War Tactics from ‘The Tomorrow War’ to Combat CLI Spoofing
Chris Pratt’s ‘The Tomorrow War’ was a blockbuster hit. Gripping, terrifying, and wildly redeeming at the end. No spoilers, but one thing that struck me was the sheer numbers of the alien menace that constituted the movie’s main threat. One single alien monster spawning so many lethal ‘Whitespikes,’ each of which threatens the survival of the human species!
Dramatic and fantastical: exactly how I like my movies. But it somehow brought to mind a very real current scenario: the ongoing battle against a looming threat in the telecom world — Caller ID(CLI) Spoofing. Sure, it’s plenty fun to watch videos of bystanders receiving calls from friends pretending to be movie stars or even movie stars pretending to be friends (watch Matt Damon’s funny Bourne prank)! But on a larger scale, Caller ID Spoofing is responsible for breeding so many parallel types of fraud, each one equally menacing and capable of creating a lot of damage, threatening the survival of telecom players.
Scratching the surface of CLI Spoofing
Caller ID Spoofing is a practice by which voice carriers and aggregators intentionally falsify caller ID information to gain an illicit advantage.It also spawns different types of fraud such as Wangiri (short or faked missed calls generated to leave a notification on the customers’ display prompting them to call back), scam calls (people claiming to be from a trusted company to obtain personal or financial information), and even robocalling (where scammers use an auto-dialer that can broadcast millions of calls within hours).
There’s more: OBC Spoofing. VM Brute Force. Call Bombing. Bypass Fraud. All of these are offshoots of Caller ID Spoofing. Not such an innocent threat, after all.
The scale of the problem
Unlike sci-fi fantasy, though, CLI Spoofing is a big problem. Communication service providers have been struggling with CLI spoofing for ages. In most cases, customers who fall victim to such attacks report extreme dissatisfaction with their telecom providers. Studies show that customers have lost millions of dollars through deceptive callers.
This is a massive setback for CSPs because of the cost implications. Leading communication service providers report a steady decline of 20% to 30% per year in call pickup rates. Unanswered calls directly impact revenue and margins from national and international voice and messaging communication services. Consumer distrust for the traditional service provider offerings forces them to switch to other alternatives.
A stitch in time saves nine
A 2020 report by i3 Forum titled ‘Caller ID Spoofing’ succinctly explains why simply using industry standards is insufficient to fight the CLI menace. The challenge is with reaching critical mass — significant enough to cause a dent in the problem. Similar to how, in the movie, merely dispatching soldiers to fight the ‘Tomorrow Battle’ proved futile until they found a way to get to the root of the problem and tear down the impending attack.
In the case of CLI Spoofing, the root is Real-time Signaling Security.
The fact is: nothing beats prevention as the most effective measure of thwarting attacks (watch the movie, you’ll know what I mean). This calls for real-time capabilities based on probabilities, investigation, and comprehensive analysis of fraud signatures.
Ultimately, a real-time approach using a solution that is vigilant and intelligent is the need of the hour.
This brings me to the story of GO Malta and its pioneering approach to fight CLI Spoofing.
“We had observed a significant increase in the instances of CLI spoofing and ‘A’ Number manipulation. It had to be handled quickly and effectively because of negative customer impact.”
Subex Signalling Security
Customers of GO Malta were troubled by recurring instances of CLI Spoofing that was also creating heavy revenue losses for the operator. Fraudsters were getting increasingly clever, using sophisticated tools to avoid detection and persist with their attacks.
Subex Signalling Security Solution helped transform the approach from a reactive to proactive one that immediately provided real-time threat intelligence, a prevention-based approach, and faster decision making.
Within a month, the results were visible.
Subex helped GO Malta detect spoofed calls before the attack, allowing them to rapidly take action by raising alerts to the respective carriers. They are now securing their revenue, enjoying accurate billing, monitoring channel partners — all thanks to greater fraud detection skills and shorter fraud run-time.
“The solution helped us reduce spoofed calls, but we also use the tool to determine if an ongoing call campaign is genuine or not.”
If you’re curious about whether Chris Pratt and his team won the ‘Tomorrow War,’ I promised no spoilers. But, if you want to know how exactly Subex helped GO Malta win its battle against CLI Spoofing.
Originally published at https://www.subex.com on October 11, 2021.