospitals and patients, threatening a new kind of health crisis",
  "id": "1560786108",
  "slug":"tech-policy-robocalls-are-overwhelming-hospitals-and-patients-threatening-a-new-kind-of-health-crisis",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://wapo.st/2JkkeBk",
  "tags": ["Healthcare and Hospitals", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>From Cuba to Japan, nuisance robocalls are a reality the world over, costing telecommunications firms between $30 billion to $40 billion annually. But one country stands out.</p><p>“About 75% of robocalls originate in the United States,” says Jim Tyrell, Senior Director of Product Marketing for Transaction Network Services, a Reston, Va., telecoms networking security firm. And, he adds, with U.S.-based scammers focusing most of their efforts on the home market, the most lucrative in the world, the scam is falling mostly on Americans…</p><p>Source:https://bit.ly/2ZwcUJq</p>"
  },
  "date": "2019-06-14T08:20:24-05:00",
  "featured": false,
  "headline": "Here’s How the FCC’s Aggressive New Plan to Combat Robocalls Will Work",
  "id": "1560500424",
  "slug":"heres-how-the-fccs-aggressive-new-plan-to-combat-robocalls-will-work",
  "sourceName": "Fortune",
  "sourceArticleUrl": "",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>As part of the upcoming iOS 13 software update Apple revealed Monday at its Worldwide Developers Conference, the company introduced new features that promise to block frequent scam and spam callers. Essentially, when this setting is turned on, only phone numbers that are recognized (via your Contacts, Mail, and Messages) will ring the phone. All other calls are automatically dispatched to voicemail.</p><p> The user will only be notified about the call if the caller leaves a voicemail. The recipient can then read Apple&rsquo;s transcription of the voicemail and see if they want to call the number back…</p><p>Source:https://bit.ly/31s3AYw</p>"
  },
  "date": "2019-06-06T08:14:50-05:00",
  "featured": false,
  "headline": "Apple introduces new call blocking software with iOS 13 to combat robocalls",
  "id": "1559808890",
  "slug":"apple-introduces-new-call-blocking-software-with-ios-13-to-combat-robocalls-2",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://bit.ly/31s3AYw",
  "tags": ["Apple", "Robocalls"]
},
{
  "content": {
    "html": "<p>Your phone company may start blocking robocalls without your needing to ask for it.</p><p>On Thursday, the Federal Communications Commission passed a ruling that allows and encourages phone companies to block robocalls by default.</p><p>“We think these actions will help consumers in the near term and the long term to get the peace and the quiet that they deserve,” said FCC Chairman Ajit Pai.</p><p>At the moment many phone companies offer services that block robocalls, but consumers have to specifically ask and often pay for it. The ruling requires companies to inform consumers of the change and give them an option to opt out of having their calls blocked…</p><p>Source:https://n.pr/2EXGmQF</p>"
  },
  "date": "2019-06-06T05:54:46-05:00",
  "featured": false,
  "headline": "Here’s Why You May Start Receiving Fewer Robocalls",
  "id": "1559800486",
  "slug":"heres-why-you-may-start-receiving-fewer-robocalls",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://www.npr.org/2019/06/06/730415950/heres-why-you-may-start-receiving-fewer-robocalls",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>The spam calls keep coming, offering you loans or threatening you with jail time for IRS violations. By some estimates, they make up at least a quarter of all calls in the United States.</p><p>And as the problem continues to grow, it creates a whole new set of related nuisances for people like Dakota Hill.</p><p>He estimates he gets hundreds of unwanted spam calls every month. But Hill says he also gets calls from people who think <em>he&rsquo;s </em>spamming <em>them</em>.</p><p>Source:https://n.pr/2MwXz9A</p>"
  },
  "date": "2019-06-06T05:53:37-05:00",
  "featured": false,
  "headline": "Do I Know You? And Other Spam Phone Calls We Can’t Get Rid Of",
  "id": "1559800417",
  "slug":"do-i-know-you-and-other-spam-phone-calls-we-cant-get-rid-of",
  "sourceName": "NPR",
  "sourceArticleUrl": "",
  "tags": ["Consumer Fraud", "Voice Spam"]
},
{
  "content": {
    "html": "<p> Robocalls at any time of the day or night are becoming increasingly common. Some in the federal government are working on solutions, but they have to overcome technology and interest-group objections….</p><p>Source:https://n.pr/2WZi03f</p>"
  },
  "date": "2019-06-03T08:13:21-05:00",
  "featured": false,
  "headline": "Congress And Government Agencies Move Toward Stopping Illegal Robocalls",
  "id": "1559549601",
  "slug":"congress-and-government-agencies-move-toward-stopping-illegal-robocalls-2",
  "sourceName": "NPR",
  "sourceArticleUrl": "",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>An Indian man was sentenced to seven and a half years in prison for extorting U.S. citizensout of millions of dollars during his time operating a fraudulent call center in India.</p><p>Sharvil Patel, 23, was given the sentence by a federal judge in Tampa and fined $80,000.</p><p>According to NDTV, Patel and his co-conspirators pretended to be tax officials from the Internal Revenue Service (IRS), where they claimed their victims owned taxes that hadn&rsquo;t been paid.</p><p>To make the victims comply with their demands, court documents say they allegedly threatened U.S. residents with fraudulent arrest claims and when it came time to collect the money, they forced victims to buy prepaid cash cards, where they sent their own employees to collect. Members of the call center fraud then opened bank accounts where they deposed the payments and eventually turned the money over after deducting a portion for their commission…</p><p>Source:https://fxn.ws/2WOKo7P</p>"
  },
  "date": "2019-06-02T08:12:35-05:00",
  "featured": false,
  "headline": "Call center scammer who extorted millions from U.S. citizens sentenced to 7 years in prison",
  "id": "1559463155",
  "slug":"call-center-scammer-who-extorted-millions-from-u-s-citizens-sentenced-to-7-years-in-prison",
  "sourceName": "Fox News",
  "sourceArticleUrl": "",
  "tags": ["Call Center Fraud"]
},
{
  "content": {
    "html": "<p>May 31, 2019</p><p>A coalition of business groups is rallying against a federal proposal that would allow phone carriers to block certain calls by default, an effort to crack down on illegal robocalls.</p><p>In a filing with the Federal Communications Commission (FCC), the health care providers, pharmacies and collection agencies argued the FCC proposal could block “legal” robocalls as well as those that are fraudulent or from scammers.</p><p>“Public safety alerts, fraud alerts, data security breach notifications, product recall notices, healthcare and prescription reminders, and power outage updates all could be inadvertently blocked under the draft Declaratory Order, among other time-sensitive calls,” the groups wrote in the filing Thursday…</p>"
  },
  "date": "2019-05-31T18:05:06-05:00",
  "featured": false,
  "headline": "Businesses rally against proposal to block robocalls",
  "id": "1559325906",
  "slug":"businesses-rally-against-proposal-to-block-robocalls",
  "sourceName": "The Hill",
  "sourceArticleUrl": "https://bit.ly/2QJHKuB",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p> On June 6, 2019, the Federal Communications Commission will vote on the most aggressive steps to date to prevent consumers from receiving unwanted and disruptive robocalls. The Telephone Consumer Protection Act and the FCC&rsquo;s rules impose limits on the use of automated telemarketing calls and subject entities making such calls in violation of those limitations to government-imposed sanctions (including monetary fines) and to civil litigation. Notwithstanding those rules and the threat of sanctions and class action lawsuits, robocalls persist and remain the number one source of consumer complaints to the FCC…</p><p>Source:https://bit.ly/2ZcCC5n</p>"
  },
  "date": "2019-05-24T08:11:49-05:00",
  "featured": false,
  "headline": "Federal Communications Commission Plans to Combat Robocalls with Carrier-Initiated Blocking",
  "id": "1558685509",
  "slug":"federal-communications-commission-plans-to-combat-robocalls-with-carrier-initiated-blocking",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "",
  "tags": ["Caller-ID Spoofing", "FCC", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>The US Senate today approved the TRACED Act, S. 151, as reported by the Senate Committee on Commerce, Science and Transportation, by a vote of 97-1. Only Senator Rand Paul (R-KY) voted against the bill. Senate floor action came after the Commerce Committee filed its report on the bill, S. Rep. No 116-41. As previously noted, the TRACED Act would increase potential fines for illegal robocalls, extend the statute of limitations for prosecuting violators of the TCPA, and require the implementation of the SHAKEN/STIR call authentication framework by voice service providers.</p><p>It also–and most critically–creates a working group including most every federal agency with an enforcement arm designed to enhance regulatory enforcement of the TCPA. This creates a clear and present danger that regulators will become more involved enforcing the statute in the near term…</p><p>Source:https://bit.ly/31d7owS</p>"
  },
  "date": "2019-05-24T08:09:39-05:00",
  "featured": false,
  "headline": "It Just Got Real: TRACED Act Barrels Across The Senate Goal Line",
  "id": "1558685379",
  "slug":"it-just-got-real-traced-act-barrels-across-the-senate-goal-line",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "",
  "tags": ["FCC", "TRACED Act"]
},
{
  "content": {
    "html": "<p>The Federal Communications Commission has been fighting robocalls for years, but it hasn&rsquo;t made much headway. Now it has a new plan to save your phone from the seemingly endless plague of spammy phone calls interrupting your podcast listening.</p><p>FCC Chairman Ajit Pai put forward a proposal that would make it legal for phone companies to block unwanted robocalls by default. Or for those in need of a nuclear option, the ruling could also allow consumers to prohibit calls from any number that isn&rsquo;t in their contact list…</p><p>Source:https://bit.ly/2WxUCdP</p>"
  },
  "date": "2019-05-15T08:08:15-05:00",
  "featured": false,
  "headline": "FCC robocall rule would finally give you a nuclear option for blocking phone spam",
  "id": "1557907695",
  "slug":"fcc-robocall-rule-would-finally-give-you-a-nuclear-option-for-blocking-phone-spam",
  "sourceName": "Fast Company",
  "sourceArticleUrl": "https://bit.ly/2WxUCdP",
  "tags": ["FCC", "Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>YOU&rsquo;VE HEARD THE advice a million times. Don&rsquo;t click links in suspicious emails or texts. Don&rsquo;t download shady apps. But a new <em>Financial Times</em>report alleges that the notorious Israeli spy firm NSO Group developed a WhatsApp exploit that could inject malware onto targeted phones—and steal data from them—simply by calling them. The targets didn&rsquo;t need to pick up to be infected, and the calls often left no trace on the phone&rsquo;s log. But how would a hack like that even work in the first place?</p><p>WhatsApp, which offers encrypted messaging by default to its 1.5 billion users worldwide, discovered the vulnerability in early May and released a patch for it on Monday. The Facebook-owned company told the <em>FT</em> that it contacted a number of human rights groups about the issue and that exploitation of this vulnerability bears “all the hallmarks of a private company known to work with governments to deliver spyware.” In a statement, NSO Group denied any involvement in selecting or targeting victims but not its role in the creation of the hack itself…</p><p>Source:https://bit.ly/2Vs0WOg</p>"
  },
  "date": "2019-05-14T08:07:04-05:00",
  "featured": false,
  "headline": "How Hackers Broke WhatsApp With Just A Phone Call",
  "id": "1557821224",
  "slug":"how-hackers-broke-whatsapp-with-just-a-phone-call",
  "sourceName": "Wired",
  "sourceArticleUrl": "",
  "tags": ["Hackers", "VoIP"]
},
{
  "content": {
    "html": "<p>The Texas House gave an initial stamp of approval Wednesday to a bill that aims to prohibit telemarketers or businesses from falsifying their phone numbers.</p><p>The measure, House Bill 1992, would prohibit caller ID spoofing — when callers tamper with information transmitted to people&rsquo;s caller IDs to disguise their identities.</p><p>Under the proposal by Republican state Rep. Ben Leman of Anderson, telemarketers using a third-party source to make calls to the public must ensure the number that appears on people&rsquo;s caller ID matches the number of the third party, or the number of the entity that has contracted with the third party…</p><p>Source:https://bit.ly/2WfAwjf</p>"
  },
  "date": "2019-05-08T08:06:01-05:00",
  "featured": false,
  "headline": "Texas House passes bill to prohibit telemarketers from falsifying caller ID",
  "id": "1557302761",
  "slug":"texas-house-passes-bill-to-prohibit-telemarketers-from-falsifying-caller-id",
  "sourceName": "Texas Tribe",
  "sourceArticleUrl": "",
  "tags": ["Caller-ID Spoofing", "Robocalls"]
},
{
  "content": {
    "html": "<p>In a House Committee hearing on robocalls last week, lawmakers on both sides of the aisle found common ground in their disgust over the current state of affairs.</p><p>Joined by four robocall experts representing consumer groups, the telecom industry, a hospital, and an anti-robocall app, lawmakers met to figure out how to tackle the plague of robocalls that has tormented everyone with a mobile phone.</p><p>Though the FCC and the private sector have been working on solutions, lawmakers are ready to pick up their swords as well. As Rep. Mike Doyle (D-PA), who led the hearing put it, robocalls are rendering the phone system obsolete.</p><p>Source:https://yhoo.it/2LrQNS8</p>"
  },
  "date": "2019-05-06T08:04:04-05:00",
  "featured": false,
  "headline": "Congress is getting ready to criminalize robocalls",
  "id": "1557129844",
  "slug":"congress-is-getting-ready-to-criminalize-robocalls",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>That late-night telephone call you just got that amounted to one ring – don&rsquo;t call back.</p><p>The Federal Communications Commission has issued an alert to consumers about a new wave of “One Ring” robocalls after “widespread overnight calling” in the states of New York and Arizona.</p><p>These recent “One Ring” calls attempt to bait consumers into calling the number back, which can result in you being billed toll charges as if you called a 900 number. The calls are also known as “Wangiri” – the term means “one ring and done” in Japanese, so labelled after the scam originated there years ago…</p><p>Source:https://bit.ly/2V5JO0G</p>"
  },
  "date": "2019-05-03T08:05:17-05:00",
  "featured": false,
  "headline": "These robocalls don’t want to talk to you, they just want you to call back, FCC says",
  "id": "1556870717",
  "slug":"these-robocalls-dont-want-to-talk-to-you-they-just-want-you-to-call-back-fcc-says",
  "sourceName": "USA Today",
  "sourceArticleUrl": "",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>Move over, Internal Revenue Service. Criminals now prefer the Social Security Administration as their cover agency when they try to swindle Americans over the phone.</p><p>The I.R.S. has long been a popular choice for telephone scammers, who call pretending to be federal tax representatives to extract money, personal information or both from consumers.</p><p>But federal authorities say they have seen fraudulent calls from Social Security Administration impostors “skyrocket” over the past year, overtaking the fake I.R.S. calls…</p><p>Source:https://nyti.ms/2Ln3XzV</p>"
  },
  "date": "2019-05-03T08:02:51-05:00",
  "featured": false,
  "headline": "Latest Rash of Scam Calls Come From ‘Social Security’",
  "id": "1556870571",
  "slug":"latest-rash-of-scam-calls-come-from-social-security",
  "sourceName": "New York Times",
  "sourceArticleUrl": "",
  "tags": ["Impostor Scam", "Phone Scam", "Social Security"]
},
{
  "content": {
    "html": "<p>Over 5 billion robocalls were made in March 2019 alone. But new tools to minimize it—if not kill it off entirely—are on the way. For real this time.</p><p>Years into the robocalling frenzy, your phone probably still rings off the hook with “important information about your account,” updates from the “Chinese embassy,” and every bogus sweepstakes offer imaginable. That&rsquo;s despite promises from the telecom industry and the US government that solutions would be coming. Much like the firehose of spam that made email almost unusable in the late 1990s, robocalls have made people in the US wary of picking up their cell phones and landlines. In fact, email spam offers a useful analogy: a scourge that probably can&rsquo;t be eliminated, but can be effectively managed.</p><p>Finding the right tools for that job remains a challenge. The Federal Trade Commission has had a strong track record in its 140 robocall-related suits, including a recent victory at the end of March that targeted four massive operations. Bipartisan anti-robocalling legislation is gaining traction in Congress. Apps that flag or block unwanted calls have matured and are solidly effective. And wireless carriers—in part facing pressure from the Federal Communications Commission—have increasingly offered their own anti-robocalling apps and tools for free.</p><p>Yet the number of robocalls continues to hit new highs. The anti-robocalling company YouMail estimates that March 2019 saw 5.23 billion robocalls, the highest volume ever. And other firms recorded similar highs. But those numbers don&rsquo;t take into account calls that were successfully blocked. A more useful measure might be the number of complaints filed per month to the FCC and FTC, which remained mostly static in 2018 and the beginning of 2019.</p><p>“Even though we&rsquo;re at an all-time high, there&rsquo;s some good news,” says YouMail CEO Alex Quilici. “The numbers may be creeping up a little bit, but the situation seems to be mostly stable at this point. We have not turned the corner, but maybe the corner is in sight.”</p><p>In fact, some consensus has emerged about where that corner is. Industry groups led by the Alliance for Telecommunications Industry Solutions have been working since 2016 on a pair of standards, dubbed “STIR” and “SHAKEN,” that will be used across landline, mobile, and VoIP carriers to cryptographically authenticate the source of calls. Basically, this means that the “spoofed” phone numbers robocallers rely on to ramp up their call volume—also the reason so many robocalls appear to come from your area code—will be easily flagged as untrustworthy.</p>"
  },
  "date": "2019-05-01T10:30:00-05:00",
  "featured": false,
  "headline": "The Robocall Crisis Will Never Be Totally Fixed",
  "id": "1556706600",
  "slug":"the-robocall-crisis-will-never-be-totally-fixed",
  "sourceName": "Wired",
  "sourceArticleUrl": "https://www.wired.com/story/robocalls-spam-fix-stir-shaken/",
  "tags": ["Authentication", "Call Authentication", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>A coalition of business groups is rallying against a federal proposal that would allow phone carriers to block certain calls by default, an effort to crack down on illegal robocalls.</p><p>In a filing with the Federal Communications Commission (FCC), the health care providers, pharmacies and collection agencies argued the FCC proposal could block “legal” robocalls as well as those that are fraudulent or from scammers.</p><p>“Public safety alerts, fraud alerts, data security breach notifications, product recall notices, healthcare and prescription reminders, and power outage updates all could be inadvertently blocked under the draft Declaratory Order, among other time-sensitive calls,” the groups wrote in the filing Thursday…</p><p>Source:https://bit.ly/2QJHKuB</p>"
  },
  "date": "2019-05-01T08:10:23-05:00",
  "featured": false,
  "headline": "Businesses rally against proposal to block robocalls",
  "id": "1556698223",
  "slug":"businesses-rally-against-proposal-to-block-robocalls-2",
  "sourceName": "The Hill",
  "sourceArticleUrl": "",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>The House Energy and Commerce Committee held a hearing entitled “Legislating to Stop the Onslaught of Annoying Robocalls” on April 30, 2019, that focused on seven bills pending before the Committee. While lawmakers and witnesses generally agreed that illegal and abusive robocalls are a problem, the fix or immediate solution in the form of new legislation was less clear.</p><p>Chairman Mike Doyle (D-PA) opened the hearing by summarizing the current state of pervasive robocalls and calling for voice service providers to make available call-blocking services to all customers free of charge. Rep. Greg Walden (R-OR) shared this sentiment, emphasizing the need for a bipartisan solution with wide support. As Walden observed, robocalling is a topic that comes up at every single town hall meeting held in recent months. Several bill sponsors made opening statements regarding their respective bills, which we summarize briefly below…</p><p>Source:https://bit.ly/2Xv93eK</p>"
  },
  "date": "2019-05-01T08:01:58-05:00",
  "featured": false,
  "headline": "Seven Robocall-Related Bills Examined at the House Energy and Commerce Committee Hearing",
  "id": "1556697718",
  "slug":"seven-robocall-related-bills-examined-at-the-house-energy-and-commerce-committee-hearing",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "",
  "tags": ["Authentication", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>For most Americans, robocalls are an inescapable annoyance, thanks to scammers, telemarketers and debt-collectors that target smartphones and landlines at all hours of the day.</p><p>For a cancer center in Tampa, though, these auto-dialed calls are a danger to doctors and patients alike — one that should prompt Congress to take action.</p><p>The plea for help came Tuesday as House lawmakers embarked on a new effort to crack down on robocalls that rang consumers&rsquo; mobile phones roughly 26 billion times in 2018, according to one industry estimate. The calls largely are the work of fraudsters who mask their identities by using phone numbers that resemble those that they&rsquo;re trying to contact, a tactic known as spoofing that&rsquo;s meant to dupe consumers into answering the phone and then surrendering personal information…</p><p>Source:https://wapo.st/31cWMy8</p>"
  },
  "date": "2019-04-30T08:00:45-05:00",
  "featured": false,
  "headline": "‘They’re doing it on the backs of patients,’ one cancer center warns Congress about robocalls",
  "id": "1556611245",
  "slug":"theyre-doing-it-on-the-backs-of-patients-one-cancer-center-warns-congress-about-robocalls",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "",
  "tags": ["Call Center Security", "Healthcare and Hospitals", "Robocalls"]
},
{
  "content": {
    "html": "<p>Anthony Marino set his mobile phone to “Do Not Disturb” before going to bed, but he sensed it flicker in the dark. The next morning, he saw he had missed roughly 30 calls: at 4:15 a.m., 4:34, 4:45, 5:08 and 5:12, and for two hours after that. Most appeared as “Lithuania” on his caller ID, although they could have come from anywhere.</p><p>“I hate to say it, but I don&rsquo;t pick up the phone anymore, which is crazy,” said Mr. Marino, 37, a real estate agent in Brooklyn. “I have missed calls from attorneys and other agents I am doing deals with.”</p><p>The seemingly endless stream of robocalls reached a new monthly high of 5.23 billion nationwide in March, according to the call-blocking service YouMail. Some were spammy pitches for unwanted vehicle warranties or debt-relief services. Nearly half were straight-up scams. And there was often one common thread: They frequently came from somewhere other than they said they did…</p><p>Source:https://nyti.ms/2vpWLYI</p>"
  },
  "date": "2019-04-26T07:59:08-05:00",
  "featured": false,
  "headline": "Phone Companies Are Testing Tech to Catch Spam Calls. Let’s Hope It Works.",
  "id": "1556265548",
  "slug":"phone-companies-are-testing-tech-to-catch-spam-calls-lets-hope-it-works",
  "sourceName": "New York Times",
  "sourceArticleUrl": "",
  "tags": ["FCC", "Robocalls", "TRACED Act"]
},
{
  "content": {
    "html": "<p>The robocalls come when you are driving and they bother you at night. It doesn&rsquo;t matter if you&rsquo;re in bed or in a meeting.</p><p>Here&rsquo;s the worst news: There is really no way for you to stop them.</p><p>I know this because for the past few years, I have been bombarded with robocalls alerting me that I owe student loans, or that I won a free vacation, or that I am being audited by the Internal Revenue Service.</p><p>Like many people, I have tried the available solutions. I added my cellphone number to the Do Not Call Registry and installed apps that purport to block spam calls. Yet many of those calls still came through…</p><p></p><p>Source:https://nyti.ms/2VRJbgH</p>"
  },
  "date": "2019-04-24T07:57:55-05:00",
  "featured": false,
  "headline": "You Can’t Stop Robocalls. You Shouldn’t Have To.",
  "id": "1556092675",
  "slug":"you-cant-stop-robocalls-you-shouldnt-have-to",
  "sourceName": "New York Times",
  "sourceArticleUrl": "",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>An Indian national responsible for operating a multimillion dollar call center scam is now facing charges in the United States.</p><p>According to the U.S. Department of Justice (DOJ), authorities in Singapore arrested and extradited Hitesh Madhubhai Patel, who allegedly led the operations of HGLobal call center that defrauded thousands of U.S. residents.</p><p>Source:https://bit.ly/2GFvSGB</p>"
  },
  "date": "2019-04-22T07:52:30-05:00",
  "featured": false,
  "headline": "Call Center Scam: Indian National Extradited to the U.S. to Face Fraud, Money Laundering Charges",
  "id": "1555919550",
  "slug":"call-center-scam-indian-national-extradited-to-the-u-s-to-face-fraud-money-laundering-charges",
  "sourceName": "USA Herald",
  "sourceArticleUrl": "",
  "tags": ["Call Center Fraud", "Call Center Security", "Department of Justice"]
},
{
  "content": {
    "html": "<p>The Federal Communications Commission is pushing the telecom industry to step up attacks on robocallers, which could provide another tool for consumers.</p><p>The FCC knows better than anyone how bad the robocall crisis is (FCC Chairman Ajit Pai has called it a “scourge”) simply because of the flood of complaints the agency gets.</p><blockquote><p><em>Unwanted calls are far and away the biggest consumer complaint to the FCC with over 200,000 complaints each year—around 60 percent of all the complaints we receive.</em></p><p>--“The FCC&rsquo;s Push to Combat Robocalls &amp; Spoofing,” FCC</p></blockquote><p>Source:https://bit.ly/2voDOFK</p>"
  },
  "date": "2019-04-07T07:50:49-05:00",
  "featured": false,
  "headline": "As FCC Steps In, Verizon, AT&T, T-Mobile, May Get Boost To Stop Robocalls",
  "id": "1554623449",
  "slug":"as-fcc-steps-in-verizon-att-t-mobile-may-get-boost-to-stop-robocalls",
  "sourceName": "Forbes",
  "sourceArticleUrl": "",
  "tags": ["AT&T", "FCC", "Robocalls", "Verizon"]
},
{
  "content": {
    "html": "<p>The ever-worsening scourge of robo-calls is receiving renewed attention in Congress, where top Democrats and Republicans this week are set to take an early step toward cracking down on scammers who prey on consumers&rsquo; phones.</p><p>The newly revived effort in the Senate takes aim at those who disguise their attempts to steal Americans&rsquo; personal information — often by using phone numbers that appear similar to those they&rsquo;re trying to target. These fraudulent, illegal calls comprised roughly a quarter of the 26 billion robo-calls placed to U.S. mobile numbers last year, according to one industry estimate…</p><p></p><p>Source:https://wapo.st/2XDNZCs</p>"
  },
  "date": "2019-04-02T07:48:52-05:00",
  "featured": false,
  "headline": "Robo-callers rang Americans’ phones 26 billion times last year. Now, Congress is taking aim.",
  "id": "1554191332",
  "slug":"robo-callers-rang-americans-phones-26-billion-times-last-year-now-congress-is-taking-aim",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "",
  "tags": ["Robocalls", "STIR/SHAKEN", "TRACED Act"]
},
{
  "content": {
    "html": "<p>Credit unions&rsquo; desire to always help their members is playing into the hands of fraudsters, who are taking advantage of call center agents by spoofing member IDs in order to take over their accounts. In this first installment of a two-part series, we&rsquo;ll look at how credit unions are addressing caller identification.</p><p>The “2019 State of Call Center Authentication” from the Portland, Ore.-based caller authentication and fraud prevention systems provider TRUSTID, a Neustar company, reported 51% of financial services respondents recognized the phone channel as the primary source of account takeover attacks…</p><p></p><p>Source:https://bit.ly/2DKe5fV</p>"
  },
  "date": "2019-03-29T07:47:58-05:00",
  "featured": false,
  "headline": "Call Center Agents Aim to Balance Service and Identification",
  "id": "1553845678",
  "slug":"call-center-agents-aim-to-balance-service-and-identification",
  "sourceName": "Credit Union Times",
  "sourceArticleUrl": "",
  "tags": ["Authentication", "Call Center Security"]
},
{
  "content": {
    "html": "<p>In a few weeks, the dreaded tax season will be over. We loathe those oddly titled documents with the tiny print. We wonder what number – refund or remainder – those mysterious equations will spit out.</p><p>And as more of us sign up as part-time contractors, driving for Lyft and selling crafts on Etsy, our taxes get more complicated. We get anxious.</p><p>Criminals love to take advantage of that anxiety.</p><p>Tax scams and phishing operations are getting more sophisticated than ever. By faking ads, websites and caller IDs, scammers will gladly prey on your ignorance…</p><p></p><p>Source:https://bit.ly/2VxDEYn</p>"
  },
  "date": "2019-03-28T07:46:15-05:00",
  "featured": false,
  "headline": "Scams, phishing calls from IRS running rampant this tax season. How to avoid them",
  "id": "1553759175",
  "slug":"scams-phishing-calls-from-irs-running-rampant-this-tax-season-how-to-avoid-them",
  "sourceName": "USA Today",
  "sourceArticleUrl": "",
  "tags": ["IRS", "Phishing"]
},
{
  "content": {
    "html": "<p>As the war against robocalls wages on, the Federal Trade Commission claims to have won yet another victory against the illegal spammers. </p><p>In a release this week, the agency touted that it shut down “four separate operations” that were responsible for “bombarding consumers nationwide with billions of unwanted and illegal robocalls.”</p><p>According to the FTC, the groups responsible pitched a wide array of services from auto warranties and debt-relief services to home security systems, fake charities and services meant to help improve Google search results. </p>"
  },
  "date": "2019-03-27T07:40:17-05:00",
  "featured": false,
  "headline": "Robocalls: FTC shuts down 4 groups responsible for ‘billions’ of calls",
  "id": "1553672417",
  "slug":"robocalls-ftc-shuts-down-4-groups-responsible-for-billions-of-calls",
  "sourceName": "USA Today",
  "sourceArticleUrl": "",
  "tags": ["FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>Verizon is getting ready to offer a free robocall blocking app at the end of this month, as it steps up efforts to combat the growing plague of spam calls.</p><p><em>Update (Thursday March 28, 2019): </em><em>here&rsquo;s the new free app</em>.</p><p>In 2019, pretty much everyone is on a robocaller&rsquo;s speed-dial list. That often means several spam calls per day.</p><p>Verizon knows this of course. It already offers a paid blocking app for $2.99 a month. But the new freemium (free + premium) strategy means that in addition to the paid app, there will now be a free* version…</p><p></p>"
  },
  "date": "2019-03-24T07:34:55-05:00",
  "featured": false,
  "headline": "Verizon Set To Offer Free App For Blocking Robocalls, New Tech To Combat Spam",
  "id": "1553412895",
  "slug":"verizon-set-to-offer-free-app-for-blocking-robocalls-new-tech-to-combat-spam",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://www.verizon.com/solutions-and-services/call-filter/",
  "tags": []
},
{
  "content": {
    "html": "<p>More than half of financial services industry respondents, and 32% of all respondents, recognized the phone channel as the primary source of account takeover attacks in a new call center report.</p><p>The “2019 State of Call Center Authentication,” from Portland, Ore.-based caller authentication and fraud prevention systems provider TRUSTID, a Neustar company, revealed evolving criminals&rsquo; tools and tactics, and call center leaders intentions to fight back while preserving the customer experience…</p><p>Source:https://bit.ly/2GxsJHU<br></p>"
  },
  "date": "2019-03-20T07:39:41-05:00",
  "featured": false,
  "headline": "Call Centers: The Weakest Links in Authentication Chain",
  "id": "1553067581",
  "slug":"call-centers-the-weakest-links-in-authentication-chain",
  "sourceName": "Credit Union Times",
  "sourceArticleUrl": "",
  "tags": ["Authentication", "Call Center Security"]
},
{
  "content": {
    "html": "<p>March 20, 2019</p><p>The fight against robocalls can even bring telecom rivals together.</p><p>AT&amp;T and Comcast said Wednesday that they can authenticate calls made between the two different phone providers&rsquo; networks, a potential industry first and the latest in the long-running battle against spam calls. </p><p>Using AT&amp;T&rsquo;s Phone digital home phone service and Comcast&rsquo;s Xfinity Voice home phone service, the companies successfully tested the feature over regular consumer networks and not in a lab, the companies said…</p><p>Source:https://bit.ly/2IIZTaO</p>"
  },
  "date": "2019-03-20T07:39:03-05:00",
  "featured": false,
  "headline": "Fight against robocalls continues as AT&T, Comcast complete test of verified call",
  "id": "1553067543",
  "slug":"fight-against-robocalls-continues-as-att-comcast-complete-test-of-verified-call",
  "sourceName": "USA Today",
  "sourceArticleUrl": "",
  "tags": ["AT&T", "Comcast"]
},
{
  "content": {
    "html": "<p>WILLOW GROVE, Pa. (AP) — The distraught voice on the phone didn&rsquo;t sound like her grandson.</p><p>But the man who called 80-year-old Elfriede Flavin claiming to be her grandson&rsquo;s attorney explained why: Her grandson had broken his nose in a car accident that also landed him in a Tennessee jail. He needed $10,000 for bail, but the exchange had to be secret because of a “court-ordered gag order.”</p><p>The money would be returned once the case was settled, Flavin and her husband were assured. They wired the money, but then another complication surfaced: The person injured in the crash was a pregnant woman who lost her baby as a result, they were told. Bail was upped to $50,000…</p><p>Source:https://bit.ly/2GAwITV</p>"
  },
  "date": "2019-03-16T07:38:23-05:00",
  "featured": false,
  "headline": "Imposter Scams Bilking Consumers of Millions",
  "id": "1552721903",
  "slug":"imposter-scams-bilking-consumers-of-millions",
  "sourceName": "U.S. News",
  "sourceArticleUrl": "",
  "tags": ["FTC", "Impostor Scam"]
},
{
  "content": {
