Robocalls are still a problem. In May 2022, upwards of 4 billion robocalls were placed nationwide....
When there’s a knock at the front door, how do you know if it’s opportunity, danger, or pizza delivery? You check your doorbell camera to see whether they’re holding balloons, a gun, or a pie — it also helps if they have on the uniform of the local pizzeria. The same dynamic has become easier to recreate over the phone. Branded calling technology brings a new presentation layer to the authentication of caller identity, helping thwart illegal spoofing attempts. Enterprises can use it to attach identity information to their legitimate calls, including brand name, logo, and text describing the reason for calling.
In this article, we cover:
- New branded calling technology.
- The gaps in STIR/SHAKEN authentication.
- Three brand protection strategies to complement branded calling.
Going back to our analogy, it could be argued that anyone could sew a couple of patches on their clothes to pass as a real pizza delivery person. You can’t really trust they are who they claim to be, can you? When visual evidence isn’t enough, you can use clues to determine credibility. (Did you even order a pizza?) The same can be said for identity spoofing over the phone. Couldn’t fraudsters impersonate a credible brand by simply stealing its logo? And besides, the STIR/SHAKEN caller ID authentication standard would identify spoofed calls, wouldn’t it? Not so fast.
Smaller networks sometimes struggle with TDM network holes that prevent the seamless SIP signaling needed to transfer STIR/SHAKEN data. When that data is lost, voice service providers (VSPs) signaling call traffic via STIR/SHAKEN cannot be assured that the authenticated information of A-level attestation will reach the terminating network or destination. Further, there are no agreed-upon standards for the display of attestation levels on end-user devices.
The waters are further muddied by number owners that originate calls but lease their lines to other entities. This creates a chasm between the validity of the number owner and the content the leasee uses in its call campaign. In other words, in a STIR/SHAKEN world, there is still need for telephone usage behavior monitoring.
The Fraudsters Always Adapt
Like STIR/SHAKEN, branded calls are great in concept, but useful to a limit. Bad actors have proven wily enough to find the weaknesses in their respective defenses. Unfortunately, branded calling technologies are incapable on their own of guaranteeing trust.
This limitation creates greater opportunity for reputation damage. And once a brand’s otherwise good name gets sullied by impersonation campaigns, answer rates for legitimate outreach begin to sag and resources are drained in attempts to reinstate trust. This is no small problem either — the FTC received 2.8 million fraud reports from consumers in 2021, with imposter scams being the most common form of fraud reported, amounting to more than $2.3 billion in losses.
How To Protect Your Brand's Identity?
Follow these three steps to protect your brand reputation:
- Know Your Customer
Mitigate and monitor improperly labeled call events by employing Know Your Customer (KYC) technology. KYC adds intelligent analytics to STIR/SHAKEN protection. Enterprises can use KYC technology to control the consistency of brand name usage and display in branded calling setups. - Know Your Traffic
Robocall mitigation services are available that detect unwanted traffic originating, traversing, or terminating on the network. VSPs use these services to secure their network from illegal traffic and eliminate attacks. - Brand Defense and Monitoring
YouMail Protective Services offers two primary means of protection: monitoring of brand presentation and alerts when a spoofing attack is underway.
- Brand Defense provides full-spectrum protection against vishing attacks. This includes risk management, mitigation of enterprise damages, and deterrence of brand abuse. This turn-key solution features comprehensive service, alerts, reporting, mitigation, and enforcement, including support for litigation against bad actors.
- Brand Monitor provides surveillance of brand identity over the voice channel, including explicit unauthorized brand name mentions in vishing scams, as well as implied references to brand relationships. Our customers are notified upon detection of potential trademark infringement and other inappropriate brand mentions. Users are informed of the potential impact, including the call volume of fraud campaigns.
Enterprises must pay attention to the reality around them. Branded calling isn’t a magic bullet solution against brand impersonation campaigns, the same as STIR/SHAKEN hasn’t ended unwanted and unlawful robocalls.
If your brand or brands need help tamping down the litany of reputation-damaging impersonation attacks, we can help. Schedule a demo today to see how YouMail Protective Services can complement your mitigation strategy.
