Scam Interceptors

[Bill]

I’ve been watching some of the BBC’s scam interceptors lately and find it amazing that the people making this program are able to do what they do, and it begs the question why the police aren’t doing the same given the huge amounts of money that’s stolen this way every year.

It seems to me that the police choose to stand back from this sort of thing claiming it’s too difficult to do anything as most of the call centres are outside the UK. They could do what the BBC do but it’s far easier for them to just to tell people to be on their guard, and that’s exactly what they do, but it’s not working. The vast majority of these call centre scams are clearly from India, but the BBC and police will never include race as part of their warnings despite the fact it’s one of the biggest giveaways.

These days, all our phone calls are digital, and technology exists not only to identify the country of origin of the call but also to pick up and identify specific key words. The governments intelligence people at GCHQ have been doing this for years in their fight against terrorism so why not use this same technology to against the scammers? Unlike the terrorists though, there’s no need to actually catch the culprits, just cut the call off and they’re effectively out of business.

Sadley this country is full of people only too ready to tell us why something like this would never work, who are more concerned with commercial and potential civil rights issues and afraid to step on anyone’s toes. Time to change!

 

Bill 😊

[Evil Sid]

They are more a nuisance to me but also a source of amusement.

I am one of those people who like to see how long it takes for them to either get fed up and hang up or lose their rag and start raising their voice.

Personal best for getting them fed up 15 minutes.

personal best for them losing it 4 minutes seventeen seconds.

average time for both is about eight minutes.

Quickest time for a hang up, 1 minute after i had informed them that all calls are recorded for training purposes....🤣

not getting as many calls from Dave from Microsoft technical department as i used to, i hope he is not ill.

most of the calls i do get are starting with life insurance which eventually lead to them asking for bank details to set up a direct debit. my usual reply is that as a widower with no kids they are rather pointless for me.

then there is the personal safety alarm ones that start out as being free provided you sign up for their service at some high cost per month. not so much a scam but i already have such a device that cost me nothing as it was the father in laws.

when activated it calls the first of three pre-set numbers and carries on in turn until it gets a reply. it has a speaker facility that activates when it does get a reply so you can talk to the other end if you are able to. you can even record your own message for when the other end does pick up.

that the police do very little is not that surprising when the case may take months to come to court, if ever, and the alleged criminal usually gets off with either a fine that is laughable or a cautionary slap on the wrist and told not do it again.

 

[Observer II]

Well we can't send them to prison, can we ?!    😉

[Confused52]

On 7/16/2024 at 12:35 PM, Bill said:

I’ve been watching some of the BBC’s scam interceptors lately and find it amazing that the people making this program are able to do what they do, and it begs the question why the police aren’t doing the same given the huge amounts of money that’s stolen this way every year.

Info from the BBC says "Using the same remote-access technology that criminals use to scam their victims, and in a race against the criminal hackers, the team will quickly identify and contact victims in the middle of real-time scams to try to stop the crime before it happens."

So they hack in to the call centre PCs and watch what is happening on the screen. The Police will not do that I fear. I expect that it might be easier still if they have control of an internet connection through which the scammers are making phone calls to mobiles because they can then use well known NAT weaknesses to get into scammers local networks. I have seen them find and watch webcams in the past.

[Bill]

Seems that having detected a scam, one of the biggest problems for the BBC is that they can’t contact the person being scammed due to them being on the phone. The ideal solution would be to immediately cut off the call, but only the phone companies can do that.

They’re quick to cut you off if you don’t pay your bills. I’m certain they could provide an instant cutoff facility that would solve this problem, but they probably won’t unless they can make money out of it. Ironically, a couple of decades back it wouldn’t have taken much more than a few lines of code to do this, but now our phone network is fragmented and spread over several continents.

 

Bill 😊

[Confused52]

12 hours ago, Bill said:

Seems that having detected a scam, one of the biggest problems for the BBC is that they can’t contact the person being scammed due to them being on the phone. The ideal solution would be to immediately cut off the call, but only the phone companies can do that.

They’re quick to cut you off if you don’t pay your bills. I’m certain they could provide an instant cutoff facility that would solve this problem, but they probably won’t unless they can make money out of it. Ironically, a couple of decades back it wouldn’t have taken much more than a few lines of code to do this, but now our phone network is fragmented and spread over several continents.