    "html": "<p>Just over two weeks into the 116th Congress&rsquo;s session, two powerful, telecommunications-focused Senators have reintroduced a bi-partisan piece of legislation that, if enacted, would amend the TCPA to provide for more enhanced administrative enforcement powers and increased civil penalties.</p><p>On Thursday, January 18, Senator John Thune (R-S.D.), chairman of the Subcommittee on Communications, Technology, Innovation, and the Internet, and Senator Ed Markey (D-Mass.), author of the TCPA, reintroduced the Telephone Robocall Abuse Criminal Enforcement and Deterrence (“TRACED”) Act (S. 151). Originally introduced in November 2018, the bill proposes several changes to the TCPA that, according to the Senators, are designed to ramp up enforcement against unwanted robocalls and text messages and “give the FCC more flexibility to enforce the law…”</p><p> Read Entire Story: https://bit.ly/2IHEoaC</p>"
  },
  "date": "2019-03-13T07:37:28-05:00",
  "featured": false,
  "headline": "Senators Re-Introduce Bi-Partisan Bill to Amend TCPA & Expand Enforcement",
  "id": "1552462648",
  "slug":"senators-re-introduce-bi-partisan-bill-to-amend-tcpa-expand-enforcement",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "",
  "tags": ["FCC", "TRACED Act"]
},
{
  "content": {
    "html": "<p>March 11, 2019</p><p>Hold on to your hats. The TRACED Act (S. 151), which encourages the FCC and other federal agencies to increase enforcement of the TCPA, is gaining serious bipartisan support. We&rsquo;re heading into dangerous territory.</p><p>Reintroduced in January by Senators Ed Markey (D-Mass.) and John Thune (R-S.D.), the TRACED Act is billed as legislation that will finally “stop the scourge of robocalls” that impact millions of Americans each year. Last Friday, ten additional co-sponsors signed onto the bill: Senators Dick Durbin (D-Ill.), Richard Blumenthal (D-Conn.), Shelley Moore Capito (R-W.Va.), Tammy Duckworth (D-Ill.), Cory Gardner (R-Colo.), John Hoeven (R-N.D.), Amy Klobuchar (D-Minn.), Jerry Moran (R-Kan.), Marco Rubio (R-Fla.), and Sheldon Whitehouse (D-R.I.). 54 state and territory attorneys general—from California to Mississippi— all commissioners of the FCC and FTC, along with industry and consumer groups have also thrown their support behind the bill…</p>"
  },
  "date": "2019-03-11T02:35:25-05:00",
  "featured": false,
  "headline": "TCPA Expansion Becomes More Likely: TRACED Act Gaining Steam With A “Groundswell” Of Bipartisan Support",
  "id": "1552271725",
  "slug":"tcpa-expansion-becomes-more-likely-traced-act-gaining-steam-with-a-groundswell-of-bipartisan-support",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://bit.ly/2XNk8b5",
  "tags": ["FCC", "STIR/SHAKEN", "TRACED Act"]
},
{
  "content": {
    "html": "<p>March 4, 2019</p><p>It&rsquo;s not easy to stop a robocaller.</p><p>The Federal Communications Commission has levied millions of dollars in fines for tricking consumers with spoofed calls. Phone companies like Verizon Communications Inc. and AT&amp;T Inc. offer call-blocking tools and are working with law enforcement to crack down on scammers. Still, the number of robocalls received yearly are in the billions and rising.</p><p>After failing at least a dozen times to pass legislation to address the problem, Congress is considering a measure with good prospects of passage. The bipartisan TRACED Act (S. 151) by Sens. John Thune (R-S.D.) and Ed Markey (D-Mass.) would increase the FCC&rsquo;s enforcement authority against illegal robocallers and mandate the adoption of call authentication systems. The bill has the backing of the commission as well as both industry and consumer groups…</p>"
  },
  "date": "2019-03-04T02:38:26-06:00",
  "featured": false,
  "headline": "News Savvy Scammers May Put Bipartisan Robocall Bill to Test",
  "id": "1551667106",
  "slug":"news-savvy-scammers-may-put-bipartisan-robocall-bill-to-test",
  "sourceName": "Bloomberg",
  "sourceArticleUrl": "https://bit.ly/2Zzdcjr",
  "tags": ["FCC", "Robocalls", "TRACED Act"]
},
{
  "content": {
    "html": "<p>February 26, 2019</p><p>The Federal Communications Commission, as part of a crackdown on the billions of unsolicited robocalls every year, is warning phone providers to implement technology to stop the scammers or face new government rules, FCC Chairman Ajit Pai said Tuesday</p><p>“Recently I told the industry, &lsquo;Look, we need to adopt call authentication, essentially a digital fingerprint, for every single phone call this year. We need to have it now or otherwise it&rsquo;s going to be regulatory intervention,&rsquo;” Pai told CNBC&rsquo;s Jon Fortt, in a“Squawk Box” interview from the Mobile World Congress trade show in Barcelona, Spain.</p><p>Hiya, a startup aiming to reduce telemarketing calls, estimates that Americans got 26.3 billion robocalls last year, a 46 percent increase from 2017. The average U.S. consumer received 10 spam calls per month last year, Hiya&rsquo;s Robocall Radar report shows…</p>"
  },
  "date": "2019-02-26T02:42:20-06:00",
  "featured": false,
  "headline": "Robocalls are rampant despite the Do Not Call list — FCC urges phone providers to help stop them",
  "id": "1551148940",
  "slug":"robocalls-are-rampant-despite-the-do-not-call-list-fcc-urges-phone-providers-to-help-stop-them",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://cnb.cx/2T0mksO",
  "tags": ["Do Not Call", "FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 23, 2019</p><p>You&rsquo;re in the shower. The phone rings. Your husband is out of town and you&rsquo;ve been waiting for his call. You push through the curtain, your hair full of shampoo, you grab the phone and blurt out, “Hello?”</p><p>“Hello,” a voice answers, “this is Cindy with card services …”</p><p>You&rsquo;re in the car. You&rsquo;re on the way to the hospital. Your phone rings. You think it might be the doctor. You feel around, find the phone, hold it to your ear while keeping your eyes on the road. “Hello?” you say anxiously.</p><p>“Hi, this is Philip with an important message about your credit …”</p>"
  },
  "date": "2019-02-23T02:57:35-06:00",
  "featured": false,
  "headline": "Your phone is a weapon of deception. Nearly half your 2019 calls will be spam and junk.",
  "id": "1550890655",
  "slug":"your-phone-is-a-weapon-of-deception-nearly-half-your-2019-calls-will-be-spam-and-junk",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://bit.ly/2TdQa1g",
  "tags": ["Do Not Call", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>February 20, 2019</p><p>While the FCC continues to tread carefully in evaluating the thorny issue of how broadly to interpret the TCPA&rsquo;s definition of “automated telephone dialing system,” particularly as it confronts proposed legislation that, if adopted, would ultimately expand the reach of the TPCA, the Commission has decided to move forward with some less controversial issues. In particular, the Commission&rsquo;s leadership took two actions last week as part of an effort to address mounting concerns about the influx of unwanted and illegal robocalls, particularly including the prevalent use of fake caller ID information to dupe consumers into answering the phone when a telemarketer calls or, even worse, providing sensitive information based on a false impression that they are speaking to a reputable company or government agency… </p>"
  },
  "date": "2019-02-20T18:24:57-06:00",
  "featured": false,
  "headline": "FCC Proposes New Rules to Target Caller ID Spoofing and Issues Report on the Fight Against Illegal Robocalls",
  "id": "1550687097",
  "slug":"fcc-proposes-new-rules-to-target-caller-id-spoofing-and-issues-report-on-the-fight-against-illegal-robocalls",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://bit.ly/2IJuS6P",
  "tags": ["FCC", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>February 15, 2019</p><p>On February 14, 2019, the FCC&rsquo;s Consumer and Governmental Affairs Bureau released its first report on illegal robocalls (“the Robocall Report”) to address the “onslaught of unwanted calls that has led a lot of consumers to stop answering the phone altogether.” This report is compiled based on data points from more than forty comments submitted by voice service providers, trade associations, analytics companies, and consumers. The Robocall Report provided summary analysis on the following issues…</p>"
  },
  "date": "2019-02-15T18:33:22-06:00",
  "featured": false,
  "headline": "FCC First Report on Illegal Robocalls",
  "id": "1550255602",
  "slug":"fcc-first-report-on-illegal-robocalls",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://bit.ly/2TWeOAt",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 15, 2019</p><p>Since Chairman Ajit Pai took office, combatting illegal robocalls and malicious spoofing has become the FCC&rsquo;s top consumer protection priority. In anticipation of yesterday&rsquo;s Open Commission Meeting, Chairman Pai issued another press release on Wednesday, calling for “a robust caller authentication system to combat illegal caller ID spoofing” and criticizing carriers that lacked commitment to deploy the SHAKEN/STIR framework by the end of 2019. Between Chairman Pai&rsquo;s 2018 demands that the FCC make real progress in call authentication and yesterday&rsquo;s Open Meeting to vote on its draft Proposed Rulemaking to amend existing Truth in Caller ID Rules, Chairman Pai solicited details from several large telecommunications carriers about their caller ID authentication plans. These carriers&rsquo; submissions are available here…</p>"
  },
  "date": "2019-02-15T18:30:14-06:00",
  "featured": false,
  "headline": "FCC Adopted Proposed Amendment to Truth in Caller ID Rules",
  "id": "1550255414",
  "slug":"fcc-adopted-proposed-amendment-to-truth-in-caller-id-rules",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://bit.ly/2XPBV1p",
  "tags": ["Caller-ID Spoofing", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 14, 2019</p><p>For the vast majority of Americans, robocalls and spam phone calls are a fact of daily life. I get far more robocalls and spam calls than actual calls at this point. I never pick up the phone unless I recognize the number, which has led to me ignoring calls from people I actually want to talk but aren&rsquo;t in my contacts. First Orion estimates 50 percent of all mobile phone traffic is robocalls or spam, and YouMail puts the total number of robocalls to Americans just in January at 5.2 billion. That&rsquo;s 167.3 million robocalls a day, or 1,936 robocalls every second, and on pace for at least 62 billion spam calls in 2019. But 2019 is also the year where, if all goes according to plan, robocallers and spammers are going to find much harder to make your phone ring…</p>"
  },
  "date": "2019-02-14T18:37:30-06:00",
  "featured": false,
  "headline": "The Beginning of the End of Robocalls",
  "id": "1550169450",
  "slug":"the-beginning-of-the-end-of-robocalls",
  "sourceName": "New York Magazine",
  "sourceArticleUrl": "https://nym.ag/2ttod6Z",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>February 13, 2019</p><p>Federal Communications Commission Chairman Ajit Pai told major telecommunications providers today that the agency would step in if the companies failed to implement a plan to fight robocalls this year.</p><p>In November, Pai sent letters to several companies, asking them to use a caller authentication system to battle call spoofing, a technique robocallers use to imitate other numbers. Pai&rsquo;s letter said he expected the companies to implement the plan by the end of this year, and also said that the agency would “take action” if carriers didn&rsquo;t follow the plan…</p>"
  },
  "date": "2019-02-13T18:40:15-06:00",
  "featured": false,
  "headline": "FCC chairman warns of ‘regulatory intervention’ as he criticizes carriers’ anti-robocall plans",
  "id": "1550083215",
  "slug":"fcc-chairman-warns-of-regulatory-intervention-as-he-criticizes-carriers-anti-robocall-plans",
  "sourceName": "The Verge",
  "sourceArticleUrl": "https://bit.ly/2ISqLVj",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 7, 2019</p><p>Phone number spoofing is a known problem, one that has been around for years and addressable via solutions from companies such as Pindrop that help determine the probability that the caller&rsquo;s number is legitimate. Through white and black lists of phone numbers, testing network delay, and other audio heuristics, the confidence rates are in the high 90s. For instance, if a call comes in from a U.S. area code, but the network delay is longer than 100 milliseconds, then odds are high that the caller is really overseas.</p><p>This technology is beneficial in contact centers. Enterprise call centers deploy this technology to reduce the number of security questions they must ask, in turn reducing the average call handle time and providing a better caller experience.</p><p>A newer problem, thanks to artificial intelligence (AI) in the speech world, is voice spoofing…</p>"
  },
  "date": "2019-02-07T18:53:40-06:00",
  "featured": false,
  "headline": "Phone Number & Voice Spoofing: Protect Your Enterprise",
  "id": "1549565620",
  "slug":"phone-number-voice-spoofing-protect-your-enterprise",
  "sourceName": "No Jitter",
  "sourceArticleUrl": "https://ubm.io/2Buu4NU",
  "tags": ["AI", "Caller-ID Spoofing", "Enterprise", "Spoofing"]
},
{
  "content": {
    "html": "<p>February 6, 2019</p><p>A week and a half ago, my 92-year-old father received a call from his eldest granddaughter. “Hi Grandpa, how are you feeling?” she asked. He responded that he was doing well, and that his most recent doctor appointments had gone as expected. “Was there any new news after your last hospitalization?” she went on to inquire. “No, it is the same situation, but look, I am 92 years old, so these things are to be expected. How are you doing?” Then the conversation shifted.</p><p>She shared that she had been arrested for speeding, and that while the police were willing to release her, she needed money to pay the ticket before they would do so. “I&rsquo;m really in trouble, Grandpa. Can you help me out? I need $750 sent right away.” Having been well prepped in telephone security and scams by his daughter (me!), he then asked “Kelly, what authorities pulled you over?” She shared that she was in Iowa and that a local constabulary had her in their offices. He immediately hung up. He has no granddaughter named Kelly.</p>"
  },
  "date": "2019-02-06T19:01:58-06:00",
  "featured": false,
  "headline": "Telecom Fraud on the Rise: What Enterprises Need to Know",
  "id": "1549479718",
  "slug":"telecom-fraud-on-the-rise-what-enterprises-need-to-know",
  "sourceName": "No Jitter",
  "sourceArticleUrl": "https://ubm.io/2SnB2Pi",
  "tags": ["Call Center Fraud", "Call Center Security", "Enterprise"]
},
{
  "content": {
    "html": "<p>February 4, 2019</p><p>Rep. Frank Pallone Jr. (D-N.J.) on Monday reintroduced a bill cracking down on “abusive” robocall practices, reviving the efforts in the last Congress to protect Americans from an increasing deluge of automated calls. </p><p>Pallone, the chairman of the House Energy and Commerce Committee, is reviving the Stopping Bad Robocalls Act, which would give the Federal Communications Commission (FCC) increased authority to combat robocalls. Pallone in a statement pointed to reports that 26.3 billion robocalls were placed in the U.S. in 2018, a 46 percent increase from the year before…</p>"
  },
  "date": "2019-02-04T19:05:03-06:00",
  "featured": false,
  "headline": "Dem chair offers bill to crack down on robocalls",
  "id": "1549307103",
  "slug":"dem-chair-offers-bill-to-crack-down-on-robocalls",
  "sourceName": "The Hill",
  "sourceArticleUrl": "https://bit.ly/2t8pXSQ",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>January 29, 2019</p><p>The phone rings and you run to pick it up, only to hear an automated recording. You are not alone.</p><p>There are approximately 5 billion robocalls made every month, according to robocall blocking app, YouMail. That number has been consistent, but the context of those calls changes. The most recent scam? Robocallers were trying to cash in on the recent partial federal government shutdown.</p><p>“The robocallers are marketers. You can think of them as marketers in the wrong business,” said Alex Quilici, CEO of YouMail. “They are always testing different ways to get people to respond to their calls.”…</p>"
  },
  "date": "2019-01-29T19:15:30-06:00",
  "featured": false,
  "headline": "Robocallers tried to cash in on the federal government shutdown",
  "id": "1548789330",
  "slug":"robocallers-tried-to-cash-in-on-the-federal-government-shutdown",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://cnb.cx/2HOC1TP",
  "tags": ["Government Shutdown", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 29, 2019</p><p>Americans are now getting so many robo-calls on a regular basis that many are simply choosing not to answer the phone altogether.</p><p>That&rsquo;s one big takeaway from a report released Tuesday by Hiya, a Seattle-based spam-monitoring service that analyzed activity from 450,000 users of its app to determine the scope of unwanted robo-calling — and how phone users react when they receive an automated call.</p><p>Consistent with other analyses, Hiya&rsquo;s report found that the number of robo-calls is on the rise. Roughly 26.3 billion robo-calls were placed to U.S. phone numbers last year, Hiya said, up from 18 billion in 2017. One report last year projected that as many as half of all cellphone calls in 2019 could be spam…</p>"
  },
  "date": "2019-01-29T19:12:02-06:00",
  "featured": false,
  "headline": "Report: Americans got 26.3 billion robocalls last year, up 46 percent from 2017",
  "id": "1548789122",
  "slug":"report-americans-got-26-3-billion-robocalls-last-year-up-46-percent-from-2017",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://wapo.st/2D3cRef",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>January 18, 2019</p><p>Verizon wireless subscribers will finally get a free robocall-blocking app, two years after the competition launched similar services. The Verizon app, with additional call screening options and enhanced Caller ID to alert of potential spam calls, will launch in March. Competitors (T, -0.36%) AT&amp;T and T-Mobile(TMUS, +0.19%) rolled out similar app-based controls for call blocking and alerts two years ago. Verizon, which currently charges subscribers $3 a month for robocall-blocking and more, announced the app Jan. 17.</p><p>Billions of automated calls, or “robocalls,” are made to U.S. phone lines annually, making for angry customers and federal actions. In just one case in 2018, the Federal Trade Commission (FTC) sued two operations that the agency alleged were responsible for nearly 900 million robocalls a year…</p>"
  },
  "date": "2019-01-18T18:57:50-06:00",
  "featured": false,
  "headline": "Verizon Adds Free Robocall Blocking App for Wireless Customers, Two Years After AT&T, T-Mobile",
  "id": "1547837870",
  "slug":"verizon-adds-free-robocall-blocking-app-for-wireless-customers-two-years-after-att-t-mobile",
  "sourceName": "Fortune",
  "sourceArticleUrl": "https://bit.ly/2HnC7kV",
  "tags": ["Robocalls", "Verizon"]
},
{
  "content": {
    "html": "<p>January 14, 2019</p><p>Don&rsquo;t pick up that phone.</p><p>Americans have been plagued with an increasing number of robocalls — and the government can&rsquo;t do anything about it.</p><p>Both the Federal Trade Commission (FTC) and Federal Communications Commission (FCC) are closed due to the government shutdown, which means Americans can&rsquo;t file complaints on FCC or FTC websites and regulators are unable to investigate. In the last few months, the FCC has slapped some of the worst serial offenders with multimillion-dollar fines…</p>"
  },
  "date": "2019-01-14T19:04:02-06:00",
  "featured": false,
  "headline": "Why robocalls have gotten worse since the government shutdown",
  "id": "1547492642",
  "slug":"why-robocalls-have-gotten-worse-since-the-government-shutdown",
  "sourceName": "New York Post",
  "sourceArticleUrl": "https://nyp.st/2CZCoF6",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 11, 2019</p><p>Robo-calls keep ringing and ringing Americans&rsquo; phones — and the government shutdown could make the never-ending assault even worse.</p><p>With federal agencies closed, consumers have been left with few options to defend against the tidal wave of unwanted automated calls coming from telemarketers, scam artists and debt collectors that target Americans&rsquo; home phones and mobile devices at all hours of the day.</p><p>In Washington, federal regulators aren&rsquo;t around to administer the nation&rsquo;s anti-robo-call rules. They can&rsquo;t take consumers&rsquo; complaints, warn Americans about potential fraud or investigate the worst offenders, experts say. Already, some scammers even appear to be trying to target Americans about the shutdown itself…</p>"
  },
  "date": "2019-01-11T19:15:49-06:00",
  "featured": false,
  "headline": "The latest threat from the government shutdown: More robo-calls",
  "id": "1547234149",
  "slug":"the-latest-threat-from-the-government-shutdown-more-robo-calls",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://wapo.st/2Fs3kkM",
  "tags": ["Do Not Call", "Government Shutdown", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 4, 2019</p><p>It&rsquo;s not your imagination. You are getting bombarded with robocalls.</p><p>Robocalling, a practice where marketers send automated voice messages to thousands of phones at once, surged 60 percent in the U.S. last year to 48 billion calls, according to preliminary year-end data from YouMail, a robocall management company that tracks the volume of calls.</p><p>“Scam calls have been increasing very steadily, and it&rsquo;s driving people to not answer their phone,” said YouMail CEO Alex Quilici. “It&rsquo;s driving people to not answer their phone and it&rsquo;s kind of created this death spiral of phone calls as the robocallers ramp up their efforts, and the legitimate roboccalls try harder to get through…”</p>"
  },
  "date": "2019-01-04T19:20:04-06:00",
  "featured": false,
  "headline": "Robocalls jumped 60 percent in the U.S. last year and scammers are finding more ways to make money",
  "id": "1546629604",
  "slug":"robocalls-jumped-60-percent-in-the-u-s-last-year-and-scammers-are-finding-more-ways-to-make-money",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://cnb.cx/2FuxW54",
  "tags": ["Do Not Call", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>January 1, 2019</p><p>Jeffrey Lewis Knapp saves the four to six telephone numbers his caller ID logs each day. At night he seeks his revenge, calling back the people he thinks are illegal robocallers. “How can I help you?” the Arizona-based retiree says he asks the people who answer.</p><p>The problem with Mr. Knapp&rsquo;s approach: He sometimes calls people who didn&rsquo;t, in fact, call him first. Instead, the individuals he calls are themselves victims of a phone-related crime called malicious number spoofing, in which callers falsify their number to disguise their identities…</p>"
  },
  "date": "2019-01-01T19:24:56-06:00",
  "featured": false,
  "headline": "Stop Robocalling Me!",
  "id": "1546370696",
  "slug":"stop-robocalling-me-i-didnt",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "https://on.wsj.com/2R3Csh2",
  "tags": ["FCC", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>December 23, 2018</p><p><br>By the time you finish reading this sentence, roughly 2,000 more robocalls will have pinged phones across the country.</p><p>Most are the same: a buzz emits from an incoming 303, 720 or other familiar area code. Maybe it is a locked-out neighbor? A child&rsquo;s classmate? But on the other end of the line is a robotic voice rattling off a list of ominous hazards. Something about the IRS, a credit score or mortgage rates. In Colorado alone, 2.4 million robocalls happen each day, according to YouMail, a software company that tracks robocalls and makes blocking software.</p><p>“I hear about it all the time, from family, friends and constituents,” Cynthia Coffman , Colorado&rsquo;s attorney general, said. “People are very frustrated...”</p>"
  },
  "date": "2018-12-23T13:58:36-06:00",
  "featured": false,
  "headline": "Robocalls are annoying, insidious and often illegal — and there’s no “magic solution” to stop them",
  "id": "1545573516",
  "slug":"robocalls-are-annoying-insidious-and-often-illegal-and-theres-no-magic-solution-to-stop-them",
  "sourceName": "Denver Post",
  "sourceArticleUrl": "https://dpo.st/2BYPKkI",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>December 19, 2018</p><p>The social engineering part of cybercrimes will become more rampant and the final countdown for knowledge based authentication begins in TRUSTID&rsquo;s, top five fraud and customer authentication predictions for 2019.</p><p>The Portland, Ore.-based provider of caller authentication and fraud prevention systems for contact centers, wrote, “In 2018, it seemed hardly a day went by without a report of another major data breach. According to the Identity Theft Resource Center, the first half of 2018 saw 668 confirmed data breaches representing 22.41 million records exposed…”</p>"
  },
  "date": "2018-12-19T14:06:11-06:00",
  "featured": false,
  "headline": "Social Engineering Rising, KBAs Fading for Call Centers: TRUSTID Fraud Predictions",
  "id": "1545228371",
  "slug":"social-engineering-rising-kbas-fading-for-call-centers-trustid-fraud-predictions",
  "sourceName": "Credit Union Times",
  "sourceArticleUrl": "https://bit.ly/2EGH1XV",
  "tags": ["Authentication", "KBA", "Social Engineering"]
},
{
  "content": {
    "html": "<p>November 29, 2018</p><p>Lawmakers are continuing their push to end robocalls.</p><p>On Wednesday, Democratic Sens. Dianne Feinstein of California, Richard Blumenthal of Connecticut and Amy Klobuchar of Minnesota introduced the REAL PEACE Act, which would expand the Federal Trade Commission&rsquo;s authority to crack down on telecom companies that facilitate illegal robocalls. (In case you&rsquo;re wondering, the witty acronym stands for “Robocall Elimination At Last Protecting Every American Consumer&rsquo;s Ears.”)…</p>"
  },
  "date": "2018-11-29T14:10:55-06:00",
  "featured": false,
  "headline": "Senators want to give FTC more authority to combat illegal robocalls",
  "id": "1543500655",
  "slug":"senators-want-to-give-ftc-more-authority-to-combat-illegal-robocalls",
  "sourceName": "CNET",
  "sourceArticleUrl": "https://cnet.co/2UZbdmk",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>November 27, 2018</p><p>Sen. John Thune (R-SD), chairman of the Senate Commerce Committee, and Sen. Ed Markey (D-MA), a member of the Committee and author of the Telephone Consumer Protection Act (TCPA), recently introduced S. 3655, the Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (the TRACED Act), to prevent illegal robocall scams. In brief, the bill would extend the statute of limitations for the Federal Communications Commission (FCC) to pursue robocall scammers and others who intentionally violate the law, impose additional penalties on such violators, require call authentication and blocking technologies, and establish an interagency working group to explore further ways to prosecute robocallers who intentionally violate the law…<br></p>"
  },
  "date": "2018-11-27T14:14:37-06:00",
  "featured": false,
  "headline": "Bipartisan Bill Introduced In The Senate To Thwart Illegal Robocall Scams",
  "id": "1543328077",
  "slug":"bipartisan-bill-introduced-in-the-senate-to-thwart-illegal-robocall-scams",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "https://bit.ly/2R9j0yx",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>November 26, 2018</p><p>Call centers are facing the potential of fraud from inside and outside their facilities, and they are taking multi-pronged approaches to tackle these security challenges. At the same time, experts say that fraudsters will be busy this holiday season, and will be particularly active on online marketplaces. And companies are creating fraud prevention defenses for the mobile order-ahead space, as quick-service restaurants (QSRs) are moving forward with digital innovation….</p>"
  },
  "date": "2018-11-26T14:20:12-06:00",
  "featured": false,
  "headline": "Today In Data: The Rise Of Call Center Fraud",
  "id": "1543242012",
  "slug":"today-in-data-the-rise-of-call-center-fraud",
  "sourceName": "PYMNTS",
  "sourceArticleUrl": "https://bit.ly/2T5cZR3",
  "tags": ["Call Center Fraud", "Call Center Security"]
},
{
  "content": {
    "html": "<p>November 26, 2018</p><p>Thousands of holiday dinners will be interrupted this season by buzzing phones bearing recorded messages from telemarketers, promising wealth and threatening financial ruin. But here&rsquo;s something to be thankful for: By next year, the national plague of robocalls could be in retreat.</p><p>There&rsquo;s new resolve in Congress to crack down on attempted phone scams, with the support of phone companies, which are independently implementing new technologies to stop them…</p>"
  },
  "date": "2018-11-26T14:17:48-06:00",
  "featured": false,
  "headline": "Congress is taking new steps to stop robocall scammers",
  "id": "1543241868",
  "slug":"congress-is-taking-new-steps-to-stop-robocall-scammers",
  "sourceName": "Boston Globe",
  "sourceArticleUrl": "https://bit.ly/2EGQbnh",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>November 20, 2018</p><p>The U.S. government said Tuesday that it plans to take aim at the scourge of unwelcome phone calls and spam text messages plaguing millions of consumers — but one of its proposals drew sharp rebukes, with critics concerned that it could enable telecom giants to censor legitimate communications.</p><p>The first measure, announced by the Federal Communications Commission, aims to create a national database containing information about phone numbers that have recently been disconnected and reassigned to someone else. The effort aims to help businesses, such as banks and pharmacies, avoid dialing the wrong customers repeatedly.</p>"
  },
  "date": "2018-11-20T14:27:03-06:00",
  "featured": false,
  "headline": "The FCC has a new plan to combat unwanted robocalls and spammy texts",
  "id": "1542724023",
  "slug":"the-fcc-has-a-new-plan-to-combat-unwanted-robocalls-and-spammy-texts",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://wapo.st/2Kx80FB",
  "tags": ["FCC", "Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>November 19, 2018</p><p>It is estimated that by early next year, nearly 50 percent of all the calls you get on your cellphone will be robocalls. Last month alone, more than five billion robocalls were made.</p><p>Lawmakers last week proposed bipartisan legislation to fine scam robocallers up to $10,000 per call; and the FCC is demanding telecommunications companies lay out their plans to meet new standards, so that scam calls can be identified and stopped.</p><p>CBS News asked major companies what they&rsquo;re doing to stop illegal robocallers and one, T-Mobile, offered to show us…</p>"
  },
  "date": "2018-11-19T14:32:00-06:00",
  "featured": false,
  "headline": "How the fight against robocalls has become an escalating “arms race” against scammers",
  "id": "1542637920",
  "slug":"how-the-fight-against-robocalls-has-become-an-escalating-arms-race-against-scammers",
  "sourceName": "CBS News",
  "sourceArticleUrl": "https://cbsn.ws/2DywBbO",
  "tags": ["FCC", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>November 17, 2018</p><p>Sens. John Thune (R-S.D.) and Ed Markey (D-Mass.) introduced legislation Friday that would levy a hefty fine on illegal robocalls and attempt to prevent them from reaching consumers in the first place. </p><p>Thune, chairman of the Senate Commerce, Science and Transportation Committee, and Markey, a member of the committee, introduced the Telephone Robocall Abuse Criminal Enforcement and Deterrence (TRACED) Act Friday, which would allow the Federal Communications Commission (FCC) to levy civil penalties of up to $10,000 per call.</p><p>“The TRACED Act targets robocall scams and other intentional violations of telemarketing laws so that when authorities do catch violators, they can be held accountable,” Thune said in a press release. “Existing civil penalty rules were designed to impose penalties on lawful telemarketers who make mistakes. This enforcement regime is totally inadequate for scam artists and we need do more to separate enforcement of carelessness and other mistakes from more sinister actors…”</p>"
  },
  "date": "2018-11-17T14:37:37-06:00",
  "featured": false,
  "headline": "Bipartisan Senate bill would penalize illegal robocalls",
  "id": "1542465457",
  "slug":"bipartisan-senate-bill-would-penalize-illegal-robocalls",
  "sourceName": "The Hill",
  "sourceArticleUrl": "https://bit.ly/2BvMJcG",
  "tags": ["FCC", "Robocalls", "TRACED Act"]
},
{
  "content": {
    "html": "<p>November 15, 2018</p><p>Your cellphone rings. You don&rsquo;t recognize the number on the screen, but the call appears to be coming from your area code – perhaps even your exchange. Maybe the display shows it&rsquo;s coming from your town.</p><p>So you answer – and the unwanted recorded message begins.</p><p>A voice wants to sell you an extended warranty for your car, or a timeshare in a vacation spot, a loan to refinance your home.</p><p>It might even be a Chinese-language message about a purported package awaiting pickup at the local consulate…</p>"
  },
  "date": "2018-11-15T14:41:01-06:00",
  "featured": false,
  "headline": "Enraged by endless robocalls? Help is on the way",
  "id": "1542292861",
  "slug":"enraged-by-endless-robocalls-help-is-on-the-way",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://bit.ly/2QLk3S7",
  "tags": ["Do Not Call", "FCC", "Robocalls", "STIR/SHAKEN"]
},
{
  "content": {
    "html": "<p>November 9, 2018</p><p>(CNN) Thirty billion robocalls were made to American consumers in 2017, according to YouMail, a robocall-blocking service. And while robocalls, made with an automated dialer or using a prerecorded or artificial voice, torment Democrats, Republicans and independents alike, even on this issue, Washington leadership has found a way to divide along party lines.</p><p>The division is not over whether robocalls generally are a nuisance that should be addressed, but over which robocalls should be stopped. The robocalling industry is pushing the Federal Communications Commission (FCC) to deregulate all automated robocalls made with a human agent by interpreting the definition for “automated telephone dialing systems” (autodialers) in a way that would not cover any automated systems being used by the callers…</p>"
  },
  "date": "2018-11-09T14:47:31-06:00",
  "featured": false,
  "headline": "Rules against robocalls shouldn’t be loosened",
  "id": "1541774851",
  "slug":"rules-against-robocalls-shouldnt-be-loosened",
  "sourceName": "CNN",
  "sourceArticleUrl": "https://cnn.it/2P18VPf",
  "tags": ["AI", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>November 9, 2018</p><p>The head of the Federal Communications Commission got on his high horse this week and told phone companies they better do something about robocalls. Or else.</p><p>“Combating illegal robocalls is our top consumer priority at the FCC,” Chairman Ajit Pai said in a statement after submitting letters to leading telecom and tech companies telling them to get with the program…</p>"
  },
  "date": "2018-11-09T14:44:53-06:00",
  "featured": false,
  "headline": "FCC chief tells phone companies to crack down on robocalls, or else. Sort of",
