LOL @ the FOIA request bit. Seriously he hit the nail on the head. Weve seen this before and there is honestly little that can be done. On 12/11/2013 03:20 PM, Peter Beckman wrote:

You tell the customer that there is nothing you can do. There are so many resellers of resellers, spoofing CallerID is practically brainless, and bad actors will complete millions of calls, maybe even billions, using anyone's ANI they want. Best you can do is offer to block calls from people who are being jerks complaining to your customer who didn't make the calls.

The phone system is decentralized, and while that is generally great, it sucks for this.

There is nothing that can be done that will be effective. You can complain to lots of places, but unless the call is going through their network, and how could you possibly know what network the call is going through, they can't help. Even if it is, they might decide not to help.

A non-profit independent organization would have to get all the carriers involved to allow for tracking who sent what calls where and when. And us little guys won't get access, so we'll have to cut a ticket to our carrier to their carrier before we get a response a week later.

Or you could ask for an FOIA request from the NSA. Pretty sure they'd know.

Beckman

On Wed, 11 Dec 2013, Jared Geiger wrote:

...

One of our customers is reporting that their ANI is being used to make calls. I've verified that the traffic isn't traversing our network, but I'm not sure of where to look next.

The customer doesn't necessarily want to know who is making the calls, but wants them to stop. I know I can contact Verizon, who owns the number, but since the calls aren't being originated from us or our customer, I'm not sure how they can help.

Does anyone have ideas of how to go about blocking this since we aren't the LEC owner of the DID?

~Jared

---------------------------------------------------------------------------

Peter Beckman Internet Guy beckman at angryox.com http://www.angryox.com/ ---------------------------------------------------------------------------

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

Having been at the receiving end of mad customers (not ours) and even having the LEOs show up at our front office asking us to stop our customer from spamming some poor entity/person (at one point an emergency center in another state, not 911 directly). I have seen two problems emerge. 1. Numbers can be spoofed, there is nothing we can directly or quickly do about it. 2. Law enforcement need training on how to properly address this problem, they are clueless. Dealing with 1, when we receive a call from an upset customer that one of our numbers is spamming them (as often as not they only found the 10k block not if we owned the 1k block) we check the problem and find it is actually not from our network (it has never been yet). I give them one of these lines every time: "What you are seeing is a call party number. This is the number being shown but not actually the number calling. Unfortunately we cannot help stop this because the call is not actually coming from our switch. You need to contact your phone provider and ask them to block the actual number that is calling. Provide them with your number, the number that called, and when they called. Ask them to find the "real" number and ask them to block it" alternatively if they only looked up the 10k block and we don't own that 1k block we tell them "We requested this block of numbers for our area and only kept 2000 (whatever value it really is) of those 10000 numbers. We do not own that block but here is the company that does. Please contact them and also contact your carrier as you are probably only seeing a call party number. Ask them to find the "real" number calling and block it, provide them with your number, the number that called, and when they called." These actually have a positive effect on the customer (we will never end up with their service as it always seems they are out of area, lol) and it gives them a new purpose and new tools to fight with. I also throw out there http://localcallingguide.com. Dealing with 2, whenever we deal with them we point them to http://localcallingguide.com and give them a similar rundown to how call party works as we do customers. We also explain to them how number blocks work (they are as bad about only finding the 10k blocks) and what portability with phone lines looks like. We tell them the best way to get results from a Telco is to provide the calling, called, and time. There is a limit to the amount of information we can give back out even to LEOs without a subpoena but if we can help mitigate a problem (assuming it is from our network) we will at least stop it. Other than our contact with the law enforcement we deal with we cant do much about their overall training. Community question: Would it be viable/worthwhile for law enforcement to have an agent in each department with access to tools (NPAC and others) to look up a number and contact the correct Telco? Is this something we even want? Brian Date: Tue, 17 Dec 2013 10:44:45 -0500 From: scott at sberkman.net To: voiceops at voiceops.org Subject: Re: [VoiceOps] Spoofed Traffic If there is money behind the effort, you might want to try reaching out to a Internet Security consulting firm for a "vishing takedown". They can help put pressure on the right carriers and assist in working with local LEOs. On 12/11/2013 08:25 PM, Ryan Delgrosso wrote: LOL @ the FOIA request bit. Seriously he hit the nail on the head. Weve seen this before and there is honestly little that can be done. On 12/11/2013 03:20 PM, Peter Beckman wrote: You tell the customer that there is nothing you can do. There are so many resellers of resellers, spoofing CallerID is practically brainless, and bad actors will complete millions of calls, maybe even billions, using anyone's ANI they want. Best you can do is offer to block calls from people who are being jerks complaining to your customer who didn't make the calls. The phone system is decentralized, and while that is generally great, it sucks for this. There is nothing that can be done that will be effective. You can complain to lots of places, but unless the call is going through their network, and how could you possibly know what network the call is going through, they can't help. Even if it is, they might decide not to help. A non-profit independent organization would have to get all the carriers involved to allow for tracking who sent what calls where and when. And us little guys won't get access, so we'll have to cut a ticket to our carrier to their carrier before we get a response a week later. Or you could ask for an FOIA request from the NSA. Pretty sure they'd know. Beckman On Wed, 11 Dec 2013, Jared Geiger wrote: One of our customers is reporting that their ANI is being used to make calls. I've verified that the traffic isn't traversing our network, but I'm not sure of where to look next. The customer doesn't necessarily want to know who is making the calls, but wants them to stop. I know I can contact Verizon, who owns the number, but since the calls aren't being originated from us or our customer, I'm not sure how they can help. Does anyone have ideas of how to go about blocking this since we aren't the LEC owner of the DID? ~Jared --------------------------------------------------------------------------- Peter Beckman Internet Guy beckman at angryox.com http://www.angryox.com/ --------------------------------------------------------------------------- _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops

Alex, Good info, I was not aware of this. We will start handing this info out to LEOs as well. Its an easy enough flow they won't need to learn a whole new system for it. If its not in NPAC they will still need something like http://localcallingguide.com to find the original carrier. Thanks Brian

Date: Tue, 17 Dec 2013 13:33:18 -0500 From: abalashov at evaristesys.com To: voiceops at voiceops.org Subject: Re: [VoiceOps] Spoofed Traffic

On 12/17/2013 01:23 PM, Brian R wrote:

...

Community question: Would it be viable/worthwhile for law enforcement to have an agent in each department with access to tools (NPAC and others) to look up a number and contact the correct Telco? Is this something we even want?

Note that Neustar does have, and has had for a very long time, an LEO-oriented IVR that dips NPAC for the true carrier affiliation of a number.

http://www.npac.com/the-npac/access/law-enforcement-agencies-psaps/ivr-syste...

-- Alex

-- Alex Balashov - Principal Evariste Systems LLC 235 E Ponce de Leon Ave Suite 106 Decatur, GA 30030 United States Tel: +1-678-954-0670 Web: http://www.evaristesys.com/, http://www.alexbalashov.com/ _______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops