Robocalling and Call Spoofing FAQs
Key Insights to Deliver Trusted Call Experiences
The dramatic rise in Illegal robocalling and caller id spoofing is a big problem in North America, and other regions around the world. Consumers are fed up and have stopped answering the phone when they can't be certain who is calling. In the U.S., the Federal Communications Commission (FCC) is taking a firm stand with stopping these unlawful calls as their top consumer priority. The Canadian Radio-Television and Telecommunications Commission (CRTC) is stepping up its fight against phone fraudsters, as well.
Impact for Businesses
Businesses still need to rely on phone calls to engage with customers, despite the growth in digital communications. But robocalling and calling fraud have impacted contact and answer rates, engagement and customer experience. Brand reputation has been damaged when scammers impersonate a business's identity, but voice service providers are putting measures in place to protect subscribers. Robocall mitigation has also meant that legitimate business calls have been inadvertently blocked or tagged as suspicious.
In recent webinars Neustar has hosted, Are Your Calls to Customers Getting Through? What You Need to Know about the FCC's New Call Blocking Rules and What CSPs Need to Know About the FCC's New Call Blocking Rules attendees asked many important questions that we have answered here to provide insight into addressing robocall mitigation, operations and processes related to outbound calls to customers.
Frequently Asked Questions
What do consumers see on their caller ID display when we call?
Typically, caller ID displays some form of your business name and phone number. While most businesses publish a few phone numbers for main contacts, such as their customer service line, they often have hundreds or even thousands of internal phone extensions and corporate mobiles that do not display the correct information for outbound calls. These may appear as just a phone number, some version of your business name, or just "UNAVAILABLE" or "UNKNOWN CALLER". However, recent initiatives by phone companies to identify potential fraudulent calls could inadvertently flag the call as "SUSPECT SPAM". Neustar can help with an exhaustive audit to understand how your caller ID looks to consumers.
How can we control calling name and number displayed for our caller ID?
Displaying an accurate and consistent caller identity gives customers more confidence knowing who is calling and helps them make the decision to answer the call. Telecom service providers that "own" the phone number manage caller ID information, but the information may not be updated when the number changes hands. Consider using a service that can help you effectively update and manage what is displayed on your outbound calls. Neustar provides 90% of caller ID to the industry and works with over 850 fixed, cable and mobile operators to ensure accurate first party information is displayed, rather than outdated information stored in back office systems.
How do we ensure caller identity works across all phones: fixed, cable, VoIP AND mobile phones?
Although it is clear that communication is exceedingly becoming mobile, be aware that you may be calling a person on a wide variety of phone technologies. Despite cord-cutting trends, 45% of households still have landline phones. And given the personal nature of mobiles, many consumers often provide their landlines for business-related call backs. Neustar can help with a holistic approach to deliver an accurate display over all phone technologies.
If my caller ID display is incorrect, or missing, can't I just have my telecom service provider fix it?
Multiple telecom service providers participate in the delivery of service for those you call. You can't fix it with your service provider alone. To have a consistent caller ID, you would have to provide all of the business phone numbers that you use to make calls, to every service provider that helps with delivery of those calls, so they can associate your business name to each of those numbers. Neustar provides a single interface to over 850 carriers to simplify management and ensure consistency for caller ID.
How do we ensure our calls are not blocked or marked as spam?
As telecom service providers begin implementing call blocking services to protect consumers, legitimate business calls may be inadvertently tagged as spam. Some legitimate calls are even being blocked before they reach the consumer. You can identify your outbound calling phone numbers and those numbers that never originate calls. By providing your outbound calling numbers to Neustar, we mark these numbers as verified business numbers, so they are whitelisted and accidental blocking or inaccurate spam tagging is prevented.
How do we get our toll-free callback numbers added to the whitelist so that will not be flagged as "spam"?
Neustar's Caller Name Optimization service makes no distinction between toll-free or non toll-free telephone numbers. Either can be registered by a business for purposes of direct management and whitelisting through Neustar's Trusted Brand Display portal.
How do you address legitimate numbers that are being utilized by spam/scam/traffic pumping activity?
