Americans received 80 billion unwanted robocalls over the past 12 months. While it is difficult for consumers to wrap their heads around such a gaudy number, the reality is that following a brief dip during the COVID-19 lockdown, unwanted calls increased by 6% in the first half of 2021 compared to the same period last year.
Robocalls are up, but it is not for a lack of effort by policymakers, regulatory bodies, carriers and industry innovators to thwart bad actors. Over the past year:
- The Federal Communications Commission (FCC) has enforced a June 30, 2021 deadline for voice service providers with more than 100,000 subscribers to implement STIR/SHAKEN.
- The FCC has required carriers that have not fully implemented STIR/SHAKEN detail practices and plans to significantly reduce the origination of illegal robocalls in the FCC’s Robocall Mitigation Database.
- The FCC announced a record $5.1 million fine for election robocalls and a $225 million fine for non-election robocalls, the largest penalty ever levied in the FCC’s history.
- A group of senators led by US Majority Leader Charles Schumer and Senator Kirsten Gillibrand called for legislation — The (DO NOT) Call Act — to increase penalties for automated and illegal phone calls.
- A bipartisan coalition of 51 attorneys general called on the FCC Commission to accelerate implementation of anti-robocall technology.
Tier-1 carriers have made great strides reducing the volume of robocalls traversing their networks over the past several months. However, to fully convert this robocall mitigation momentum into results, there is a need for all stakeholders to expand the battlefield as bad actors shift tactics.
Avoid tunnel vision on tier-1 carriers
Tier-1 carriers have been proactive in meeting the FCC’s STIR/SHAKEN requirement, and the results bear this out: the top six carriers (AT&T, CenturyLink, Charter, Comcast, T-Mobile and Verizon) account for less than 5% of high-risk calls, reflecting a shift in robocall origination and transit to smaller VoIP providers. At the same time, carriers that have implemented STIR/SHAKEN verified more than 55% of total calls in July, up from 35% at the beginning of the year.
Verizon, for its part, completed STIR/SHAKEN implementation two years ahead of the June 30, 2021 deadline. The carrier estimates it has protected over 78 million customers from 13 billion unwanted calls through that deadline. Given that Verizon is exchanging STIR/SHAKEN-enabled calls with wireless carriers that collectively represent around 80% of the US wireless industry, it is clear why bad actors focus robocall campaigns away from Tier-1 carriers.
Expand battlefield to VoIP providers
With Tier-1 carriers accounting for such a small share of high-risk calls, it begs the question of who the culprits are. The answer? VoIP networks, which now account for the largest share of unwanted call originations.
Sixty-six percent of all high-risk calls and 61% of all nuisance calls originate from VoIP telephone numbers (those utilized by MSOs and VoIP providers). Furthermore, VoIP networks make it relatively easy to spoof caller ID; the percentage of unwanted calls on VoIP networks increased to 38% in the first half of 2021, rising from 17% in 2020.
The FCC is directing increased scrutiny towards VoIP providers, issuing multiple cease-and-desist letters earlier this year and more recently adopting a Notice of Proposed Rulemaking (NPRM) requiring domestic gateway providers (made up of mostly VoIP providers) that accept international calls to implement STIR/SHAKEN.
Smaller, regional carriers need feasible path to STIR/SHAKEN
While VoIP network providers are the home for the majority of robocall activity, smaller, regional providers are also vulnerable to robocall bad actors as many have yet to implement STIR/SHAKEN. Why? Because implementation can be costly, time-consuming and require technology resources not readily available to smaller providers.
Considering more than 95% of high-risk calls originate from non-Tier-1 telephone resources, supporting Tier-2 and Tier-3 carriers’ robocall mitigation efforts is paramount. This means equipping them with solutions to quickly and economically go-to-market with a call authentication solution, instead of spending months on interoperability testing and other cost-intensive components of STIR/SHAKEN implementation and deployment.
The numbers back up how much work remains to be done. US PIRG Education Fund, an independent, non-partisan group that works for consumers and the public interest, tracked that among 3,063 providers that reported their status to the FCC as of September 3, only 17% said they’d completely implemented call authentication technology, and 27% indicated partial implementation.
Stay ahead of evolving robocaller tactics
TNS’ bi-annual report, which draws from an analysis of 1.3 billion daily call events across hundreds of carriers, affirmed that a big reason consumers are still inundated with robocalls is that bad actors are elusive in evolving their tactics, tools and technologies.
Neighbor spoofing using low-volume spamming (spreading a very low volume of calls across a very large set of telephone numbers to avoid analytics engines) remains popular with bad actors. Use of same area code saw a 127% increase and use of same area code and prefix saw an increase of 52% using this low-volume spamming technique.
And while much of the robocall attention centers around mobile phones, 41% of inter-carrier calls placed to wireline numbers in the first half of 2021 were unwanted compared to 21% of calls to wireless numbers. The fact that wireline numbers are now approximately twice as likely to receive an unwanted call as wireless numbers is a reminder that robocalls are not simply a mobile problem.
This increase in robocall traffic on VoIP networks, along with bad actors’ new tactics, reinforce the need to aggressively expand robocall mitigation efforts beyond Tier-1 carriers in the weeks and months ahead to ensure that positive robocall mitigation momentum is not undermined by a lack of focus on where vulnerabilities still exist.