27k unique visitors in the last 3 days

US Scam Robocalls Up 55%; STIR/SHAKEN Down 6.5%

Per YouMail's statistics, scam calls to Americans have risen 55% since December. It was inevitable that crooks would learn how to work around STIR/SHAKEN.

Figures produced by YouMail show there have been two consecutive months of rising scam robocalls in the USA. Meanwhile, TransNexus reports the number of US calls that arrive at their destination with a STIR/SHAKEN signature has fallen for the fourth month in a row. A new press release from YouMail estimates there were 620 million scam robocalls in the USA during February compared to 400 million during December, an increase of 55%. Meanwhile TransNexus’ February summary showed there has been a 6.5% decline in US calls terminating with a STIR/SHAKEN signature since October.

Many commentators including the US Federal Communications Commission (FCC) choose to routinely repeat YouMail’s statistics and it is my opinion that YouMail is the most reliable provider of statistics about robocalls in the USA. However, close examination of their output sometimes reveals flaws and inconsistencies. This may be due to poor controls over the quality of their marketing but it still means audiences should be more circumspect about YouMail’s figures than they usually are. YouMail’s most recent press release stated that “scam calls increased 4%” between February and January, whilst their press release for robocalls during January said “January saw a stunning 40% increase in scam calls” and then presented a table which showed 600 million monthly robocalls. However, the columns of the latter table were headed “Estimated December Robocalls” and “Percentage December Robocalls” instead of referring to January. Nevertheless, I assume the 600 million scam call estimate is for January. That would mean February’s total of 620 million scam calls is 3% greater than the figure for January, not 4% as YouMail claimed.

YouMail’s press release for December 2024 reported there were 400 million robocalls during that month. That is consistent with calculating a 40% rise in the number of scam calls between December and January. There has also been a significant rise in the proportion of robocalls that YouMail categorizes as scams, and the scale of this rise was somewhat disguised by February being a short month. I am skeptical about YouMail’s ability to categorize calls according to their legality; they do not listen to calls so they cannot reliably tell when a telemarketing call includes falsehoods that are designed to systematically mislead consumers. Nor are they able to listen and identify the conversations that occur as part of a romance scam or other long cons.

Comparing trends in consumer complaints in the US and UK shows US commentators like YouMail are placing too much emphasis on simple repetitive scams executed using recorded messages relative to more elaborate scams involving a live conversation with a scammer. The latter scams have declined far less because they are not so susceptible to basic automated analysis, although they may begin with a robocall before the target is transferred to a human operator. YouMail can only apply a crude assessment of whether a call fits a general pattern indicative of the most common scams. Nevertheless, per YouMail’s statistics, the proportion of US calls made by scammers has risen from 10% in December to 12% in January to 14% in February.

Another wrinkle with trusting YouMail’s figures is that the front page of their Robocall Index website reported that the number of scam robocalls is much higher, at 23%. A screengrab of the graph was taken from their website on March 8 and has been reproduced below. YouMail has not responded to my queries about the discrepancy.

The TransNexus report of STIR/SHAKEN statistics for February has only 42.8% of calls terminating with an intact signature. This represents a drop of 2.5% compared to January. February 2024 still manifested an improvement when compared year-on-year to the figure for February 2023, which was 37.4%. However, there is now a clear pattern of the STIR/SHAKEN signature completion rate climbing steadily until it reached a peak of 49.3% during September and October 2024, and then falling in every month since. TransNexus speculates that this is because of calls being routed over networks that defeat STIR/SHAKEN, which is dependent on SIP signaling being implemented from the origin to the termination of a call.

The combination of increasing participation yet decreasing coverage suggests that more calls are being routed across non-IP segments in the call path, where SHAKEN information is lost.

Caution should also be applied when relying upon these statistics. TransNexus has visibility of a large portion of US traffic, but not of the whole. Other sources claim that US coverage of STIR/SHAKEN is above 80%, although they do not consistently publish figures in the transparent manner of TransNexus. The difference is likely due to the kinds of telcos included in the statistics. If a statistic is biased towards the traffic passing between the largest US mobile operators then the coverage rate will be higher. On the other hand, high coverage rates mean less in this context because criminals do not originate large numbers of robocalls on the networks of major US mobile operators. The crooks that make the most scam calls typically rely on different entry points to the telecoms ecosystem that make it easier to originate robocalls in bulk. That makes trends in TransNexus’ statistics a more useful indicator of the extent to which there are gaps in STIR/SHAKEN coverage that will be exploited by bad actors.

