Ofcom orders phone networks to block foreign scam callson October 25, 2021 at 1:44 am

- Advertisement -
- Advertisement -
- Advertisement -
- Advertisement -

UK networks agree to block almost all internet calls coming from abroad if they pretend to be UK numbers.

A woman looks upset while looking at her mobile phone

Image source, Getty Images

Major phone networks have agreed to automatically block almost all internet calls coming from abroad if they pretend to be from UK numbers, Ofcom has confirmed.

Criminals have been using internet-based calling technology to make it look like a phone call or text is coming from a real telephone number.

Almost 45 million consumers were targeted by phone scams this summer.

Ofcom said it expected the measures to be introduced at pace as a “priority”.

So far, one operator has already implemented the new plans, the regulator told the BBC, while other phone networks are still exploring methods of making it work.

“We’ve been working with telecoms companies to implement technical solutions, including blocking at source, suspicious international calls that are masked by a UK number,” said Lindsey Fussell, Ofcom’s networks and communications group director.

“We expect these measures to be introduced as a priority, and at pace, to ensure customers are better protected.”

She added that tackling the phone scams issue was a “complex problem” that requires a coordinated effort from the police, government, other regulators and industry.

The move follows months of discussions between Ofcom and the UK telecoms industry.

Internet-based calling technology, also known as Voice Over Internet Protcol (VoIP), is used by millions of consumers globally to make phone calls free or cheaply every year.

Gabriel Cirlig of US cyber-security firm Human

Image source, Human

Popular services you might recognise that use VoIP include WhatsApp, Skype, Zoom and Microsoft Teams.

The Telegraph, which first reported the story on Sunday, cited Whitehall sources that have cast doubt on Ofcom’s plans.

They say blocking traffic from foreign VoIP providers won’t work to stop scam texts and calls, because much of the UK is still relying on old copper-based ISDN networks dating back to the 1970s.

Security experts the BBC spoke to disagree, however.

Apart from consumers, many businesses also use the VoIP technology for internal corporate phone networks.

Whenever a corporate phone network makes a call, a VoIP provider hands over the call from the internet to the phone networks – a technology called “SIP trunking”.

According to Gabriel Cirlig of US cyber-security firm Human, telcos are not inspecting the traffic they receive from VoIP providers – they just let it through onto the network.

“Recently, because of the ease in implementing your own private enterprise telephone system, everybody can have access to critical telephone infrastructure,” Mr Cirlig told the BBC.

“Because of this lower barrier of entry, it is very easy for scammers to build their own systems to spoof mobile numbers – the cybercriminals are essentially pretending to be legitimate corporate telephone networks in order to have access to legitimate telco infrastructure.”

Cyber-security expert Matthew Gribben

Image source, Matthew Gribben

He adds that right now, it is up to the VoIP provider to check whether the calls it is handing over to telecoms networks are actually legitimate.

“This is not a regional problem or restricted to one type of infrastructure, this is a systemic issue that allows crime to cross any borders,” said Mr Cirlig.

“This feature is enabling the VoIP business model so they don’t want to stop it.”

Matthew Gribben, a former consultant to GCHQ, the UK government intelligence agency, agrees. He used to see ongoing scams while monitoring networks for GCHQ.

“It’s fundamentally the foreign VoIP providers that are technologically enabling these gangs to operate, so it will make a huge dent in this,” he told the BBC. “It doesn’t fix everything but it’s an excellent step in the right direction.”

Unknown caller logo on phone

Image source, Getty Images

Overall, the experts agree that the only way to completely fix the problem is to implement new telephone identification protocols that enable phone networks to authenticate that all calls and text messages actually come a real telephone number.

The new protocols, known as “Stir and Shaken” in a nod to James Bond, were developed by an international standards body, the US-based Internet Engineering Task Force (IETF).

US authorities have ordered mobile operators to implement the protocols by the end of 2021, but Ofcom told the BBC in August that introducing full authentication in the UK will only be possible when the underlying technology that supports voice services is upgraded to become internet protocol-based (IP) networks, which is due to be completed by 2025.

The Body of European Regulators for Electronic Communications (BEREC) told the BBC it can require mobile operators to block, on a case-by-case basis, access to numbers or services in case of fraud. However, it cannot impose Stir and Shaken on EU operators.

“Nevertheless…these protocols are currently [being] discussed at the level of the European Conference of Postal and Telecommunications Administrations,” said a Berec spokesman.

There are also efforts being made by the UK to invest in technologies that improve overall telecoms cyber-security.

Arqit founder and chief executive David Williams

Image source, Arqit

Startup Arqit was asked by BT and the government in 2017 to develop quantum encryption for satellites.

The firm, which listed on the Nasdaq in June, has developed a solution that creates “unbreakable” software encryption keys, delivered via satellite, to secure any device or cloud server.

“The encryption keys we create would take even a quantum computer more than the age of the universe to crack,” said Arqit’s founder and chief executive David Williams.

Arqit recently signed agreements with BT, Northrop Grumman, Juniper Networks and Babcock. It merged with US firm Centricus in September, following approval by the US Securities and Exchange Commission, which consulted with quantum scientists as part of its vetting process.

- Advertisement -

Discover

Sponsor

Latest

Covid homeless scheme not leading to permanent accommodation, warns charityon August 27, 2021 at 12:38 am

A charity says fewer than one in four people helped by the Everyone In initiative now have permanent homes.The data - shared with the...

Curry breaks his own three-pointer record in Warriors winon November 29, 2021 at 7:52 am

Stephen Curry inspires Golden State Warriors to a seventh straight victory as he scored 33 points in a 105-90 win over Los Angeles Clippers.

Drug workers warn heroin treatment shortage will cost liveson June 10, 2022 at 11:55 pm

A shortage of diamorphine means former heroin users have relapsed for the first time in decades.Image source, Getty ImagesAn "unprecedented shortage" of the heroin...

Sarah Everard: Met PC Wayne Couzens charged with murderon March 12, 2021 at 10:44 pm

Wayne Couzens is accused of kidnapping and murdering the 33-year-old who was last seen in south London.Wayne Couzens is accused of kidnapping and murdering...

Ukraine ambassador says even his wife faced delay to get visa when he got the jobon March 9, 2022 at 12:46 pm

Vadym Prystaiko calls for a temporary pause of the the UK's "bureaucratic" visa rules for refugees.Image source, PA MediaUkraine's UK ambassador has said his...