Wangiri Warnings in the USA and Pakistan

Regular readers of Commsrisk will know that wangiri fraud appears to have reached an all-time high, with more and more countries warning phone users not to dial back when they receive missed calls from mysterious overseas locations. That trend has continued with customers in the USA and Pakistan being told about the dangers of the ‘one cut’ scam.

The Federal Communications Commission (FCC), the US regulator, recently told American customers not to call back “unknown late-night callers using the ‘222’ West African country code”.

The Federal Communications Commission is alerting consumers to reported waves of “One Ring” or “Wangiri” scam robocalls targeting specific area codes in bursts, often calling multiple times in the middle of the night. These calls are likely trying to prompt consumers to call the number back, often resulting in per minute toll charges similar to a 900 number.

Recent reports indicate these calls are using the “222” country code of the West African nation of Mauritania. News reports have indicated widespread overnight calling in New York State and Arizona.

Meanwhile, Pakistani social media has been lit up by users saying there have been waves of wangiri calls.

However, it is unwise to believe every message spread on social media, and there are some signs that alarming messages have been written by the kinds of troublemakers who like spreading fake news. Pakistani publication Dawn reported that the following message is being shared virally using WhatsApp:

Please pass this message to your family and friends NOW. People have been receiving calls from Tel: +375602605281 Tel: +37127913091 Tel: +37178565072 Tel: +56322553736 Tel: +37052529259 Tel: +255901130460 or any number starting from +371 +375 +381 These guys only ring once and hang up. If you call back,they can copy your contact list in 3sec and if you have a bank or credit card details on your phone, they can copy that too… +375 code is for Belarus. +371 code is for Lativa. +381 Serbia. +563 Valparaiso. +370 Vilnius. +255 Tanzania. Don’t answer or Call back. Also, Don’t Press #90 or #09 on your Mobile when asked by any caller. It’s a new trick which is use to access your SIM card, make calls at your expense and frame you as a criminal. URGENTLY FORWARD this message to as many friends as you can to stop any intrusion!!

In contrast to the panic in Pakistan, the Telecom Regulatory Authority of India (TRAI) has decided to drop an old regulation designed to protect customers from wangiri. A direction issued in late April rescinds a 2012 order to take away international direct dialing from prepaid mobile users unless the customer has explicitly requested the service.

TRAI’s motivation in 2012 was to protect naïve customers who might be tricked into returning wangiri missed calls. That decision has been reversed because the Cellular Operators’ Association of India (COAI) proposed to implement controls that identify suspected wangiri calls originating in 46 countries, and to send SMS messages to customers warning them not to return calls from unknown international numbers.

Whilst the Indians may believe their approach mitigates the risk of wangiri, the only real solution would involve effectively identifying the bad actors and the numbers they abuse. Wangiri only works because criminals tell everybody the numbers they want them to dial. A smarter industry should identify those numbers more rapidly, and then instantly block all calls from those numbers. That is the thinking behind the RAG Wangiri Blockchain ledger, which is being developed in cooperation with Orillion and will be formally launched at the RAG Bonn conference in two weeks. The ledger will allow authorized telcos to upload the numbers being used in wangiri attacks that have hit their customers. Then any business – telco or supplier – will be allowed to access the data for free, powering the technology they use to block calls. Wangiri blockchain project leader Tony Sani wrote about his ambitions here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.