  "id": "1541774693",
  "slug":"fcc-chief-tells-phone-companies-to-crack-down-on-robocalls-or-else-sort-of",
  "sourceName": "LA Times",
  "sourceArticleUrl": "https://lat.ms/2P19kBf",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>November 6, 2018</p><p>Even if you don&rsquo;t agree with Ajit Pai&rsquo;s stance on some important issues, you might still want to hear about his latest campaign against robocalls. The FCC chairman has demanded(PDF) the adoption of a robust call authentication system to prevent caller ID spoofing, telling American carriers to implement the technology no later than 2019. Pai has sent letters to the CEOs of 14 voice providers to ask them to conjure up concrete plans to adopt the SHAKEN/STIR framework, which would validate legitimate calls across networks before they reach recipients. That would block spam and scam robocalls from going through, so you don&rsquo;t have to be wary of answering calls anymore.</p>"
  },
  "date": "2018-11-06T14:59:55-06:00",
  "featured": false,
  "headline": "FCC pushes carriers to implement caller ID authentication by 2019",
  "id": "1541516395",
  "slug":"fcc-pushes-carriers-to-implement-caller-id-authentication-by-2019",
  "sourceName": "Engadget",
  "sourceArticleUrl": "https://engt.co/2RQdUnz",
  "tags": ["Authentication", "FCC", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>November 6, 2018</p><p>WASHINGTON (Reuters) - US Federal Communications Commission Chairman Ajit Pai on Monday wrote the chief executives of major telephone service providers and other companies, demanding they launch a system no later than 2019 to combat billions of “robocalls” and other nuisance calls received monthly by American consumers.</p><p>In May, Pai called on companies to adopt an industry-developed “call authentication system” or standard for the cryptographic signing of telephone calls aimed at ending the use of illegitimate spoofed numbers from the telephone system. Monday&rsquo;s letters seek answers by Nov. 19 on the status of those efforts…</p>"
  },
  "date": "2018-11-06T14:53:37-06:00",
  "featured": false,
  "headline": "The FCC is demanding companies take action to stop nuisance ‘robocalls’",
  "id": "1541516017",
  "slug":"the-fcc-is-demanding-companies-take-action-to-stop-nuisance-robocalls",
  "sourceName": "Business Insider",
  "sourceArticleUrl": "https://read.bi/2QDwlvy",
  "tags": ["Authentication", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>October 29, 2018</p><p>Just weeks after the Social Security Administration (SSA) warned about an Office of the Inspector General (OIG) impersonation scheme, the Acting Inspector General of Social Security, Gale Stallworth Stone, is raising an alert about a new scam. This time, the scheme involves thieves who are engaging in caller-ID “spoofing” which echoes a pattern where thieves pretend to be from government agencies, like those scammers who are spoofing calls from the Internal Revenue Service (IRS)…</p>"
  },
  "date": "2018-10-29T15:09:51-05:00",
  "featured": false,
  "headline": "Social Security Warns On New Phone Spoofing Scam",
  "id": "1540825791",
  "slug":"social-security-warns-on-new-phone-spoofing-scam",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://bit.ly/2FknC08",
  "tags": ["Caller-ID Spoofing", "IRS", "Social Security", "Spoofing"]
},
{
  "content": {
    "html": "<p>October 25, 2018</p><p>Cash is not king when it comes to the latest round of scams.</p><p>The Federal Trade Commission has issued a warning to consumers that criminals are posing as government officials and asking people to use a gift card to pay a bogus tax bill or get a new Medicare card.</p><p>This type of crime is adding up to big bucks. The FTC said victims reported losing $20 million to such fraud in 2015. In just the first three quarters of this year, the losses have been $53 million…</p>"
  },
  "date": "2018-10-25T19:37:09-05:00",
  "featured": false,
  "headline": "Is ‘the IRS’ asking you to pay by gift card? It’s the latest ‘impostor’ scam.",
  "id": "1540496229",
  "slug":"is-the-irs-asking-you-to-pay-by-gift-card-its-the-latest-impostor-scam-2",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://wapo.st/2yEci9u",
  "tags": ["Consumer Fraud", "FTC", "IRS"]
},
{
  "content": {
    "html": "<p>October 25, 2018</p><p>Cash is not king when it comes to the latest round of scams.</p><p>The Federal Trade Commission has issued a warning to consumers that criminals are posing as government officials and asking people to use a gift card to pay a bogus tax bill or get a new Medicare card.</p><p>This type of crime is adding up to big bucks. The FTC said victims reported losing $20 million to such fraud in 2015. In just the first three quarters of this year, the losses have been $53 million…</p>"
  },
  "date": "2018-10-25T15:14:29-05:00",
  "featured": false,
  "headline": "Is ‘the IRS’ asking you to pay by gift card? It’s the latest ‘impostor’ scam.",
  "id": "1540480469",
  "slug":"is-the-irs-asking-you-to-pay-by-gift-card-its-the-latest-impostor-scam",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://wapo.st/2yEci9u",
  "tags": ["Consumer Fraud", "IRS"]
},
{
  "content": {
    "html": "<p>October 18, 2018</p><p>Most of us have been trained to be wary of clicking on links and attachments that arrive in emails unexpected, but it&rsquo;s easy to forget scam artists are constantly dreaming up innovations that put a new shine on old-fashioned telephone-based phishing scams. Think you&rsquo;re too smart to fall for one? Think again: Even technology experts are getting taken in by some of the more recent schemes (or very nearly)…</p>"
  },
  "date": "2018-10-18T19:41:02-05:00",
  "featured": false,
  "headline": "Voice Phishing Scams Are Getting More Clever",
  "id": "1539891662",
  "slug":"voice-phishing-scams-are-getting-more-clever",
  "sourceName": "Krebs on Security",
  "sourceArticleUrl": "https://bit.ly/2Opm3l6",
  "tags": ["Phishing", "Phone Scam"]
},
{
  "content": {
    "html": "<p>October 17, 2018</p><p>The problem of unsolicited robocalls has gotten so bad that many people now refuse to pick up calls from numbers they don&rsquo;t know. It&rsquo;s become a defense of last resort in an increasingly frustrating situation that&rsquo;s led to nearly 25 million Americans becoming victims of fraud. If only it were that simple to solve.</p><p>By next year, it&rsquo;s estimated that half of the calls we receive will be scams, but even more worrisome, 90% of those calls will be “spoofed” — falsely appearing as if they&rsquo;re coming from a familiar number in your contact book…</p>"
  },
  "date": "2018-10-17T19:46:20-05:00",
  "featured": false,
  "headline": "Why robocalls are about to get more dangerous",
  "id": "1539805580",
  "slug":"why-robocalls-are-about-to-get-more-dangerous",
  "sourceName": "CNN",
  "sourceArticleUrl": "https://cnn.it/2zb64NM",
  "tags": ["Phone Scam", "Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>October 12, 2018</p><p>If you think you&rsquo;re fed up with getting robocalls, Apple is taking it to another level.</p><p>A new software patent from the Cupertino, Calif.-based tech giant could help kill robocalls and scams, letting users automatically recognize “a spoofing caller.”</p><p>The patent, filed in April 2017, was made public on Thursday and describes a system that would let the phone do checks on a call to see whether the call is legitimate or if it is from a “spoofed number”…</p>"
  },
  "date": "2018-10-12T19:53:36-05:00",
  "featured": false,
  "headline": "Apple patent could kill robocalls",
  "id": "1539374016",
  "slug":"apple-patent-could-kill-robocalls",
  "sourceName": "Fox News",
  "sourceArticleUrl": "https://fxn.ws/2Dcx83t",
  "tags": ["Apple", "Robocalls"]
},
{
  "content": {
    "html": "<p>October 10, 2018</p><p>If you have, well, a phone number, you&rsquo;ve probably received a robocall before. It was likely one of those annoying calls from an unknown number featuring a computer voice badgering you about some stupid service you supposedly need to buy. If you&rsquo;ve been noticing more and more of these correspondences, you&rsquo;re not alone.</p><p>Data backs this up too. According to the voicemail and call-blocking services company YouMail, the volume of robocalls increased 50% from February to July, reports NBC News…</p>"
  },
  "date": "2018-10-10T19:43:20-05:00",
  "featured": false,
  "headline": "You’re not imagining it: Robocalls are on the rise",
  "id": "1539200600",
  "slug":"youre-not-imagining-it-robocalls-are-on-the-rise",
  "sourceName": "Fast Company",
  "sourceArticleUrl": "https://bit.ly/2JrC30K",
  "tags": ["Do Not Call", "Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>October 5, 2018</p><p>Within the last two weeks, San Antonio-based SecureLogix has gotten calls from four different universities about a scam targeting Chinese students.</p><p>When someone answers the robocall, the recording in Mandarin informs the listener that there&rsquo;s an issue with their visa. If they don&rsquo;t send a certain amount of money for legal protection, they&rsquo;ll be removed from the U.S…</p>"
  },
  "date": "2018-10-05T19:55:53-05:00",
  "featured": false,
  "headline": "San Antonio-based company aims to protect phones from attacks",
  "id": "1538769353",
  "slug":"san-antonio-based-company-aims-to-protect-phones-from-attacks",
  "sourceName": "San Antonio Express News",
  "sourceArticleUrl": "https://bit.ly/2AAgYhQ",
  "tags": ["Authentication", "Cybersecurity", "SecureLogix", "Voice Security"]
},
{
  "content": {
    "html": "<p>September 28, 2018</p><p>It was only last week that a study projected that almost half of your incoming phone calls next year will be from scammers and spammers. Almost twice as much as this year, and up astronomically from 3.7 percent last year.</p><p>People asked what the government could possibly do about it. Now, just a few days later, there&rsquo;s a heck of an answer.</p><p>The Federal Communications Commission this week came down hard on two small companies--actually a small business and an individual person who was allegedly hiding behind several companies----moving forward on fines totaling $119.5 million after determining they&rsquo;d made more than 23 million illegal robocall sales calls to U.S. phone numbers…</p>"
  },
  "date": "2018-09-28T19:59:31-05:00",
  "featured": false,
  "headline": "Sick of Spammy Robocalls? Here’s the Truly Surprising Thing the FCC Just Did to Fight Them",
  "id": "1538164771",
  "slug":"sick-of-spammy-robocalls-heres-the-truly-surprising-thing-the-fcc-just-did-to-fight-them",
  "sourceName": "Inc",
  "sourceArticleUrl": "https://bit.ly/2Q6hWaW",
  "tags": ["Caller-ID Spoofing", "FCC", "Robocalls", "Spoofing", "Voice Spam"]
},
{
  "content": {
    "html": "<p>September 26, 2018</p><p>As you&rsquo;re driving into work, you witness a horrific crash in the lane next to you. Quickly, you grab your cell phone and dial 911. Expecting to hear the 911 call center, you&rsquo;re confused by the busy signal you receive instead. Assuming you misdialed, you quickly press end, and redial. Again, a busy signal. And suddenly you are paralyzed, not certain what to do or how to get the help you need…</p>"
  },
  "date": "2018-09-26T20:04:27-05:00",
  "featured": false,
  "headline": "When 911 Is Busy",
  "id": "1537992267",
  "slug":"when-911-is-busy",
  "sourceName": "No Jitter",
  "sourceArticleUrl": "https://www.nojitter.com/when-911-busy",
  "tags": ["Emergency Services & 911 Systems", "TDoS"]
},
{
  "content": {
    "html": "<p>September 26, 2018</p><p>The Federal Communications Commission on Wednesday imposed an $82 million fine against a telemarketer who made more than 21 million unsolicited calls to consumers to try to sell health insurance and generate leads.</p><p>Over a three-month period beginning in late 2016, Philip Roesel and his companies made more than 200,000 calls every day, the FCC said, using a technique known as spoofing in which a person&rsquo;s caller ID displays a number that is different from the one the caller is using…</p>"
  },
  "date": "2018-09-26T20:02:19-05:00",
  "featured": false,
  "headline": "A telemarketer made about 21 million robocalls in 3 months. The FCC just fined it $82 million.",
  "id": "1537992139",
  "slug":"a-telemarketer-made-about-21-million-robocalls-in-3-months-the-fcc-just-fined-it-82-million",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>September 20, 2018 </p><p>You&rsquo;re not imagining it: Scammers are increasingly blowing up your phone.</p><p>First Orion, an Arkansas company that provides caller ID and call blocking services, found that the volume of mobile scam calls has risen from 3.7% of total calls in 2017 to 29.2% in 2018. That number is likely to reach 44.6% by early 2019.</p><p>First Orion analyzed more than 34 billion calls made with partner T-Mobile USA (TMUS, +2.01%) and identified about 12% of them as scams. The 58 million T-Mobile subscribers see “Scam Likely” on the caller ID screen if the service determines a call fraudulent in nature.</p>"
  },
  "date": "2018-09-20T20:06:27-05:00",
  "featured": false,
  "headline": "Next Year, Half of All Calls to Cell Phones Will Be Scams—And There’s Nothing We Can Do",
  "id": "1537473987",
  "slug":"next-year-half-of-all-calls-to-cell-phones-will-be-scams-and-theres-nothing-we-can-do",
  "sourceName": "Fortune",
  "sourceArticleUrl": "https://for.tn/2IgPiRo",
  "tags": ["Phone Scam"]
},
{
  "content": {
    "html": "<p>September 19, 2018</p><p>Voice fraud rates climbed at more than 350% since 2013 across several industries, including banking. Various causes share the blame including new voice tech, and the rise in significant data breaches.</p><p>Atlanta based voice authentication firm Pindrop its “2018 Voice Intelligence Report” detailed developments in fraud, the future of voice and the bearing on customer service across numerous industries revealed the voice fraud rate increase through 2017 showed no signs of slowing down. Additionally, between 2016 and 2017, overall voice channel fraud increased by 47%, or one in every 638 calls.</p>"
  },
  "date": "2018-09-19T20:10:28-05:00",
  "featured": false,
  "headline": "Overall Voice Fraud Rate Climbs More Than 350%, Banking Second Highest",
  "id": "1537387828",
  "slug":"overall-voice-fraud-rate-climbs-more-than-350-banking-second-highest",
  "sourceName": "Credit Union Times",
  "sourceArticleUrl": "https://bit.ly/2IqQ5Q5",
  "tags": ["Call Center Fraud", "Consumer Fraud", "Phone Scam"]
},
{
  "content": {
    "html": "<p>September 13, 2018 </p><p>No, it&rsquo;s not your imagination: the amount of spam phone calls is getting worse.</p><p>According to new data from First Orion, a call protection company, the amount of junk calls will reach 46% by mid-year 2019. And by the end of that year, the amount is projected to finally cross the halfway point, meaning that half of all calls will be spam.</p><p>Collecting data from 50 billion calls over the past 18 months, the company was able to shed light on a phenomenon that many people have noticed and lamented: a severe uptick in calls, many of which use “neighborhood spoofing” techniques to entice people to pick up by having a fake caller ID that resembles the caller&rsquo;s number…</p>"
  },
  "date": "2018-09-13T20:12:44-05:00",
  "featured": false,
  "headline": "Spam robocalls will soon account for almost 50% of all calls",
  "id": "1536869564",
  "slug":"spam-robocalls-will-soon-account-for-almost-50-of-all-calls",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "https://yhoo.it/2PGMuzw",
  "tags": ["Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>September 12, 2018</p><p>The phone call in early June purporting to be from Chinese authorities was, in a word, alarming. The Massachusetts woman who answered it learned she may have been the victim of identity theft.</p><p>But after almost a week of corresponding and sharing personal information over the phone in an effort to find how her identity had apparently been stolen things went very wrong very quickly…</p>"
  },
  "date": "2018-09-12T20:15:43-05:00",
  "featured": false,
  "headline": "An AARP survey found that a majority of Asian Americans and Pacific Islanders age 50 and older said they or their families have been targets of fraud.",
  "id": "1536783343",
  "slug":"an-aarp-survey-found-that-a-majority-of-asian-americans-and-pacific-islanders-age-50-and-older-said-they-or-their-families-have-been-targets-of-fraud",
  "sourceName": "NBC News",
  "sourceArticleUrl": "https://nbcnews.to/2NBWsFc",
  "tags": ["Consumer Fraud", "Voice Spam"]
},
{
  "content": {
    "html": "<p>September 1, 2018</p><p>(CNN)The paint on the road near a predominantly Latino community near Des Moines read, “Deport Illegals.”</p><p>The sprayed-on sentiment didn&rsquo;t last the day, but some officials in the Iowa city are worried it&rsquo;s indicative of a simmering resentment for immigrants that has become more public recently.</p><p>The red paint defaced both directions on a two-lane road on the city&rsquo;s south side on Thursday.</p><p>“These actions are unfortunate and not consistent with Des Moines&rsquo; spirit of compassion,” Mayor Frank Cownie said. “Such actions have no place in our city.”</p><p>A city worker painted over the words later in the day. The city tweeted a photo of the graffiti removal, with the hashtag #NotInOurCity...</p>"
  },
  "date": "2018-09-01T20:21:03-05:00",
  "featured": false,
  "headline": "Robocalls and graffiti after Mollie Tibbetts’ death worry Iowa Latinos",
  "id": "1535833263",
  "slug":"robocalls-and-graffiti-after-mollie-tibbetts-death-worry-iowa-latinos",
  "sourceName": "CNN",
  "sourceArticleUrl": "https://cnn.it/2LPngww",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>September 1, 2018</p><p>Racist robocalls targeting Andrew Gillum, the first black nominee for Florida governor from a major party, have been placed to residents from an out-of-state white supremacist entity.</p><p>Mr. Gillum, 39, the Tallahassee mayor and a progressive candidate who won an upset victory in the Democratic primary on Tuesday, will face Representative Ron DeSantis, 39, a Republican who embraced the style and policies of President Trump, in the November election...</p>"
  },
  "date": "2018-09-01T20:18:14-05:00",
  "featured": false,
  "headline": "Racist Robocalls Target Andrew Gillum, Democratic Nominee for Florida Governor",
  "id": "1535833094",
  "slug":"racist-robocalls-target-andrew-gillum-democratic-nominee-for-florida-governor",
  "sourceName": "New York Times",
  "sourceArticleUrl": "https://nyti.ms/2Ni9Ldu",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>August 14, 2018</p><p>Robocalls — those annoying, automated spam and scam messages — are on the rise.</p><p>So far in 2018, more than 16.3 billion spam phone calls have pestered people across the country, according to YouMail, a robocall watch­dog that offers free call-blocking software.</p><p>In May alone, the average American fielded more than 12 spam calls, the company adds.</p><p>Those numbers mark a sharp uptick and people are clearly fed up: Robocalls have been the No. 1 consumer complaint at the Federal Trade Commission for several years, including 4 million gripes in 2017, the FTC&rsquo;s Ian Barlow tells The Post...</p>"
  },
  "date": "2018-08-14T14:45:58-05:00",
  "featured": false,
  "headline": "It’s not your imagination — robocalls are on the rise",
  "id": "1534257958",
  "slug":"its-not-your-imagination-robocalls-are-on-the-rise",
  "sourceName": "New York Post",
  "sourceArticleUrl": "https://nyp.st/2nSYfXU",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<h2>What Is Telephony Denial of Service (TDoS) Attack and How to Prevent Such Attack</h2><p>The non-emergency call centre in Howard County, Maryland typically receives 300 to 400 calls a day. On August 11, 2018, however, the non-emergency call centre of the County, was flooded with 2,500 calls in a 24-hour span of time in an attack known as telephony denial of service (TDoS).</p><h2>What Is Telephony Denial of Service (TDoS) Attack?</h2><p>Telephony denial of service (TDoS) is a type of denial of service (DoS) attack in which the attackers launch high volume of calls and keeping those calls active for as long as possible against the target network, preventing legitimate calls to come in. TDoS is a threat not just to government and large enterprises, but also to small and medium-sized organizations.</p><p>TDoS attacks have evolved from manual to automation. An example of a manual TDoS attack is leveraging social media such as Facebook and Twitter to organize individuals into a TDoS calling campaign. A report by SecureLogix showed that the vast majority of TDoS attacks use automation to generate the attack calls. The Howard County TDoS attacker, for instance, used automation in attacking the County.</p><p>James Cox, network-server team manager for the Howard County, told Cisco that a lone foreign malicious actor was responsible for the TDoS attack on the County. The motive of the attack, Cox said, was money. This foreign malicious actor, he said, was being paid by a third party for tying up the phone lines by having long conversations.</p><p>The TDoS attack on the non-emergency call centre in Howard County was pulled off by acquiring phone numbers and using a server based in Europe and made it look like the phone numbers were local numbers. With this set-up, every call made was considered as an international call, which carriers paid, allowing the 3rd party to profit from this scheme. The foreign malicious actor, meanwhile, made pennies for every minute a phone line is tied up.</p><p>TDoS attack isn&rsquo;t a new threat. In 2013, the U.S. Federal Bureau of Investigation (FBI) and U.S. Department of Homeland Security (DHS) issued a joint alert regarding the TDoS threat, a copy of which was reposted on security journalist Brian Krebs&rsquo;s site. The joint alert reported that dozens of TDoS attacks targeted the administrative public safety answering points lines (not the 911 emergency line), launching high volume of calls against these lines and tying up the system from receiving legitimate calls...</p>"
  },
  "date": "2018-08-11T20:00:00-05:00",
  "featured": false,
  "headline": "WHAT IS TELEPHONY DENIAL OF SERVICE (TDOS) ATTACK AND HOW TO PREVENT SUCH ATTACK",
  "id": "1534017600",
  "imageFilename": "what-is-a-telephony-denial-of-service-attack",
  "slug":"what-is-telephony-denial-of-service-tdos-attack-and-how-to-prevent-such-attack",
  "sourceName": "GenX",
  "sourceArticleUrl": "https://www.genx.ca/what-is-telephony-denial-of-service-tdos-attack-and-how-to-prevent-such-attack",
  "tags": ["TDoS"]
},
{
  "content": {
    "html": "<p>July 30, 2018</p><p>The recent bust of a large fraud and money laundering conspiracy highlights one key takeaway for you: Be wary of who is on the other end of your phone line — particularly if they claim to be the IRS.</p><p>The Department of Justice announced that 24 defendants have been sentenced in connection with a multimillion dollar fraud scheme in what Attorney General Jeff Sessions called the “first-ever large scale, multi-jurisdiction prosecution targeting the India call-center scam industry.”</p>"
  },
  "date": "2018-07-30T14:49:13-05:00",
  "featured": false,
  "headline": "Multimillion-dollar fraud bust highlights tax scam you should watch out for",
  "id": "1532962153",
  "slug":"multimillion-dollar-fraud-bust-highlights-tax-scam-you-should-watch-out-for",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://cnb.cx/2K7kO3C",
  "tags": ["Department of Justice", "Impostor Scam", "IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>July 24, 2018</p><p>Struggling retailer Sears has a lot on the line in a multimillion-dollar class-action settlement over unwanted robocalls offering free Caribbean cruises.</p><p>A federal judge in Chicago is expected to decide next week whether Sears is entitled to as much as $6 million for thousands of sales calls received by its employees from Caribbean Cruise Line nearly seven years ago. The bulk of the Sears claim was initially denied for missing a filing deadline...</p>"
  },
  "date": "2018-07-24T14:53:19-05:00",
  "featured": false,
  "headline": "Sears seeks millions from Caribbean cruise robocall settlement",
  "id": "1532443999",
  "slug":"sears-seeks-millions-from-caribbean-cruise-robocall-settlement",
  "sourceName": "Chicago Tribune",
  "sourceArticleUrl": "https://trib.in/2Mb2ZpF",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 23, 2018</p><p>With stiff sentences for 21 conspirators last week in the United States and a round of indictments in India, the Justice Department says it has broken up what appeared to be the nation&rsquo;s first large-scale, multinational telephone fraud operation.</p><p>Over four years, more than 15,000 victims in the United States lost “hundreds of millions” of dollars to the sophisticated scam, and more than 50,000 individuals had their personal information misused, the department said Friday. The money was routed through call centers in India back to the ringleaders in eight states...</p>"
  },
  "date": "2018-07-23T14:56:36-05:00",
  "featured": false,
  "headline": "U.S. Breaks Up Vast I.R.S. Phone Scam",
  "id": "1532357796",
  "slug":"u-s-breaks-up-vast-i-r-s-phone-scam",
  "sourceName": "New York Times",
  "sourceArticleUrl": "https://nyti.ms/2OfFqds",
  "tags": ["IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>July 22, 2018</p><p><em>Why can&rsquo;t the government catch these guys?</em> That was the sentiment echoed in my inbox over and over as those Internal Revenue Service (IRS) impersonation phone scams exploded. It felt painfully slow, but arrests were finally made in the United States and India. This week, many of those scammers were sentenced for their crimes.</p><p>Twenty-one members of a massive India-based fraud and money laundering conspiracy faced sentencing hearings this week in Houston, Texas. The defendants had ties to India-based call centers that targeted U.S. residents and cheated thousands out of hundreds of millions of dollars...</p>"
  },
  "date": "2018-07-22T14:59:48-05:00",
  "featured": false,
  "headline": "Scammers Finally Punished For Cheating U.S. Taxpayers Out Of Millions Of Dollars",
  "id": "1532271588",
  "slug":"scammers-finally-punished-for-cheating-u-s-taxpayers-out-of-millions-of-dollars",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://bit.ly/2nqm9d1",
  "tags": ["Impostor Scam", "IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>July 20, 2018</p><p>The Federal Communications Commission should create a database of reassigned phone numbers to help reduce unsolicited robocalls and robotexts, two senators urged agency Chairman Ajit Pai.</p><p>The database of reassigned phone numbers could help businesses avoid unwittingly calling or texting consumers without consent, Senate Commerce, Science and Transportation Committee Chairman John Thune (R-S.D.) and Massachusetts Democratic Sen. Edward Markey wrote in a July 19 letter to Pai.</p><p>Companies sometimes inadvertently autodial or robotext consumers without their permission because the previous holder of the number gave consent. Unsolicited robocalls can open businesses up to litigation...</p>"
  },
  "date": "2018-07-20T15:06:33-05:00",
  "featured": false,
  "headline": "Lawmakers Urge FCC to Fight Robocalls With Phone Number Database",
  "id": "1532099193",
  "slug":"lawmakers-urge-fcc-to-fight-robocalls-with-phone-number-database",
  "sourceName": "Bloomberg",
  "sourceArticleUrl": "https://bit.ly/2uLmdbc",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 20, 2018</p><p>It may be summer, but the bad guys aren&rsquo;t taking a vacation. The Acting Inspector General of Social Security, Gale Stallworth Stone, has issued a warning about an ongoing phone scam from thieves pretending to be from the Social Security Administration (SSA).</p><p>As part of the con, scammers try to convince you to give up personal information, like Social Security numbers and bank account numbers, over the phone. In another case, a caller claims to be from “SSA headquarters” and asks you to confirm personal information, such as an SSN, “new” Medicare number, address, and date of birth...</p>"
  },
  "date": "2018-07-20T15:04:24-05:00",
  "featured": false,
  "headline": "Social Security Issues Warning About Scams Similar To Those IRS Phone Scams",
  "id": "1532099064",
  "slug":"social-security-issues-warning-about-scams-similar-to-those-irs-phone-scams",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://bit.ly/2uLmdbc",
  "tags": ["IRS", "Phone Scam", "Social Security"]
},
{
  "content": {
    "html": "<p>July 18, 2018</p><p>Two dozen people have been sentenced for aiding in a massive call center scheme centered in India that tricked vulnerable people in the U.S. into giving up hundreds of millions of dollars, culminating what Attorney General Jeff Sessions praised as “first-ever” multi-jurisdiction takedown of India&rsquo;s “call center scam industry.”</p><p>Callers used illegally obtained personal information and posed as U.S. government officials, convincing victims they needed to pay taxes or fines. Other participants helped collect and launder the money.</p><p>The perpetrators, who got sentences of up to 20 years, included five people in Texas, four of them in the Houston region...</p>"
  },
  "date": "2018-07-18T15:09:59-05:00",
  "featured": false,
  "headline": "24 sentenced in international call center scheme that bilked victims of millions",
  "id": "1531926599",
  "slug":"24-sentenced-in-international-call-center-scheme-that-bilked-victims-of-millions",
  "sourceName": "Houston Chronicle",
  "sourceArticleUrl": "https://bit.ly/2mAFoQx",
  "tags": ["Call Center Fraud", "Phone Scam"]
},
{
  "content": {
    "html": "<p> July 12, 2018</p><p>Big corporations are aggressively lobbying for the Trump administration to ease restrictions on the persistent interruptions.</p><p>Robo-calls ravaged Americans&rsquo; smartphones in record numbers last month. But some of the nation&rsquo;s top businesses — from credit card companies and student lenders to retailers and car dealers — are still urging the Trump administration to make it easier for them to dial and text mobile devices en masse...</p>"
  },
  "date": "2018-07-12T15:12:24-05:00",
  "featured": false,
  "headline": "Robo-calls are getting worse. And some big businesses soon could start calling you even more.",
  "id": "1531408344",
  "slug":"robo-calls-are-getting-worse-and-some-big-businesses-soon-could-start-calling-you-even-more",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://wapo.st/2mq35Lg",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>July 11, 2018</p><p>The U.S. Department of Homeland Security has partnered with security firm SecureLogix to develop technology to defend against telephony denial-of-service attacks, which remain a significant threat to emergency call centers, banks, schools and hospitals.</p><p><br>The DHS Science and Technology (S&amp;T) Directorate said this week the office and SecureLogix were making “rapid progress” in developing defenses against call spoofing and robocalls -- two techniques used by criminals in launching telephony denial-of-service (TDoS) attacks to extort money. Ultimately, the S&amp;T&rsquo;s goal is to “shift the advantage from TDoS attackers to network administrators.”...</p>"
  },
  "date": "2018-07-11T15:14:58-05:00",
  "featured": false,
  "headline": "DHS, SecureLogix develop TDoS attack defense",
  "id": "1531322098",
  "slug":"dhs-securelogix-develop-tdos-attack-defense",
  "sourceName": "Tech Target",
  "sourceArticleUrl": "https://bit.ly/2Jz9gWL",
  "tags": ["Homeland Security", "Research", "TDoS"]
},
{
  "content": {
    "html": "<p>July 10, 2018</p><p>Voters should ask everyone running for office this fall what they promise to do before the next election to rid the people of telemarketers.</p><p style=“text-align:left”>My hope turned to chagrin as I read “Here&rsquo;s What You Can Do About Robocalls” (Business &amp; Finance, July 5), which have increased dramatically to both my landline and cellphone in the past year. The suggestions in the article haven&rsquo;t been successful in my experience, and my friends feel the same. Waiting years for a call-certifying protocol that the scammers will have plenty of time to evade is not a promising solution...</p>"
  },
  "date": "2018-07-10T15:17:44-05:00",
  "featured": false,
  "headline": "Only Public Pressure Can Cap the Surge of Robocalls",
  "id": "1531235864",
  "slug":"only-public-pressure-can-cap-the-surge-of-robocalls",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "https://on.wsj.com/2LvxWkJ",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>July 6, 2018</p><p>Cybersecurity attacks happen all too often, and attackers are becoming more bold and sophisticated by disrupting critical phone systems and putting 911 emergency call centers at risk. Similar to Distributed Denial of Service (DDoS) attacks on critical online services, Telephony Denial of Service (TDoS) attacks render emergency systems unavailable by saturating them with bogus calls and potentially causing great harm to those who truly require urgent first responder attention. </p><p>The Department of Homeland Security (DHS) Science and Technology Directorate (S&amp;T) has partnered with SecureLogix, a San Antonio-based telecommunications security company, to solve complex TDoS issues and develop defense-based solutions to prevent these attacks. TDoS attackers target 9-1-1 emergency call centers and other critical service providers. These attacks are increasing in frequency and everyone is vulnerable. Reasons for TDoS attacks range from extortion to disruptive pranks. These attacks pose significant risks to banks, schools, hospitals, and even government agencies. When banks are attacked, customers are denied access to their accounts. If synchronized with a DDoS attack against a bank&rsquo;s internet or mobile presence, this may prevent customers from even contacting their bank....</p>"
  },
  "date": "2018-07-06T16:49:44-05:00",
  "featured": false,
  "headline": "DHS Partners with SecureLogix to Prevent TDoS Attacks",
  "id": "1530895784",
  "slug":"dhs-partners-with-securelogix-to-prevent-tdos-attacks",
  "sourceName": "DHS",
  "sourceArticleUrl": "https://www.dhs.gov/science-and-technology/blog/2018/07/09/partnering-prevent-tdos-attacks",
  "tags": ["Homeland Security", "TDoS", "Voice Security"]
},
{
  "content": {
    "html": "<p>July 6, 2018</p><p>Wondering whether you should pick up that random number that just called? </p><p>Chances are, it&rsquo;s a robocall, and it may be a scam. </p><p>Robocalls have been on the rise in the United States: An estimated 4.1 billion robocalls were made nationwide in June alone, according to data compiled by YouMail, an app that aims to prevent robocalls by playing an out-of-service message from your phone. Since February this year, the number of robocalls made to phone users across the country has risen more than 40 percent, it says.</p><p>Most of the time, these robocalls are after people&rsquo;s money. With the rapid improvement of phone caller ID – which, on most cellphones, can now warn you of an incoming potential scam call – and the proliferation of apps designed to screen for fake calls, the number of robocalls that actually get picked up on the first try is declining, according to YouMail CEO Alex Quilici... </p>"
  },
  "date": "2018-07-06T15:20:46-05:00",
  "featured": false,
  "headline": "Comcast or Capital One calling? It may be a robocall scam. Here are the top 10",
  "id": "1530890446",
