New research from North Carolina State University finds that the number of robocalls isn’t going up, and that answering a robocall doesn’t make you more likely to get additional robocalls. However, stories you’ve heard about individuals getting hundreds of back-to-back unsolicited calls? Those are true.
“These findings stem from a broader study that is the first step toward a more robust set of tools for reducing robocalls, if not eliminating them,” says Brad Reaves, co-author of a paper on the work and an assistant professor of computer science at NC State. “We made some fundamental advances in tracking robocalls back to their source, and upended a lot of the conventional wisdom regarding robocalls.”
“The COVID-19 pandemic has really highlighted the importance of this work, because robocalls have made people less likely to answer phone calls from unknown numbers – and that makes it more difficult for contact tracers to do their jobs,” says Sathvik Prasad, a Ph.D. student at NC State and first author of the paper.
For this work, the researchers define robocalls as automated or semi-automated calls that play a recorded message. To address questions related to robocalls, the researchers worked with communications company Bandwidth Inc. to set up 66,606 phone lines that would be used exclusively to monitor for robocalls. The ultimate goal was to collect data on how robocalls and robocall campaigns worked. The researchers monitored the lines for 11 months, from early 2019 to early 2020.
To provide some sense of scale, the relevant phone lines received 1,481,201 unsolicited calls over the 11-month study period. The researchers used an automated system to answer more than 146,000 of those calls. The system also recorded the calls and analyzed the audio.
“One of our research questions was whether robocalls were getting worse, or becoming more frequent,” Prasad says. “We found that the answer is no – the number of robocalls was virtually identical from month to month.”
“We were also curious about whether answering a robocall made it more likely that a phone line would receive additional robocalls,” Reaves said. “For years, messaging from government agencies and trusted nonprofit organizations has focused on reducing robocalls by not answering calls from unknown numbers. And while we encourage people to avoid engaging with robocalls, we found that answering a robocall has no effect on the number of robocalls you receive.”
The researchers did, however, find that another widespread story about robocalls was true.
“Everyone on the research team had heard stories about a friend of a friend of a friend who had gotten so many unsolicited calls that they couldn’t even use their phone for a day or two,” Reaves says. “And we found that this is a rare, but real, phenomenon. We dubbed these high call-volume events ‘storms,’ and found that they happen when a robocaller identifies itself using a fake phone number – and that phone number actually belongs to someone else. If the robocaller makes hundreds of thousands of calls using the fake number, hundreds of people see it on their ‘missed calls’ list and call it back. The high volume of calls essentially makes it impossible for the person who actually has the relevant phone number to use their phone. However, because robocallers switch numbers fairly often, the inconvenience usually only lasts for a day or two.”
But while those findings are interesting, some of the most important findings stem from the researchers’ analysis of the robocall’s audio recordings.
“First of all, about 62% of the unsolicited calls our numbers received included practically no audio at all – which was surprisingly high,” Prasad says. “And only a little more than half of the remaining 38% contained enough audio data to allow for us to conduct a robust assessment.”
“But what was exciting was that we were able to identify calls that were identical or nearly identical, allowing us to group calls into clusters that were clearly all affiliated with a single campaign,” Reaves says.
“This is a big deal because tracing a call back through communication service providers is a manual process that takes time,” Reaves explains. “We started with answering just over 146,000 calls – it would be impossible to trace them all back. But first we eliminated all the silent calls, that narrows it down considerably. Then we were able to cluster calls together into 2,687 specific campaigns. Most of the campaigns only made a few calls, but a handful of those campaigns made thousands of calls. So, effectively you can narrow down a big chunk of robocalls to only a few campaigns. And you can track those down. That’s a subject we’ll be discussing at greater length in the future.”
The paper, “Who’s Calling? Characterizing Robocalls through Audio and Metadata Analysis,” was presented Aug. 12 at USENIX Security Symposium, where it received the first place Internet Defense Prize from Facebook and a Distinguished Paper award. The paper was co-authored by Elijah Bouma-Sims, an undergraduate at NC State; and by Athishay Kiran Mylappan, a former graduate student at NC State. The work was done with support from the National Science Foundation, under grant number CNS-1849994.
Note to Editors: The study abstract follows.
“Who’s Calling? Characterizing Robocalls through Audio and Metadata Analysis”
Authors: Sathvik Prasad, Elijah Bouma-Sims, Athishay Kiran Mylappan and Bradley Reaves, North Carolina State University
Presented: Aug. 12, USENIX Security Symposium
Abstract: Unsolicited calls are one of the most prominent security issues facing individuals today. Despite wide-spread anecdotal discussion of the problem, many important questions remain unanswered. In this paper, we present the first largescale, longitudinal analysis of unsolicited calls to a honeypot of up to 66,606 lines over 11 months. From call metadata we characterize the long-term trends of unsolicited calls, develop the first techniques to measure voicemail spam, wangiri attacks, and identify unexplained high-volume call incidences. Additionally, we mechanically answer a subset of the call attempts we receive to cluster related calls into operational campaigns, allowing us to characterize how these campaigns use telephone numbers. Critically, we find no evidence that answering unsolicited calls increases the amount of unsolicited calls received, overturning popular wisdom. We also find that we can reliably isolate individual call campaigns, in the process revealing the extent of two distinct Social Security scams while empirically demonstrating the majority of campaigns rarely reuse phone numbers. These analyses comprise powerful new tools and perspectives for researchers, investigators, and a beleaguered public.
This post was originally published in NC State News.