Legitimate business telephone numbers (TNs) managed through Neustar's Trusted Brand Display central hub, are distributed by Neustar to its partners throughout the voice ecosystem (e.g. Mobile Operators, Mobile App providers). These TNs are then protected from spam/scam tagging and inadvertent blocking practices.
How does one whitelist numbers from a call center?
Neustar Caller Name Optimization supports both direct management and whitelisting of legitimate outbound telephone numbers.
How do I know if number assigned was previously marked as 'probable fraud'?
Neustar is able to validate individual telephone numbers against our Robocall Mitigation fraud model, and to work with partners to understand the 'reputation' of a telephone number (TN) across multiple service providers - to see if a particular TN has previously been tagged as having been used for nefarious or fraudulent activities. Stay tuned for future announcements regarding Neustar's 'TN Reputation' service.
How can you be sure the caller name shows in all markets?
With literally thousands of telecom providers across the US, it is difficult to provide a guarantee of 'all markets', however, Neustar manages the largest Caller Identity database in the United States with over 85% market coverage and growing. We provide Caller ID services to all major wireline, wireless, cable and VoIP CSPs, as well as to the leading Caller ID mobile apps.
How do we know or measure the impact of false blocks our company may be experiencing?
In many cases, businesses are not even aware their outbound calls are being tagged as 'spam' or blocked entirely. Neustar is able to provide this view to prospective clients, or you may also measure your outbound call pick-up rates for any noticeable decline. The Professional Association for Customer Engagement (PACE) recently cited a 20% decrease in outbound call centers answer rates in 2017.
We have been told it is up to the customer's carrier to display the caller id display name. Is that true?
The Terminating Carrier (carrier for the called party) has responsibility to display a caller's name, however, each carrier accomplishes this by dipping to an industry Line Information Database (LIDB) to match a name to an individual telephone number. Neustar manages the largest of these industry databases in the United States, with over 85% market coverage and returning names for carrier queries over 10 billion times each month.
It is a surprise to learn you can display a company name on the caller id for cell phones. Is this really possible?
Yes, business name can be displayed to mobile devices as long as the subscriber has opted into the service. With the pivot to richer content and context in Caller ID capabilities (i.e. logos, pictures, tag-lines, etc.) it is expected that Branded Call Display will become a universal capability on the mobile device.
If we use a dedicated inbound call back number for outbound calls, and this dedicated call back/inbound number is listed as a DNO (do-not-originate) number, would our outbound call be blocked/potentially blocked even though it's actually originating on a valid outbound number?
DNO numbers fall within the FCC guidelines for allowable fraud tagging and blocking. It would be up to individual carrier policy whether the call is actually blocked, or potentially overlaid with some indication to the subscriber that the call is potentially fraudulent in some manner.
How does "whitelisting" protect against "spoofing"? A "bad guy" can spoof a whitelisted number, which does not protect a consumer.
Correct. Whitelisting does not resolve 'spoofing', but rather mitigates the spam-tagging and blocking challenge. Eliminating all fraud in voice calling will follow a multi-pronged approach, with spoofing being addressed by Neustar Certified Caller, an implementation of the STIR/SHAKEN framework in carrier networks.
How do we get our number removed from mobile spam apps like True Number?
As Neustar operates the largest Caller Identity database in the United States, serving major wireline, wireless, cable and VoIP CSPs, as well as the leading caller ID mobile apps, we are well positioned as a central hub to disseminate information regarding legitimate outbound business dialing. We currently have agreements to do so with the largest mobile operators and app providers in the US and continue to build out these capabilities throughout the wider voice ecosystem. Neustar Caller Name Optimization supports both direct management and whitelisting of legitimate outbound telephone numbers.
We have multiple telemarketing offices where we have written consent from customers to legally call and leave messages. A large amount of our calls are being screened as "Scam Likely", how do we go about resolving this with phone carriers?
There are many operators and mobile apps now offering 'scam likely' and 'blocking' services. As Neustar operates the largest Caller Identity database in the United States, serving major wireline, wireless, cable and VoIP CSPs, as well as to the leading Caller ID mobile apps, we are well positioned as a central hub to disseminate information regarding legitimate outbound business dialing.
