Scam calls damage trust in Finnish phone numbers

The number of online and phone scams continues to grow, and in many countries, they have already reached the point where people . As a teleoperator, Elisa actively strives to take action to block online scams and to ensure that Finnish phone numbers remain reliable and safe in online and phone services.

One of the most common types of phone scam is the “wangiri” call, which is a short-duration call that the recipient generally doesn’t even have time to answer, typically from a foreign phone number. If the recipient calls the missed call number back, the line is silent or there may be questions and answers, with the idea of making the call last as long as possible. The goal of wangiri calls is to get as many people as possible to call the number, so that the attacker can receive a share of the termination payments associated with transmitting call traffic.

Large Finnish teleoperators, such as Elisa, can generally recognise and block known wangiri numbers, and sometimes new numbers as well, and can prevent these numbers from being displayed to the victim, so that they cannot call the attacker’s number. Finns have already learned quite well that they should not answer calls from unknown foreign numbers or call them back.

“In the last couple of years, the number of technical support scam calls has been growing. These calls are also known as ‘A-number spoofing’. The ‘A-number’ is the number of the caller, whereas the ‘B-number’ is the recipient’s number.”

In this kind of spoofing, the call comes from abroad, but the attacker spoofs the caller ID, making it look like the call comes from a Finnish fixed-line or mobile number. In a number of cases, the attacker has even been able to make the call look like it is coming from a real company’s customer service number. By spoofing a Finnish A-number, the attacker tries to appear trustworthy and presents themselves as coming from the technical support department of an international company in an attempt to persuade the victim to download spyware or malware, or to get them to disclose usernames and passwords.

In the past, A-number spoofing has been easy, and teleoperators have not been able to check the origin of the number. Call forwarding and signalling by operators is strongly controlled by the regulations and recommendations from the authorities: in Finland, the relevant authority is the Finnish Transport and Communications Agency (Traficom). For example, according to the current regulations, operators cannot pass location data to each other, for privacy reasons. Because of this, it has been impossible for the operators connecting these calls to recipients in their networks to be sure of where the call originates or whether it is coming from Finland or from abroad. Statistics show that the majority of call traffic arriving in Finland from abroad comes from spoofed numbers (Figure 1 and Figure 2).

Figure 1: Share of calls from abroad to Elisa mobile numbers that studies show are fraudulent (daily level)

Scammers have become very professional. They try to call when they know the victim will be at their computer, and ideally when they are as busy as possible, so that they are too distracted to give the call their full attention (Figure 2).

Figure 2: Share of calls from abroad to Elisa mobile numbers that studies show are fraudulent (hourly level over three sample days)

Teleoperators and authorities are feverishly seeking solutions

Elisa has been actively seeking solutions for the problem of untrustworthy A-numbers both itself and in active cooperation with the controlling and supervising authority and other operators in Finland.

“For example, Elisa is the first operator in Finland to start checking the location data of subscriptions calling in Finland. Elisa has also established a procedure for imposing extra checks on calls from abroad if the caller and recipient both have Elisa mobile numbers.”

If the number that a potential scammer is using is an Elisa mobile number and the recipient has an Elisa mobile subscription, network information can reveal whether the caller’s subscription is in Finland or abroad. If the subscription is on a Finnish network but the call comes from abroad, Elisa will not forward the number to the recipient. The call will be forwarded, but the recipient will see it as coming from an unknown number. If a call coming from abroad displays a number from Elisa’s fixed-line network, the number will also not be forwarded to the recipient.

Checking the location data takes place automatically and the subscriber’s personal data and other communication data is always handled in line with the relevant legislation and in accordance with regulations from the authorities.

Elisa has presented this solution and our experiences with it to other teleoperators and to Traficom, which regulates and supervises telecommunications in Finland. Elisa has solved the problem as far as it can currently be solved by just one operator. Rolling out this solution nationwide requires operators and the authorities to implement it together.

Elisa recognises that the solution described above could lead to certain caller IDs being displayed as unknown numbers for some calls that are not scams but that originate from abroad and have features that are used by scammers. It is not possible for teleoperators to specifically recognise companies and organisations that route calls among normal international interconnection traffic while using VoIP services from foreign operators to convert the phone number to a Finnish number.

Most similar needs can be met using means that ensure that incoming calls are reliable. Companies and organisations that suspect that this solution might affect their operations should contact their own operator for a solution to the issue and to ensure that the problem is not related to something completely different.

Read more: Traficom bulletin about blocking international scam calls