  "slug":"comcast-or-capital-one-calling-it-may-be-a-robocall-scam-here-are-the-top-10",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://usat.ly/2J8C6wG",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 5, 2018</p><p>The plague of robocalls is getting worse. Consumers received more than 18 billion in 2017, a 75 percent increase from the year before. They are the number one consumer complaint to the Federal Communications Commission (FCC). It receives more than 200,000 protests a year, and robocalls make up roughly 60 percent of all complaints to the FCC.</p><p>“I get about five or six robocalls per week. The area codes are from all over the country,” Carol Berkow said. She is one of millions of Americans plagued by robocalls daily, reports CBS News correspondent Anna Werner....</p>"
  },
  "date": "2018-07-05T15:26:42-05:00",
  "featured": false,
  "headline": "Robocalls are getting worse, and some cities are top targets",
  "id": "1530804402",
  "slug":"robocalls-are-getting-worse-and-some-cities-are-top-targets",
  "sourceName": "CBS News",
  "sourceArticleUrl": "https://cbsn.ws/2m35co9",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 5, 2018</p><p>Scammers are flooding the United States with Chinese-language robocalls, causing major headaches from coast to coast.</p><p>These new robocalls are a lot like the ones you&rsquo;ve already gotten on your phone at all hours of the day and night: Your phone rings, you pick up, and after a brief pause or maybe a quiet click or beep, a prerecorded voice message meets your ears. The recording, which often sounds like a young woman, usually delivers a message about lowering credit-card rates or buying into cheap health insurance...</p>"
  },
  "date": "2018-07-05T15:23:43-05:00",
  "featured": false,
  "headline": "Robocalls aren’t stopping and this time they’re in Chinese",
  "id": "1530804223",
  "slug":"robocalls-arent-stopping-and-this-time-theyre-in-chinese",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://usat.ly/2L5KIWH",
  "tags": ["Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>July 4, 2018</p><p>Remember when phone calls meant people wanted to talk to you about something other than lowering your interest rates? These days, the phone rings so often with recorded robocall messages—You qualify! You owe! You&rsquo;ve won!—answering feels like a hazard.</p><p>I hit my own robocall breaking point a month ago. I was grabbing a quick shower before catching a flight. My phone rang. Fearing I&rsquo;d miss a call from my boss, who had been trying to reach me, I jumped out. But no, it was a recording instead...</p>"
  },
  "date": "2018-07-04T15:39:32-05:00",
  "featured": false,
  "headline": "Why Are There So Many Robocalls? Here’s What You Can Do About Them",
  "id": "1530718772",
  "slug":"why-are-there-so-many-robocalls-heres-what-you-can-do-about-them",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "https://on.wsj.com/2MTpImS",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>June 29, 2018</p><p>Court throws out Time Warner Cable $229,500 penalty for 153 robocalls</p><p>NEW YORK (Reuters) - A federal appeals court on Friday threw out a $229,500 award that a Texas woman had won from Time Warner Cable Inc for harassing her with 153 robocalls after she told it to stop.</p><p>The 2nd U.S. Circuit Court of Appeals in Manhattan said the July 2015 award to Araceli King of Irving, Texas, was based on an incorrect interpretation of the federal Telephone Consumer Protection Act of 1991 (“TCPA”).</p><p>King, an insurance claims specialist, sought damages because Time Warner Cable kept leaving her messages for someone who once held her cellphone number, even after she made clear in a seven-minute discussion with a company representative who she was...</p>"
  },
  "date": "2018-06-29T15:41:51-05:00",
  "featured": false,
  "headline": "Court throws out Time Warner Cable $229,500 penalty for 153 robocalls",
  "id": "1530286911",
  "slug":"court-throws-out-time-warner-cable-229500-penalty-for-153-robocalls",
  "sourceName": "Reuters",
  "sourceArticleUrl": "https://reut.rs/2tPwvqr",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>June 25, 2018</p><p>If you live in Washington, D.C., or another U.S. metropolitan area, you may have noticed that you&rsquo;re on the receiving end of a barrage of Chinese-language robo-calls. The calls bring alarming news, and federal regulators and law-enforcement agencies say the automated messages are part of a nationwide scam targeting Chinese communities in the United States.</p><p>The spam callers say they have urgent business on behalf of the Chinese consulate, according to complaints received by the Federal Trade Commission. They share a story that grabs your attention: You have a package ready to be picked up at the Chinese consulate office, or you need to hand over information to avoid legal trouble. In either case, the FTC says, the callers ultimately ask for your credit card information, or to make a bank transfer to their accounts. According to the FTC and the actual Chinese consulate, the scammers appear to be targeting Chinese immigrants living in the United States or people with Chinese last names. Random consumers in areas that have sizable Chinese populations have also been called, according to the Federal Communications Commission...</p>"
  },
  "date": "2018-06-25T15:46:20-05:00",
  "featured": false,
  "headline": "Those Chinese-language robocalls are a scam to get your bank information, officials say",
  "id": "1529941580",
  "slug":"those-chinese-language-robocalls-are-a-scam-to-get-your-bank-information-officials-say",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "https://wapo.st/2KGb4ll",
  "tags": ["Phone Scam", "Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>June 15, 2018</p><p>By nature, criminals who choose to commit their crimes over the internet are on a mission to find new and creative ways to simultaneously defraud both consumers and companies. It doesn&rsquo;t help that traditional contact center authentication methodologies are easily circumvented by social engineering, which enables fraudsters to prosper.</p><p>The average smartphone or laptop computer is biometrically protected via fingerprint identification. Consumer-facing websites can only take credit cards via PCI-compliant mechanisms, and many demand two-factor authentication to access consumer accounts. In data centers, companies spend tens of millions of dollars, are subject to rigorous regulatory oversight, and face massive liability issues if they don&rsquo;t effectively guard access to banking, insurance, medical and numerous other sources of highly sensitive personally identifiable information (otherwise known as PII). Yet when users contact their credit union (or any of the other above-referenced organizations), all they need to supply is basic personal information – the same information that an experienced hacker can glean, often from public domain sources or simple social engineering, in minutes...</p>"
  },
  "date": "2018-06-15T15:53:18-05:00",
  "featured": false,
  "headline": "Curbing Contact Center Authentication Breaches",
  "id": "1529077998",
  "slug":"curbing-contact-center-authentication-breaches",
  "sourceName": "Credit Union Times",
  "sourceArticleUrl": "https://bit.ly/2t62UJ3",
  "tags": ["Authentication", "Call Authentication"]
},
{
  "content": {
    "html": "<p>June 12, 2018</p><p>Rebecca Schulte, 24, was at her apartment in West Hollywood, California, when she received a call from a familiar area code. She picked up.</p><p>“I&rsquo;m on the side of the road, there&rsquo;s been a really bad car accident,” a man said. He told her he&rsquo;d found her number in the injured man&rsquo;s phone.</p><p>Rebecca knew her father had been driving, and in a panic she asked if it was him: “Is it Brian?”</p><p>“Is your name Brian?” she could hear the man ask...</p>"
  },
  "date": "2018-06-12T15:59:04-05:00",
  "featured": false,
  "headline": "You think it’s your friend calling, but it’s actually this growing phone scam",
  "id": "1528819144",
  "slug":"you-think-its-your-friend-calling-but-its-actually-this-growing-phone-scam",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://cnb.cx/2JUWyTa",
  "tags": ["Phone Scam"]
},
{
  "content": {
    "html": "<p>June 12, 2018</p><p>4.1 billion. That&rsquo;s the number of robocalls made to American consumers last month, according to the robocall index operated by YouMail, a robocall blocking service.</p><p>Managing illegal robocalls has been the FCC&rsquo;s responsibility since the Telephone Consumer Protection Act (TCPA) was signed in 1991, but a recent court decision means the FCC must reconsider how it defines—and handles—the most annoying phone calls.</p><p>In March, the U.S. federal appeals court in D.C. found that the Commission&rsquo;s definition of autodialer could potentially apply to smartphones, and had to be reworked...</p>"
  },
  "date": "2018-06-12T15:56:02-05:00",
  "featured": false,
  "headline": "There Were 4.1 Billion Robocalls Dialed In The U.S. Last Month",
  "id": "1528818962",
  "slug":"there-were-4-1-billion-robocalls-dialed-in-the-u-s-last-month",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://bit.ly/2MxYuT8",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 11, 2018</p><p>Caller ID is an automatic feature offered by every telecommunications carrier to identify a calling party to the recipient. While there are options to block outgoing identification in order not to transmit your phone number if privacy is desired the system also fosters the ability to deceive. Some telephone companies will send only the phone number, and others will also send the subscriber name. Outbound caller ID options are associated with non-toll numbers only. If you blocked your number from appearing on the telephone you are calling, the rules do not apply to toll-free access so if you call an 800 number, for example, regardless whether you block your identity, it will still be displayed because the recipient is actually paying for the call...</p>"
  },
  "date": "2018-06-11T16:06:12-05:00",
  "featured": false,
  "headline": "Caller ID: The Technology Made For Scammers",
  "id": "1528733172",
  "slug":"caller-id-the-technology-made-for-scammers",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://bit.ly/2K0VCQf",
  "tags": ["Caller-ID Spoofing", "Consumer Fraud", "Spoofing"]
},
{
  "content": {
    "html": "<p>The Federal Trade Commission has strict rules that, in its own words, make “virtually all” telemarketing robocalls illegal. But we&rsquo;ve still seen the number of complaints about robocalls explode over the last few years. On Tuesday, the FTC announced it&rsquo;s doing something about it by suing some kingpins who allegedly facilitated billions of unwanted calls.</p><p>The consumer watchdog has filed a formal complaint in federal court against the people behind companies that allegedly facilitated and engaged in “illegal robocalls, calls to numbers on the Do Not Call Registry, calls with spoofed caller IDs, and abandoned calls, in which TelWeb hung up on consumers who answered.”...</p>"
  },
  "date": "2018-06-11T16:03:25-05:00",
  "featured": false,
  "headline": "FTC Accuses Group of Running Empire That Made Billions of Unwanted Robocalls",
  "id": "1528733005",
  "slug":"ftc-accuses-group-of-running-empire-that-made-billions-of-unwanted-robocalls",
  "sourceName": "Gizmodo",
  "sourceArticleUrl": "https://bit.ly/2t0Vwh2",
  "tags": ["FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 8, 2018</p><p>That phone call that appears to be from your neighbor but turns out to be a sales pitch or worse, a scam, is the latest ruse by robocallers.</p><p>It&rsquo;s called neighbor spoofing and the calls seem to be surging, particularly in the 210 area code.</p><p>American consumers get an average 2.5 billion robocalls every month, according to the Federal Communications Commision.</p><p>“I hate them,” said Matthew Campbell. “I get them every day, probably about twice an hour.”</p><p>Now a growing number of those robocalls look familiar. The caller ID shows your area code, and even the first three digits of your phone number. Campbell has seen it...</p>"
  },
  "date": "2018-06-08T16:09:09-05:00",
  "featured": false,
  "headline": "210 area code hit hard by ‘neighbor spoofing’",
  "id": "1528474149",
  "slug":"210-area-code-hit-hard-by-neighbor-spoofing",
  "sourceName": "KSAT",
  "sourceArticleUrl": "https://bit.ly/2M35KW9",
  "tags": ["Caller-ID Spoofing", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 6, 2018</p><p>If you&rsquo;ve picked up the phone only to hear the start of an automatic recording, you&rsquo;re not alone. Roughly 16.3 billion of these calls have been placed just in the first five months of 2018, according to the YouMail Robocall Index.</p><p>In May, Americans received about 4.1 billion robocalls. That&rsquo;s over 12 calls per person, according to YouMail, a company that, in addition to compiling the database, also offers solutions to the problem. And the number of calls keeps growing. In fact, over the past year, the number of robocalls has almost doubled.</p>"
  },
  "date": "2018-06-06T16:12:11-05:00",
  "featured": false,
  "headline": "Americans received over 16 billion robocalls so far this year—here’s how to stop them",
  "id": "1528301531",
  "slug":"americans-received-over-16-billion-robocalls-so-far-this-year-heres-how-to-stop-them",
  "sourceName": "CNBC",
  "sourceArticleUrl": "https://cnb.cx/2LG9BrX",
  "tags": ["Do Not Call", "IRS", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 4, 2018</p><p>U.S. and Chinese officials have been warning U.S. phone users about the latest robocalling scourge: Chinese-language junk calls.</p><p>While most non-Mandarin speakers hang up on the automated calls, police say some Chinese speakers in the U.S. have been duped into paying millions of dollars by the fraudulent messages, which often claim to be coming from the Chinese Embassy or Consulate...</p>"
  },
  "date": "2018-06-04T16:16:42-05:00",
  "featured": false,
  "headline": "Robocallers Target Chinese Speakers in Latest Phone Scam",
  "id": "1528129002",
  "slug":"robocallers-target-chinese-speakers-in-latest-phone-scam",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "https://on.wsj.com/2MhSX39",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>May 31, 2018</p><p>The telephone swept into Americans&rsquo; lives in the first decades of the 20th century. At first, no one knew exactly how to telephone. Alexander Graham Bell wanted people to start conversations by saying, “Ahoy-hoy!” AT&amp;T tried to prevent people from saying “hello,” arguing in<em> Telephone Engineer</em>magazine that it was rude.</p><p>But eventually, Americans learned to say “hello.” People built a culture around the phone that worked. Etiquette magazines tried to prevent women from inviting people over for dinner via telephone, then gave in. The doctor got a phone, so the pharmacist got a phone. It didn&rsquo;t happen quickly, but it happened. And once it was done, during my childhood, these social customs sat between me and this raw technical artifact—the handset, the curly cord connecting it to the base, the wires running across the nation, coming together in vast switching stations, amplified, multiplexed, and then branching back out to the other cities, other neighborhoods, other blocks, other houses...</p>"
  },
  "date": "2018-05-31T16:26:29-05:00",
  "featured": false,
  "headline": "Why No One Answers Their Phone Anymore",
  "id": "1527783989",
  "slug":"why-no-one-answers-their-phone-anymore",
  "sourceName": "The Atlantic",
  "sourceArticleUrl": "https://theatln.tc/2J7JjxR",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<h3>Telephone culture is disappearing.</h3><p>The telephone swept into Americans&rsquo; lives in the first decades of the 20th century. At first, no one knew exactly how to telephone. Alexander Graham Bell wanted people to start conversations by saying, “Ahoy-hoy!” AT&amp;T tried to prevent people from saying “hello,” arguing in<em> Telephone Engineer </em>magazine that it was rude.</p><p>But eventually, Americans learned to say “hello.” People built a culture around the phone that worked. Etiquette magazines tried to prevent women from inviting people over for dinner via telephone, then gave in. The doctor got a phone, so the pharmacist got a phone. It didn&rsquo;t happen quickly, but it happened. And once it was done, during my childhood, these social customs sat between me and this raw technical artifact—the handset, the curly cord connecting it to the base, the wires running across the nation, coming together in vast switching stations, amplified, multiplexed, and then branching back out to the other cities, other neighborhoods, other blocks, other houses.</p><p>In the moment when a phone rang, there was an imperative. <em>One had to pick up the phone</em>. This thinking permeated the culture from adults to children. In a <em>Hello Kitty </em>segment designed to teach kids how the phone worked, Hello Kitty is playing when the phone starts to ring. “It&rsquo;s the phone. Yay!” she says. “Mama! Mama! The telephone is ringing. Hurry! They are gonna hang up.”</p><p>Before ubiquitous caller ID or even *69 (which allowed you to call back the last person who&rsquo;d called you), if you didn&rsquo;t get to the phone in time, that was that. You&rsquo;d have to wait until they called back. And what if the person calling had something <em>really important </em>to tell you or ask you? Missing a phone call was awful. <em>Hurry!</em></p><p>Not picking up the phone would be like someone knocking at your door and you standing behind it not answering. It was, at the very least, rude, and quite possibly sneaky or creepy or something. Besides, as the phone rang, there were always so many questions, so many things to sort out. Who was it? What did they want? Was it for … <em>me</em>?</p><p>“Hello, Madrigal residence,” I would say, and it would make sense of everything for me and whoever was on the other end of the line.</p><p>This became a kind of cultural commons that people could draw on to understand communicating <em>through</em> a technology. When you called someone, if the person was there, they would pick up, they would say hello. If someone called you, if you were there, you would pick up, you would say hello. That was just how phones worked. The <em>expectation</em> <em>of pickup </em>was what made phones a synchronous medium.</p><p>I attach no special value to it. There&rsquo;s no need to return to the pure state of 1980s telephonic culture. It&rsquo;s just something that happened, like lichen growing on rocks in the tundra, or bacteria breaking down a fallen peach. Life did its thing, on and in the inanimate substrate. But I want to dwell on the existence of this cultural layer, because it is disappearing.</p><p>No one picks up the phone anymore. Even many businesses do everything they can to avoid picking up the phone. Of the 50 or so calls I received in the last month, I might have picked up four or five times. The reflex of answering—built so deeply into people who grew up in 20th-century telephonic culture—is gone.</p><p>Telephone exchanges of that era were what the scholar Robert Hopper described as “not quite ritual, but <em>routine </em>to the extent that its appearance approaches ritual.” When the phone rang, everyone knew to answer and speak in “the liturgy of the national attitude.” Now, people have forgotten how to pick up, the words, when to sing.</p><p>There are many reasons for the slow erosion of this commons. The most important aspect is structural: There are simply more communication options. Text messaging and its associated multimedia variations are rich and wonderful: words mixed with emoji, Bitmoji, reaction gifs, regular old photos, video, links. Texting is fun, lightly asynchronous, and possible to do with many people simultaneously. It&rsquo;s almost as immediate as a phone call, but not quite. You&rsquo;ve got your Twitter, your Facebook, your work Slack, your email, FaceTimes incoming from family members. So many little dings have begun to make the rings obsolete.</p><p>But in the last couple years, there is a more specific reason for eyeing my phone&rsquo;s ring warily. Perhaps 80 or even 90 percent of the calls coming into my phone are spam of one kind or another. Now, if I hear my phone buzzing from across the room, at first I&rsquo;m excited if I think it&rsquo;s a text, but when it keeps going, and I realize it&rsquo;s a call, I won&rsquo;t even bother to walk over. My phone only rings one or two times a day, which means that I can go a whole week without a single phone call coming in that I (or Apple&rsquo;s software) can even identify, let alone want to pick up.</p><p>There are unsolicited telemarketing calls. There are straight-up robocalls that merely deliver recorded messages. There are the cyborg telemarketers, who sit in call centers playing prerecorded bits of audio to simulate a conversation. There are the spam phone calls, whose sole purpose seems to be verifying that your phone number is real and working.</p><p>The Federal Communications Commission has been trying to slow robocalls for at least half a decade, but it doesn&rsquo;t seem to have done anything to stem the tide. YouMail is an app that tries to block these kinds of calls, and they create an estimate of how many robocalls are being made each month. The numbers are staggering and April 2018 showed them at an all-time high.</p><figure><img src=“https://cdn.theatlantic.com/thumbor/B5P4EscJTc83sPmqb_i_y9XT-F0=/filters:format(png)/media/img/posts/2018/05/chart_4-1/original.png” alt=“”/><figcaption>Chart derived from YouMail&rsquo;s Robocall Index</figcaption></figure><p>Telemarketers, of course, were the original people who took advantage of the telephone culture&rsquo;s drive to pick up the phone. But people cost money, even my dumb teenage self calling up plant managers in Alabama trying to sell them software to manage their material-data safety sheets. People get bored with their crappy, repetitive jobs. People quit.</p><p>Machines—the software kind that can dial phone numbers, at least—are cheap. They don&rsquo;t get drunk or go back to school or have a sick child. They just call and call and call and call. As often as not, when I&rsquo;ve made the mistake of picking up, there&rsquo;s just dead air, maybe just for a few seconds, as a person is patched in, or maybe—if I don&rsquo;t say anything—for a while until the machine hangs up. Sometimes it&rsquo;s a recorded message. And worse, most of the time I pick up, I&rsquo;m giving the spammer valuable information that my number is a live number, which they will sell to the next spammer.</p><p>This happened 3.4 billion times last month, where someone had to make the decision to pick up or to let it go, and give in to the change.</p>"
  },
  "date": "2018-05-31T14:54:00-05:00",
  "featured": false,
  "headline": "Why No One Answers Their Phone Anymore",
  "id": "1527778440",
  "slug":"why-no-one-answers-their-phone-anymore-2",
  "sourceName": "The Atlantic",
  "sourceArticleUrl": "https://www.theatlantic.com/technology/archive/2018/05/ring-ring-ring-ring/561545/",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>May 26, 2018</p><p>“I AM not the kingpin of robocalling that is alleged.” So Adrian Abramovich, a telemarketer from Florida, assured American senators in April. Accused of making nearly 100m illegal “robocalls” in 2016 as part of a campaign to sell discounted holidays, Mr Abramovich has denied criminal wrongdoing. Nonetheless, on May 10th the Federal Communications Commission (FCC), America&rsquo;s telecoms regulator, fined him $120m, the largest penalty in the agency&rsquo;s history.</p><p>The skirmish over Mr Abramovich is part of America&rsquo;s long, mostly unsuccessful war against robocalls, the pre-recorded phone messages peddling debt-reduction and timeshares that have irritated consumers for over a decade. According to YouMail, a call-blocking service, 3.4bn robocalls were blasted out in April, equivalent to nearly 1,300 every second. The Federal Trade Commission receives 500,000 complaints about such calls every month (see chart). Ajit Pai, the FCC chairman, says Americans are “mad as hell”. Robocalls are consistently the agency&rsquo;s top consumer complaint. Can anything be done?..</p>"
  },
  "date": "2018-05-26T16:30:25-05:00",
  "featured": false,
  "headline": "America is losing the war against robocalls",
  "id": "1527352225",
  "slug":"america-is-losing-the-war-against-robocalls",
  "sourceName": "The Economist",
  "sourceArticleUrl": "https://econ.st/2s68Alw",
  "tags": ["Caller-ID Spoofing", "FTC", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>May 18, 2018</p><p>Robocall scams have found new prey. The latest aim at the Chinese immigrant population by preying on their fears about their status in the U.S.</p><p>English speakers who get the calls have no idea what&rsquo;s being said. But Mandarin speakers who answer would hear news that their immigration status may be in jeopardy.</p><p>The scam goes something like this: A Mandarin speaker tells the individual that this call is from the Chinese consulate. The person is told the consulate has an important document that must be picked up. That document could affect her status in the U.S. She should press any key to get more information...</p>"
  },
  "date": "2018-05-18T16:38:18-05:00",
  "featured": false,
  "headline": "What’s behind all those Chinese-speaking robocalls",
  "id": "1526661498",
  "slug":"whats-behind-all-those-chinese-speaking-robocalls",
  "sourceName": "CBS News",
  "sourceArticleUrl": "https://cbsn.ws/2IsOegQ",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>May 16, 2018</p><p>Company says robocalls soared in Lincoln last month.</p><p>A company that tracks robocalls says Lincoln experienced the biggest one-month jump of the cities studied nationwide in April.</p><p>LINCOLN, Neb. (AP) — A company that tracks robocalls says Lincoln experienced the biggest one-month jump of the cities studied nationwide in April: nearly 155 percent...</p>"
  },
  "date": "2018-05-16T16:54:23-05:00",
  "featured": false,
  "headline": "Correction: Robocalls-Lincoln Story",
  "id": "1526489663",
  "slug":"correction-robocalls-lincoln-story",
  "sourceName": "US News",
  "sourceArticleUrl": "https://bit.ly/2ksrvmy",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>May 16, 2018</p><p>Federal Communications Commission Chairman Ajit Pai has accepted recommendations for an industry-developed call authentication system intended to stop the use of Caller ID spoofing from the North American Numbering Council (NANC.)</p><p>The NANC was created as a Federal Advisory Committee to advise the FCC on call numbering issues and to make recommendations.</p><p>“We&rsquo;ve been aggressively moving forward on new regulations and enforcement to crack down on the flood of unwanted robocalls. But a critical element of solving this problem is call authentication—essentially, creating a &lsquo;digital fingerprint&rsquo; for each phone call that scammers can&rsquo;t spoof or misuse,” FCC Chairman Ajit Pai said in a news release . “That would allow any consumer to pick up the phone with confidence...”</p>"
  },
  "date": "2018-05-16T16:40:48-05:00",
  "featured": false,
  "headline": "FCC Chairman Accepts Working Group’s Recommendations for Call Authentication",
  "id": "1526488848",
  "slug":"fcc-chairman-accepts-working-groups-recommendations-for-call-authentication",
  "sourceName": "ACA International",
  "sourceArticleUrl": "https://bit.ly/2IuWqct",
  "tags": ["Authentication", "Call Authentication", "Caller-ID Spoofing", "FCC", "NANC"]
},
{
  "content": {
    "html": "<p>May 14, 2018</p><p>Law360 (May 14, 2018, 6:13 PM EDT) -- Phone call authentication to combat “spoofed” robocalls assuming a fake number is one step closer after Federal Communications Commission Chairman Ajit Pai on Monday accepted recommendations from a federal advisory committee for selecting a “governance authority” to implement the authentication framework.<br><br>The North American Numbering Council, or NANC, recommended that industry take point on “expeditiously” naming a governance authority to handle implementation of the SHAKEN/STIR framework, according to the announcement from Pai. In it, Pai touted the use of “digital fingerprint[s]” for phone calls to ensure...</p>"
  },
  "date": "2018-05-14T17:04:23-05:00",
  "featured": false,
  "headline": "FCC’s Pai OKs Call Authentication Plan To Beat Robocalls",
  "id": "1526317463",
  "slug":"fccs-pai-oks-call-authentication-plan-to-beat-robocalls",
  "sourceName": "Law360",
  "sourceArticleUrl": "https://bit.ly/2xiKARA",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>May 10, 2018</p><p>In a massive strike, the Federal Communications Commission issued a $120 million fine on a massive robocall spoofing operation it deemed a threat to public safety.</p><p>The FCC announced Thursday morning that it would leverage the fine against Adrian Abramovich, a Miami man who the commission said made almost 100 million spoofed robocalls over a three-month period at the end of 2016. The FCC argued that Abramovich&rsquo;s operation made the phony calls to trick consumers into answering them and listening to his advertising messages. The fine was based on 80,000 spoofed calls the commission had verified...</p>"
  },
  "date": "2018-05-10T18:52:08-05:00",
  "featured": false,
  "headline": "Florida man behind 100 million robocalls hit with $120 million FCC fine",
  "id": "1525978328",
  "slug":"florida-man-behind-100-million-robocalls-hit-with-120-million-fcc-fine",
  "sourceName": "Chicago Tribune",
  "sourceArticleUrl": "https://trib.in/2L169IT",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>May 10, 2018</p><p>If you live in a part of the country that has a large Chinese immigrant population, you may have recently received a robocall in Mandarin — or even several of them. The calls seem to be blanketing certain phone exchanges without regard to the national origin of the recipients. Presumably, this is how the New York Police Department ended up on the call list.</p><p>NYPD Officer Donald McCaffrey, who works in the Queens grand larceny division, is investigating the calls in New York City. He has also been receiving them on a daily basis...</p>"
  },
  "date": "2018-05-10T17:06:42-05:00",
  "featured": false,
  "headline": "Chinese Robocalls Bombarding The U.S. Are Part Of An International Phone Scam",
  "id": "1525972002",
  "slug":"chinese-robocalls-bombarding-the-u-s-are-part-of-an-international-phone-scam",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://n.pr/2IecEue",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>May 7, 2018</p><p>A New York lawmaker is looking to put an end to those obnoxious robocalls that interrupt your work flow, take away from your time with family and friends and even scams that attempt to steal your identity.</p><p>On Monday, Manhattan State Senator Brad Hoylman announced that he has drafted legislation mandating that all callers get consumers&rsquo; consent before sending any non-emergency autodialed call, whether it is to a cell phone or a landline phone. The bill, which has not been introduced yet, also establishes a private right of action for individuals who are unlawfully targeted...</p>"
  },
  "date": "2018-05-07T18:55:11-05:00",
  "featured": false,
  "headline": "Tired of Those Annoying Robocalls? New York Has a Plan to Stop Them",
  "id": "1525719311",
  "slug":"tired-of-those-annoying-robocalls-new-york-has-a-plan-to-stop-them",
  "sourceName": "Observer",
  "sourceArticleUrl": "https://bit.ly/2rFDtMR",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>May 6, 2018</p><p>It&rsquo;s not just you.</p><p>Those pesky robocalls — at best annoying disturbances and at worst costly financial scams — are getting worse.</p><p>In an age when cellphones have become extensions of our bodies, robocallers now follow people wherever they go, disrupting business meetings, church services and bedtime stories with their children.</p><p>Though automated calls have long plagued consumers, the volume has skyrocketed in recent years, reaching an estimated 3.4 billion in April, according to YouMail, which collects and analyzes calls through its robocall blocking service. That&rsquo;s an increase of almost 900 million a month compared with a year ago...</p>"
  },
  "date": "2018-05-06T18:58:35-05:00",
  "featured": false,
  "headline": "Yes, It’s Bad. Robocalls, and Their Scams, Are Surging.",
  "id": "1525633115",
  "slug":"yes-its-bad-robocalls-and-their-scams-are-surging",
  "sourceName": "New York Times",
  "sourceArticleUrl": "https://nyti.ms/2KHNYYP",
  "tags": ["Consumer Fraud", "Robocalls"]
},
{
  "content": {
    "html": "<p>April 27, 2018</p><p>Lawmakers are looking to work with the tech industry to stop a nuisance for millions of Americans: robocalls.</p><p>Robocalls, automated calls that use a computerized system to deliver pre-recorded messages or to connect a call to everyday Americans, are a problem for many, but especially the elderly, according to the House Energy and Commerce Committee&rsquo;s subcommittee on Digital Commerce and Consumer Protection.</p><p>Last year, Americans were bombarded with 30.5 billion robocalls, an overall rise in calls from 29.3 billion robocalls placed in 2016. More than 3 billion calls were placed just this past March...</p>"
  },
  "date": "2018-04-27T19:08:46-05:00",
  "featured": false,
  "headline": "Lawmakers, tech industry look to thwart robocalls",
  "id": "1524856126",
  "slug":"lawmakers-tech-industry-look-to-thwart-robocalls",
  "sourceName": "ABC News",
  "sourceArticleUrl": "https://abcn.ws/2Fvc0SL",
  "tags": ["Consumer Fraud", "Robocalls"]
},
{
  "content": {
    "html": "<p>April 18, 2018</p><p>The alleged “face” of unwanted robocalls testified Wednesday that the technology to start a large autodial campaign is easy to use and can be set up by “anyone” from a home office.</p><p>“There is available open source software that can be misused by someone to make thousands of automated calls with the click of a button,” Adrian Abramovich said during a Senate Committee on Commerce, Science, and Transportation hearing.</p><p>Abramovich, who was appearing before the committee under subpoena, is facing a record $122 million Federal Communications Commission (FCC) fine for allegedly making almost 100 million spoofed robocalls over three months...</p>"
  },
  "date": "2018-04-18T19:16:14-05:00",
  "featured": false,
  "headline": "Alleged ‘face’ of robocalls testifies it’s as easy as the ‘click of a button’",
  "id": "1524078974",
  "slug":"alleged-face-of-robocalls-testifies-its-as-easy-as-the-click-of-a-button",
  "sourceName": "ABC News",
  "sourceArticleUrl": "https://abcn.ws/2qFaxoE",
  "tags": ["Consumer Fraud", "Robocalls"]
},
{
  "content": {
    "html": "<p>April 18, 2018</p><p>WASHINGTON (Reuters) - A Florida man alleged to have made almost 100 million robocalls to trick consumers with “exclusive” vacation deals from well-known travel and hospitality companies on Wednesday denied wrongdoing before a U.S. Senate Committee.</p><p>In June, the Federal Communications Commission said Adrian Abramovich allegedly made 96 million robocalls during a three-month period in 2016, and proposed a $120 million fine.“I am not the kingpin of robocalling that is alleged,” Abramovich said as he appeared under subpoena...</p>"
  },
  "date": "2018-04-18T19:12:17-05:00",
  "featured": false,
  "headline": "Alleged ‘robocall’ mastermind denies wrongdoing before U.S. Senate",