 

Bill 😊

Actually the phone companies would  find that quite impossible. It could not have been done in the past either because you can't pick out a a single call and multiple operators make it close to impossible to develop such a facility. It has been that way all the time stored programme control exchanges have been in service in the UK. The scope for abuse of such a facility alone would have stopped it from ever being developed even at the outset of Digital Exchanges. The possible abuse is indeed the same problem which caused Strowger to invent Automatic Telephony over a century ago.

[Bill]

Time travel might be impossible, but just interrupting a telephone call certainly isn’t. We can do it now but only once we’ve jumped through hoops and filled out enough forms to keep the technocrats and legal people happy.

The problem as I see it is that if there’s no money in it then nobody wants to be bothered; and why should they be when it’s just as easy to tell people to be careful.

 

Bill 😊

[Confused52]

When Ofcom wanted to find where spam calls came from it was necessary to trace calls that customers identified. In order to do that the request to trace had to come from Ofcom itself because no operator would respond to another directly. When a call transited multiple networks the trace had to be repeated until it got to the far end. The tracing was done on billing record data, even if no charge was generated. That wasn't available for 24 hours after the call. What you think is easy was only easy on a captive lab switch with no security constraints not involving multiple switch manufacturers and technologies in multiple operators networks (and that is just the UK network). 

Nobody wants to do it because it involves making changes to code that isn't maintained or supported properly because they were due to be end of life next year. In the mobile network everything is changing at the same time as users move to VoLTE and the old systems and management for them are being neglected. In the case of 3G voice - removed.

Having spent a lot of time on this subject in the past it is a nightmare and the only practical solutions were always dismissed by the regulator in favour of long term solutions that came from the IETF (i.e. IP and SIP based) and were never going to work.

[Bill]

I don’t think you’re getting my point Con.

We all know a mobile phone can be remotely disabled if it’s lost or stolen, and it can also be restored back to normal if it turns up later. I’ve personally had to do this many a time with my work and it involves no more than a mouse click. What sort of latency is involved I’ve no idea, that was never relevant for me, but on a digital system I’d assume it’d be quick if not instant.

In the case of the interceptors, there’s no need to trace any calls. They know where the calls are coming from, and they know the recipients number so all they need to do is end the call by temporarily disabling the mobile sim. Then at their leisure, the interceptors can then re-enable the sim and call the person to explain what just happened. Problem solved!!

Just need to do something similar for time travel now. 😂

 

Bill 😊

[Confused52]

No you aren't getting my point. What you describe as your experience is absolutely true. However in the case that they examine in Scam Interceptors none of the scenario you are familiar with applies. They do not know where the call is coming from - It is common for calls to enter the UK network in the UK, the USA, Canada and EU countries. The way the call is routed is controlled by a computer other than the PC that the BBC can see. Where the call almost never enters the telephone network from is somewhere in India.

Although a mobile terminating number may be known from the screen grab the network controlling that SIM is unknown, it can be one of hundreds of Virtual Networks as well as the Main Networks. The security systems do not let the main network robots take action on a SIM if not actioned by the actual network provider. The scam interceptors do not know which network a mobile phone number is served by and therefore who controls the SIM. There is no centralised database to interrogate to find the owning network, when we tried to make one it fell through because of network security concerns. If you disable a SIM if will not cut off a terminating call in progress, someone else is paying for that call. It would cut off if the HLR is interrogated but a static customer at home is less likely to need to change technology or serving cell site causing a re-registration and HLR interrogation. 

Been there, problem not solved

[Bill]

Ok let’s look at this again with a positive thinking head on. Forget about what some of these companies won’t allow you to do, that’s a just a commercial/legal problem to overcome rather than what defines impossibility.

So, we wave a magic wand, and they agree to provide a list of all the numbers they control. But you say there’s another problem because there’s hundreds of these companies but from what I can see here in the UK there’s actually less than a dozen and that includes the tiddlers.

Now that we have a computer with all the numbers in a database, we just need to type in a number and find it belongs to say O2. The computer then opens O2s remote access portal giving us access to the sim.

Up until this point nothing has been impossible, but I didn’t know suspending the sim didn’t instantly terminate the call simply because the scammer was paying for it. Chances are anyway they’ve hacked into someone else’s phone system so they’re not even paying for the call.

Maybe the problems not 100% solved, just that last bit needs doing.

 

Bill 😊

[Confused52]

I'll give up here; the problem is not the number of MVNO's, it arises because there are multiple MVNOs, MNOs and fixed voice operators and that give rise to needing that database. That data base would have been, and will be, classed as Critical National Infrastructure. That is a fact, it was going to be. Anything beyond limited secure access to regulated bodies and staff would be non-negotiable.