What prevents a "scammer" from simply whitelisting a phone number?
Neustar has a multi-level approach to validate the legitimacy of businesses, their telephone numbers and calling practices prior to allowing access to either the Caller Name Optimization or Branded Call Display service.
I work in data collection. We call people to do surveys. How can we ensure that we stay off the blacklist?
Currently, your outbound calling practices will largely dictate whether or not any of the multiple spam or blocking algorithms will tag your calls. Neustar is offering a means to not only manage what consumers see when receiving a call from your business, but to 'whitelist' your telephone numbers throughout the voice calling ecosystem from a central location.
When preference management exists at the origination level, say a big box retailer, does call blocking over-ride the original permission given by the consumer?
The voice network would not have any visibility to the originating preference management setting, meaning it is likely that any calls originated from this system would fall into existing analytics and algorithms for spam tagging and blocking.
I often receive scammer calls with a caller ID value that is similar to my own phone number, or a valid local number. Is it possible for carriers to address these?
What you are referring to is known as 'neighbor spoofing'. Bad actors are hoping that if they present ('spoof') a local telephone number, that you are more likely to pick up. Eliminating all fraud in voice calling will follow a multi-pronged approach, with spoofing being addressed by Neustar Certified Caller, an implementation of the STIR/SHAKEN framework in carrier networks.
Would you recommend that a business using a call blocking service for their customers block their own Do-Not-Originate numbers to mitigate fraud? Can you expand on how to avoid blocking a number that violates the FCC's order?
It is always prudent to ensure a business's Do-Not-Originate (DNO) telephone numbers are protected against fraudulent activities. By registering these telephone numbers with a central repository such as Neustar's, these numbers would be shared with partners to ensure they would be flagged and/or blocked should any nefarious actors attempt to utilize them. The FCC rules currently allow blocking of calls from telephone numbers that are invalid, unallocated, allocated but unassigned and DNO.
If a number is ported to a different carrier and was set as a Do-Not-Originate number with the original carrier, will that tag be removed when the new carrier takes over the number?
Today, Do-Not-Originate (DNO) is a feature that can be set at the switch level to enable call blocking within the SS7 network. If a number ports to another carrier, the other carrier would have to set this same telephone number as DNO in their switch to keep the end subscriber from receiving spoofed calls. We are not aware of any "tag" that would follow the TN from network to network.
With regards to Robocall Mitigation with calculation of Fraud Score, how is call volume determined to be low, medium or high? For example, 10 calls per day might be "high" volume for my Aunt Edna but "low" volume for a law firm. Are call volume calculations on a per caller basis?
For the purposes of fraud scoring, volumes are based on prior patterns and trends for individual telephone numbers (TNs) over many years. As an example, a TN that typically makes 1000 calls per day, then suddenly jumps to 10,000 calls, would be suspect and captured in the fraud model/analytics program. Neustar is first and foremost an information services company, serving over 7,000+ of the world's largest brands and helping them to securely connect with their customers, tens of billions of times per day. As such, our fraud model does not rely on volumes alone, but verifies TN data with a myriad of related data points prior to scoring any particular TN.
Will there be a Cause code or SIT tone sent to the originating party that the call was labeled by your SCI?
The Neustar database is only queried by the Terminating carrier, who has responsibility to deliver Caller Name to the call recipient. There is no direct interface with the Originating Carrier, and hence no means for Neustar to deliver notification of a Caller Name overlay.
How does one certify that a number is allocated but unassigned if it is allocated to another carrier?
Each carrier maintains their own telephone number inventory, including which numbers have been assigned. With Robocall Mitigation, carriers may upload their assignment data to the Neustar fraud model to ensure proper treatment as it pertains to scoring and caller name overlay policy.
Does Neustar's service only identify it as a robocall or spoof call OR will it block it?
Neustar provides an information service - i.e. Neustar delivers the telephone number and disposition to its carrier customers, and then it is up to the carrier as to whether they will deliver this information to their subscriber or block the call on their subscriber's behalf.
