Ending robocalls forever? Researchers reveal new weapon in the war against phone scams

RALEIGH, N.C. — Annoying, anxiety-inducing calls from random numbers with automated recordings waiting on the other end of the line have become an everyday occurrence in recent years. Pretty much everyone has dealt with their fair share of robocalls, and it’s a big reason why many people avoid picking up unknown numbers altogether. Now, researchers from North Carolina State University are offering up a potential new tool in the ongoing fight against robocalls.

The tool, called SnorCall, is an automated system capable of analyzing the content of unsolicited bulk calls. This can help shed light on both the scope of the problem and the specific types of scams commonly perpetuated by robocalls. Snorcall is designed to help regulators, phone carriers, and any other relevant stakeholders better understand and monitor the nature of robocall trends. Importantly, it allows them to take action against any related criminal activity.

“Although telephone service providers, regulators and researchers have access to call metadata – such as the number being called and the length of the call – they do not have tools to investigate what is being said on robocalls at the vast scale required,” says Brad Reaves, corresponding author of a paper on the system and an assistant professor of computer science at NC State, in a university release.

“For one thing, providers don’t want to listen in on calls – it raises significant privacy concerns. But robocalls are a huge problem, and are often used to conduct criminal fraud. To better understand the scope of this problem, and gain insights into these scams, we need to know what is being said on these robocalls.”

“We’ve developed a tool that allows us to characterize the content of robocalls,” Prof. Reaves continues. “And we’ve done it without violating privacy concerns; in collaboration with a telecommunications company called Bandwidth, we operate more than 60,000 phone numbers that are used solely by us to monitor unsolicited robocalls. We did not use any phone numbers of actual customers.”

older man on smartphone in front of laptop
Photo by Andrea Piacquadio from Pexels

How does SnorCall work?

In simpler terms, SnorCall records all robocalls received on monitored phone lines. The tool then bundles together robocalls that use the same audio, lowering the amount of robocalls whose content needs to be analyzed by roughly an order of magnitude. From there, recorded robocalls are transcribed and analyzed by a machine learning framework known as Snorkel that characterizes each call.

“SnorCall essentially uses labels to identify what each robocall is about,” Prof. Reaves explains. “Does it mention a specific company or government program? Does it request specific personal information? If so, what kind? Does it request money? If so, how much? This is all fed into a database that we can use to identify trends or behaviors.”

As a proof of concept, the study authors used SnorCall to analyze 232,723 robocalls collected over the span of just under two years (23 months) across more than 60,000 phone lines.

“Those 232,723 robocalls were broken down into 26,791 ‘campaigns,’ or unique audio files,” Prof. Reaves reports. “And we were able to extract a tremendous amount of information from those campaigns.”

Very importantly, the research team was able to extract the phone numbers used in these scams. Robocallers are known to routinely “spoof” the number they are calling from, making it impossible to tell where the call actually originated. Moreover, scammers also increasingly encourage the people receiving robocalls to call a specific phone number. This could be to resolve a (fictional) tech support issue, resolve a (fictional) tax problem, or resolve a (fictional) issue with Social Security, and so on.

“Scammers can fake where a robocall is coming from, but they can’t fake the number they want their victims to call,” Prof. Reaves says. “And about 45% of the robocalls we analyzed did include this ‘call-back number’ strategy. By extracting those call-back numbers, SnorCall gives regulators or law enforcement something to work with. They can determine which phone service providers issued those numbers and then identify who opened those accounts.”

The project revealed how specific robocall campaigns operate over time

“For example, we saw very clear trends in the number of robocalls about Social Security scams being made during the pandemic,” Prof. Reaves notes. “As COVID shut down offices, we saw the number of Social Security scam robocalls dwindle to nearly zero. And then saw the number of these scam calls ramp back up as COVID restrictions were lifted. This tells us that Social Security scam robocall operations are based in offices – they weren’t able to adjust to conditions where the people behind those robocalls would have to work from home. If nothing else, it helps us understand the level of scale and organization behind these robocall Social Security scams.”

Another benefit to incorporating the Snorkel framework into SnorCall is Snorkel makes it relatively easy to modify SnorCall to meet stakeholder-specific needs.

“For example, if investigators want to focus on a new scam topic, Snorkel is very good at identifying key terms or phrases associated with topics,” the researcher explains. “This could be a valuable feature for investigators who are focused on specific types of criminal fraud.”

“Our findings demonstrate how illegal robocalls use major societal events like student loan forgiveness to develop new types of scams,” adds Sathvik Prasad, a Ph.D. student at NC State and first author of the paper. “SnorCall can aid stakeholders to monitor well-known robocall categories and also help them uncover new types of robocalls.”

“There’s no way we could have done this work without the collaboration of industry partners, including Bandwidth,” Prof. Reaves concludes. “And we are definitely interested in working with other companies in the telecom and tech sectors to help us move forward with efforts to address robocalls in a meaningful way.”

The team presented their project at the USENIX Security Symposium in Anaheim, California.

You might also be interested in:

YouTube video

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *