Pindrop Labs Research Scientist, Aude Marzuoli, has discovered new findings that will start unraveling bad actors who hide behind multiple phone numbers. In her research, Marzuoli has found that 66% of calls made to Pindrop’s Phonypot^TM, a telephony honeypot of clean numbers used as bait to reel in scammers and robocallers, are coming from just a handful of sources.

“In 2015, the Phoneypot received about 8 million calls from about 880,000 phone numbers. Our analysis shows that 1.8% of the sources that called the Phoneypot generated 66% of the online complaints.” – Aude Marzouli

These sources are hard to pin down because each of them calls from many different numbers, but research from Pindrop Labs is now making it easier to identify those bad actors.
Marzuoli will be speaking at this year’s M³AAWG General Meeting in San Francisco February 17th.
Session Details:

Robocalling, voice phishing and caller ID spoofing are common cybercrime techniques used to launch scam campaigns through the telephony channel, which unsuspecting users are traditionally trusting. More than 660,000 online complaints regarding unwanted phone calls were recorded on the top six prominent websites in 2015. More reliable than online complaints, the Phoneypot at Pindrop Security, a telephony honeypot, provides complete, accurate and timely information about unwanted phone calls through out the United States. In 2015, the Phoneypot received about 8 million calls from about 880,000 phone numbers. Our analysis shows that 1.8% of the sources that called the Phoneypot generated 66% of the online complaints. However 68% of sources calling the Phoneypot only call once or twice, hence being able to catch a bad actor operating several phone numbers, can be difficult. Using a combination of natural language processing and machine learning, we developed a tool to identify bad actors hiding behind several phone numbers (whether real or spoofed numbers, or restricted or anonymous phone numbers), no matter if they are calling frequently or not. The results show that only a handful of bad actors are responsible for the majority of the spam and scam calls, and that they can be uniquely phoneprinted based on their audio signature.