I have consistently warned anybody who would listen (mostly Europeans) and those who refuse to listen (mostly Americans) of four problems with STIR/SHAKEN:

  • It will take many years for a country like the USA to change every network so that all calls are conveyed on IP networks from end-to-end. In the meantime, sophisticated bad actors will choose to drive traffic along routes where STIR/SHAKEN is impotent. This is why STIR/SHAKEN has failed to have the promised impact on the number of Americans who fall victim to scams.
  • Unscrupulous businessmen have hijacked the goal of consumer protection for their own selfish purposes. They do not care if scammers can work around STIR/SHAKEN because their intention was to create a scenario where telcos would be pressured to upgrade to IP networks, which will then allow them to increase revenues from telemarketing. Even partial coverage of STIR/SHAKEN leads to increased telemarketing revenue, which is why they pushed the FCC to enforce the adoption of STIR/SHAKEN on IP networks although coverage of US domestic calls was bound to be incomplete.
  • Most other markets have much less telemarketing than the USA. Telemarketing calls which would be legal in the USA are often illegal elsewhere. This means telecoms businesses in other markets have less financial motivation to adopt STIR/SHAKEN, and were unlikely to be fooled into thinking STIR/SHAKEN would be an effective way to reduce consumer scams when compared to simpler controls that the US refuses to implement. US attempts to lobby foreign regulators and telcos have largely failed because they rely on hyperbole about the effectiveness of STIR/SHAKEN to reduce scams in a domestic context whilst assuming the audience is ignorant of superior methods of immediately reducing scam calls that originate abroad.
  • The problems with STIR/SHAKEN that are found in a domestic context are exacerbated when trying to apply STIR/SHAKEN to international calls. The patchy coverage observed in the USA would be much worse when transposed to the entire planet and the multiplicity of international routes available. Even if two countries agreed to implement the same underlying technology to make call signatures interoperable there would be serious governance questions that have not been addressed by American lobbyists. Genuine problems with the relationship between the technology, enforcement and national sovereignty have been completely ignored by American lobbyists because they are so inconvenient.

The weaknesses of STIR/SHAKEN have been obscured by the lack of a reliable impartial measure of all the kinds of scams executed over communications networks. There has been an endless stream of commentators who have insisted that the US strategy for consumer protection is ‘taking steps in the right direction’ based on figures which have never been subjected to independent audit. Falsehoods have been repeated because of a lack of scrutiny. I consider YouMail to be an essentially honest business but they sell their anti-scam and anti-spam solutions to both consumers and big businesses so they cannot be treated as an impartial source of information. It was inevitable that there would come a time when YouMail would face a conflict created by wanting to report the success of methods used to reduce scams whilst still wanting to motivate new customers for their consumer app. Even if errors with their figures do not reflect any bias, there have been errors with YouMail’s numbers on several occasions.

Of the three missions I adopted this year, one concerned the adoption of GSMA Call Check as a cheaper, simpler and universal alternative to STIR/SHAKEN, and another concerned the use of honeypots to scientifically measure scam activity. These latest statistics about scam calls and STIR/SHAKEN reinforce my opinion.

Eric Priezkalns
Eric Priezkalnshttp://revenueprotect.com

During his career, Eric has been a Director of Risk Management for a national telco, the Chief Executive of the Risk & Assurance Group, a Chief Marketing Officer for a software business, a consultant, a public speaker and the publisher of Commsrisk since its launch in 2006. Look here for more about the history of Commsrisk and the role played by Eric.

The comms providers that Eric has worked for include Qatar Telecom, Cable & Wireless, T‑Mobile, Sky and Worldcom. In addition to his proficiency at speaking about the current scamdemic, Eric is also a qualified chartered accountant and a subject matter expert in consumer protection, enterprise risk management, fraud prevention, data integrity and billing accuracy. Eric was the lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He can be reached through the contact form on this website.

Related Articles

The Commsrisk Global Fraud Dashboard


Our Global Fraud Dashboard uses AI-powered search to collate, update and visualize data about scams and other network abuses from around the world. New charts are added each month. See it here.

Get Our Weekly Newsletter by Email