I keep hearing November as the date the FCC approved the blocking. Our company noticed a dramatic decrease in answer percentage as early as September. What else was going on in the industry that may have caused this?
Although the FCC ruling was released in November, many Carriers and Mobile App providers had been introducing the ability to spam-tag or block calls beginning in late 2016/early 2017. The Professional Association for Customer Engagement (PACE) recently cited a 20% decrease in outbound call centers answer rates in 2017.
How do we stay up to date with new caller ID regulations, standards and solutions?
You can learn more from your telecom service provider or business associations. Many are inputting feedback into the work of the FCC. The Neustar Trust Lab is hosting initiatives for businesses to stay informed and participate in testing new robocalling solutions. Get involved in the ongoing discussions and stay tuned to changing regulations.
Is there a solution that provides protection from call blocking, spoofing, spam tagging, and re-issued or re-assigned phone numbers?
Neustar Caller Name Optimization supports both direct management and whitelisting of legitimate outbound telephone numbers and is commercially available now for businesses. You can also register your DNO telephone numbers to be shared with the industry to deter spoofing. True digital signing of calls from network to network to prevent spoofing is through the implementation of the STIR/SHAKEN standards, or Neustar Certified Caller. Neustar Robocall Mitigation for CSPs helps them inform their subscribers of suspect calling activities, or block known fraudulent calls from traversing their networks.
Does Neustar offer a Caller ID validation service across all carriers?
Yes, Neustar Robocall Mitigation service is available to over 850+ US Telecom Carriers.
Is Neustar providing/managing a CNAM Database for other CNAM providers to use to support carriers so accurate information is always used?
Yes, Neustar does exchange information with other CNAM providers to promote accuracy in Caller Name data throughout the industry.
Does Neustar operate a central whitelist/blacklist. How will this list be kept current (i.e. disconnected numbers)?
Neustar has multiple, ongoing checks to ensure the validity of TN to Business Name data remains in synch including a database scan of both ported and disconnected TN data. Any discrepancies are then sent to the corresponding business owner for resolution.
Since there are only a few mobile networks (AT&T, Verizon, Cingular etc), but plenty of 3rd party carriers that use those existing cell towers, will the wireless services be available to customers who use 3rd party cellular services?
Neustar's goal is to integrate with all mobile operators so that the Call Name Optimization and Branded Call Display capabilities become ubiquitous and available to all mobile subscribers.
Do you anticipate call blocking based on fraud score to be set at the subscriber level? For example, could vulnerable individuals (elders, individuals with cognitive impairments) request more restrictive policies from their carriers?
At this juncture, Neustar's Robocall Mitigation service does not support individual, subscriber-level blocking. There are a number of solutions in this space, and Neustar's network level service is capable of integrating with these subscriber level services to deliver a seamless user experience.
How do we get Neustar Trusted Caller services?
Three are three ways to sign up:
- Web: www.callerid.neustar
- Email: email@example.com
- Call: +1 (855) 898-0036
How do we get involved with ATIS Robocall testing hosted by Neustar?
You can learn about industry testing registration here.
How does your provided service differ from that which iConnectiv provides? Do you have other competitors?
Neustar does not compete with iConnectiv in the CNAM, Call Name Optimization or Branded Call Display space, since iConnectiv does not operate a Line Information Database (LIDB) on behalf of the industry. There are smaller CNAM providers, whom Neustar largely cooperates with, however, Neustar currently manages caller identity capabilities for over 85% of the market (and growing).
Are these call blocking apps available in other countries, for example Canada?
Yes, call blocking apps are available worldwide.
Will the new FCC rules on call blocking stop all illegal calls?
The FCC has an order in place to allow telecom service providers to block suspicious calls from invalid or unassigned numbers. These would include numbers with area codes that don't exist, that have not been allocated to a telecom service provider and numbers allocated but not currently in use. A Do-Not-Originate rule would specifically allow service providers to block calls purporting to be from a phone number when the subscriber to that number requests that those calls be blocked. "Do-Not-Originate" requests from individuals, businesses or government organizations would prevent their phone numbers from being spoofed by robocallers. However, other calls that originate from other seemingly valid numbers are not affected. A decision to block or tag these calls may be tailored by each telecom service provider. Unfortunately, that leaves the opportunity for some illegal calls to still go through. Neustar can help you manage your verified business numbers and those numbers you wish to protect as Do-Not-Originate with all telecom service providers.
