Call Me: Gathering Threat Intelligence on Telephony Scams to Detect Fraud

by Aude Marzuoli
Sept. 15, 2017 1 comment belen_caty Detection & Response honeypot

By tracking calling patterns in a large telephony honeypot receiving over 600,000 calls per month from more than 90,000 unique source phone numbers, we gathered threat intelligence in the telephony channel. Leveraging this data we developed a methodology to uniquely "fingerprint" bad actors hiding behind multiple phone numbers and detect them within the first few seconds of a call. Over several months, more than 100,000 calls were recorded and several millions call records analyzed to validate our methodology. Our results show that only a few bad actors are responsible for the majority of the spam and scam calls and that they can be quickly identified with high accuracy using features extracted from the audio. This discovery has major implications for law enforcement and businesses that are presently engaged in combatting the rise of telephony fraud.

Steven Ulm 5 months, 4 weeks ago

100,000 calls! no wonder their report brought clear results... Good presentation Aude!