Scam calls damage trust in Finnish phone numbers

The number of scam calls continues to grow. As a teleoperator, Elisa actively strives to take action to block online scams and to ensure that Finnish phone numbers remain reliable and safe in online and phone services.

One of the most common types of phone scam is the “wangiri” call, which is a short-duration call that the recipient generally doesn’t even have time to answer, typically from a foreign phone number. If the recipient calls the missed call number back, the line is silent or there may be questions and answers, with the idea of making the call last as long as possible. The goal of wangiri calls is to get as many people as possible to call the number, so that the attacker can receive a share of the termination payments associated with transmitting call traffic.

Large Finnish teleoperators, such as Elisa, can generally recognise and block known wangiri numbers, and sometimes new numbers as well, and can prevent these numbers from being displayed to the victim, so that they cannot call the attacker’s number. Finns have already learned quite well that they should not answer calls from unknown foreign numbers or call them back.

“In the last couple of years, the number of technical support scam calls has been growing. These calls are also known as ‘A-number spoofing’. The ‘A-number’ is the number of the caller, whereas the ‘B-number’ is the recipient’s number.”

Scam calls may look like they are coming from the Finnish number

In this kind of spoofing, the call comes from abroad, but the attacker spoofs the caller ID, making it look like the call comes from a Finnish number. In some cases, the attacker has been able to make the call look like it is coming from a real company’s customer service. By spoofing a Finnish A-number, the attacker tries to appear trustworthy. They present themselves as coming from the technical support department of an international company in an attempt to persuade the victim to download spyware or malware, or to get them to disclose usernames and passwords.

In the past, spoofing has been easy

A-number spoofing has been easy, and teleoperators have not been able to check the origin of the number. Call forwarding and signalling by operators is strongly controlled by the regulations and recommendations from the authorities. In Finland, the relevant authority is the Finnish Transport and Communications Agency (Traficom). For example, according to the current regulations, operators cannot pass location data to each other, for privacy reasons. Because of this, it has been impossible for the operators connecting these calls to recipients in their networks to be sure whether the call is coming from Finland or from abroad. Statistics show that the majority of call traffic arriving in Finland from abroad comes from spoofed numbers (Figure 1 and Figure 2).

Figure 1: Share of calls from abroad to Elisa mobile numbers that studies show are fraudulent (daily level)

Scammers have become very professional. They try to call when they know the victim will be at their computer. Ideally when they are so busy that they are too distracted to give the call their full attention. (Figure 2).

Figure 2: Share of calls from abroad to Elisa mobile numbers that studies show are fraudulent. (hourly level over three sample days)

Teleoperators and authorities are feverishly seeking solutions

Elisa has been seeking solutions for the problem of untrustworthy A-numbers. It has collaborated actively with the supervising authority and other operators in Finland.

“For example, Elisa is the first operator in Finland to start checking the location data of subscriptions calling in Finland. Elisa has also established a procedure for imposing extra checks on calls from abroad if the caller and recipient both have Elisa mobile numbers.”

If the number of a potential scammer is an Elisa mobile number and the recipient has an Elisa mobile subscription, network information can reveal whether the caller’s subscription is in Finland or abroad. If the subscription is on a Finnish network but the call comes from abroad, Elisa won’t forward the number to the recipient. The call will be forwarded, but the recipient will see it as coming from an unknown number. If a call coming from abroad displays a number from Elisa’s fixed-line network, the number will also not be forwarded.

Checking the location data takes place automatically. The subscriber’s personal data and other communication data is always handled in line with the relevant legislation and in accordance with regulations from the authorities.

Elisa has solved the problem as far as it can currently be solved

Elisa has presented this solution and our experiences with it to other teleoperators and to Traficom. Traficom regulates and supervises telecommunications in Finland. Elisa has solved the problem as far as it can currently be solved by just one operator. Rolling out this solution nationwide requires operators and the authorities to implement it together.

Elisa acknowledges that the described solution may result in certain caller IDs appearing as unknown. Even for legitimate calls, which possess features commonly exploited by scammers. Teleoperators cannot identify organizations routing calls as part of normal international interconnection traffic when utilizing VoIP services from foreign operators to convert the phone number to a Finnish number.

Most similar needs can be met using means that ensure that incoming calls are reliable. Organizations concerned about the potential impact of this solution on their operations should reach out to their respective operators. This will help address the issue and verify whether the problem is unrelated to something entirely different.

Read more: Traficom bulletin about blocking international scam calls

Read more:

Phishing messages remain a growing problem

Denial-of-Service attacks have become more common during the Covid-19 pandemic