Some suspicious calls are tagged as SPAM LIKELY which is causing customers not to answer. How is this handled within the FCC rulings?
The issue of labeling calls as SPAM LIKELY, or something similar, was not addressed by the FCC robocall blocking order. That is an issue that may be examined in the future.
This legal blocking is based on call origination number, not the recipient number, is that right? Can calls be blocked based on termination number?
The FCC's robocall blocking order only addresses calls that appear to originate from invalid, unallocated, unassigned, or do-not-originate numbers. The FCC previously said, with the consent of a terminating subscriber, that carriers can block suspected robocalls from reaching that subscriber. In a sense, that is blocking based on the terminating number.
Is a caller ID showing "Blocked" or "Unavailable" considered invalid?
No, blocked or unavailable Caller ID is not the same as invalid.
What is the exact definition of a robocall according to the FCC?
The definition of robocall is very complex. It depends on the type of call – wireline, VoIP, or wireless – the nature of the call – telemarketing, prerecorded, etc. -- and the type of consent given by the call recipient. It would be best for you to consult with your company's counsel for a detailed analysis.
What happened to the Do Not Call lists? Why are these not used?
The Do Not Call (DNC) database is still in operation at the Federal Trade Commission. Legitimate robocallers still routinely check their planned calling lists against the DNC database. Illegal robocallers, such as those that spoof invalid numbers, don't bother to check their calls against the database.
Who manages the North American Numbering Plan?
Neustar administers the North American Numbering Plan pursuant to a contract with the FCC.
What is the penalty if a call is blocked by accident?
Since there is no safe harbor, a provider could be held liable for violating the FCC's call completion rules and could be subject to monetary penalties.
Is there a scenario (outside invalid, unassigned, DNO) where calls from legitimate phone numbers are blocked?
Yes, although it is not part of the FCC's robocall blocking order. The FCC had previously said that with the consent of a terminating subscriber, carriers can block suspected robocalls from reaching that subscriber. So, if a carrier has permission from its subscriber, it can block calls that it suspects of being robocalls, some of which may be legitimate calls.
According to the FCC, is it against their order to block cold callers?
The FCC robocall blocking order only addressed blocking calls that appeared to be from invalid, unallocated, unassigned or do-not-originate telephone numbers. It did not discuss cold callers. There are many nuances to whether a cold call is a robocall and, if it is a robocall, is it legal. It would be best for you to consult with your company counsel.
Once you identify numbers that likely are being used for fraud, do you have a system to transfer those details to law enforcement?
Yes, Neustar will provide a portal to enable all industry participants, including law enforcement, to have access to telephone numbers that are identified as being used for fraudulent purposes (e.g. DNO, invalid, unallocated).
Why is the focus not being placed on the providers/carriers that are allowing this fraudulent traffic into the network?
With the advent of VoIP, calls can be inserted into the network from a laptop computer with spoofed numbers and Caller Name information. There is no originating provider to go after for many of these calls. This particular FCC order targets telephone numbers that are known to be incapable of making calls by allowing terminating carriers to block calls from those numbers. The STIR/SHAKEN protocol will require originating providers to validate calls to the terminating provider. This will help to identify fraudulent traffic from the originating end.
What is the FCC Docket number for this order?
FCC Docket 17-59. The FCC docket containing FCC orders and comments by parties is located here.
What is Optional and What is Requirement for operators from this FCC Ruling?
The FCC's robocall blocking order is permissive. Service providers are permitted to block robocalls as described in the order, but they are not required to do so.
Is the Do-Not-Originate list published and available to the public?
No, because publishing that list might expose it to abuse.
How will new caller authentication regulations and standards impact our outbound calls?
