A system and method of verifying a caller identification utilizing a server that communicates with a computing device capable of monitoring communication networks for specific communications from an enterprise voice network. The server can push a spoof prevention contact list to user devices. Additionally, the server can receive notifications from the computing device in response to user inputs that allow match analysis to occur with the information in the received notifications. When a match is found, the server can send a notification to a user device to modify a contact name in the spoof prevention list stored in the user device. After a specified time, the contact name can be altered back to the original state. As an example, the contact name in the spoof prevention list may start out as “unverified call,” and be changed temporarily to “verified call” upon receipt of the notification.

A system and method for enabling two-way communication between a residents of a secure facility (inmate, patient, suspect, etc.) and outside parties shares a limited number of telephone numbers (ANIs) by creating distinct communication channels using other data in addition to the shared ANIs.

A voice communications computer system (“VCCS”) receives a ring signal from a call device having unverified device identification data. The VCCS identifies an audible frequency component and an electronic frequency component of the ring signal. The VCCS identifies a device identification characteristic or a geographic location characteristic based on the audible or electronic frequency components, and identifies a stored identification characteristic associated with the device identification data. Based on a comparison of the stored identification characteristic with the device identification characteristic or geographic location characteristic, the VCCS generates fraud estimation data. In some cases, the VCCS generates call status data based on the fraud estimation data. The VCCS provides the fraud estimation data or the call status data to a user interface device, which is configured to display data or perform a call action for a call associated with the ring signal.

Various examples are directed to systems and methods for detecting potentially fraudulent voice calls to a financial services institution. A computing system may receive an indication of a voice call placed by a voice caller to an operator. The computing system may generate a network address indicator describing a network location. The network address indicator may be provided to the voice caller. The computing system may receive an indication of a financial services account indicated by the voice caller. The computing system may also receive an indication of an access to the network location by a remote device. The computing system may determine, using the indication of the access to the network location, a first location associated with the remote device and determine that the first location does not match a second location associated with the financial services account. The computing system may generate an alert indicating that the voice call is potentially fraudulent.

An illegal call detection apparatus comprises a data collecting unit, a preprocessing unit, and a learning unit. The data collecting unit collects, from at least one of a subscriber terminal or a call exchanger, a raw packet generated by the subscriber terminal using a VoIP service, and collects, from the billing server, CDR data related to the raw packet. The preprocessing unit generates learning data by using service usage information extracted from the CDR data and service detailed information extracted from the raw packet, and generates a training image by converting the training data into an image according to a predetermined imaging rule. The learning unit extracts at least one or more features from the training image, and learns whether the training image is related to an illegal call by using the features, through an illegal call detection model.

Embodiments described herein provide for performing a risk assessment using graph-derived features of a user interaction. A computer receives interaction information and infers information from the interaction based on information provided to the computer by a communication channel used in transmitting the interaction information. The computer may determine a claimed identity of the user associated with the user interaction. The computer may extract features from the inferred identity and claimed identity. The computer generates a graph representing the structural relationship between the communication channels and claimed identities associated with the inferred identity and claimed identity. The computer may extract additional features from the inferred identity and claimed identity using the graph. The computer may apply the features to a machine learning model to generate a risk score indicating the probability of a fraudulent interaction associated with the user interaction.

Techniques are described for vetting unwanted calls. At an inbound customer call handling apparatus, a SIP INVITE is received from a destination carrier servicing the inbound customer intended for a destination user agent (UA) device of the inbound customer. The SIP INVITE includes a current origination identifier (ORIG ID) comprised of a fixed length character string. The call handling apparatus accesses a database of stored ORIG ID character strings, each stored ORIG ID character string in the database having been included with a previous SIP INVITE that has been previously associated with an unwanted inbound call. The call handling apparatus analyzes the current ORIG ID character string to determine if it matches any stored ORIG ID character strings in the database. When there is a match to a stored ORIG ID character string, the SIP INVITE is not forwarded to the destination UA device. Otherwise, it is forwarded to the destination UA device.

A method, computer program product, and computing system for receiving input information concerning a conversation between a caller and a recipient; processing the input information to assess a fraud-threat-level; defining a targeted response based, at least in part, upon the fraud-threat-level assessed, wherein the targeted response is intended to refine the assessed fraud-threat-level; and effectuating the targeted response.

Methods and systems are described for authenticating calls. An example method may comprise receiving a message indicative of a call request. Header data associated with the message may be analyzed to determine an attestation value. A signature may be generated based on the attestation value. A signed message comprising the signature and at least a portion of the message may be sent.

A system and method for dynamically providing safe call back numbers to use to respond to an inbound communication, the method comprising parsing message records from a message server, analyzing the message records for untrustworthy phone numbers by comparing content of the message records to a reference data set that is retrieved from a database, the reference data set including genuine and fraud data wherein the genuine and fraud data includes entities and contact information corresponding to the entities, determining untrustworthy phone numbers in the message records from the analysis, and generating remedy actions based on the determination of the untrustworthy phone numbers.