  "id": "1524078737",
  "slug":"alleged-robocall-mastermind-denies-wrongdoing-before-u-s-senate",
  "sourceName": "Reuters",
  "sourceArticleUrl": "https://reut.rs/2JhivuJ",
  "tags": ["Consumer Fraud", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>April 9, 2018</p><p>Enterprise Connect 2018 is officially behind us, a week jam-packed with product news delivered from a host of the 190+ exhibitors on the show floor.</p><p>While some of the industry&rsquo;s heavy hitters shared their messages from the main stage (like Microsoft&rsquo;s updates to its Teams ecosystem and 8x8&rsquo;s blended UC and contact center offering), plenty of other announcements warrant attention, too. Because, as EC18 GM Eric Krapf wrote on No Jitter last week, “there&rsquo;s not much in our industry today that <em>can&rsquo;t</em> be considered a hot technology.” With that in mind, here&rsquo;s a roundup of some of the news coming out of EC18...</p>"
  },
  "date": "2018-04-09T19:33:01-05:00",
  "featured": false,
  "headline": "EC18 News Roundup: Covering the Gamut of Communications",
  "id": "1523302381",
  "slug":"ec18-news-roundup-covering-the-gamut-of-communications",
  "sourceName": "No Jitter",
  "sourceArticleUrl": "",
  "tags": ["Enterprise", "Tradeshow", "UC", "Unified Communications"]
},
{
  "content": {
    "html": "<p>April 3, 2018</p><p>When news broke last week of a hacking attack on Baltimore&rsquo;s 911 system, Chad Howard felt a rush of nightmarish memories.</p><p>Howard, the information technology manager for Henry County, Tennessee, faced a similar intrusion in June 2016, in one of the country&rsquo;s first so-called ransomware attacks on a 911 call center. The hackers shut down the center&rsquo;s computerized dispatch system and demanded more than $2,000 in bitcoin to turn it back on. Refusing payment, Howard&rsquo;s staff tracked emergency calls with pencil and paper for three days as the system was rebuilt...</p>"
  },
  "date": "2018-04-03T19:36:33-05:00",
  "featured": false,
  "headline": "Hackers have taken down dozens of 911 centers. Why is it so hard to stop them?",
  "id": "1522784193",
  "slug":"hackers-have-taken-down-dozens-of-911-centers-why-is-it-so-hard-to-stop-them",
  "sourceName": "NBC News",
  "sourceArticleUrl": "https://nbcnews.to/2IoWHwW",
  "tags": ["Critical Infrastructure", "Emergency Services & 911 Systems", "Hackers", "TDoS"]
},
{
  "content": {
    "html": "<p>March 26, 2018</p><p>PHONE AND PHISHING SCAMS</p><p>Income tax filing season brings an increase in activity by would-be thieves using phone calls and email to try to get money out of taxpayers. That warning comes from the IRS.</p><p>Phone scams often involve someone calling a taxpayer, telling them they owe taxes and could be arrested if they don&rsquo;t pay. The thieves try to frighten taxpayers into giving them their credit card numbers and perhaps other personal information. Sometimes the first call is a recorded message that demands the taxpayer return the call...</p>"
  },
  "date": "2018-03-26T16:03:39-05:00",
  "featured": false,
  "headline": "Get Started: IRS warns against phone and phishing scams",
  "id": "1522080219",
  "slug":"get-started-irs-warns-against-phone-and-phishing-scams",
  "sourceName": "ABC News",
  "sourceArticleUrl": "https://abcn.ws/2pZ2SAX",
  "tags": ["IRS", "Phishing", "Phone Scam"]
},
{
  "content": {
    "html": "<p>March 23, 2018</p><p>The robocalls just keep coming.</p><p>But some new rules and initiatives may help the Federal Communications Commission and Federal Trade Commission better combat them.</p><p>The FCC has approved a proposal to create a database of phone numbers that are reassigned — about 38 million are each year — so the new owners of the numbers can avoid unwanted calls...</p>"
  },
  "date": "2018-03-23T16:10:13-05:00",
  "featured": false,
  "headline": "98 million robocalls hit Americans every day. The FCC’s fines aren’t stopping them.",
  "id": "1521821413",
  "slug":"98-million-robocalls-hit-americans-every-day-the-fccs-fines-arent-stopping-them",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://usat.ly/2GvoQlg",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>March 15, 2018</p><p>A call of shots fired that sent scores of heavily armed officers to a Northwestern University graduate dorm Wednesday afternoon was apparently a case of “swatting,” a false emergency designed to draw a large police response.</p><p>A caller reached the Evanston police from somewhere near Rockford around 2:15 p.m. and said he had shot his girlfriend at Engelhart Hall, just west of the main campus at Emerson Street and Maple Avenue...</p>"
  },
  "date": "2018-03-15T16:12:56-05:00",
  "featured": false,
  "headline": "Police: Call of Shots Fired at Northwestern Graduate Dorm Was ‘Swatting’ Hoax",
  "id": "1521130376",
  "slug":"police-call-of-shots-fired-at-northwestern-graduate-dorm-was-swatting-hoax",
  "sourceName": "Chicago Tribune",
  "sourceArticleUrl": "https://trib.in/2Ds3mU7",
  "tags": ["Swatting"]
},
{
  "content": {
    "html": "<p>March 13, 2018</p><p>Last week the Federal Communications Commission (FCC) and the Federal Trade Commission (FTC) announced that they will host a joint policy Forum on March 23, 2018 to highlight the actions the agencies and others have taken to fight illegal robocalls. They also announced that one month later, on April 23, they will co-host a Stop Illegal Robocalls Expo in Washington, D.C...</p>"
  },
  "date": "2018-03-13T16:19:20-05:00",
  "featured": false,
  "headline": "FCC and FTC Partner in Upcoming Efforts to Stop Illegal Robocalls",
  "id": "1520957960",
  "slug":"fcc-and-ftc-partner-in-upcoming-efforts-to-stop-illegal-robocalls",
  "sourceName": "Inside ARM",
  "sourceArticleUrl": "https://bit.ly/2I04j99",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>March 13, 2018</p><p>Last Tuesday, the Internal Revenue Service said people were being being bilked out of money by criminals pretending to be from the tax collection agency. Two days later, I received a phone call that my provider said was probably spam. They left a message saying they were from the IRS and I was in big trouble.</p><p>“(After 24 hours), you will be taken into custody by the local cops as there are four serious allegations pressed against your name at this moment,” said the automated voice in broken English...<br></p>"
  },
  "date": "2018-03-13T16:15:58-05:00",
  "featured": false,
  "headline": "From ‘Spoofing’ To ‘Swatting,’ Experts Say Results Of Thwarting Scam Calls Mixed",
  "id": "1520957758",
  "slug":"from-spoofing-to-swatting-experts-say-results-of-thwarting-scam-calls-mixed",
  "sourceName": "NPR",
  "sourceArticleUrl": "https://bit.ly/2HXUJDr",
  "tags": ["Caller-ID Spoofing", "Spoofing", "Swatting", "Thought Leadership"]
},
{
  "content": {
    "html": "<p>March 6, 2018</p><p>Call centers.</p><p>Call them centers of consumer frustration?</p><p>You know the drill. The standard way of getting help – the automated kind (through interactive voice response) – just isn&rsquo;t cutting it. The chatbot isn&rsquo;t enough.</p><p>There&rsquo;s a need for a human on the other line – the hand-holder, who will assist with the technical problem or the transaction gone awry, or perhaps the recurring payment that didn&rsquo;t recur...<br></p>"
  },
  "date": "2018-03-06T16:26:54-06:00",
  "featured": false,
  "headline": "Call Centers: In Search Of The 70 Percent Solution",
  "id": "1520353614",
  "slug":"call-centers-in-search-of-the-70-percent-solution",
  "sourceName": "PYMNTS",
  "sourceArticleUrl": "https://bit.ly/2oTCk3Q",
  "tags": ["Authentication", "Call Authentication", "Call Center Fraud", "Call Center Security"]
},
{
  "content": {
    "html": "<p>March 6, 2018</p><p><em>Be careful out there</em>. That&rsquo;s the word from the Internal Revenue Service (IRS) as the tax agency reminds taxpayers about continuing aggressive phone scams. Those phone scams are “a major threat to taxpayers” and as such, continued to hold down a top spot on the IRS “Dirty Dozen” list of tax scams for the 2018 filing season.</p><p>The Dirty Dozen is compiled annually by the IRS and lists a variety of common scams taxpayers may encounter any time during the year. However, many of these schemes peak during filing season - especially scam phone calls...</p>"
  },
  "date": "2018-03-06T16:23:58-06:00",
  "featured": false,
  "headline": "Phone Scams Remain on IRS ‘Dirty Dozen’ List of Tax Scams",
  "id": "1520353438",
  "slug":"phone-scams-remain-on-irs-dirty-dozen-list-of-tax-scams",
  "sourceName": "Forbes",
  "sourceArticleUrl": "https://bit.ly/2HYHfHv",
  "tags": ["Consumer Fraud", "IRS", "Tax Fraud"]
},
{
  "content": {
    "html": "<p>March 5, 2018</p><p>Law360 (March 5, 2018, 7:27 PM EST) -- A Los Angeles man filed a terse proposed class action against iHeartMedia Inc., via one of its radio stations, on Monday in California federal court alleging robocall violations of the Telephone Consumer Protection Act that may have roped in “thousands” of recipients of unwanted calls.<br><br>Vahe Messerlian, a Los Angeles County resident, said he received at least one call starting around January of this year from Los Angeles-based iHeart station KOST 103.5, which he said iHeart was doing business as. That phone call, according to the 8-page...</p>"
  },
  "date": "2018-03-05T16:51:52-06:00",
  "featured": false,
  "headline": "iHeartMedia Faces TCPA Suit Over Radio Station Robocalls",
  "id": "1520268712",
  "slug":"iheartmedia-faces-tcpa-suit-over-radio-station-robocalls",
  "sourceName": "Law360",
  "sourceArticleUrl": "https://bit.ly/2I2fq1k",
  "tags": ["Robocalls", "Telephone Consumer Protection Act (TCPA)"]
},
{
  "content": {
    "html": "<p>March 5, 2018</p><p>WASHINGTON: Indian embassy telephone lines have been spoofed by fraudsters in the US to cheat people for money, according to an advisory issued by mission which warned against entertaining any suspicious calls.<br>The Indian Embassy here has informed the US Government about it and launched its own internal investigation.<br><br>It also issued a rare public advisory on such fraud calls that has cheated people with money, thus bringing bad name to the diplomatic mission...</p>"
  },
  "date": "2018-03-05T16:30:20-06:00",
  "featured": false,
  "headline": "Indian Embassy Telephone Lines in US Spoofed by Fraudsters",
  "id": "1520267420",
  "slug":"indian-embassy-telephone-lines-in-us-spoofed-by-fraudsters",
  "sourceName": "The Times of India",
  "sourceArticleUrl": "https://bit.ly/32thRF0",
  "tags": ["Caller-ID Spoofing", "Spoofing"]
},
{
  "content": {
    "html": "<p>March 1, 2018</p><p>The agency plans to vote March 22 on a report and order that would nix National Historic Preservation Act and National Environmental Policy Act reviews when companies want to deploy small cells enabling next-generation mobile service. The move is duly...</p>"
  },
  "date": "2018-03-01T16:54:39-06:00",
  "featured": false,
  "headline": "FCC To Take Up Robocalls, 911 Call Routing In March",
  "id": "1519923279",
  "slug":"fcc-to-take-up-robocalls-911-call-routing-in-march",
  "sourceName": "Law360",
  "sourceArticleUrl": "http://bit.ly/2oRB3JG",
  "tags": ["Authentication", "Call Authentication", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 24, 2018</p><p>ELK GROVE, Calif. -- Emergency dispatchers in Elk Grove and Sacramento County are seeing an influx of false alarm 911 calls from an Apple repair and refurbishing center off Laguna Boulevard, CBS Sacramento reports. Dispatchers said the calls started in October 2017, and there&rsquo;s usually no one on the other line.</p><p>“We&rsquo;ve been seeing these calls for the last four months from Apple,” said police dispatcher Jamie Hudson. “We&rsquo;re able to see quickly where the call is coming from, so when we get one from Apple, the address will come up with their location.”...</p>"
  },
  "date": "2018-02-24T17:47:25-06:00",
  "featured": false,
  "headline": "Apple Repair Center Accidentally Called 911 About 1,600 Times",
  "id": "1519494445",
  "slug":"apple-repair-center-accidentally-called-911-about-1600-times",
  "sourceName": "CBS News",
  "sourceArticleUrl": "http://cbsn.ws/2HIPVCL",
  "tags": ["Apple", "Critical Infrastructure", "Emergency Services & 911 Systems"]
},
{
  "content": {
    "html": "<p>February 23, 2018</p><p>Law360 (February 23, 2018, 8:24 PM EST) -- A Georgia federal court Friday was asked to preliminarily approve JPMorgan Chase Bank NA&rsquo;s $2.25 million settlement of Telephone Consumer Protection Act claims that the bank autodialed the cellphones of hundreds of thousands of customers after they verbally asked that the calls to stop.<br><br>Proposed class representatives Tomeka Barrow and Anthony Diaz&rsquo;s unopposed motion for approval said that in its efforts since 2012 to collect on mortgage and home equity line of credit accounts, JPMorgan violated the TCPA by calling cellphones without the customers&rsquo; consent, via an...</p>"
  },
  "date": "2018-02-23T17:53:40-06:00",
  "featured": false,
  "headline": "JPMorgan Inks $2.25M TCPA Deal Over Robocalls",
  "id": "1519408420",
  "slug":"jpmorgan-inks-2-25m-tcpa-deal-over-robocalls",
  "sourceName": "Law360",
  "sourceArticleUrl": "http://bit.ly/2GLgaag",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>February 23, 2018</p><p>Law360 (February 23, 2018, 8:24 PM EST) -- A Georgia federal court Friday was asked to preliminarily approve JPMorgan Chase Bank NA&rsquo;s $2.25 million settlement of Telephone Consumer Protection Act claims that the bank autodialed the cellphones of hundreds of thousands of customers after they verbally asked that the calls to stop.<br><br>Proposed class representatives Tomeka Barrow and Anthony Diaz&rsquo;s unopposed motion for approval said that in its efforts since 2012 to collect on mortgage and home equity line of credit accounts, JPMorgan violated the TCPA by calling cellphones without the customers&rsquo; consent, via an...</p>"
  },
  "date": "2018-02-23T15:18:07-06:00",
  "featured": false,
  "headline": "JPMorgan Inks $2.25M TCPA Deal Over Robocalls",
  "id": "1519399087",
  "slug":"jpmorgan-inks-2-25m-tcpa-deal-over-robocalls-2",
  "sourceName": "Law360",
  "sourceArticleUrl": "http://bit.ly/2GLgaag",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>February 20, 2018</p><p>Tax scammers are a creative bunch.</p><p>The IRS keeps track of the most common tax-related crimes, and the list is long and varied.</p><p>The latest tax scam Americans need to watch out for, according to the IRS, is a twist on an old favorite: filing a fake tax return with stolen personal information, like your Social Security number.</p><p>But this time, scammers aren&rsquo;t keeping the fraudulent tax refund for themselves. At least not at first.</p><p>After filing the fake tax return, identity thieves are using taxpayers&rsquo; actual bank account information to have the refund deposited — then, they call to collect...</p>"
  },
  "date": "2018-02-20T15:21:44-06:00",
  "featured": false,
  "headline": "Identity Thieves Are Running the Same Scams This Tax Season — With a New Twist",
  "id": "1519140104",
  "slug":"identity-thieves-are-running-the-same-scams-this-tax-season-with-a-new-twist",
  "sourceName": "Business Insider",
  "sourceArticleUrl": "http://read.bi/2CAUpHP",
  "tags": ["IRS", "Tax Fraud"]
},
{
  "content": {
    "html": "<p>February 16, 2018</p><p>It all started simply enough just before dawn on July 8, 1937, when Mrs. Beard of Hampstead, England called police to report her husband was chasing a burglar around the neighborhood.</p><p>That phone call was the first in the world to take advantage of what was then a revolution in telecommunications — namely, a 911 emergency system...</p>"
  },
  "date": "2018-02-16T15:24:50-06:00",
  "featured": false,
  "headline": "Birth Of a Lifeline: The Nation’s 911 Emergency System Turns 50",
  "id": "1518794690",
  "slug":"birth-of-a-lifeline-the-nations-911-emergency-system-turns-50",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://usat.ly/2oqM5WO",
  "tags": ["Critical Infrastructure", "Emergency Services & 911 Systems"]
},
{
  "content": {
    "html": "<p>February 8, 2018</p><p>NEW DELHI — Three men in India were arrested this week after police uncovered a huge scheme that targeted more than 11,000 people in the United States.</p><p>Men posing as officials from the U.S. Internal Revenue Service left thousands of voice messages claiming to have found irregularities in the victims&rsquo; tax records. The messages instructed them to call back or face legal action. But the phone number they gave connected unsuspecting people in the United States to Indian con men sitting in a second-floor office in an upscale area called Koregaon Park in the western city of Pune...</p>"
  },
  "date": "2018-02-08T15:30:00-06:00",
  "featured": false,
  "headline": "More Than 11,000 Americans Targeted in India Call Center Tax Fraud",
  "id": "1518103800",
  "slug":"more-than-11000-americans-targeted-in-india-call-center-tax-fraud",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "http://wapo.st/2o1Smal",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>February 8, 2018</p><p>IRVINE, Calif -- U.S. telephones were besieged by 2.88 billion robocalls in January, a 27% increase in national robocalling volumes over January 2017, and a 3.4% increase over the prior month&rsquo;s results in December 2017.</p><p>These latest figures come from YouMail, a free solution for both mobile phones and landlines that helps consumers stop robocalls from ever reaching their phones. U.S. phones endured 92.7 million robocalls each day in January on average, or roughly 1,073 robocalls for every second of the month – that&rsquo;s the second highest pace of monthly robocalling since the YouMail Robocall Index was launched in 2015...</p>"
  },
  "date": "2018-02-08T15:27:28-06:00",
  "featured": false,
  "headline": "Robocalls Spike 27% Year-Over-Year to 2.88 Billion Calls Nationwide in January",
  "id": "1518103648",
  "slug":"robocalls-spike-27-year-over-year-to-2-88-billion-calls-nationwide-in-january",
  "sourceName": "Business Insider",
  "sourceArticleUrl": "http://read.bi/2EloZGU",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>February 6, 2018</p><p>Only a few days into the tax-filing season, the IRS is sounding an alarm about a new tax scam. Specifically, it&rsquo;s warning tax preparers to be on guard about the scam, which is aimed at stealing taxpayers&rsquo; refunds by using data compromised in tax preparers&rsquo; offices. </p><p>The agency said it has already received a number of fake tax returns that had accurate taxpayer names, addresses, Social Security numbers and even bank account information for the victims...</p>"
  },
  "date": "2018-02-06T15:32:22-06:00",
  "featured": false,
  "headline": "IRS Warns Tax Preparers About A New Refund Scam",
  "id": "1517931142",
  "slug":"irs-warns-tax-preparers-about-a-new-refund-scam",
  "sourceName": "CBS News",
  "sourceArticleUrl": "http://cbsn.ws/2o2bdCb",
  "tags": ["Consumer Fraud", "IRS", "Tax Fraud"]
},
{
  "content": {
    "html": "<p>January 11, 2018</p><p>A fatal police shooting in Kansas late last month focused attention again on how so-called swatting — prank 911 calls designed to get SWAT teams to deploy — puts lives at risk and burdens police departments.</p><p>There are more than 7,000 911 centers in the U.S. and, according to the National Emergency Number Association, they receive about 600,000 calls a day. Authorities don&rsquo;t track swatting calls nationally, though the FBI has been monitoring the practice of those types of fake calls for about a decade...</p>"
  },
  "date": "2018-01-11T15:37:54-06:00",
  "featured": false,
  "headline": "Big Tech Improvements To 911 System Raise The Risk Of More ‘Swatting’",
  "id": "1515685074",
  "slug":"big-tech-improvements-to-911-system-raise-the-risk-of-more-swatting",
  "sourceName": "NPR",
  "sourceArticleUrl": "http://n.pr/2Drs3BC",
  "tags": ["Emergency Services & 911 Systems", "Swatting"]
},
{
  "content": {
    "html": "<p>January 11, 2018</p><p>IRVINE, Calif., Jan. 11, 2018 /PRNewswire/ -- American consumers and businesses were blitzed by some 30.5 billion robocalls in 2017, breaking the prior national annual record of 29.3 billion robocalls set in 2016. U.S. phones received an estimated 2.78 billion robocalls in December alone, equaling a 1.3% increase month-on-month over November and a stunning 19.2% year-on-year increase over December 2016.</p><p>That heightened pace in December 2017 equals some 89.6 million robocalls placed daily in the U.S. during the month. On average, this yearly pace equals 967 calls placed every second, adding up to well over 100 robocalls for every adult in the U.S. during 2017...</p>"
  },
  "date": "2018-01-11T15:34:34-06:00",
  "featured": false,
  "headline": "Robocall Epidemic Breaks Annual Record with 30.5 Billion Calls in 2017",
  "id": "1515684874",
  "slug":"robocall-epidemic-breaks-annual-record-with-30-5-billion-calls-in-2017",
  "sourceName": "Business Insider",
  "sourceArticleUrl": "http://read.bi/2mTRW6e",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>January 8, 2018</p><p>The FCC has issued a <em>Report and Order and Further Notice of Proposed Rulemaking</em> (Order) adopting new rules to allow voice service providers to proactively block calls from certain numbers that are suspected to be fraudulent. The November 16 Order seeks to prevent fraud or identity theft that often accompanies calls which “spoof” or manipulate Caller ID information. The new rules expressly authorize voice service providers to block robocalls that appear to be from telephone numbers that do not or cannot make outgoing calls, without running afoul of the FCC&rsquo;s call completion rules.</p>"
  },
  "date": "2018-01-08T15:43:05-06:00",
  "featured": false,
  "headline": "FCC Targets Fraudulent Robocalls With New Call Blocking Rules",
  "id": "1515426185",
  "slug":"fcc-targets-fraudulent-robocalls-with-new-call-blocking-rules",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "http://bit.ly/2AI7NsB",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 4, 2018</p><p>About 30 per cent of phone calls placed in the United States are fraudulent &rsquo;robocalls,&rsquo; amounting to about 30billion total each year that cost U.S. consumers $350million in telemarketing fraud costs, according to figures from multiple sources.</p><p>The Federal Trade Commission noted that it received more than 3.4million robocall complaints in 2016 and, between January 2017 and August 2017, had received more than 3.5million.</p>"
  },
  "date": "2018-01-04T15:40:52-06:00",
  "featured": false,
  "headline": "Thirty Per Cent of Phone Calls in the U.S. Are ‘Robocalls’ That Cause $350 Million Worth of Telemarketing Fraud and More Than 3.4 Million Consumer Complaints Each Year",
  "id": "1515080452",
  "slug":"thirty-per-cent-of-phone-calls-in-the-u-s-are-robocalls-that-cause-350-million-worth-of-telemarketing-fraud-and-more-than-3-4-million-consumer-complaints-each-year",
  "sourceName": "Daily Mail",
  "sourceArticleUrl": "http://dailym.ai/2D9RuYB",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>Los Angeles police arrested a 25-year-old man in a suspected “swatting” hoax 911 call in Kansas that ended in the fatal police shooting of an unarmed man.</p><p>The LAPD took Tyler Barriss of Los Angeles into custody in that city on Friday afternoon, on a fugitive warrant stemming from the Thursday evening incident in Kansas, a spokesman for the Los Angeles Police Department said.</p>"
  },
  "date": "2017-12-30T17:48:28-06:00",
  "featured": false,
  "headline": "Los Angeles Man Arrested in ‘Swatting’ Call That Preceded Fatal Police Shooting in Kansas",
  "id": "1514656108",
  "slug":"los-angeles-man-arrested-in-swatting-call-that-preceded-fatal-police-shooting-in-kansas",
  "sourceName": "NBC News",
  "sourceArticleUrl": "http://nbcnews.to/2lnhZlk",
  "tags": ["Emergency Services & 911 Systems", "Phone Scam", "Robocalls", "Swatting"]
},
{
  "content": {
    "html": "<p>December 30, 2017</p><p>Los Angeles police arrested a 25-year-old man in a suspected “swatting” hoax 911 call in Kansas that ended in the fatal police shooting of an unarmed man.</p><p>The LAPD took Tyler Barriss of Los Angeles into custody in that city on Friday afternoon, on a fugitive warrant stemming from the Thursday evening incident in Kansas, a spokesman for the Los Angeles Police Department said.</p>"
  },
  "date": "2017-12-30T16:00:59-06:00",
  "featured": false,
  "headline": "Los Angeles Man Arrested in ‘Swatting’ Call That Preceded Fatal Police Shooting in Kansas",
  "id": "1514649659",
  "slug":"los-angeles-man-arrested-in-swatting-call-that-preceded-fatal-police-shooting-in-kansas-2",
  "sourceName": "NBC News",
  "sourceArticleUrl": "http://nbcnews.to/2lnhZlk",
  "tags": ["Phone Scam", "Swatting"]
},
{
  "content": {
    "html": "<p>December 19, 2017</p><p>More people than ever have signed up for the “Do Not Call Registry,” which is supposed to stop telemarketers from bothering you. But spam phone calls continue to burgeon, thanks to illegal robocalls. </p><p>During 2017, Americans fielded 76 percent more robocalls than they did in 2016 -- for a total of 18 billion, according to a new analysis by Hiya, a robocall blocking service. That&rsquo;s despite the fact that the Federal Trade Commission&rsquo;s Do Not Call Registry has grown by nearly 4 million phone numbers over the course of the past year. </p>"
  },
  "date": "2017-12-19T16:04:04-06:00",
  "featured": false,
  "headline": "Phone Spam Soars to a New Record",
  "id": "1513699444",
  "slug":"phone-spam-soars-to-a-new-record",
  "sourceName": "CBS News",
  "sourceArticleUrl": "http://cbsn.ws/2AHggMR",
  "tags": ["Do Not Call", "Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>November 22, 2017</p><p>Black Friday is still a couple of days away, but the Trump administration already has handed out gifts to the telecom industry.</p><p>The Republican-controlled Federal Communications Commission on Wednesday took the wraps off its rollback of net neutrality rules, which it will finalize next month and give internet service providers more control over what you see online.</p><p>The FCC also passed a new rule on robocalls, which sounds like a good thing for consumers but probably isn&rsquo;t...</p>"
  },
  "date": "2017-11-22T16:07:18-06:00",
  "featured": false,
  "headline": "Trump Administration, In a Gift to telecom Firms, is Pulling the Plug on Net Neutrality",
  "id": "1511366838",
  "slug":"trump-administration-in-a-gift-to-telecom-firms-is-pulling-the-plug-on-net-neutrality",
  "sourceName": "LA Times",
  "sourceArticleUrl": "http://bit.ly/2CIt4V7",
  "tags": ["Donald Trump", "Net Neutrality"]
},
{
  "content": {
    "html": "<p>November 20, 2017</p><p>YOU PROBABLY GET robocalls all the time. Some pretend to be from the IRS, others come from a phone number very similar to yours. And then there&rsquo;s the rash of free airline tickets/problem with your credit card/complete this short survey intrusions. If it feels like they&rsquo;re cropping up more than ever, you&rsquo;re right. The blocking service YouMail estimates that 2.49 <em>billion</em> robocalls were placed to US consumers last month, marking a 4.1 percent increase over September. This translates to 80.5 million robocalls, every single day...</p>"
  },
  "date": "2017-11-20T16:10:03-06:00",
  "featured": false,
  "headline": "The Robocall Nightmare is Only Getting Worse — But Help is Here",
  "id": "1511194203",
  "slug":"the-robocall-nightmare-is-only-getting-worse-but-help-is-here",
  "sourceName": "Wired",
  "sourceArticleUrl": "http://bit.ly/2jKpFQE",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>November 17, 2017</p><p>The Federal Communications Commission voted on Nov. 16 to allow telephone carriers to block robocalls that appear to be fraudulent—a particularly annoying and costly problem that has mushroomed in recent years.</p><p>The ruling specifically targets calls that use so-called caller ID spoofing, which allows robocallers to manipulate information that shows up on caller ID to trick you into answering your phone...</p>"
  },
  "date": "2017-11-17T16:14:53-06:00",
  "featured": false,
  "headline": "FCC Approves New Rules to Block Robocalls",
  "id": "1510935293",
  "slug":"fcc-approves-new-rules-to-block-robocalls",
  "sourceName": "Consumer Report",
  "sourceArticleUrl": "http://bit.ly/2Fg5PDd",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>November 17, 2017</p><p>Communication and financial technology have both undergone rapid transformations over the years. The ways we talk and exchange money are almost entirely different than what we saw decades ago.</p><p>But, even as the rest of the world evolves, some things do not change. Despite the shifts from home phones to cellphones to smartphones – and from cash to credit cards to mobile checking accounts – call centers have remained omnipresent...</p>"
  },
  "date": "2017-11-17T16:12:19-06:00",
  "featured": false,
  "headline": "How Call Centers Cope With Ever-Changing Threats And Technology",
  "id": "1510935139",
  "slug":"how-call-centers-cope-with-ever-changing-threats-and-technology",
  "sourceName": "PYMNTS",
  "sourceArticleUrl": "http://bit.ly/2B1SpI4",
  "tags": ["Call Center Security", "UC", "UC Security"]
},
{
  "content": {
    "html": "<p>November 15, 2017</p><p>(SALEM, Ore.) — A Nigerian man has been sentenced to seven years in federal prison for his role in the bilking of over $11 million via an identity-theft scheme from the Internal Revenue Service, the U.S. Attorney&rsquo;s office for Oregon said Tuesday.</p><p>An IRS agent has said this is one of the largest tax fraud cases in the United States in which stolen personal identification information was used to defraud the IRS, First Assistant U.S. Attorney for Oregon Scott Erik Asphaug told The Associated Press in an email. Its scope is staggering...</p>"
  },
  "date": "2017-11-15T17:47:15-06:00",
  "featured": false,
  "headline": "How Nigerian Scammers Stole $11 Million From the IRS in One of the Biggest Tax Frauds in U.S. History",
  "id": "1510768035",
  "slug":"how-nigerian-scammers-stole-11-million-from-the-irs-in-one-of-the-biggest-tax-frauds-in-u-s-history",
  "sourceName": "TIME",
  "sourceArticleUrl": "http://ti.me/2qHFVVR",
  "tags": ["IRS"]
},
{
  "content": {
    "html": "<p>November 15, 2017</p><p>The deluge of spam robocalls has reached incredible heights this year, with up to 2.6 billion occurring in the month of May alone, according to the Federal Communications Commission. And it&rsquo;s showing no signs of slowing down as calls are cheaper than ever to make on a massive scale.</p><p>On the other side of the table, a suite of companies, government agencies, and trade groups are all working to solve the horrible scam. And the good news is that these groups have a plan....</p>"
  },
  "date": "2017-11-15T17:42:46-06:00",
  "featured": false,
  "headline": "The Phone Industry Has a Clever Plan to Stop Spam Robocalls",
  "id": "1510767766",
  "slug":"the-phone-industry-has-a-clever-plan-to-stop-spam-robocalls",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "https://yhoo.it/2hBaRU8",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>November 8, 2017</p><p>In the wake of the 2015 EMV liability shift, it was widely assumed that fraud would migrate predominantly online. While this has happened — irrespective of the impact of EMV — there are other card not present channels that are often overlooked but are experiencing something of a crime wave. <br><br>Call centers are still vital to the retail transaction process. According to Google, 61% of mobile users value the option to call a business during a purchase. And call centers are becoming a prime target for fraud due to some shockingly lax controls and the ease of social engineering attacks in an environment where employees are trained to put the customer first...</p>"
  },
  "date": "2017-11-08T17:50:22-06:00",
  "featured": false,
  "headline": "Data: Calling Out Call Center Fraud",
  "id": "1510163422",
  "slug":"data-calling-out-call-center-fraud",
  "sourceName": "Payment Source",
  "sourceArticleUrl": "http://bit.ly/2hz0Fv1",
  "tags": ["Call Center Fraud", "Call Center Security"]
},
{
  "content": {
    "html": "<p>October 27, 2016</p><p>Today, an indictment was unsealed charging a total of 61 individuals and entities for their alleged involvement in a transnational criminal organization that has victimized tens of thousands of persons in the United States through fraudulent schemes that have resulted in hundreds of millions of dollars in losses. In connection with the scheme, 20 individuals were arrested today in the United States and 32 individuals and five call centers in India were charged for their alleged involvement. An additional U.S.-based defendant is currently in the custody of immigration authorities.... </p>"
  },
  "date": "2017-10-27T16:01:47-05:00",
  "featured": false,
  "headline": "Dozens of Individuals Indicted in Multimillion-Dollar Indian Call Center Scam Targeting U.S. Victims",
  "id": "1509120107",
  "slug":"dozens-of-individuals-indicted-in-multimillion-dollar-indian-call-center-scam-targeting-u-s-victims",
  "sourceName": "Department of Justice",
  "sourceArticleUrl": "http://bit.ly/2eSqjG1",
  "tags": ["Call Center Fraud", "Department of Justice", "FTC", "IRS"]
},
{
  "content": {
    "html": "<p>October 10, 2017</p><p>A representative with the Federal Trade Commission, home of the Do Not Call list, appeared in front of Congress to give a progress report on the fight against horrible spam robocallers — a modern-day battle of good and evil.</p><p>Lois Greisman, associate director of the FTC&rsquo;s Division of Marketing Practices, told a Senate Special Committee that the problem is intensifying, noting that “consumers are justifiably frustrated.”</p><p>“In 2016 the FTC received more than 3.4 million robocall complaints,” she said. “In 2017 the<br>FTC received more than 3.5 million robocall complaints just between January and August.”...</p>"
  },
  "date": "2017-10-10T17:53:23-05:00",
  "featured": false,
  "headline": "Robocalls Are Getting Worse, FTC Tells Senate",
  "id": "1507658003",
  "slug":"robocalls-are-getting-worse-ftc-tells-senate",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "https://yhoo.it/2yCqIbN",
  "tags": ["Do Not Call", "FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>October 5, 2017</p><p>WILKES-BARRE — Pennsylvania Attorney General Josh Shapiro and U.S. Sen. Bob Casey took action Wednesday to protect seniors and consumers from robocalls disguised to hide or mask where they originate from to entice someone to answer.</p><p>Shapiro and Casey sent a letter to the Federal Communications Commission, asking the FCC to implement — without further delay — a rule to let telephone providers block the offending robocalls...</p>"
  },
  "date": "2017-10-05T17:56:23-05:00",
  "featured": false,
  "headline": "Shapiro, Casey Call On FCC To Allow Blocking Of Robocalls",
  "id": "1507226183",
  "slug":"shapiro-casey-call-on-fcc-to-allow-blocking-of-robocalls",
  "sourceName": "Times Leader",
  "sourceArticleUrl": "http://bit.ly/2g93JNO",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>September 20, 2017</p><p>OK, this had to happen. It&rsquo;s not a surprise. It&rsquo;s just a fact of life. We live in a world of scammers, and when there is a crisis, for them, here&rsquo;s <em>opportunity</em>.</p><p>There are scams and frauds to take advantage of any crisis, its victims, and people trying to do the right thing. The Equifax hack is no exception. And the scams have already started...</p>"
