Robocalling, voice phishing and caller ID spoofing are common cybercrime techniques used to launch scam campaigns through the telephony channel that many people have long trusted. More than 660,000 online complaints regarding unwanted phone calls were recorded on the top six phone complaints websites in 2015. More reliable than online complaints, a telephony honeypot provides complete, accurate and timely information about unwanted phone calls across the United States. By tracking calling patterns in a large telephony honeypot receiving over 600,000 calls per month from more than 90,000 unique source phone numbers, we gathered threat intelligence in the telephony channel. Leveraging this data we developed a methodology to uniquely "fingerprint" bad actors hiding behind multiple phone numbers and detect them within the first few seconds of a call. Over several months, more than 100,000 calls were recorded and several millions call records analyzed to validate our methodology. Our results show that only a few bad actors are responsible for the majority of the spam and scam calls and that they can be quickly identified with high accuracy using features extracted from the audio. This discovery has major implications for law enforcement and businesses that are presently engaged in combatting the rise of telephony fraud.
Aude Marzuoli is a Data Scientist at Pindrop, an Atlanta-based cybersecuritystart-up. Her work aims at fighting telephony abuse and designing newsolutions to detect phone fraud. She is passionate about data mining, machinelearning, networks and optimization. Aude received the Masters degree inElectrical Engineering from Supelec in France, and the Masters and Ph.D.degrees in Aerospace Engineering from Georgia Tech. Over the past few years,she has worked with NASA, the FAA, European Institutions and airlines tooptimize traffic in the airspace and ensure the resilience of transportationnetworks. She is the author of more than 20 journal and conference papers.