Telephone Spam, Spoofing, and Phishing

Overview

The UO has noticed a steady increase in unsolicited and undesirable telephone calls to our phone system. Many of us are experienced with email spam, but perhaps new to telephone spam. The pervasiveness of telephone spam has increased dramatically in the past year, and it continues to increase both in its frequency and severity. 

Information

Types of Calls: What are we seeing? 

1)  Spam - Technically speaking all of the annoying calls are Spam. Spam is any unsolicited or undesired electronic communication. Traditional Spam is just someone trying to sell you something. However, there tends to be a correlation between bad actors and Spam. The simple truth is that one cannot know the unsolicited-sales-request is from a reputable party, or the true identity of the caller. For example, one of the most common Spam complaints are phone calls claiming to be from Google which they are not. 

2) Spoofing -  Spoofing is the practice of changing one's caller ID. It's a form of impersonation which is relatively easy for the attacker to do. For example, someone claiming to be calling from the IRS can easily spoof the real IRS toll-free number as their caller ID. It has become common for all spam calls to to falsify their caller ID. Since they know folks are more likely to pickup a call from their own area code and region, you usually see a number that's area code "541" here in Eugene, and often including a common prefix like 541-683. The callers themselves are often off-shore and not in the United States which makes the crime more difficult to track down or enforce. For specific university attacks, the callers tend to spoof a 541-346 number. Historically these were easier to detect because off-shore calls sounded distant and had static. In modern times, these phone calls sometimes sound as clear as a caller who is literally next door. This type of attack is called "Neighbor Scam."

3) Phishing -  Phising refers to the practice of an attacker trying to get you to reveal idenitity or sensitive information. Typically the person phishing lies about who they are and why they want the information they are requesting. The attacker will try to make you act immediately and give you a false reason why you must act or answer immediately. They often threaten things like legal action or some type of fine. The end goal of this type of attack includes things like stealing identity information, or sensitive business information. ACTION: Hang up. Never give out information (of any kind) to an unsolicited caller. For example, if the caller claims to be from your bank. Hangup. You can then login to your bank account online, or call your bank (notice you are calling a known number, and not speaking with the unsolicited caller). You can then ask the bank if they are trying to reach you. 

4) Spear Phishing - Similar to phishing, just that the attacker has taken the time to learn details about the person they are calling. For example, they find someone with a title of accountant, then call posing as a creditor and complaining about a late payment. 

So what can I do? 

  • First and foremost notice whom contacted whom. If you receive a contact in any form (telephone, email, etc), do not assume it is legitimate. Hangup on callers who threaten you, or try to force you to reveal sensitive information. This step is the most important and sometimes overlooked. Did you make the call? Did someone call you? If someone calls you, it requires a different level of caution and special handling.
  • If you use the Teams calling, then block spam or offensive caller directly.
    See: https://service.uoregon.edu/TDClient/2030/Portal/KB/ArticleDet?ID=140409
    (Yes, a Teams user can block calls directly and without asking for Telecom help.)

So what can UO Telecom do? 

  • While we do have the ability to block a number, we can only do it system-wide. Also, if an attacker is spoofing an otherwise legitimate number then we cannot block it. Notably, we cannot block any 541-346 numbers. We are engaged in a long-term process to replace and modernize our communications systems. We hope to have better tools to combat spam and phishing as the new tools become available. Unfortunately, we do not have an answer for much of these types of issues other than to educate our folks to be wary of all unsolicited contact, don't give out sensitive information, and hang-up as need be. 

Why do these folks keep calling and then hanging up on me? (aka- they are driving me crazy!)

  • The telemarketers and spammers are well organized, often having a full call center (usually outside the USA). They use a computer to dial a large amount of telephone numbers. This practice is sometimes called Robo-Dialing. Fortunately or not, the computers aren't always so smart and cannot detect that a human picked up the phone so it hangs up. While this is annoying, had the call actually connected you might of been met with some nasty threats intended to intimidate you into revealing sensitive information.  For this reason, maybe its best you simply "missed their call."

Details

Article ID: 73980
Created
Mon 3/18/19 2:36 PM
Modified
Mon 9/19/22 1:50 PM

Related Articles (2)

How to report phishing attempts to our Information Security Office.
Learn how to use the "Report Phish" button in Outlook to report phishing emails to the UO Information Security Office.