  },
  "date": "2017-09-20T18:02:03-05:00",
  "featured": false,
  "headline": "Beware – the Equifax Scams Are Coming",
  "id": "1505930523",
  "slug":"beware-the-equifax-scams-are-coming",
  "sourceName": "Market Express",
  "sourceArticleUrl": "http://bit.ly/2wOWOR1",
  "tags": ["Consumer Fraud", "Crisis Exploitation", "Data Breach", "Equifax", "Phone Scam"]
},
{
  "content": {
    "html": "<p>September 19, 2017</p><p>Yesterday the Consumer Advisory Committee of the Federal Communications Commission (FCC) met to discuss, among other things, “Unwanted Call Blocking.”</p><p>First, a little background</p><p>In March of this year the Robocalls Working Group developed a set of recommendations that were made available in a Notice of Proposed Rulemaking (NPRM) and Notice of Inquiry (NOI). The goal of the rulemaking activity was to facilitate voice service providers&rsquo; blocking of illegal robocalls...</p>"
  },
  "date": "2017-09-19T17:59:26-05:00",
  "featured": false,
  "headline": "FCC Committee Meets About Unwanted “Robo” Calls; Makes More Recommendations",
  "id": "1505843966",
  "slug":"fcc-committee-meets-about-unwanted-robo-calls-makes-more-recommendations",
  "sourceName": "Inside ARM",
  "sourceArticleUrl": "http://bit.ly/2wRZfxn",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>September 16, 2017</p><p>As if an Equifax data breach affecting more than 140 million customers wasn&rsquo;t unsettling enough, consumers must be doubly vigilant following news of the massive mishap, experts warn. Even if you were wise enough to put an immediate fraud alert or credit freeze on your credit files, con artists are likely to go into hyperdrive finding new ways to take advantage of the hack and the publicity surrounding it.</p><p>“Don&rsquo;t panic. But be vigilant,” said Susan Grant, director of consumer protection and privacy at the Consumer Federation of America. “With this breach, criminals have everything they need to victimize you.”...</p>"
  },
  "date": "2017-09-16T18:04:34-05:00",
  "featured": false,
  "headline": "Equifax Data Breach And Credit Freeze: Beware These 3 Scams",
  "id": "1505585074",
  "slug":"equifax-data-breach-and-credit-freeze-beware-these-3-scams",
  "sourceName": "CBS News",
  "sourceArticleUrl": "http://cbsn.ws/2hal7lu",
  "tags": ["Consumer Fraud", "Data Breach", "Equifax", "Phone Scam"]
},
{
  "content": {
    "html": "<p>September 6, 2017</p><p>WASHINGTON — A U.S. intelligence community collaborative warned first responders in late July about escalating efforts to target them and their missions by cyberterrorists.</p><p>The Joint Counterterrorism Assessment Team (JCAT), an alliance between the FBI, DHS and the National Counterterrorism Center, told first responders, “We assess with moderate confidence that cyber actors, including those who support violent extremism, are likely to continue targeting first responders on the World Wide Web including by distributing personally identifiable information (PII) for the purpose of soliciting attacks from willing sympathizers in the homeland, hacking government websites, or attacking 911 phone systems to hinder first responders&rsquo; ability to respond to crises...”</p>"
  },
  "date": "2017-09-06T18:07:40-05:00",
  "featured": false,
  "headline": "Cyberterrorists Targeting First Responders",
  "id": "1504721260",
  "slug":"cyberterrorists-targeting-first-responders",
  "sourceName": "WTOP",
  "sourceArticleUrl": "http://bit.ly/2fiVQBG",
  "tags": ["Cybersecurity", "Emergency Services & 911 Systems", "FBI", "Homeland Security", "TDoS"]
},
{
  "content": {
    "html": "<p>September 4, 2017</p><p>Fraud is the latest threat facing victims of Hurricane Harvey, as well as the volunteers who are helping the relief effort. NPR&rsquo;s Ari Shapiro talks with Corey Amundson, a U.S. Attorney who heads the National Center for Disaster Fraud...</p>"
  },
  "date": "2017-09-04T14:56:04-05:00",
  "featured": false,
  "headline": "Fraud Among The Threats For Victims Of Hurricane Harvey",
  "id": "1504536964",
  "slug":"fraud-among-the-threats-for-victims-of-hurricane-harvey",
  "sourceName": "NPR",
  "sourceArticleUrl": "http://n.pr/2eyTMEX",
  "tags": ["Consumer Fraud", "Crisis Exploitation", "FEMA", "Insurance Fraud"]
},
{
  "content": {
    "html": "<p>September 1, 2017</p><p>Amid the many feel-good stories about strangers helping strangers in the wake of Hurricane Harvey, a feel-bad story has almost inevitably surfaced: Scammers are using robo-calls to try to fleece storm survivors.</p><p>The robo-calls tell people that their premiums are past due and that they must send money immediately or else have their flood insurance canceled.</p><p>“That is pure fraud. You should only be taking information from trusted sources,” said Roy E. Wright, director of the National Flood Insurance Program at the Federal Emergency Management Agency...</p>"
  },
  "date": "2017-09-01T15:00:09-05:00",
  "featured": false,
  "headline": "Scammers Using Robo-Calls About Insurance to Fleece Hurricane Harvey Survivors",
  "id": "1504278009",
  "slug":"scammers-using-robo-calls-about-insurance-to-fleece-hurricane-harvey-survivors",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "http://wapo.st/2h1VPpG",
  "tags": ["Consumer Fraud", "Crisis Exploitation", "FEMA", "Insurance Fraud"]
},
{
  "content": {
    "html": "<p>August 22, 2017</p><p>Anandkumar Nayee moved from India to Miami during the two years and four months he and his cohorts spent scaring money out of people using an IRS phone-call scam.</p><p>Nayee, 27, will stay in Miami for another three years and four months, the length of his federal prison sentence after he pleaded guilty to one count of conspiracy to commit wire fraud and one count of aggravated identity theft...</p>"
  },
  "date": "2017-08-22T15:07:50-05:00",
  "featured": false,
  "headline": "Architect Of A Scary IRS Phone Scam Has Made His Last Call For Now",
  "id": "1503414470",
  "slug":"architect-of-a-scary-irs-phone-scam-has-made-his-last-call-for-now",
  "sourceName": "Miami Herald",
  "sourceArticleUrl": "http://hrld.us/2iC2as5",
  "tags": ["Consumer Fraud", "IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>August 3, 2017</p><p>The FCC has proposed today a fine of more than $82 million against a North Carolina man and his insurance company that, it says, made more than 21 million illegal robocalls nationwide in an effort to sell health insurance.</p><p>The U.S. Federal Communications Commission is accusing Philip Roesel of Wilmington, North Carolina, and his Best Insurance Contracts, doing business as Wilmington Insurance Quotes, of displaying inaccurate caller ID information when making robocalls in an effort to sell health insurance...</p>"
  },
  "date": "2017-08-03T15:43:50-05:00",
  "featured": false,
  "headline": "FCC Proposes $82M Fine For Health Insurance Telemarketer Over Illegal Robocalls",
  "id": "1501775030",
  "slug":"fcc-proposes-82m-fine-for-health-insurance-telemarketer-over-illegal-robocalls",
  "sourceName": "ABC News",
  "sourceArticleUrl": "http://abcn.ws/2v1EQIE",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>August 1, 2017</p><p>Your phone rings. You don&rsquo;t recognize the number, but you answer anyway. “Hello, hello?” Then a prerecorded voice comes on the line: “Congratulations! You&rsquo;ve been selected to receive at absolutely no cost to you free installation of aluminum siding for your home, along with a set of solar panels …”</p><p>By this point, if you have any common sense, you&rsquo;ve already hung up. But you wonder: How could this happen since you&rsquo;ve already signed up for the “do not call” list? And why are these scammers allowed to annoy me?...</p>"
  },
  "date": "2017-08-01T15:50:59-05:00",
  "featured": false,
  "headline": "The FCC’s Fight Against Phone-y Calls",
  "id": "1501602659",
  "slug":"the-fccs-fight-against-phone-y-calls",
  "sourceName": "CBS News",
  "sourceArticleUrl": "http://cbsn.ws/2wh3nHp",
  "tags": ["FCC", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>August 1, 2017</p><p>Telecommunications companies and other businesses that provide call-blocking apps and services will get daily updates of robocall phone numbers, the Federal Trade Commission announced Tuesday.</p><p>Most call-blocking services rely on databases of phone numbers that have generated numerous consumer complaints as a way to determine which numbers to block...</p>"
  },
  "date": "2017-08-01T15:47:11-05:00",
  "featured": false,
  "headline": "FTC Cracking Down On Robocalls",
  "id": "1501602431",
  "slug":"ftc-cracking-down-on-robocalls",
  "sourceName": "TRIB Live",
  "sourceArticleUrl": "http://bit.ly/2ho1W7x",
  "tags": ["FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 25, 2017</p><p>The Federal Communications Commission (FCC) marked another step in its effort to curtail illegal robocalls. During its recent Open Meeting, the FCC approved Notices of Inquiry (NOIs) into Call Authentication methods and into Advanced Methods to Target Unlawful Robocalls that, respectively, seek input on efforts to institute a caller ID-based “Trust Anchor,” and to develop a re-assigned numbers database.</p><p>Opening comments to the NOIs are due on August, 14, 2017 and August 28, 2017, respectively, with each having a 30-day deadline for replies. In addition to issuing the NOIs, the FCC also approved a forfeiture order against Dialing Services, LLC, marking the first time that the FCC has imposed liability against a telemarketing platform rather than a calling entity...</p>"
  },
  "date": "2017-07-25T15:54:47-05:00",
  "featured": false,
  "headline": "FCC Proposes New Systems to Reduce Illegal Robocalls and Announces Fine Against Autodialing Platform",
  "id": "1500998087",
  "slug":"fcc-proposes-new-systems-to-reduce-illegal-robocalls-and-announces-fine-against-autodialing-platform",
  "sourceName": "JD Supra",
  "sourceArticleUrl": "http://bit.ly/2uZGg6I",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 20, 2017</p><p>The U.S. Department of Justice on Thursday announced two more guilty pleas from men copping to the money laundering end of a massive fraud involving Indian call centers impersonating tax and other officials to extract hundreds of millions of dollars from victims nationwide, bringing the number of guilty pleas to 13. </p><p><br>Texas resident Nilesh Pandya, 54, and Illinois-based Indian national Montu Barot, 30, each pled to a single count of conspiracy to commit fraud and money laundering, according to the announcement from the U.S. Attorney&rsquo;s Office for the Southern District of Texas. The men, among dozens indicted last year, each face up to five years in prison along with restitution to the victims...</p>"
  },
  "date": "2017-07-20T15:57:10-05:00",
  "featured": false,
  "headline": "2 More Plead Guilty In Massive Indian Call Center Fraud",
  "id": "1500566230",
  "slug":"2-more-plead-guilty-in-massive-indian-call-center-fraud",
  "sourceName": "Law360",
  "sourceArticleUrl": "http://bit.ly/2uRdYeN",
  "tags": ["Call Center Fraud", "Department of Justice", "Impostor Scam", "IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>July 15, 2017</p><p>Americans are plagued with the second-highest amount of spam phone calls each month, ranking just behind India, according to a new study.</p><p>Truecaller, a popular caller identification and anti-spam application, found legitimate organizations and scammers alike operating around the world are hitting millions of cellphone users with spam phone calls. Brazil, the United States and India topped the list, all with individuals receiving on averages 20 spam calls per month.</p>"
  },
  "date": "2017-07-15T16:00:22-05:00",
  "featured": false,
  "headline": "Spam Calls: US Experiences Second Most Spam Calls In The World",
  "id": "1500134422",
  "slug":"spam-calls-us-experiences-second-most-spam-calls-in-the-world",
  "sourceName": "IBT",
  "sourceArticleUrl": "http://bit.ly/2eI9X6d",
  "tags": ["Phone Scam", "Robocalls", "Voice Spam"]
},
{
  "content": {
    "html": "<p>July 14, 2017</p><p>The Federal Communications Commission is trying to rally industry to its side to prevent robocalls, especially those seeming to come from a local number.</p><p>Robocalls and unwanted telemarketing calls are the biggest consumer gripe hurled at the FCC, which gets about 200,000 complaints annually about them. Nearly 15 billion robocalls were made in the U.S. during the first half of 2017, according to YouMail, which provides anti-robocall services...</p>"
  },
  "date": "2017-07-14T16:09:07-05:00",
  "featured": false,
  "headline": "Can The FCC Really Put The Kibosh on Robocalls?",
  "id": "1500048547",
  "slug":"can-the-fcc-really-put-the-kibosh-on-robocalls",
  "sourceName": "USA Today",
  "sourceArticleUrl": "https://usat.ly/2uj2CQJ",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 13, 2017</p><p>The Federal Communications Commission (FCC) stepped up its efforts to crack down on robocalls Thursday, opening up an inquiry into how to combat illegal and fraudulent callers.</p><p>The FCC voted to explore the issue of caller ID spoofing which allows robocall operators to mask their identity and even make their numbers appear benign...</p>"
  },
  "date": "2017-07-13T16:12:11-05:00",
  "featured": false,
  "headline": "FCC Launches New Effort To Crack Down On Robocalls",
  "id": "1499962331",
  "slug":"fcc-launches-new-effort-to-crack-down-on-robocalls",
  "sourceName": "The Hill",
  "sourceArticleUrl": "http://bit.ly/2uqzWpD",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>July 10, 2017</p><p>The Federal Communications Commission has proposed a historic $120 million fine against an individual, Mr. Adrian Abramovich, who reportedly made more than 100 million unlawful “spoofed” robocalls in violation of the Truth in Caller ID Act. On June 22, 2017, the Commission approved a Notice of Apparent Liability for Forfeiture finding Mr. Abramovich apparently liable for violations of the Act and Commission rules. On the same day, the Enforcement Bureau issued a Citation and Order notifying Mr. Abramovich that he violated the Telephone Consumer Protection Act (TCPA) by making prerecorded telemarketing calls to emergency phone lines, wireless phones, and residential phones without consent...</p>"
  },
  "date": "2017-07-10T16:15:15-05:00",
  "featured": false,
  "headline": "FCC Proposes Historic $120 Million Fine for Illegally “Spoofed” Robocalls",
  "id": "1499703315",
  "slug":"fcc-proposes-historic-120-million-fine-for-illegally-spoofed-robocalls",
  "sourceName": "Lexology",
  "sourceArticleUrl": "http://bit.ly/2tKCv2C",
  "tags": ["Caller-ID Spoofing", "Do Not Call", "FCC", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>July 3, 2017</p><p>The FTC is supporting the efforts of the FCC to expand the definition of what constitutes and illegal call and make life more difficult for telemarketers and robocall operators.</p><p>In comments sent to the FCC this week, the FTC said that a proposed rule that would allow the establishment of a broad Do Not Originate list of numbers that should never be allowed to make calls would help protect consumers from the barrage of robocalls they receive right now. The proposed FCC rule also would carriers to block calls at the network level when a subscriber who owns the a given number asks for that action. Right now, carriers are required to complete all calls on their networks...</p>"
  },
  "date": "2017-07-03T19:30:33-05:00",
  "featured": false,
  "headline": "FTC Throws Support Behind FCC’s Proposed Anti-Robocall Rule",
  "id": "1499110233",
  "slug":"ftc-throws-support-behind-fccs-proposed-anti-robocall-rule",
  "sourceName": "On The Wire",
  "sourceArticleUrl": "http://bit.ly/2sqk7ub",
  "tags": ["Do Not Call", "FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 29, 2017</p><p>If there&rsquo;s anything good about ringless voicemails, it&rsquo;s the fact that they bring people together. These voicemails that simply appear on your phone seem to invite universal hatred.</p><p>Indeed, the FCC has gotten almost 2,800 complaints about ringless voicemails in June alone. Among the complaints: lost business due to spam clogging the mailbox, added data costs from checking messages, mailboxes flooded to capacity unable to receive messages from family.</p><p>“My phone — bought and paid for by me — exists for my convenience, and not to provide a portal into my life for unsolicited contacts of any nature,” said one Georgian to the FCC...</p>"
  },
  "date": "2017-06-29T19:33:29-05:00",
  "featured": false,
  "headline": "How Ringless Spam Voicemails Became a Partisan Issue",
  "id": "1498764809",
  "slug":"how-ringless-spam-voicemails-became-a-partisan-issue",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "https://yhoo.it/2uL5ORO",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 27, 2017</p><p>On June 22, 2017, the Federal Communications Commission (FCC or Commission) issued a first-of-its-kind Notice of Apparent Liability (NAL) alleging that Adrian Abramovich, through numerous companies that he owned or operated, violated the Truth in Caller ID Act by placing more than 95 million robocalls to consumers while “knowingly causing the display of inaccurate caller ID information.” The NAL proposes fines totaling $120 million, and seeks to hold Mr. Abramovich personally liable for the full amount. Separately, the Commission released a citation against Mr. Abramovich on the same day for alleged violations of the Telephone Consumer Protection Act and the federal wire fraud statute...</p>"
  },
  "date": "2017-06-27T19:36:08-05:00",
  "featured": false,
  "headline": "June 2017 FCC Meeting Recap: FCC Proposes $120 Million Fine for Alleged “Spoofed Robocall Campaign”",
  "id": "1498592168",
  "slug":"june-2017-fcc-meeting-recap-fcc-proposes-120-million-fine-for-alleged-spoofed-robocall-campaign",
  "sourceName": "JD Supra",
  "sourceArticleUrl": "http://bit.ly/2sH323s",
  "tags": ["FCC", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>June 26, 2017</p><p>WASHINGTON – The Internal Revenue Service today issued a warning that tax-related scams continue across the nation even though the tax filing season has ended for most taxpayers. People should remain on alert to new and emerging schemes involving the tax system that continue to claim victims.</p><p>“We continue to urge people to watch out for new and evolving schemes this summer,” said IRS Commissioner John Koskinen. “Many of these are variations of a theme, involving fictitious tax bills and demands to pay by purchasing and transferring information involving a gift card or iTunes card. Taxpayers can avoid these and other tricky financial scams by taking a few minutes to review the tell-tale signs of these schemes”...</p>"
  },
  "date": "2017-06-26T19:38:09-05:00",
  "featured": false,
  "headline": "IRS Cautions Taxpayers to Watch for Summertime Scams",
  "id": "1498505889",
  "slug":"irs-cautions-taxpayers-to-watch-for-summertime-scams",
  "sourceName": "IRS",
  "sourceArticleUrl": "http://bit.ly/2tdJi6T",
  "tags": ["IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>June 25, 2017</p><p>The phone rings, pauses, and then a recording on the line says: “Hello! This is Rachel at cardholder services,” or “This is an important notice about your automobile.”</p><p>If you&rsquo;re like many Americans, you have probably received a robocall just like these, which have become a scourge for consumers despite increasing efforts to stop them. In May, there were 2.6 billion robocalls, or automatically dialed calls, in the U.S. That amounts to over eight calls a person, according to YouMail, an app designed to stop the pesky calls...</p>"
  },
  "date": "2017-06-25T20:00:50-05:00",
  "featured": false,
  "headline": "Robocalling Soars Despite ‘Do Not Call’ Registry, As Scammers ‘Couldn’t Care Less’ About Bothering Consumers",
  "id": "1498420850",
  "slug":"robocalling-soars-despite-do-not-call-registry-as-scammers-couldnt-care-less-about-bothering-consumers",
  "sourceName": "CNBC",
  "sourceArticleUrl": "http://cnb.cx/2tNxohB",
  "tags": ["Do Not Call", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 25, 2017</p><p>Sen. Chuck Schumer on Sunday urged the government to hang up on telemarketers who want to bypass the national “Do Not Call” list by sending pitches directly to a person&rsquo;s cell phone voicemail, pleading not to “throw gas on a robocall wildfire.”</p><p>“Just when you thought it couldn&rsquo;t get any worse with these robocalls, the telemarketing industry had gone behind the scenes to deliver us the last stra,” Schumer (D-NY) said as he announced that he sent a letter to the Federal Communications Commission not to allow an exemption to the elephone Consumer Protection Ac and preserve consumers&rsquo; rights...</p>"
  },
  "date": "2017-06-25T19:49:43-05:00",
  "featured": false,
  "headline": "Chuck Schumer Is Fighting Back Against Robocalls",
  "id": "1498420183",
  "slug":"chuck-schumer-is-fighting-back-against-robocalls",
  "sourceName": "New York Post",
  "sourceArticleUrl": "http://nyp.st/2taG8ko",
  "tags": ["Do Not Call", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<hr /><p>June 25, 2017</p><p>Tech support and IRS scams have become as common as random emails proclaiming that you&rsquo;ve won the lottery, or emails from prince in some foreign land who wants to share their wealth.</p><p>The IRS scams start with a voice mail threatening a lawsuit or arrest, and the tech support scams will sometimes appear at random online via pop-up ad. One potential victim in both situations used a bit of code to take matters in their own hands...</p>"
  },
  "date": "2017-06-25T19:43:37-05:00",
  "featured": false,
  "headline": "Developer Uses Code To Get Revenge On Tech Support And IRS Scammers",
  "id": "1498419817",
  "slug":"developer-uses-code-to-get-revenge-on-tech-support-and-irs-scammers",
  "sourceName": "CSO",
  "sourceArticleUrl": "http://bit.ly/2s8Jd4X",
  "tags": ["Consumer Fraud", "IRS", "TDoS"]
},
{
  "content": {
    "html": "<p>June 22, 2017</p><p>Federal regulators on Thursday said they&rsquo;ve identified “the perpetrator of one of the largest ... illegal robocalling campaigns” they have ever investigated.</p><p>The Federal Communications Commission has proposed a $120 million fine for a Miami resident said to be single-handedly responsible for almost 97 million robocalls over just the last three months of 2016...</p>"
  },
  "date": "2017-06-22T20:05:33-05:00",
  "featured": false,
  "headline": "Man Accused Of Making Millions Of Robocalls Faces Biggest-Ever FCC Fine",
  "id": "1498161933",
  "slug":"man-accused-of-making-millions-of-robocalls-faces-biggest-ever-fcc-fine",
  "sourceName": "NPR",
  "sourceArticleUrl": "http://n.pr/2s0pSxQ",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 19, 2017</p><p>Robots and computers aren&rsquo;t just taking people&rsquo;s jobs, they&rsquo;re also calling everybody and leaving messages about sweet business loan opportunities that you have been chosen for. Recently, these annoying spam calls have been on the rise, leaving people increasingly frustrated.</p><p>It&rsquo;s hard to measure robocall volume directly. Ajit Pai, the new chairman of the Federal Communications Commission, put the figure at 2.4 billion calls each month. If there isn&rsquo;t great data about the number of unwanted calls which feature a recorded message instead of a live person, a good proxy is the number of consumer complaints...</p>"
  },
  "date": "2017-06-19T20:17:10-05:00",
  "featured": false,
  "headline": "Why Spam Robocalls Are Increasing And What’s Being Done About It",
  "id": "1497903430",
  "slug":"why-spam-robocalls-are-increasing-and-whats-being-done-about-it",
  "sourceName": "Yahoo Finance",
  "sourceArticleUrl": "https://yhoo.it/2rVYJvZ",
  "tags": ["FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 16, 2017</p><p>VoIP users have access to the caller ID field, and it can be set to whatever they want. This is a key advantage to those perpetrating fraud since they don&rsquo;t need many technical skills to make this work. Fraud perpetrators have developed software to reset PINs and access accounts and IVR systems. This is called call center fraud.</p><p>Call center fraud has increased 113% from 2015 to 2016, according to the “Pindrop 2017 Call Centre Fraud Report.” This report prompted me to contact Pindrop&rsquo;s David Dewey, Director of Research, who replied to a series of questions...</p>"
  },
  "date": "2017-06-16T20:32:02-05:00",
  "featured": false,
  "headline": "The Ins and Outs of Call Center Fraud",
  "id": "1497645122",
  "slug":"the-ins-and-outs-of-call-center-fraud",
  "sourceName": "No Jitter",
  "sourceArticleUrl": "http://ubm.io/2rDtBBS",
  "tags": ["Call Center Fraud", "Call Center Security", "Voice Security", "VoIP Security"]
},
{
  "content": {
    "html": "<p>June 13, 2017</p><p>As vital as 911 systems are to a city and its citizens, aging systems and vulnerabilities to attack are seemingly putting 911 call centers on shaky ground.</p><p>Most recently, Portland, Ore., was called out by investigators in a report that found that its Bureau of Emergency Communications was misreporting hold times for callers and excluding the longest waits from its statistics. While the national standard is to have 90 percent of calls answered within 10 seconds, the report found that just 30 percent of calls were being answered within that time limit...</p>"
  },
  "date": "2017-06-13T20:40:29-05:00",
  "featured": false,
  "headline": "States Seek a 21st-Century Upgrade to 911 Infrastructures",
  "id": "1497386429",
  "slug":"states-seek-a-21st-century-upgrade-to-911-infrastructures",
  "sourceName": "State Tech",
  "sourceArticleUrl": "http://bit.ly/2ttZIWh",
  "tags": ["Critical Infrastructure", "Emergency Services & 911 Systems", "TDoS"]
},
{
  "content": {
    "html": "<p>June 12, 2017</p><p>The Department of Homeland Security (DHS) Science and Technology Directorate&rsquo;s (S&amp;T) Small Business Innovation Research (SBIR) program has awarded $1.3 million to 12 small businesses for 13 Phase I contract awards to develop technology solutions to Homeland Security challenges. </p><p>“These awards are the result of our SBIR solicitation, released in December 2016, seeking solutions in five topic areas identified by S&amp;T program managers to address the research and development needs of DHS components and the greater homeland security enterprise,” said DHS SBIR Program Director John Pucci...</p>"
  },
  "date": "2017-06-12T20:43:15-05:00",
  "featured": false,
  "headline": "DHS S&T $1.3M Small Business Innovation Research Awards",
  "id": "1497300195",
  "slug":"dhs-st-1-3m-small-business-innovation-research-awards",
  "sourceName": "American Security Today",
  "sourceArticleUrl": "http://bit.ly/2rWp4Ki",
  "tags": ["Homeland Security", "Research", "SecureLogix"]
},
{
  "content": {
    "html": "<p>June 5, 2017</p><p>Dish Network has been ordered to pay $280 million in penalties as part of an 8-year-old “robocall” telemarketing lawsuit.</p><p>US District Judge Sue Myerscough for the Central Illinois District ordered the satellite television provider to pay $168 million to the US government and $112 million to four states for violating laws regarding the national Do Not Call registry. The number of calls amounted to “millions and millions,” Myerscough wrote in her 475-page ruling...</p>"
  },
  "date": "2017-06-05T20:53:58-05:00",
  "featured": false,
  "headline": "Dish Network Ordered to Pay $280M in ‘Robocall’ Lawsuit",
  "id": "1496696038",
  "slug":"dish-network-ordered-to-pay-280m-in-robocall-lawsuit",
  "sourceName": "CNET",
  "sourceArticleUrl": "http://cnet.co/2suD4PB",
  "tags": ["Do Not Call", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 5, 2017</p><p>Marketing companies want to leave voicemails on your cellphone—and now one telemarketer is trying to create a loophole to bypass regulations on robocalls by arguing that the messages don&rsquo;t count as a call if they don&rsquo;t make your phone ring.</p><p>“The delivery of a voice message directly to a voicemail box does not constitute a call that is subject to the prohibitions on the use of an automatic telephone dialing system or an artificial or prerecorded voice,” telemarketing firm All About the Message wrote in a letter to the Federal Communication Commission (FCC) in late March...</p>"
  },
  "date": "2017-06-05T20:51:31-05:00",
  "featured": false,
  "headline": "Can Annoying Robocall Voicemails Be Stopped? Attorney General, Angry Phone Owners Argue Against New Marketing Tactic",
  "id": "1496695891",
  "slug":"can-annoying-robocall-voicemails-be-stopped-attorney-general-angry-phone-owners-argue-against-new-marketing-tactic",
  "sourceName": "Newsweek",
  "sourceArticleUrl": "http://bit.ly/2rbcaZg",
  "tags": ["AI", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>June 5, 2017</p><p>The head of a group of California companies that helped telemarketers place billions of unlawful robocalls must pay $2.7 million to the Federal Trade Commission under a federal court judgment announced by the FTC June 2 (<em>FTC v. Jones</em>, C.D. Cal., No. 17-00058, default judgment against individual 5/31/17 ).</p><p>The court also entered judgment prohibiting the companies from engaging in prohibited telemarketing practices ( <em>FTC v. Jones</em>, C.C.D. Cal., No. 17-00058, default judgment against companies 5/31/17 )...</p>"
  },
  "date": "2017-06-05T20:45:51-05:00",
  "featured": false,
  "headline": "FTC Gets $2.7M Judgment Over Billions of Unlawful Robocalls",
  "id": "1496695551",
  "slug":"ftc-gets-2-7m-judgment-over-billions-of-unlawful-robocalls",
  "sourceName": "Bloomberg",
  "sourceArticleUrl": "http://bit.ly/2rnLyn3",
  "tags": ["FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>May 30, 2017</p><p>Federal regulators are working on various methods to block robocalls, both to landlines and to mobile phones, with varying degrees of success. As those technologies make their way into the marketplace, some companies now are looking for clearance from the FCC to deliver their messages directly to customers&rsquo; voicemails without ringing their phones.</p><p>The commission is considering a petition from a company called All About the Message to “declare that the delivery of a voice message directly to a voicemail box does not constitute a call that is subject to the prohibitions on the use of an automatic telephone dialing system (&lsquo;ATDS&rsquo;) or an artificial or prerecorded voice”. If the FCC approves the petition, it would mean that companies such as AATM would have the legal ability to push commercial or political messages to phone subscribers...</p>"
  },
  "date": "2017-05-30T20:56:56-05:00",
  "featured": false,
  "headline": "Ringless Voicemails May Become the New Robocalls",
  "id": "1496177816",
  "slug":"ringless-voicemails-may-become-the-new-robocalls",
  "sourceName": "On The Wire",
  "sourceArticleUrl": "http://bit.ly/2sa13DA",
  "tags": ["AI", "FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>May 25, 2017</p><p>Dinner is set, but the phone rings, and when you pick up it isn&rsquo;t a friend, or someone you know, sometimes it&rsquo;s not even a person. It&rsquo;s a robo-call.</p><p>Robo-calls for years have managed to catch people at the most inopportune moments, and the shift from landlines to mobile phones hasn&rsquo;t seemed to prevent all those fake tax collectors and mortgage vendors from calling. While the law is supposed to prevent unwanted robocallers from reaching your cellphone without your consent, Republicans are supporting what consumer groups describe as a workaround...</p>"
  },
  "date": "2017-05-25T20:59:58-05:00",
  "featured": false,
  "headline": "GOP Backs Petition to Let Ringless Robo-Call Voicemails be Sent to Your Phones",
  "id": "1495745998",
  "slug":"gop-backs-petition-to-let-ringless-robo-call-voicemails-be-sent-to-your-phones",
  "sourceName": "Chicago Tribune",
  "sourceArticleUrl": "http://trib.in/2sarQgt",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>May 23, 2017</p><p>THANE: A key aide of Sagar Thakkar, the alleged kingpin of the IRS scam -- which duped thousands of Americans of over USD 300 million by reaching them via call centres posing as US officials to extort money -- has been arrested from Delhi, Thane Police said today. <br><br>Ashish Choudhary, who worked closely with Thakkar and was on the run since the scam was busted in October last year, has been arrested from Delhi on Sunday, said a senior police inspector from Thane Crime Branch... </p>"
  },
  "date": "2017-05-23T22:15:43-05:00",
  "featured": false,
  "headline": "Mastermind Sagar Thakkar’s Aide Arrested in Delhi in IRS Call Center Scam",
  "id": "1495577743",
  "slug":"mastermind-sagar-thakkars-aide-arrested-in-delhi-in-irs-call-center-scam",
  "sourceName": "Economic Times",
  "sourceArticleUrl": "http://bit.ly/2rk3zX6",
  "tags": ["IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>May 22, 2017</p><p>While the FCC and major telecommunications companies figure out how to stop illegal robocalls, companies that actually track robocalls say the calls are on the rise.</p><p>Based on the latest numbers, there are either more rogue players in operation or the same robocallers are making more calls.</p><p>According to researchers at YouMail, a cloud-based voice call managing service, robocalls are on the rise again- reaching 2.5 billion nationwide in April, after an apparent six month decline from last August...</p>"
  },
  "date": "2017-05-22T22:18:19-05:00",
  "featured": false,
  "headline": "Robocalls On The Rise",
  "id": "1495491499",
  "slug":"robocalls-on-the-rise",
  "sourceName": "KOMO News",
  "sourceArticleUrl": "http://bit.ly/2rKvcGt",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>May 19, 2017</p><p>Under new Chairman Ajit Pai&rsquo;s leadership, the Federal Communications Commission (the “Commission”) is taking its first steps toward reforming its rules interpreting the Telephone Consumer Protection Act (“TCPA”).</p><p>On Wednesday, May 17, the Commission published a Notice of Proposed Rulemaking (“NPRM”) for a proposed rule that would allow all voice service providers – including wireless providers and VoIP providers – to block illegal robocalls before they reach consumers. Comments on the NPRM are due by July 3, 2017, and Reply Comments are due by July 31, 2017...</p>"
  },
  "date": "2017-05-19T22:24:37-05:00",
  "featured": false,
  "headline": "TCPA Update: FCC Seeks Guidance on Proposed Robocall-Blocking Rule",
  "id": "1495232677",
  "slug":"tcpa-update-fcc-seeks-guidance-on-proposed-robocall-blocking-rule",
  "sourceName": "National Law Review",
  "sourceArticleUrl": "http://bit.ly/2rMSV9c",
  "tags": ["FCC", "Robocalls", "Telephone Consumer Protection Act (TCPA)"]
},
{
  "content": {
    "html": "<p>May 11, 2017</p><p>An unfamiliar number appears on your cellphone. It&rsquo;s from your area code, so you answer it, thinking it might be important.</p><p>There is an unnatural pause after you say hello, and what follows is a recording telling you how you can reduce your credit card interest rates or electric bill or prescription drug costs or any of a number of other sales pitches...</p>"
  },
  "date": "2017-05-11T22:30:28-05:00",
  "featured": false,
  "headline": "Robocalls Flooding Your Cellphone? Here’s How to Stop Them",
  "id": "1494541828",
  "slug":"robocalls-flooding-your-cellphone-heres-how-to-stop-them",
  "sourceName": "New York Times",
  "sourceArticleUrl": "http://nyti.ms/2qb3DY4",
