How fraudsters use callback spam and what you can do to stop it

Security tips
 | 
April 14, 2022

Gone are the days when spam was an annoying email that we could ignore and place in a ‘junk’ folder. Now, tactics like callback spam aren’t just irritating; they can cause serious financial losses.

These attacks are quickly evolving, so it’s important to understand the tactics and learn to stop them before they spiral out of control.

This article explains callback spam fraud attacks in detail and offers real solutions to stop them.

What is callback spam?

Callback spam, also known as Wangiri, is a widespread global phone fraud tactic targeting individuals and enterprises alike. It occurs when a scammer places calls to a victim and disconnects after one ring, never intending to connect with the call recipient. They instead hope the victim returns the call – and that’s when the fraud happens.

If the callback spam is successful, the victim returns the call and is coerced into staying on the line as long as possible, often by being placed on hold. Now, wasting someone’s time can be considered criminal, but in this case, the return call is routed through an international number racking up international calling fees. The longer the victim stays connected, the more it costs them.

The damage it does

While this form of IRSF (International Revenue Sharing Fraud) sounds dangerous at an individual level, these scams often target enterprises, too. By targeting enterprises with call centers or customer service agents, the scammer has a target-rich environment to target for a successful callback. More successful callbacks mean more profit for the scammer. So, what kind of damage does callback spam end up causing?

A 2019 study from the Communications Fraud Control Association found that Wangiri fraud cost businesses $1.82 Billion in global fraud losses. And these costs only continue to rise.

Callback fraud today: New developments

As with all fraud, callback spam and IRSF fraud are constantly evolving. A new form of callback spam is called ‘Wangiri 2.0’. Unlike Wangiri 1.0 attacks targeting individuals and enterprises, Wangiri 2.0 exclusively targets enterprises. Scammers use bots to fill out sales or customer service forms to request callbacks to premium or international numbers by taking advantage of sales and customer service commitments. The bots are fast, effective, and efficient – and all the scammer must do is wait for the company to meet their SLA and return the call. Easy money, right? The same form of bot-generated callback fraud also targets SMS OTP forms – since premium text rates can be as profitable as a return call.

There are two significant reasons that Wangiri 2.0 attacks are significantly harder to spot than typical callback spam. First, Wangiri relies on a person to call back – individuals can ignore the call and not call back. So, to be successful, the spammer needs to make hundreds if not thousands of calls. These calling patterns can be recognized and blocked with the right anti-fraud systems. Wangiri 2.0 doesn’t require thousands of calls to a call center; just fill out the form and wait.

The second factor that makes Wangiri 2.0 harder to stop is that unlike Wangiri 1.0, where it requires two calls – with 2.0, there is only one call made, the outgoing callback to the premium rate number, and thus only one opportunity to recognize and block the call.

With SMS OTP forms, rate-limiting the frequency of SMS OTP sends helps reduce the impact of the attacks but doesn’t entirely stop the fraud.

How TeleSign can help

Callback spam attacks are coordinated, elaborate schemes that are hard to spot without the right solutions in place. TeleSign Score is one of the best ways to protect your business from unexpected callback spam fraud losses.

Here’s how it works:  

Using advanced machine learning that evaluates global traffic patterns, phone data attributes, and the world’s largest fraud database, Score delivers comprehensive phone number intelligence to protect you against fraud.

Score understands the history, context, and patterns of individual phone numbers and will alert you if a particular number has, for instance, a history of sending large batches of SMS messages in a short period of time - a red flag for IRSF attacks. It also recommends an action (‘allow’, ‘block’, ‘flag’) and uses the action taken to help identify risky numbers quickly and accurately in the future.

Callback spam attacks are here to stay and are likely to continue to evolve. Protecting yourself with a solution to stop these attacks and minimize your exposure can help you avoid surprise losses and improve the profitability of your call center operations.

Want to learn more about how TeleSign can help you lower your callback spam fraud risk? Chat with us today.

Related posts