New standards, which aim to provide a 'digital certificate' for certified numbers, will soon be available. In the same way that consumers will release payment to a trusted website because it is certified, consumers will take communication from businesses because the calling number is certified. You'll need to ensure your outbound calls appear as certified. Neustar has co-authored the standards on caller authentication and certification and can help your business understand and implement them.
Are providers using SIP to broadcast the caller id on land line calls? Wouldn't ID be imbedded in the call from the calling provider, not the receiving provider?
Broadcasting caller ID information via SIP headers is not widespread in the USA. But even when available, this information is not typically propagated or displayed by the Caller ID systems.
Does Neustar's Caller ID certification solution use the STIR and SHAKEN protocols?
Yes, Neustar has developed its own standards-compliant certification solution, Certified Caller, using the STIR and SHAKEN protocols.
We're seeing a lot of 'customized' SPOOF calls, e.g. customer with phone# 718-453-0012 will often get spoof calls from 718-453-0037 or some other number within the same exchange/block. This is very hard to detect because it's unique to the called number. Would your service also have the ability to detect such kind of traffic?
Yes, certification solutions deployed using the STIR and SHAKEN protocols, such as Neustar Certified Caller, are expected to be able to detect this spoofing.
How does all this work when these scammers start spoofing legitimate numbers? Recently we had our main office number used in some sort of scam campaign. We started receiving a flood of calls from New York. We don't do business outside of a small regional area in Northern California and Southern Oregon. We received hundreds of calls from New York people saying we called them when we didn't.
It is trivial in today's VoIP environment to spoof phone numbers. The STIR/SHAKEN solution has been developed to specifically address this problem. However, the industry is only in the process of implementing and testing interoperability, as performed in the ATIS Industry Robocall Testbed, hosted by the Neustar Trust Lab. Once fully deployed, these types of fraudulent calls will be stopped.
The robocalls are spoofing numbers from within our exchanges, therefore our call screening services don't work. What can we do to stop that?
Deploy a certification solution using the STIR and SHAKEN protocols, such as Neustar Certified Caller.
We receive many complaints from consumers saying they are receiving spoofed calls that show up on their caller IDs as phone numbers of neighbors or other known persons. Can a telephone service provider tell where the call using the spoofed phone number is coming from?
The scenario described here is known as "neighborhood spoofing" and is unfortunately becoming widespread. A service provider can potentially detect where the call is originating, but through an extensive, manual and non-scalable approach. This also assumes that any other service provider in the call path participates. A certification solution using the STIR and SHAKEN protocols, such as Neustar Certified Caller, is expected to address such spoofing.
Can a white listed number be spoofed?
Yes, until the general availability of STIR/SHAKENl authentication, it is possible to spoof whitelisted numbers.
We have noticed a new pattern of robocallers calling a specific number in an exchange. If that number is answered, then they will spoof this verified number when placing further calls. What is being done to address this?
The STIR/SHAKEN solution has been developed to specifically address this problem. However, the industry is only in the process of implementing and testing interoperability, as performed in the ATIS Industry Robocall Testbed, hosted by the Neustar Trust Lab. Once fully deployed, these types of fraudulent calls will be stopped.
What is the plan for TDM to stop robocalling outside of Stir for the future?
The IETF has started work on potential solutions to deploy STIR out-of-band, and Neustar is actively engaged in this work. Current specifications, specifically RFC 8224 and ATIS-1000074, require end-to-end SIP signaling and in-band transport of associated call signatures.
Are the ATIS Testbed summary results available to non-industry entities (e.g., AG's Consumer Protection Divisions) to learn about the types of technologies that may be forthcoming to help consumers?
ATIS intends to publish a Testbed summary for external publication. We expect it will be made available before the end of 2Q 2018.
Blocking is not always the best solution, so when can consumers expect STIR SHAKEN to be fully rolled out?
This is difficult to answer since the answer depends on many external factors. Although Neustar has generally available solutions using the STIR/SHAKEN protocols with Certified Caller, service providers need to take the next step towards making these solutions available to consumers. As currently defined, such solutions would only help end-to-end SIP (or VoIP) calls.