  "tags": ["Consumer Fraud", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>May 11, 2017</p><p>More than 29 billion robocalls bombarded Americans last year.</p><p>That amounts to roughly 90 robocalls for every man, woman and child, with some getting several calls each day.</p><p>In a rare interview, CBS News correspondent Anna Werner speaks with new FCC Chairman Ajit Pai and goes inside the new effort to stop these calls to your home, cell phone or office...</p>"
  },
  "date": "2017-05-11T22:26:52-05:00",
  "featured": false,
  "headline": "FCC “Strike Force” in War Against Robocalls",
  "id": "1494541612",
  "slug":"fcc-strike-force-in-war-against-robocalls",
  "sourceName": "CBS News",
  "sourceArticleUrl": "http://cbsn.ws/2q5G4AF",
  "tags": ["Caller-ID Spoofing", "Do Not Call", "FCC", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>May 10, 2017</p><p>U.S. robocalls rose for the second straight month in April to 2.5 billion calls received nationwide, equaling a pace of 965 robocalls placed every second on average across America during the month, up from 917 robocalls per second in March.</p><p>In addition, daily robocall volumes increased to 83.3 million robocalls received each day on average in April, marking a 5.2% increase over the daily average for March...</p>"
  },
  "date": "2017-05-10T22:36:31-05:00",
  "featured": false,
  "headline": "Monthly Robocalls Spike at 2.5 Billion Calls Received Across U.S. in April",
  "id": "1494455791",
  "slug":"monthly-robocalls-spike-at-2-5-billion-calls-received-across-u-s-in-april",
  "sourceName": "",
  "sourceArticleUrl": "http://bit.ly/2qJIki8",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>May 10, 2017</p><p>DALLAS — The mother of the 6-month-old baby who was dying while a babysitter was on hold trying to reach 911 is suing T-Mobile, the carrier the city of Dallas originally blamed for an issue affecting the city&rsquo;s emergency call center. </p><p>The suit was filed Monday in the 101st Dallas County district court on behalf of Bridget Alex&rsquo;s son, Brandon Alex, who died March 11. The suit asks for damages and other monetary relief... </p>"
  },
  "date": "2017-05-10T22:32:52-05:00",
  "featured": false,
  "headline": "Mom Blames Death of Infant Son on T-Mobile 911 Flaw",
  "id": "1494455572",
  "slug":"mom-blames-death-of-infant-son-on-t-mobile-911-flaw",
  "sourceName": "EMS 1",
  "sourceArticleUrl": "http://bit.ly/2pChnwJ",
  "tags": ["Ghost Calls", "Robocalls"]
},
{
  "content": {
    "html": "<p>August 28, 2017</p><p>If you&rsquo;ve been getting inundated with incoming phone calls that look a lot like your own number, you&rsquo;re not alone.</p><p>This year has seen a spike in the practice dubbed “neighbor spoofing” — scammers and telemarketers using Voice over Internet Protocol (VoIP) software to mimic your area code and three-number prefix to make it appear as if an incoming call is originating from near your own location. The idea, security experts say, is that you&rsquo;re more likely to answer an unfamiliar number if it looks close to yours — thinking it could be coming from your doctor&rsquo;s office, or your child or grandchild&rsquo;s school...</p>"
  },
  "date": "2017-04-28T15:04:50-05:00",
  "featured": false,
  "headline": "What Is Neighbor Spoofing?",
  "id": "1493391890",
  "slug":"what-is-neighbor-spoofing",
  "sourceName": "AARP",
  "sourceArticleUrl": "http://bit.ly/2wYm2Ld",
  "tags": ["Caller-ID Spoofing", "FCC", "FTC", "Phone Scam", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>April 24, 2017</p><p>Taxpayers across the country breathed a sigh of relief after the arrest of Sagar Thakkar, a 24-year-old Indian man accused of running those Internal Revenue Service (IRS) phone scams. Indian police arrested Thakkar earlier this month, claiming he was the mastermind behind the scam where callers posed as IRS agents to collect bogus tax debts. According to the local police, the lack of response from American law enforcement authorities familiar with the investigation has been deafening.</p><p>The call centers at the center of the scam investigation were headquartered in Thane, a suburb outside of Mumbai, India. In an interview with Forbes India, Thane Police Commissioner Param Bir Singh discussed Thakkar&rsquo;s role in the scam, suggesting that he was more of a “greedy youngster than a hardened criminal.” Thakkar, known as “Shaggy,” was said to be making more than 10 million rupees ($155,000) a day, or over a million dollars per week, at the scam&rsquo;s peak...</p>"
  },
  "date": "2017-04-24T13:46:59-05:00",
  "featured": false,
  "headline": "Indian Police Allege IRS, FBI, Other Law Enforcement Not Interested In Phone Scam Arrests",
  "id": "1493041619",
  "slug":"indian-police-allege-irs-fbi-other-law-enforcement-not-interested-in-phone-scam-arrests",
  "sourceName": "Forbes",
  "sourceArticleUrl": "http://bit.ly/2pCbzzL",
  "tags": ["Caller-ID Spoofing", "IRS", "Spoofing", "VoIP", "VoIP Security"]
},
{
  "content": {
    "html": "<p>April 21, 2017</p><p>Spam phone calls aren&rsquo;t just annoying — they&rsquo;re costing American consumers billions of dollars.</p><p>An estimated one in every 10 American adults lost money in a phone scam in the past 12 months, according to a report released Wednesday. On average, each scam victim lost $430, totaling about $9.5 billion overall. That was an increase of 56% from the 2015 survey, when victims on average lost $274 each. “No one is immune, and now more than ever there is a need to be vigilant,” said Tom Hsieh, the vice president of growth and partnerships at TrueCaller, a Stockholm-based company that offers services including caller ID and spam detection...</p>"
  },
  "date": "2017-04-21T13:59:27-05:00",
  "featured": false,
  "headline": "Here’s How Much Phone Scams Cost Americans Last Year…",
  "id": "1492783167",
  "slug":"heres-how-much-phone-scams-cost-americans-last-year",
  "sourceName": "Market Watch",
  "sourceArticleUrl": "http://on.mktw.net/2pCll7y",
  "tags": ["Consumer Fraud", "Phone Scam", "Voice Spam"]
},
{
  "content": {
    "html": "<p>April 20, 2017</p><p>We may be getting more technologically advanced every day, but we still haven&rsquo;t outgrown (or outsmarted) the age-old nuisance of robocalls. In fact, robocalling is more rampant than ever — and scamming Americans out of billions.</p><p>A new study by Truecaller found that in 2016 roughly 22.1 million Americans lost a total of $9.5 billion in robocall scams — far more than in 2015 — with the average loss per person at roughly $430. In 2015, 27 million people reported scams to Truecaller, and though the number of reports was higher than in 2016, the average loss was much lower, at about $274, said Tom Hsieh, VP of growth and partnerships at Truecaller...</p>"
  },
  "date": "2017-04-20T14:01:56-05:00",
  "featured": false,
  "headline": "Robocall Scams Are Costing Us Billions — And Millennials Are A Prime Target",
  "id": "1492696916",
  "slug":"robocall-scams-are-costing-us-billions-and-millennials-are-a-prime-target",
  "sourceName": "NBC News",
  "sourceArticleUrl": "http://nbcnews.to/2qpnAvf",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>April 19, 2017</p><p>The Department of Health and Human Services has issued a warning for consumers to be on alert for fraudsters pretending to be calling from a HHS&rsquo; Office of Inspector General hotline number with requests for personal information.</p><p>HHS OIG, which is ironically the federal watch dog agency whose stated mission is “to fight waste, fraud and abuse in Medicare, Medicaid and more than 100 other HHS programs” has become an unwilling party involved with the scam...</p>"
  },
  "date": "2017-04-19T14:07:24-05:00",
  "featured": false,
  "headline": "HHS Watchdog Agency Issues Phone Scam Warning",
  "id": "1492610844",
  "slug":"hhs-watchdog-agency-issues-phone-scam-warning",
  "sourceName": "Gov Info Security",
  "sourceArticleUrl": "http://bit.ly/2pU95jt",
  "tags": ["Caller-ID Spoofing", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>April 19, 2017</p><p>WASHINGTON, D.C. – The US Department of Homeland Security has issued a fraud alert after their Office of the Inspector General (OIG) hotline was reportedly compromised.</p><p>The perpetrators of the scam apparently have been representing themselves as employees with “U.S. Immigration” and can alter caller ID systems to make it appear that the call is indeed coming from the DHS OIG hotline (1-800-323-8603)...</p>"
  },
  "date": "2017-04-19T14:04:06-05:00",
  "featured": false,
  "headline": "Department of Homeland Security Says OIG Hotline Compromised in Phone Spoofing Scam",
  "id": "1492610646",
  "slug":"department-of-homeland-security-says-oig-hotline-compromised-in-phone-spoofing-scam",
  "sourceName": "CBS 4",
  "sourceArticleUrl": "http://bit.ly/2pCe31e",
  "tags": ["Caller-ID Spoofing", "Homeland Security", "Phone Scam", "Spoofing"]
},
{
  "content": {
    "html": "<p>April 18, 2017</p><p>Imagine if your call to 911, your financial institution, a hospital, or even your child&rsquo;s school doesn&rsquo;t get through. In the past few years, 911 emergency call centers, financial services companies and a host of other critical service providers and essential organizations have been victims of telephony denial of service (TDoS) attacks. These attacks are a type of denial of service (DoS) attack in which a voice service is flooded with so many malicious calls valid callers can&rsquo;t get through. DHS S&amp;T is working to make sure TDoS attacks cannot disrupt critical phone systems...</p>"
  },
  "date": "2017-04-18T14:20:23-05:00",
  "featured": false,
  "headline": "Stopping TDoS Attacks",
  "id": "1492525223",
  "slug":"stopping-tdos-attacks",
  "sourceName": "Homeland Security News",
  "sourceArticleUrl": "https://bit.ly/2o1bXu0",
  "tags": ["Homeland Security", "TDoS"]
},
{
  "content": {
    "html": "<p>April 18, 2017</p><p>Law360, New York (April 18, 2017, 4:08 PM EDT) -- Macy&rsquo;s was hit on Monday with a proposed class action that accuses the department store chain of violating the Telephone Consumer Protection Act by harassing customers with constant robocalls to collect on unpaid consumer debts.<br><br>Consumer Deborah Clark, in her suit claiming that robocalls are the No. 1 consumer complaint in America today, said that Macy&rsquo;s Credit and Customer Services Inc. has used an automatic telephone dialing system with a prerecorded voice, as stipulated by TCPA guidelines about unwanted calls, to phone her cellphone number approximately...</p>"
  },
  "date": "2017-04-18T14:18:08-05:00",
  "featured": false,
  "headline": "Macy’s Accused Of Harassing Consumers With Robocalls",
  "id": "1492525088",
  "slug":"macys-accused-of-harassing-consumers-with-robocalls",
  "sourceName": "Law360",
  "sourceArticleUrl": "http://bit.ly/2p55RFJ",
  "tags": ["Robocalls"]
},
{
  "content": {
    "html": "<p>April 18, 2017</p><p>As part of an initiative that would enable voice service providers to better protect subscribers from illegal and fraudulent robocalls, the Federal Communications Commission has released a Notice of Proposed Rulemaking (NPRM) and Notice of Inquiry (NOI).</p><p>“Despite FCC and other protections to help consumers avoid unwanted robocalls, consumers still get an unacceptably high volume of calls that can annoy or defraud,” the agency explained in a fact sheet. “One particularly pernicious category of robocalls is spoofed robocalls—i.e., robocalls where the caller ID is faked, hiding the caller&rsquo;s true identity. Fraudsters bombard consumers&rsquo; phones at all hours of the day with spoofed robocalls, which in some cases lure consumers into scams (e.g., when a caller claims to be collecting money owed to the Internal Revenue Service) or lead to identify theft...”</p>"
  },
  "date": "2017-04-18T14:16:12-05:00",
  "featured": false,
  "headline": "FCC Combats Spoofed Robocalls",
  "id": "1492524972",
  "slug":"fcc-combats-spoofed-robocalls",
  "sourceName": "Lexology",
  "sourceArticleUrl": "http://bit.ly/2qAAgvM",
  "tags": ["Caller-ID Spoofing", "FCC", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>April 17, 2017</p><p>With the April 18 tax deadline approaching, Better Business Bureau is warning people about an IRS phone scam that circulates during filing season.</p><p>BBB regularly receives reports from people who allege they received calls from scammers impersonating IRS agents...</p>"
  },
  "date": "2017-04-17T15:16:44-05:00",
  "featured": false,
  "headline": "Beware of IRS Phone Scam During Tax Season",
  "id": "1492442204",
  "slug":"beware-of-irs-phone-scam-during-tax-season",
  "sourceName": "Victoria Advocate",
  "sourceArticleUrl": "https://bit.ly/2OtwN2U",
  "tags": ["IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>April 16, 2017</p><p>Dealing with health care can be such a headache. Scammers know that, and they hope to get away with your personal information before you realize what&rsquo;s going on.</p><p>Often the fraudster will pose as a government authority to persuade you to provide personal information related to your Medicare or Medicaid account. If you do it, you are opening yourself up to identity theft. In other cases, the con artist is after your health insurance, Medicaid, or Medicare information to submit fraudulent medical charges...</p>"
  },
  "date": "2017-04-16T15:12:17-05:00",
  "featured": false,
  "headline": "Beware The Many Health-Care Scams",
  "id": "1492355537",
  "slug":"beware-the-many-health-care-scams",
  "sourceName": "Argus Observer",
  "sourceArticleUrl": "http://bit.ly/2oqLO3p",
  "tags": ["Consumer Fraud", "Healthcare and Hospitals"]
},
{
  "content": {
    "html": "<p>April 16, 2017</p><p>The Cheyenne Police Department is warning people about a phone scam that has been widely reported in the area recently.</p><p>According to a release by the department, the scam features someone claiming to be an emergency responder calling people up and saying a family member of the intended victim has been in a crash.</p><p>The caller tries to get personal information which is supposedly needed by the hospital...</p>"
  },
  "date": "2017-04-16T14:24:00-05:00",
  "featured": false,
  "headline": "Cheyenne Police Issue Phony Crash Scam Warning",
  "id": "1492352640",
  "slug":"cheyenne-police-issue-phony-crash-scam-warning",
  "sourceName": "KGAB",
  "sourceArticleUrl": "http://bit.ly/2pyR4Ub",
  "tags": ["Consumer Fraud", "Phone Scam"]
},
{
  "content": {
    "html": "<p>April 14, 2017</p><p>Scammers have many ways to get past our defenses and initial skepticism, and they love nothing more than to tell you they&rsquo;re working on behalf of the government. In recent years, we&rsquo;ve seen scammers call people claiming to be with the Internal Revenue Service, the Social Security Administration, even local court officials...</p>"
  },
  "date": "2017-04-14T15:24:15-05:00",
  "featured": false,
  "headline": "Scammer Says Uncle Sam Sent Him",
  "id": "1492183455",
  "slug":"scammer-says-uncle-sam-sent-him",
  "sourceName": "Argus Leader",
  "sourceArticleUrl": "http://argusne.ws/2pvfoJE",
  "tags": ["Consumer Fraud", "FTC", "Phone Scam"]
},
{
  "content": {
    "html": "<p>April 13, 2017</p><p>WATERFORD, CT - Police said they received reports Thursday morning of a town resident being contacted over the phone by an alleged member of the Waterford Police Union. The caller was asking the resident for donations, police said.</p><p>The Waterford Police Union is not calling residents and asking for money, according to a release. Police said they advise residents to “just hang up” if they are contacted, as this is a scam...</p><p>Read the Full Story at Patch.com</p>"
  },
  "date": "2017-04-13T15:27:11-05:00",
  "featured": false,
  "headline": "Residents Be Wary of Phone Scam: Waterford Police",
  "id": "1492097231",
  "slug":"residents-be-wary-of-phone-scam-waterford-police",
  "sourceName": "Patch",
  "sourceArticleUrl": "https://bit.ly/2YcELBS",
  "tags": ["Consumer Fraud", "Phone Scam"]
},
{
  "content": {
    "html": "<p>April 11, 2017</p><p>The DHS Science and Technology Directorate (S&amp;T) is working to make sure TDoS attacks cannot disrupt critical phone systems including emergency calls to public-safety answering points (PSAPs) through two research projects.</p><p>9-1-1 emergency call centers, financial services companies and a host of other critical service providers and essential organizations have been victims of telephony denial of service (TDoS) attacks. These attacks are a type of denial of service (DoS) attack in which a voice service is flooded with so many malicious calls valid callers can&rsquo;t get through...</p>"
  },
  "date": "2017-04-11T15:30:29-05:00",
  "featured": false,
  "headline": "2 Research Programs Work to Stop TDoS Attacks on 9-1-1 Centers",
  "id": "1491924629",
  "slug":"2-research-programs-work-to-stop-tdos-attacks-on-9-1-1-centers",
  "sourceName": "Radio Resource",
  "sourceArticleUrl": "http://bit.ly/2raEM8L",
  "tags": ["Cybersecurity", "Homeland Security", "TDoS", "UC Security", "VoIP Security"]
},
{
  "content": {
    "html": "<p>March 31, 2017</p><p>Among the changes in an iPhone software update Apple Inc. released this week: a fix aimed at preventing cyberattacks on 911 centers in the U.S.</p><p>The vulnerability was exposed in October after an 18-year-old in Arizona allegedly designed code that would cause iPhones to repeatedly dial 911. A link to the code went viral on Twitter, as teenagers...</p>"
  },
  "date": "2017-03-31T15:34:25-05:00",
  "featured": false,
  "headline": "Apple Fixes 911 Flaw in Latest iOS Update",
  "id": "1490974465",
  "slug":"apple-fixes-911-flaw-in-latest-ios-update",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "http://on.wsj.com/2ogllK4",
  "tags": ["Apple", "Call Center Security", "Emergency Services & 911 Systems", "iPhone", "TDoS"]
},
{
  "content": {
    "html": "<p>March 16, 2017</p><p>Dallas officials on Thursday walked back their claim that T-Mobile US Inc. was flooding the city&rsquo;s 911 system with “ghost” calls, and pointed instead to aging technology and staffing shortages...</p>"
  },
  "date": "2017-03-16T15:46:54-05:00",
  "featured": false,
  "headline": "Dallas Says T-Mobile Not at Fault for ‘Ghost’ 911 Calls",
  "id": "1489679214",
  "slug":"dallas-says-t-mobile-not-at-fault-for-ghost-911-calls",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "http://on.wsj.com/2pf004s",
  "tags": ["Call Center Security", "Critical Infrastructure", "Emergency Services & 911 Systems", "Ghost Calls", "Healthcare and Hospitals"]
},
{
  "content": {
    "html": "<p>March 16, 2017</p><p>T-Mobile is just the latest mobile carrier to deal with problematic 911 calls, but this time, the problems are bad. Like so bad, people are dying. This month, numerous “ghost calls” from T-Mobile numbers flooded 911 call centers in Texas and have been linked to two deaths. And although the calls originated from T-Mobile devices, people using all carriers were unable to reach 911 dispatchers during the incidents. Scarier still, nobody knows what&rsquo;s causing them...</p>"
  },
  "date": "2017-03-16T15:43:21-05:00",
  "featured": false,
  "headline": "Two Dead After T-Mobile ‘Ghost Calls’ Flood 911 Center in Texas",
  "id": "1489679001",
  "slug":"two-dead-after-t-mobile-ghost-calls-flood-911-center-in-texas",
  "sourceName": "Gizmodo",
  "sourceArticleUrl": "https://bit.ly/2YwJOwv",
  "tags": ["Contact Center Security", "Critical Infrastructure", "Emergency Services & 911 Systems", "Ghost Calls", "Healthcare and Hospitals", "Phone Scam", "TDoS"]
},
{
  "content": {
    "html": "<p>March 16, 2017</p><p>DALLAS (CBSDFW.COM) – After T-Mobile&rsquo;s top engineers and city of Dallas staff worked through the night, city leaders believe they&rsquo;ve now potentially solved a major problem that has plagued 911 callers for four months and may be linked to two deaths...</p>"
  },
  "date": "2017-03-16T13:56:08-05:00",
  "featured": false,
  "headline": "Dallas Believes T-Mobile Fixes Problem With 911 Calls",
  "id": "1489672568",
  "slug":"dallas-believes-t-mobile-fixes-problem-with-911-calls",
  "sourceName": "CBS DFW",
  "sourceArticleUrl": "http://cbsloc.al/2o1qK8m",
  "tags": ["Call Center Security", "Critical Infrastructure", "Emergency Services & 911 Systems", "Healthcare and Hospitals"]
},
{
  "content": {
    "html": "<p>March 9, 2017</p><p>A growing number of consumers are falling victim to impostor scams. That&rsquo;s when a con artist impersonates someone trustworthy, like a government official or law enforcement agent.</p><p>A new report from the Federal Trade Commission says complaints about impostor scams surpassed identity theft for the first time. The FTC looked at more than three million consumer complaints. American consumers reported losing more than $744 million overall to fraud in 2016, averaging roughly $1,000 per victim...</p>"
  },
  "date": "2017-03-09T14:04:55-06:00",
  "featured": false,
  "headline": "FTC Reveals Red Flags to Detect Impostor Scams, The New No. 1 Fraud",
  "id": "1489068295",
  "slug":"ftc-reveals-red-flags-to-detect-impostor-scams-the-new-no-1-fraud",
  "sourceName": "CBS News",
  "sourceArticleUrl": "http://cbsn.ws/2n9Dzt4",
  "tags": ["Consumer Fraud", "FTC", "Impostor Scam", "Phone Scam"]
},
{
  "content": {
    "html": "<p>March 8, 2017</p><p>In late October, in Surprise, Ariz., more than 100 phone calls bombarded the police department&rsquo;s emergency dispatch line. Calls also overwhelmed the nearby city of Peoria&rsquo;s 911 system and departments across California and Texas. </p><p>But each time a dispatcher picked up, no one was on the line – and there was no emergency. </p><p>The Arizona district attorney&rsquo;s office says the calls clogging 911 lines resulted from a digital prank, which triggered a distributed denial of service, or DDoS, attack on critical emergency communication systems. The prosecutor&rsquo;s office tracked the torrent of calls to 18-year-old hacker Meetkumar Hiteshbhai Desai. Now, he&rsquo;s facing four counts of felony computer tampering...</p>"
  },
  "date": "2017-03-08T14:07:48-06:00",
  "featured": false,
  "headline": "How Homeland Security Plans To End the Scourge of DDoS Attacks",
  "id": "1488982068",
  "slug":"how-homeland-security-plans-to-end-the-scourge-of-ddos-attacks",
  "sourceName": "CS Monitor",
  "sourceArticleUrl": "http://bit.ly/2mBQPJ3",
  "tags": ["Critical Infrastructure", "Cybersecurity", "Emergency Services & 911 Systems", "Healthcare and Hospitals", "Homeland Security", "TDoS"]
},
{
  "content": {
    "html": "<p>March 6, 2017</p><p>Faced with national 911 systems deemed increasingly vulnerable to cyberattack, Sens. Bill Nelson, D-Fla., and Amy Klobuchar, D-Minn., will introduce a bill within the next few weeks to federally fund and hasten the national transition to next generation 911 (NG911) systems...</p>"
  },
  "date": "2017-03-06T14:57:22-06:00",
  "featured": false,
  "headline": "New Bill Would Push for Cybersecurity Improvements at 911 Call Centers",
  "id": "1488812242",
  "slug":"new-bill-would-push-for-cybersecurity-improvements-at-911-call-centers",
  "sourceName": "State Scoop",
  "sourceArticleUrl": "https://bit.ly/2meHNQ1",
  "tags": ["Call Center Security", "Critical Infrastructure", "Cybersecurity", "Emergency Services & 911 Systems", "Homeland Security", "TDoS"]
},
{
  "content": {
    "html": "<p>March 3, 2017</p><p>On a Tuesday night last October in Olympia, Wash., 911 operator Jennifer Rodgers stared at the list of incoming calls on her screen.</p><p>Normally, one or two calls at a time would trickle in at this hour. At 9:28 p.m., they began stacking up by the dozens like lines on an Excel spreadsheet...<br></p>"
  },
  "date": "2017-03-03T15:09:55-06:00",
  "featured": false,
  "headline": "How a Cyberattack Overwhelmed the 911 System",
  "id": "1488553795",
  "slug":"how-a-cyberattack-overwhelmed-the-911-system",
  "sourceName": "Wall Street Journal",
  "sourceArticleUrl": "http://on.wsj.com/2mjnS4z",
  "tags": ["Cybersecurity", "Emergency Services & 911 Systems", "TDoS"]
},
{
  "content": {
    "html": "<p>March 3, 2017</p><p>In late October, in Surprise, Ariz., more than 100 phone calls bombarded the police department&rsquo;s emergency dispatch line. Calls also overwhelmed the nearby city of Peoria&rsquo;s 911 system and departments across California and Texas. </p><p>But each time a dispatcher picked up, no one was on the line – and there was no emergency. </p><p>The Arizona district attorney&rsquo;s office says the calls clogging 911 lines resulted from a digital prank, which triggered a distributed denial of service, or DDoS, attack on critical emergency communication systems. The prosecutor&rsquo;s office tracked the torrent of calls to 18-year-old hacker Meetkumar Hiteshbhai Desai. Now, he&rsquo;s facing four counts of felony computer tampering...</p>"
  },
  "date": "2017-03-03T15:08:06-06:00",
  "featured": false,
  "headline": "How Homeland Security Plans to End TDoS Attacks",
  "id": "1488553686",
  "slug":"how-homeland-security-plans-to-end-tdos-attacks",
  "sourceName": "CS Monitor",
  "sourceArticleUrl": "http://bit.ly/2mBQPJ3",
  "tags": ["Homeland Security", "TDoS"]
},
{
  "content": {
    "html": "<p>March 3, 2017</p><p>Blocking robocalls from spoofed numbers may soon become easier, as the Federal Communications Commission is preparing to give carriers authority to take more aggressive action against this type of scam call...</p>"
  },
  "date": "2017-03-03T15:05:42-06:00",
  "featured": false,
  "headline": "FCC Chair Wants Carriers to Block Robocalls From Spoofed Numbers",
  "id": "1488553542",
  "slug":"fcc-chair-wants-carriers-to-block-robocalls-from-spoofed-numbers",
  "sourceName": "ars Technica",
  "sourceArticleUrl": "http://bit.ly/2m3SBQP",
  "tags": ["Caller-ID Spoofing", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>March 3, 2017</p><p>When a flurry of hangup calls hit one night last October, North Texas call takers were the first to realize that a cyber attack of the nation&rsquo;s 911 system was under way.</p><p>It struck first in Irving on Oct. 25.</p><p>Then Fort Worth followed with a deluge of 911 calls a short time later...</p>"
  },
  "date": "2017-03-03T15:00:24-06:00",
  "featured": false,
  "headline": "National 911 Cyber Attack Was First Detected in Tarrant County",
  "id": "1488553224",
  "slug":"national-911-cyber-attack-was-first-detected-in-tarrant-county",
  "sourceName": "Star Telegram",
  "sourceArticleUrl": "http://bit.ly/2oLGbP3",
  "tags": ["Call Center Security", "Cybersecurity", "Emergency Services & 911 Systems", "Homeland Security"]
},
{
  "content": {
    "html": "<p>March 2, 2017</p><p>The man who would “ dismantle net neutrality with a smile” has another target in his cross hair for March.</p><p>On Thursday, newly minted Federal Communications Commission Chairman Ajit Pai released the agency&rsquo;s agenda for the month, with six items it will discuss and vote on March 23. At the top of the list is killing robocalls -- those automated phone calls that annoy the entire nation.</p><p>Pai has been working fast to kill regulation and policies like net neutrality -- the concept that all internet traffic must be treated as equal -- that the previous administration enforced. So far, in a little more than a month, he&rsquo;s stopped rules to protect data privacy, blocked internet privacy regulations and chipped away at net neutrality. In March&rsquo;s agenda, Pai looks to get rid of even more regulations his predecessors put in place...</p>"
  },
  "date": "2017-03-02T15:19:36-06:00",
  "featured": false,
  "headline": "FCC Puts Robocalls, Prison Phones at the Top of its Agenda",
  "id": "1488467976",
  "slug":"fcc-puts-robocalls-prison-phones-at-the-top-of-its-agenda",
  "sourceName": "CNET",
  "sourceArticleUrl": "https://cnet.co/2OsSMHq",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>March 2, 2017</p><p>Robocalls and telemarketing calls are consistently the top source of consumer complaints received by the FCC. It is estimated that U.S. consumers received approximately 2.4 billion robocalls per month in 2016.</p><p>The FCC has released new Fact Sheet. </p><p>View it here. </p>"
  },
  "date": "2017-03-02T15:17:12-06:00",
  "featured": false,
  "headline": "Advanced Methods to Target and Eliminate Unlawful Robocalls",
  "id": "1488467832",
  "slug":"advanced-methods-to-target-and-eliminate-unlawful-robocalls",
  "sourceName": "FCC",
  "sourceArticleUrl": "https://bit.ly/2GCYos4",
  "tags": ["Caller-ID Spoofing", "FCC", "Robocalls", "Spoofing"]
},
{
  "content": {
    "html": "<p>March 2, 2017</p><p>Enterprises must work hand in hand with UCaaS providers to ensure strong end-to-end security of communications delivered from the cloud.</p><p>It&rsquo;s no secret that companies continue to move their enterprise communications -- including phone and collaborative messaging applications -- to the cloud at a rapid clip...</p>"
  },
  "date": "2017-03-02T15:13:44-06:00",
  "featured": false,
  "headline": "Collaboration Key for Cloud Communications Security",
  "id": "1488467624",
  "slug":"collaboration-key-for-cloud-communications-security",
  "sourceName": "No Jitter",
  "sourceArticleUrl": "https://ubm.io/2Zm7L6T",
  "tags": ["Call Center Security", "Caller-ID Spoofing", "PBX", "Spoofing", "Toll Fraud & Call Pumping", "VoIP Security"]
},
{
  "content": {
    "html": "<p>February 28, 2017</p><p>VoIP security is a hot topic, and rightfully so. A compromised system can cost you $$$ in phone bills, so how do you prevent a breach? Well, the answer isn&rsquo;t as complicated as you&rsquo;d expect. There are a lot of opinions floating around on the subject, so let me address some truths and falsehoods that may be of importance when securing your VoIP system...</p>"
  },
  "date": "2017-02-28T15:26:20-06:00",
  "featured": false,
  "headline": "The VoIP Addict’s Guide – VoIP Security Fact and Fiction",
  "id": "1488295580",
  "slug":"the-voip-addicts-guide-voip-security-fact-and-fiction",
  "sourceName": "VoIP Insider",
  "sourceArticleUrl": "https://bit.ly/2K3e0am",
  "tags": ["Cybersecurity", "Voice Firewall", "VoIP", "VoIP Security"]
},
{
  "content": {
    "html": "<p>February 28, 2017</p><p>Unified communications security is venturing into unknown territory with the growing trend of embedding communications into business applications. New security challenges could emerge for IT as organizations fuse their communications to business apps by using APIs and communications platform as a service (CPaaS)...</p>"
  },
  "date": "2017-02-28T15:23:40-06:00",
  "featured": false,
  "headline": "Communication APIs Mark Uncharted Waters for UC Security",
  "id": "1488295420",
  "slug":"communication-apis-mark-uncharted-waters-for-uc-security",
  "sourceName": "Tech Target",
  "sourceArticleUrl": "http://bit.ly/2oTrnQC",
  "tags": ["UC", "UC Security", "Unified Communications"]
},
{
  "content": {
    "html": "<p>February 27, 2017</p><p>The “Dirty Dozen” list of Tax Scams for 2017 has been released by the Internal Revenue Service. Inside this list resides some all too common and devastating tax horrors of which to be aware and vigilant. The top 4 most common tax scams are: phishing, phone scams, identity theft and return preparer fraud. Let&rsquo;s take them one at a time to make sure you have a seamless tax season...</p>"
  },
  "date": "2017-02-27T15:29:26-06:00",
  "featured": false,
  "headline": "Avoiding Tax Disaster — Beware Of These 4 Common Tax Scams",
  "id": "1488209366",
  "slug":"avoiding-tax-disaster-beware-of-these-4-common-tax-scams",
  "sourceName": "Forbes",
  "sourceArticleUrl": "http://bit.ly/2oLEm4r",
  "tags": ["FTC", "IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>February 24, 2017</p><p>AUSTIN (KXAN) — The phone rings and panic ensues as the caller says they are with the Federal Bureau of Investigation and need immediate payments of unpaid taxes.</p><p>The real FBI is warning the University of Texas at Austin community that this a phone scam targeting unsuspecting students. The FBI says they have recently received an increasing number of reports of this fraud scheme from across Texas as well. Even if the call seems legitimate because they have your name, background, and phone number, the FBI says you should hang up immediately...</p>"
  },
  "date": "2017-02-24T15:36:03-06:00",
  "featured": false,
  "headline": "FBI Warning UT Austin About Phone Scam",
  "id": "1487950563",
  "slug":"fbi-warning-ut-austin-about-phone-scam",
  "sourceName": "KXAN",
  "sourceArticleUrl": "https://bit.ly/2OvErKe",
  "tags": ["FBI", "IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>February 22, 2017</p><p>UC security is not a priority, according to a survey of IT professionals. But security should not be overlooked, as cloud UC creates new risks.</p><p>Unified communications security seems like a no-brainer, but a report has found that it&rsquo;s not on the radar for...</p>"
  },
  "date": "2017-02-22T15:39:54-06:00",
  "featured": false,
  "headline": "UC Security Lags Despite the Cloud Creating New Threats",
  "id": "1487777994",
  "slug":"uc-security-lags-despite-the-cloud-creating-new-threats",
  "sourceName": "Tech Target",
  "sourceArticleUrl": "http://bit.ly/2mcTDK5",
  "tags": ["Cybersecurity", "UC", "UC Security", "Unified Communications"]
},
{
  "content": {
    "html": "<p>February 21, 2017</p><p>The Federal Trade Commission and 10 states have closed the book on the remaining defendants who assisted a Florida-based cruise line company in running an illegal telemarketing campaign that flooded consumers with billions of unwanted robocalls. In settling the charges, Fred Accuardi and his companies are barred from robocalling and illegal telemarketing, as well as helping anyone else make such calls...</p>"
  },
  "date": "2017-02-21T15:42:22-06:00",
  "featured": false,
  "headline": "FTC, States Put Remaining Defendants in Massive Caribbean Cruise Lines Robocall Operation in Permanent Dry Dock",
  "id": "1487691742",
  "slug":"ftc-states-put-remaining-defendants-in-massive-caribbean-cruise-lines-robocall-operation-in-permanent-dry-dock",
  "sourceName": "FTC",
  "sourceArticleUrl": "http://bit.ly/2oKhnZl",
  "tags": ["FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 20, 2017</p><p>The Jewish Community Center in St. Paul&rsquo;s Highland Park neighborhood reopened after a Monday morning bomb threat prompted an evacuation, one of at least 10 around the country.</p><p>After a search of the facility, St. Paul police did not find bombs or dangerous devices.</p><p>Police spokesman Steve Linders said the center received a “robo-call”-style threat around 10 a.m. Monday and police sent multiple officers, including a bomb squad.</p>"
  },
  "date": "2017-02-20T15:44:50-06:00",
  "featured": false,
  "headline": "St. Paul Jewish Community Center Evacuated in Wave of U.S. Bomb Threats",
  "id": "1487605490",
  "slug":"st-paul-jewish-community-center-evacuated-in-wave-of-u-s-bomb-threats",
  "sourceName": "Twin Cities Pioneer Press",
  "sourceArticleUrl": "https://bit.ly/2LPbRBv",
  "tags": ["Bomb Threat", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 15, 2017</p><p>An IRS impersonation fraud that has victimized thousands of Americans leads a 2017 U.S. Senate ranking of the Top 10 scams targeting senior citizens.</p><p>Dubbed by the Treasury Inspector General for Tax Administration as the most pervasive impersonation fraud in IRS history, the swindle involves suspected scammers based in the U.S. and India who telephone Americans and threaten arrests unless purported tax debts aren&rsquo;t paid immediately. At least 1.97 million people have been targeted, with as many as 200 victimized per week during the scam&rsquo;s peak last year, according to the inspector general...</p>"
  },
  "date": "2017-02-15T15:48:28-06:00",
  "featured": false,
  "headline": "Are You A Victim Of These Scams Targeting Seniors",
  "id": "1487173708",
  "slug":"are-you-a-victim-of-these-scams-targeting-seniors",
  "sourceName": "USA Today",
  "sourceArticleUrl": "http://usat.ly/2pyzAud",
  "tags": ["Elder Fraud", "FTC", "IRS", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 14, 2017</p><p>Cyber threats are constantly evolving, and 2017 is ramping up to be a banner year for security. Last year brought forth new and incomparable in scale attacks directed at high-profile brands. According to Control Risks, the attacks perpetrated by cyber criminals doubled in frequency. Across South East Asia, government, finance, and telecoms sectors were the most frequently targeted. It is becoming imperative for enterprises to invest in cyber security defense systems and collaborate with experts who can advise on the best preventive strategies...</p>"
  },
  "date": "2017-02-14T15:51:21-06:00",
  "featured": false,
  "headline": "The Forgotten Security Frontier: How Secure Are Your Phone Calls?",
  "id": "1487087481",
  "slug":"the-forgotten-security-frontier-how-secure-are-your-phone-calls",
  "sourceName": "Tech Seen",
  "sourceArticleUrl": "https://bit.ly/2SRtEsa",
  "tags": ["Spoofing", "Toll Fraud & Call Pumping", "UC", "UC Security", "Unified Communications", "VoIP Security"]
},
{
  "content": {
    "html": "<p>February 10, 2017</p><p>Another attack type that has flown under the radar is Telephony Denial of Service (TDoS). This attack type will likely rise in sophistication and become a key tool in cyber attackers&rsquo; arsenals, particularly those who are more interested in wreaking havoc than having financial gain as a motivator...</p>"
  },
  "date": "2017-02-10T16:20:17-06:00",
  "featured": false,
  "headline": "The Next Generation of Cyber Attacks — PDoS, TDoS, and Others",
  "id": "1486743617",
  "slug":"the-next-generation-of-cyber-attacks-pdos-tdos-and-others",
  "sourceName": "SG Cybersecurity",
  "sourceArticleUrl": "https://bit.ly/2YrJ3VD",
  "tags": ["Cybersecurity", "TDoS"]
},
{
  "content": {
    "html": "<p>February 10, 2017</p><p>Another attack type that has flown under the radar is Telephony Denial of Service (TDoS). This attack type will likely rise in sophistication and become a key tool in cyber attackers&rsquo; arsenals, particularly those who are more interested in wreaking havoc than having financial gain as a motivator...</p>"
  },
  "date": "2017-02-10T14:07:39-06:00",
  "featured": false,
  "headline": "The Next Generation of Cyber Attacks — PDoS, TDoS, and Others",
  "id": "1486735659",
  "slug":"the-next-generation-of-cyber-attacks-pdos-tdos-and-others-2",
  "sourceName": "SG Cybersecurity",
  "sourceArticleUrl": "https://bit.ly/2YrJ3VD",
  "tags": ["Cybersecurity", "TDoS"]
},
{
  "content": {
    "html": "<p>February 7, 2017</p><p>It&rsquo;s the one thing everyone can agree on in these divisive times: We all hate robocalls. But how will the Federal Communications Commission respond to this growing problem with Ajit Pai, a Republican, as the new chairman, appointed by a president who wants to slash government regulations?</p>"
  },
  "date": "2017-02-07T14:17:15-06:00",
  "featured": false,
  "headline": "Will Trump Administration Mean More Robocalls?",
  "id": "1486477035",
  "slug":"will-trump-administration-mean-more-robocalls",
  "sourceName": "NBC News",
  "sourceArticleUrl": "http://nbcnews.to/2kPeYuY",
  "tags": ["FCC", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 6, 2017</p><p>Have you ever wondered what could happen if hackers would block or disrupt 911 emergency call system?</p><p>Perhaps you are about to say it&rsquo;s impossible. However, it would only take 6,000 Smartphones...</p>"
  },
  "date": "2017-02-06T14:21:49-06:00",
  "featured": false,
  "headline": "What if hackers could knock off 911 Emergency Telephony Network?",
  "id": "1486390909",
  "slug":"what-if-hackers-could-knock-off-911-emergency-telephony-network-2",
  "sourceName": "Emergency Live",
  "sourceArticleUrl": "http://bit.ly/2on5SEE",
  "tags": ["Call Center Security", "Critical Infrastructure", "Emergency Services & 911 Systems", "FCC", "Hackers", "TDoS"]
},
{
  "content": {
    "html": "<p>February 2, 2017</p><p>A bomb threat was made against Cape Elizabeth Middle School on Thursday morning, school officials said.</p><p>Howard Colter, interim superintendent in Cape Elizabeth, said the threat to the school on Scott Dyer Road was made in a recorded robo-call to the middle school office at about 10:50 a.m. Thursday...</p>"
  },
  "date": "2017-02-02T14:24:39-06:00",
  "featured": false,
  "headline": "Robo-call Bomb Threat Made Against Cape Elizabeth Middle School",
  "id": "1486045479",
  "slug":"robo-call-bomb-threat-made-against-cape-elizabeth-middle-school",
  "sourceName": "Portland Press Herald",
  "sourceArticleUrl": "http://bit.ly/2pRKFTx",
  "tags": ["Bomb Threat", "Robocalls"]
},
{
  "content": {
    "html": "<p>February 1, 2017</p><p>Consumer advocates are urging Ajit Pai, chairman of the Federal Communications Commission, to uphold rules restricting companies from inundating people with cellphone calls to collect money owed to or guaranteed by the government, including federal student loans, mortgages and taxes...</p>"
  },
  "date": "2017-02-01T14:32:25-06:00",
  "featured": false,
  "headline": "Consumer Groups Urge New FCC Chairman Not to Reverse Robo-Call Limits For Student Debt Collectors",
  "id": "1485959545",
  "slug":"consumer-groups-urge-new-fcc-chairman-not-to-reverse-robo-call-limits-for-student-debt-collectors",
  "sourceName": "Washington Post",
  "sourceArticleUrl": "http://wapo.st/2pRp8du",
  "tags": ["FCC", "Robocalls", "Student Debt"]
},
{
  "content": {
    "html": "<p>February 1, 2017</p><p>Timothy P. Campus, Deputy Inspector General for Investigations and Treasury Inspector General for Tax Administration, recently released a testimony before the US Senate&rsquo;s Special Committee on Aging. </p><p>Click here to view. </p>"
  },
  "date": "2017-02-01T14:28:45-06:00",
  "featured": false,
  "headline": "Stopping Senior Scams: Developments in Financial Fraud Affecting Seniors",
  "id": "1485959325",
  "slug":"stopping-senior-scams-developments-in-financial-fraud-affecting-seniors",
  "sourceName": "US Treasury",
  "sourceArticleUrl": "https://bit.ly/2YvzdBT",
  "tags": ["Consumer Fraud", "Cybersecurity", "Elder Fraud", "IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>January 30, 2017</p><p>No, no one has ever gone to prison for violating the National Do Not Call Registry, and it&rsquo;s unlikely anyone ever will. That&rsquo;s because the two federal agencies that oversee the list largely hand out civil, not criminal, penalties...</p>"
  },
  "date": "2017-01-30T14:47:40-06:00",
  "featured": false,
  "headline": "‘Has Anybody Gone to Prison for Violating the F.C.C.’s Do Not Call List?’",
  "id": "1485787660",
  "slug":"has-anybody-gone-to-prison-for-violating-the-f-c-c-s-do-not-call-list",
  "sourceName": "New York Times",
  "sourceArticleUrl": "http://nyti.ms/2oLsUaA",
  "tags": ["Do Not Call", "FCC", "FTC", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 30, 2017</p><p>Have you gotten one of these “Can you hear me now?” phone calls.</p><p>No, “The Verizon Guy” (now the Sprint guy) is not ringing you up. It&rsquo;s a robocall scammer who wants to steal your identity and money...</p>"
  },
  "date": "2017-01-30T14:41:01-06:00",
  "featured": false,
  "headline": "Tips for Fighting ‘Can You Hear Me Now’ and Other Robocalls",
  "id": "1485787261",
  "slug":"tips-for-fighting-can-you-hear-me-now-and-other-robocalls",
  "sourceName": "NBC News",
  "sourceArticleUrl": "http://nbcnews.to/2kaEDMh",
  "tags": ["Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 30, 2017</p><p>Like every other cloud-based, internet-connected application running within your business, Voice-over-IP (VoIP) apps require comprehensive security. Whether it&rsquo;s ensuring secure user authentication and network configuration or enabling end-to-end encryption in all VoIP communication and data storage, organizations need to be diligent in both overseeing IT management and working closely with their business VoIP provider to ensure that security requirements are being met and enforced...</p>"
  },
  "date": "2017-01-30T14:37:44-06:00",
  "featured": false,
  "headline": "The Dos and Dont’s of Securing Your VoIP Communications",
  "id": "1485787064",
  "slug":"the-dos-and-donts-of-securing-your-voip-communications",
  "sourceName": "PC Mag",
  "sourceArticleUrl": "http://bit.ly/2kO8ehV",
  "tags": ["Cybersecurity", "PBX", "VoIP Security"]
},
{
  "content": {
    "html": "<p>January 28, 2017</p><p>If you are like most people, you are beginning to wonder if anyone has even a tenth of a clue about how to protect email. We all watched, for example, as reams of stolen political correspondence from a major email provider were posted each day leading up to the recent election, more than likely influencing the outcome...</p>"
  },
  "date": "2017-01-28T14:51:36-06:00",
  "featured": false,
  "headline": "We All Know Email Can Be Hacked, But What’s Next? (Shhh It’s Voice)",
  "id": "1485615096",
  "slug":"we-all-know-email-can-be-hacked-but-whats-next-shhh-its-voice",
  "sourceName": "Beta News",
  "sourceArticleUrl": "https://bit.ly/2YBoRAy",
  "tags": ["Cybersecurity"]
},
{
  "content": {
    "html": "<p>January 27, 2017</p><p>Enterprises aren&rsquo;t adequately supporting IT in addressing challenges with unified communications (UC) endpoint device management, which is leading to significant overspending and security issues.</p>"
  },
  "date": "2017-01-27T14:56:10-06:00",
  "featured": false,
  "headline": "Unified Communications Devices Open Up Security Problems",
  "id": "1485528970",
  "slug":"unified-communications-devices-open-up-security-problems",
  "sourceName": "Info-Security Group",
  "sourceArticleUrl": "https://bit.ly/2LQXZ9S",
  "tags": ["UC", "UC Security", "Unified Communications"]
},
{
  "content": {
    "html": "<p>January 14, 2017</p><p>Stark County is not the only one who received simultaneous robocall bomb threats last year. Federal agents say Ohio is among those most likely to get a bomb threat...</p>"
  },
  "date": "2017-01-14T15:05:32-06:00",
  "featured": false,
  "headline": "Police: Bomb Threats Last Year in Stark County Were National, Recordings",
  "id": "1484406332",
  "slug":"police-bomb-threats-last-year-in-stark-county-were-national-recordings",
  "sourceName": "Canton Rep",
  "sourceArticleUrl": "http://bit.ly/2oOFjcw",
  "tags": ["Bomb Threat", "Homeland Security", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 13, 2017</p><p>Web of defendants blasted billions of robocalls, including more than 70 million to numbers on National Do Not Call Registry.</p><p>Many of the defendants in the two cases, <em>FTC v. Justin Ramsey, et al.</em> and <em>FTC v. Aaron Michael Jones, et al.</em>, have agreed to court orders that permanently ban them from making robocalls, making any calls to numbers listed on the Do Not Call Registry, violating the TSR, and/or assisting others in doing so. The settling defendants also will pay the Commission a total of more than $500,000...</p>"
  },
  "date": "2017-01-13T15:07:50-06:00",
  "featured": false,
  "headline": "FTC Announces Crackdown on Two Massive Illegal Robocall Operations",
  "id": "1484320070",
  "slug":"ftc-announces-crackdown-on-two-massive-illegal-robocall-operations",
  "sourceName": "FTC",
  "sourceArticleUrl": "https://bit.ly/2jQgeKq",
  "tags": ["Do Not Call", "FTC", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 11, 2017</p><p>NEW YORK / WASHINGTON - A wave of telephone bomb threats to 16 Jewish community centers in nine US states may have originated from the same number and been placed by at least one individual and an automated calling system, security officials said on Tuesday.</p><p>The Federal Bureau of Investigation is looking into the calls, which led to evacuations at some of the community centers on Monday, but resulted in no attacks or injuries. Police who searched the centers found no bombs...</p>"
  },
  "date": "2017-01-11T15:13:03-06:00",
  "featured": false,
  "headline": "FBI Looking for Source of ‘Robocall’ Bomb Threats to Jewish Centers",
  "id": "1484147583",
  "slug":"fbi-looking-for-source-of-robocall-bomb-threats-to-jewish-centers",
  "sourceName": "The Jerusalem Post",
  "sourceArticleUrl": "http://bit.ly/2o3EXRU",
  "tags": ["Bomb Threat", "Cybersecurity", "FBI", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 10, 2017</p><p>Telephony DoS (TDoS) will become more sophisticated. These attacks, which cut off communications in a crisis, “could impede first responders&rsquo; situational awareness, exacerbate suffering and pain, and potentially increase loss of life,” the press release stated...</p>"
  },
  "date": "2017-01-10T15:15:16-06:00",
  "featured": false,
  "headline": "49% of Businesses Fell Victim to Cyber Ransom Attacks in 2016",
  "id": "1484061316",
  "slug":"49-of-businesses-fell-victim-to-cyber-ransom-attacks-in-2016",
  "sourceName": "Tech Republic",
  "sourceArticleUrl": "http://tek.io/2jjn1gn",
  "tags": ["Cybersecurity", "TDoS"]
},
{
  "content": {
    "html": "<p>January 9, 2017</p><p>NASHVILLE — Bomb threats were reported Monday at Jewish community centers in at least nine states and the United Kingdom and federal agents have been standby in case of any problems, authorities said...</p>"
  },
  "date": "2017-01-09T15:21:52-06:00",
  "featured": false,
  "headline": "Jewish Centers In At Least 9 States Receive Bomb Threats",
  "id": "1483975312",
  "slug":"jewish-centers-in-at-least-9-states-receive-bomb-threats",
  "sourceName": "USA Today",
  "sourceArticleUrl": "http://usat.ly/2i9OBL7",
  "tags": ["Cybersecurity", "Robocalls", "TDoS"]
},
{
  "content": {
    "html": "<p>January 9, 2017</p><p>The Canadian Radio-television and Communications Commission (CRTC) plans to launch a proceeding to examine the development of technical solutions to both prevent spoofing of caller ID information, as well as trace and identify the source of nuisance calls. It&rsquo;s also considering adding new regulatory measures...</p>"
  },
  "date": "2017-01-09T15:19:49-06:00",
  "featured": false,
  "headline": "CRTC Launches Follow-Up Consultation Into Identifying and Reducing Nuisance Calls",
  "id": "1483975189",
  "slug":"crtc-launches-follow-up-consultation-into-identifying-and-reducing-nuisance-calls",
  "sourceName": "Mobile Syrup",
  "sourceArticleUrl": "http://bit.ly/2pgeZuR",
  "tags": ["Caller-ID Spoofing", "Do Not Call", "FCC", "Spoofing"]
},
{
  "content": {
    "html": "<p>January 6, 2017</p><p>Mel Craig&rsquo;s 90-year-old father has been tormented over the past year by swindlers calling him at home, threatening him if he did not send them more money...</p>"
  },
  "date": "2017-01-06T15:23:52-06:00",
  "featured": false,
  "headline": "‘I Thought I Was Impervious to Scams’: Readers Denounce India’s Phone Swindlers",
  "id": "1483716232",
  "slug":"i-thought-i-was-impervious-to-scams-readers-denounce-indias-phone-swindlers",
  "sourceName": "New York Times",
  "sourceArticleUrl": "http://nyti.ms/2o3AJtK",
  "tags": ["Consumer Fraud", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 5, 2017</p><p>At around 12:46 PM, police say the school&rsquo;s main office received a robocall stating there was device of some sort inside the school building.</p><p>Police report the school was placed on a low-level lockdown while staff and Delaware State Troopers searched the building...</p>"
  },
  "date": "2017-01-05T15:40:55-06:00",
  "featured": false,
  "headline": "Police Investigate Bomb Threat Robocall to Long Neck Elementary",
  "id": "1483630855",
  "slug":"police-investigate-bomb-threat-robocall-to-long-neck-elementary",
  "sourceName": "WMDT",
  "sourceArticleUrl": "http://bit.ly/2pCivNd",
  "tags": ["Bomb Threat", "Robocalls"]
},
{
  "content": {
    "html": "<p>January 5, 2017</p><p>It&rsquo;s not often that any one of us needs to dial 911, but we know how important it is for it to work when one needs it. It is critical that 911 services always be available -- both for the practicality of responding to emergencies and to give people peace of mind. But a new type of attack has emerged that can knock out 911 access -- our research explains how these attacks occur as a result of the system&rsquo;s vulnerabilities. We show these attacks can create extremely serious repercussions for public safety...</p>"
  },
  "date": "2017-01-05T15:38:21-06:00",
  "featured": false,
  "headline": "Attackers Can Make It Impossible to Dial 911",
  "id": "1483630701",
  "slug":"attackers-can-make-it-impossible-to-dial-911",
  "sourceName": "GCN",
  "sourceArticleUrl": "http://bit.ly/2qIn9f0",
  "tags": ["Critical Infrastructure", "Emergency Services & 911 Systems", "TDoS"]
},
{
  "content": {
    "html": "<p>January 4, 2017</p><p>Imagine a hacker breaking into someone&rsquo;s accounts.</p><p>If fancy computer skills are part of your mental scenario, rewind the tape in your mind. That&rsquo;s not how it&rsquo;s happening nowadays...</p>"
  },
  "date": "2017-01-04T15:46:20-06:00",
  "featured": false,
  "headline": "Be Prepared: The Top ‘Social Engineering’ Scams Of 2017",
  "id": "1483544780",
  "slug":"be-prepared-the-top-social-engineering-scams-of-2017",
  "sourceName": "Forbes",
  "sourceArticleUrl": "http://bit.ly/2pRB67c",
  "tags": ["IRS", "Phone Scam", "Social Engineering"]
},
{
  "content": {
    "html": "<p>December 22, 2016</p><p>Wouldn&rsquo;t it be nice if spam or scam calls were blocked before they ever reached your mobile phone?</p><p>Just imagine: the “Microsoft tech support” crook couldn&rsquo;t threaten to chop you up like a stew ingredient and toss you in the river when you resist installing his credential-snarfing malware...</p>"
  },
  "date": "2016-12-22T15:49:33-06:00",
  "featured": false,
  "headline": "AT&T Takes Aim At Scam Callers",
  "id": "1482421773",
  "slug":"att-takes-aim-at-scam-callers",
  "sourceName": "",
  "sourceArticleUrl": "https://bit.ly/2K54Ytw",
  "tags": ["Cybersecurity", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>December 21, 2016</p><p>AT&amp;T officially launched its new Call Protect service, aiming to protect its customers from automated phone calls commonly known as “robocalls”...</p>"
  },
  "date": "2016-12-21T15:58:07-06:00",
  "featured": false,
  "headline": "AT&T Starts Robocalls Crackdown With ‘Call Protect’ Service To Block Spam Phone Calls: How It Works:",
  "id": "1482335887",
  "slug":"att-starts-robocalls-crackdown-with-call-protect-service-to-block-spam-phone-calls-how-it-works",
  "sourceName": "Tech Times",
  "sourceArticleUrl": "https://bit.ly/2oVuGGO",
  "tags": ["Cybersecurity", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>December 21, 2016</p><p>COLUMBUS (Credit.com) — Does it feel like you&rsquo;ve had more than your fair share of robocalls this year? If so, you&rsquo;re not alone. Phone scammers were extra busy in 2016, making a record 10.2 billion robocalls to Americans, offering them everything from fake cruises and gift cards to opportunities to support bogus charities, according to a new report from Hiya, a company providing caller ID and call-blocker apps.</p>"
  },
  "date": "2016-12-21T15:52:17-06:00",
  "featured": false,
  "headline": "Top 10 Phone Scams of 2016: Here’s How To Protect Yourself",
  "id": "1482335537",
  "slug":"top-10-phone-scams-of-2016-heres-how-to-protect-yourself",
  "sourceName": "NBC4i",
  "sourceArticleUrl": "http://bit.ly/2oOCSGS",
  "tags": ["IRS", "Phone Scam", "Robocalls"]
},
{
  "content": {
    "html": "<p>December 2, 2016</p><p>Businesses often ponder on the reliability and overall quality of VoIP telephony system. This is a major concern which leads such businesses to consider the dangers of data security risks. In spite of the few controversial security breaches in the past, VoIP technology has advanced and transformed into a more robust business tool...</p>"
  },
  "date": "2016-12-02T16:01:03-06:00",
  "featured": false,
  "headline": "The Top 5 VoIP Security Risks and Their Controls",
  "id": "1480694463",
  "slug":"the-top-5-voip-security-risks-and-their-controls",
  "sourceName": "The Real PBX",
  "sourceArticleUrl": "https://bit.ly/2YznbHR",
  "tags": ["PBX", "TDoS", "VoIP", "VoIP Security"]
},
{
  "content": {
    "html": "<hr /><p>December 1, 2016</p><p>In late September, a woman in National City, California, received a voice message on her phone saying she was in trouble with the Internal Revenue Service (IRS) over “tax evasion or tax fraud”.</p><p>Panicking, she rang the number and told a man who said he was from the IRS: “I can pay $500,” half the sum demanded. “I could do a payment plan. I just can&rsquo;t pay all of it at once...”</p>"
  },
  "date": "2016-12-01T15:21:11-06:00",
  "featured": false,
  "headline": "Callers For Dollars: Inside India’s Scam Call Centers",
  "id": "1480605671",
  "slug":"callers-for-dollars-inside-indias-scam-call-centers",
  "sourceName": "Reuters",
  "sourceArticleUrl": "http://reut.rs/2rJy2eP",
  "tags": ["Consumer Fraud", "IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>November 30, 2016</p><p>There are numerous protocols used in voice-over-IP (VoIP) communications. According to IBM Managed Security Services (MSS) data, the most targeted VoIP protocol is Session Initiation Protocol (SIP), which accounted for over 51 percent of the security event activity analyzed in the last 12 months.</p>"
  },
  "date": "2016-11-30T15:25:12-06:00",
  "featured": false,
  "headline": "Hello, You’ve Been Compromised: Upward Attack Trend Targeting VoIP Protocol SIP",
  "id": "1480519512",
  "slug":"hello-youve-been-compromised-upward-attack-trend-targeting-voip-protocol-sip",
  "sourceName": "",
  "sourceArticleUrl": "https://ibm.co/2o3OLvp",
  "tags": ["Cybersecurity", "FCC", "FTC", "Phone Scam", "VoIP", "VoIP Security"]
},
{
  "content": {
    "html": "<p>November 22, 2016</p><p>Nearly an hour into the phone call, the woman began to get suspicious.</p><p>The man on the line said he was with the Internal Revenue Service and that she owed a penalty for tax fraud. But to make the payment, he told her to drive to a nearby Food 4 Less grocery store in suburban San Diego and purchase an iTunes gift card...</p>"
  },
  "date": "2016-11-22T15:28:29-06:00",
  "featured": false,
  "headline": "Inside the Indian IRS Scam That Cheated U.S. Taxpayers Out of Millions",
  "id": "1479828509",
  "slug":"inside-the-indian-irs-scam-that-cheated-u-s-taxpayers-out-of-millions",
  "sourceName": "The Morning Call",
  "sourceArticleUrl": "http://bit.ly/2pC4Msy",
  "tags": ["IRS", "Phone Scam"]
},
{
  "content": {
    "html": "<p>November 21, 2016</p><p>Imagine dialing 911 during a crisis in your&rsquo;s or a loved-one&rsquo;s life. Now, imagine that no one answers your call for help. Why? Because a cyber-criminal has locked the 911 call center&rsquo;s ability to receive your call...</p>"
  },
  "date": "2016-11-21T15:32:13-06:00",
  "featured": false,
  "headline": "Pulling our head out of the sand on cybersecurity",
  "id": "1479742333",
  "slug":"pulling-our-head-out-of-the-sand-on-cybersecurity",
  "sourceName": "The Daily Record",
  "sourceArticleUrl": "https://bit.ly/2gfSJK2",
  "tags": ["Critical Infrastructure", "Cybersecurity", "Emergency Services & 911 Systems", "TDoS"]
},
{
  "content": {
    "html": "<p>November 14, 2016</p><p>A grand jury has indicted a 18-year-old man on four counts of computer tampering in connection with a cyberattack on 911 call systems in Maricopa County, the Arizona Attorney General&rsquo;s Office announced Monday...</p>"
  },
  "date": "2016-11-14T15:35:17-06:00",
  "featured": false,
  "headline": "Man indicted in Cyberattack on Phoenix-Area 911 Call Systems",
  "id": "1479137717",
  "slug":"man-indicted-in-cyberattack-on-phoenix-area-911-call-systems",
  "sourceName": "AZ Central",
  "sourceArticleUrl": "http://bit.ly/2os8tMD",
  "tags": ["Call Center Security", "Contact Center Security", "Critical Infrastructure", "Emergency Services & 911 Systems"]
},
{
  "content": {
    "html": "<p>November 11, 2016</p><p>In a denial-of-service (DoS) attack, the goal is to make a resource unavailable to its intended users, usually in a temporary interruption or suspension of services. DoS attacks are well known in data systems and networks, but can also happen to a telecom system or network.</p>"
  },
  "date": "2016-11-11T15:38:33-06:00",
  "featured": false,
  "headline": "Exploring Telephony Denial of Service",
  "id": "1478878713",
  "slug":"exploring-telephony-denial-of-service",
  "sourceName": "No Jitter",
  "sourceArticleUrl": "https://ubm.io/2fImYvB",
  "tags": ["Call Center Security", "Cybersecurity", "TDoS"]
},
{
  "content": {
    "html": "<p>November 9, 2016</p><p>A bug in the iOS WebView component allows an attacker to force someone&rsquo;s iPhone to dial any number, while also locking the phone interface for a few moments, preventing the user from canceling the outgoing call...</p>"
  },
  "date": "2016-11-09T15:49:12-06:00",
  "featured": false,
  "headline": "iOS WebView Bug Can Force iPhones to Make Calls While UI Freezes",
  "id": "1478706552",
  "slug":"ios-webview-bug-can-force-iphones-to-make-calls-while-ui-freezes",
  "sourceName": "Bleeping Computer",
  "sourceArticleUrl": "http://bit.ly/2os6IPD",
  "tags": ["Emergency Services & 911 Systems", "TDoS"]
},
{
  "content": {
    "html": "<p>November 9, 2016</p><p>Voicemail hacking is not just a problem for celebrities. According to the National Fraud Intelligence Bureau (NFIB) it affects an increasing number of businesses every year and the costs, much of which are borne by the business, are in the $billions globally. Clearly the so-called &lsquo;controls&rsquo; built into PBX and voicemail systems are inadequate. As organised crime increasingly focuses on this lucrative revenue stream, Paul German, CEO, VoipSec calls on businesses to take another look at voicemail security...</p>"
  },
  "date": "2016-11-09T15:44:37-06:00",
  "featured": false,
  "headline": "Counting The Cost Of Voicemail Hacking",
  "id": "1478706277",
  "slug":"counting-the-cost-of-voicemail-hacking",
  "sourceName": "Information Security Buzz",
  "sourceArticleUrl": "https://bit.ly/2YCWNsm",
  "tags": ["PBX", "voicemail hacking"]
},
{
  "content": {
    "html": "<p>November 8, 2016</p><p>iOS WebViews can be used to automatically call an attacker controlled phone number. The attack can block the phone&rsquo;s UI for a short amount of time and therefore prevent the victim from canceling the call. The bug is an application bug that likely is due to bad OS/framework defaults. One major issue with this vulnerability is that it is really easy to exploit. App developers have to fix their code as soon as possible... </p>"
  },
  "date": "2016-11-08T15:54:23-06:00",
  "featured": false,
  "headline": "iOS WebView Auto Dialer Bug",
  "id": "1478620463",
  "slug":"ios-webview-auto-dialer-bug",
  "sourceName": "Mulliner",
  "sourceArticleUrl": "https://bit.ly/2fRLThl",
  "tags": ["Cybersecurity", "Emergency Services & 911 Systems", "Robocalls", "TDoS"]
},
{
  "content": {
    "html": "<p>November 8, 2016</p><p>The phone industry&rsquo;s Robocall Strike Force vowed a couple of months ago to deploy its telecom commandos and end the scourge of robocalls once and for all. So how&rsquo;s that working out?</p><p>The strike force met with federal authorities the other day to report on its progress and action plan...</p>"
  },
  "date": "2016-11-08T15:51:54-06:00",
  "featured": false,
  "headline": "Phone Industry’s Robocall Strike Force Not Yet Ready For Battle",
  "id": "1478620314",
  "slug":"phone-industrys-robocall-strike-force-not-yet-ready-for-battle",
  "sourceName": "LA Times",
  "sourceArticleUrl": "http://lat.ms/2oOwWgV",
  "tags": ["Cybersecurity", "Robocalls"]
},
{
  "content": {
    "html": "<p>November 3, 2016</p><p>Have you ever wondered what could happen if hackers would block or disrupt 911 emergency call system?</p><p>Perhaps you are about to say it&rsquo;s impossible. However, it would only take 6,000 Smartphones...</p>"
  },
  "date": "2016-11-03T17:08:51-05:00",
  "featured": false,
  "headline": "What If Hackers Could Knock Off 911 Emergency Telephony Network?",
  "id": "1478192931",
  "slug":"what-if-hackers-could-knock-off-911-emergency-telephony-network",
  "sourceName": "Emergency Live",
  "sourceArticleUrl": "http://bit.ly/2on5SEE",
  "tags": ["Emergency Services & 911 Systems", "Hackers"]
},
{
  "content": {
    "html": "<p>November 3, 2016</p><p>The frail, legacy emergency 911 network in the United States was accidentally brought to its proverbial knees recently by a teenager looking for an Apple iOS bug...</p>"
  },
  "date": "2016-11-03T15:58:25-05:00",
  "featured": false,
  "headline": "The Day The 911 Network Stood Still",
  "id": "1478188705",
  "slug":"the-day-the-911-network-stood-still",
  "sourceName": "Network World",
  "sourceArticleUrl": "http://bit.ly/2fg0vTW",
  "tags": ["Critical Infrastructure", "Emergency Services & 911 Systems", "Healthcare and Hospitals", "TDoS"]
},
{
  "content": {
    "html": "<p>January 28, 2016</p><p>VoIP uses the Internet, right? Therefore, your VoIP telephony security only will be as good as your Internet security. View the infographic below to learn how being proactive with your security needs will lessen your VoIP system vulnerabilities...</p>"
  },
  "date": "2016-01-28T01:34:50-06:00",
  "featured": false,
  "headline": "VoIP Security Focus: How to Protect Your Phone System from IT Vulnerabilities [Infographic]",
  "id": "1453944890",
  "slug":"voip-security-focus-how-to-protect-your-phone-system-from-it-vulnerabilities-infographic",
  "sourceName": "The VoIP Report",
  "sourceArticleUrl": "http://bit.ly/2oLyI3U",
  "tags": ["VoIP Security"]
},
{
  "content": {
    "html": "<p>January 12, 2016</p><p>Theft of service is the most common type of VoIP fraud. The various types of theft of service include stealing usernames, passwords, and account information.</p><p>Sometimes known as subscription fraud, VoIP theft of service costs consumers and companies around the world over $5.2 billion annually...</p>"
  },
  "date": "2016-01-12T01:23:36-06:00",
  "featured": false,
  "headline": "VoIP Security Focus: How to Prevent VoIP Theft of Service",
  "id": "1452561816",
  "slug":"voip-security-focus-how-to-prevent-voip-theft-of-service",
  "sourceName": "The VoIP Report",
  "sourceArticleUrl": "http://bit.ly/2pgs3At",
  "tags": ["Consumer Fraud", "VoIP Security"]
},
{
  "content": {
    "html": "<p>November 11, 2015</p><p>Over 70% of respondents reported that their businesses were compromised through IT attacks. Because Voice over Internet Protocol (VoIP) phone systems use the same data lines as the rest of your IT system, some companies see the use of VoIP as a potential security risk...</p>"
  },
  "date": "2015-11-01T01:15:52-05:00",
  "featured": false,
  "headline": "The Need for VoIP Security: Vulnerabilities and Defensive Tactics",
  "id": "1446340552",
  "slug":"the-need-for-voip-security-vulnerabilities-and-defensive-tactics",
  "sourceName": "The VoIP Report",
  "sourceArticleUrl": "http://bit.ly/2oP0oTS",
  "tags": ["Cybersecurity", "TDoS", "VoIP Security"]
},
{
  "content": {
    "html": "<p>Cybercrime is on the rise in the Gaza Strip, where an absence of relevant legislation has facilitated criminals&rsquo; efforts to intercept Internet-based phone lines and sell minutes.</p><p>RAFAH, Gaza Strip — When an unemployed person in the Gaza Strip suddenly shows signs of affluence, people often suspect he has joined the growing ranks of Internet phone hackers. These hackers have even formed a small social club in Gaza that is difficult to penetrate.</p><p>The Gaza Strip constitutes a fertile ground for electronic criminal activities in the absence of modern tools for law enforcement. In addition, victims of electronic crimes are unable to file complaints against these criminals, as hacking falls within the digital world, which is hard to pursue and monitor.</p><p>The hackers are commonly said to “work with IPs,” or Internet Protocol addresses — the numerical equivalent of a domain name that identifies devices connected to the Internet.</p><p>Hacking phone calls using Voice Over Internet Protocol (VoIP) first emerged in the Gaza Strip in 2007, with the isolation caused by the Israeli blockade. Legend has it that a professional programmer broke into phone networks to communicate for free with his family residing outside Gaza. He started offering free service to his friends who wanted to make international calls. After that, he signed contracts with local communication offices to offer customers international service at below-market rates and shared the profit with the office owners.</p><p>The second, more professional and profitable phase of hacking appeared in Gaza in 2009. As the story goes, a student going by M.H. went to Algeria to complete his studies in information technology. However, after he got involved in Internet hacking operations and was being pursued legally, he returned to his home in Rafah. Palestinian law enforcement has not caught up with the technology, so M.H. became rich as his reputation grew.</p><p>M.H. began making huge profits reaching millions of dollars by diverting Internet communication lines using his own software and selling the service. This is the story told by the majority of hackers who met with Al-Monitor in Rafah, where hijacking calls is most active.</p><p>Working with IPs became the most common and profitable profession, and it spread among the unemployed. Mohammed Hassan (a pseudonym), who graduated from the faculty of information technology at the Islamic University of Gaza, told Al-Monitor he develops hacking software and tools that automate the tedious process of randomly trying different combinations of numbers to find IP addresses and break into servers. “I no longer like to directly work in hacking calls,” he said. “I prefer working on developing programs that facilitate the hacking process, then selling them to hackers in Gaza. The prices of the hacking software differs for each client, depending on their ability [to pay] as well as the nature of the software.”</p><p>Khaled Ayoub (a pseudonym), told Al-Monitor, “Breaking into the server is the first step. … [Then] I divert the communication lines to my personal panel, which I legally bought from an Internet hosting company. I then resell [the lines] to my personal account” before the server&rsquo;s programmers can detect the activity. “I also take all the [minutes&rsquo; worth of phone calls] and add them to my personal panel. Programmers often discover that someone broke into the line after they receive huge bills, so they start checking lines and work to fix the loopholes. This is why we transfer money on a weekly basis, before they receive the bills and find out about us...”</p>"
  },
  "date": "2015-08-28T09:00:00-05:00",
  "featured": false,
  "headline": "Gaza’s cybercriminals get rich hacking Internet-based phone lines",
  "id": "1440752400",
  "imageFilename": "gazas-cybercriminals-get-rich",
  "slug":"gazas-cybercriminals-get-rich-hacking-internet-phone-lines",
  "sourceName": "AL-Monitor",
  "sourceArticleUrl": "https://www.al-monitor.com/originals/2015/08/gaza-rafah-hacking-phone-calls.html",
  "tags": ["Call Hijacking", "Hackers", "Toll Fraud & Call Pumping"]
},