According to an embodiment of the disclosure, a toll-free telecommunications validation system determines a confidence value that an incoming phone call to an enterprises’ toll-free number is originating from the station it purports to be, i.e., is not a spoofed call by incorporating one or more layers of signals and data in determining said confidence value, the data and signals including, but not limited to, toll-free call routing logs, service control point (SCP) signals and data, service data point (SDP) signals and data, dialed number information service (DNIS) signals and data, automatic number identification (ANI) signals and data, session initiation protocol (SIP) signals and data, carrier identification code (CIC) signals and data, location routing number (LRN) signals and data, jurisdiction information parameter (JIP) signals and data, charge number (CN) signals and data, billing number (BN) signals and data, and originating carrier information (such as information derived from the ANI, including, but not limited to, alternative service provider ID (ALTSPID), service provider ID (SPID), or operating company number (OCN)).. In certain configurations said enterprise provides an ANI and DNIS associated with said incoming toll-free call, which is used to query a commercial toll-free telecommunications routing platform for any corresponding log entries. The existence of any such log entries, along with the originating carrier information in the event log entries do exist, is used to determine a confidence value that said incoming toll-free call is originating from the station it purports to be. As a result, said entities or enterprises operating a toll-free number may be provided a confidence value regarding an incoming telephone call, and using that confidence value, further determine whether or not to accept the authenticity of the incoming telephone call and/or based on said confidence value, service the incoming call differently.

Implementations described herein relate to methods, systems, and computer-readable media to label incoming phone calls. A method to label an incoming phone call includes detecting the incoming phone call associated with a caller identifier (ID), determining a location associated with the call, and analyzing a call header of the call to determine one or more call characteristics. The method further includes determining, based on the location and the call characteristics, if the location is spoofed and determining, based on the caller ID and the call characteristics, if an access network associated with the call is spoofed. The method further includes applying a trained machine learning model to determine whether the call is a robocall. The method further includes assigning a label to the call that indicates whether the call is a spoofed call or is the robocall and sending the label to a callee device associated with the call.

A computer-implemented method for proactive fraudster exposure in a customer service center according to content analysis and voice biometrics analysis, is provided herein. The computer-implemented method includes: (i) performing a first type analysis to cluster the call interactions into ranked clusters and storing the ranked clusters in a clusters database; (ii) performing a second type analysis on a predefined amount of the highest ranked clusters, into ranked clusters and storing the ranked clusters; the first type analysis is a content analysis and the second type analysis is a voice biometrics analysis, or vice versa; (iii) retrieving from the ranked clusters, a list of fraudsters; and (iv) transmitting the list of potential fraudsters to an application to display to a user said list of potential fraudsters via a display unit.

A system can be operable to receive a call from a communication device and identify whether the call is a spoofed based on, for example, whether a caller party user equipment associated with a caller identification number (caller ID number) is in an “idle” status, whether there are inconsistencies in the geographic location associated with a calling party’s network and the geographic location determined to be associated with the caller ID number presented, and whether the phone number presented as the caller ID number is registered with a calling party’s network.

A voice communications computer system (“VCCS”) receives a ring signal from a call device having unverified device identification data. The VCCS identifies an audible frequency component and an electronic frequency component of the ring signal. The VCCS identifies a device identification characteristic or a geographic location characteristic based on the audible or electronic frequency components, and identifies a stored identification characteristic associated with the device identification data. Based on a comparison of the stored identification characteristic with the device identification characteristic or geographic location characteristic, the VCCS generates fraud estimation data. In some cases, the VCCS generates call status data based on the fraud estimation data. The VCCS provides the fraud estimation data or the call status data to a user interface device, which is configured to display data or perform a call action for a call associated with the ring signal.

Systems and methods are provided to stop both external and internal fraud, ensure correct actions are being followed, and information is available to fraud teams for investigation. The system includes components that can address: 1) behavioral analytics (ANI reputation, IVR behavior, account activity)—this gives a risk assessment event before a call gets to an agent; 2) fraud detection—the ability to identify, in real time, if a caller is part of a fraudster cohort' and alert the agent and escalate to the fraud team; 3) identity authentication—the ability to identify through natural language if the caller is who they say they are; and 4) two factor authentication—the ability to send a text message to the caller and automatically process the response and create a case in the event of suspected fraud.

Methods and apparatuses for managing spoofed calls to a mobile device are described, in which the mobile device receives a call transmitted over a cellular or mobile network. The call may include a set of information associated with the network, such as a geological location of a device that generated the call, a hardware device identifier corresponding to the device, an internet protocol (IP) address associated with the device, or a combination thereof. The mobile device may determine whether the call is spoofed or genuine based on the set of information. Subsequently, the mobile device may assist a user of the mobile device to manage the call, such as blocking the call from reaching the user, informing the user that the call is spoofed, facilitating the user to report the call as spoofed to an authority and/or a service provider of the network.

In order to confirm that a telephone call received by a network termination on a first connection is from a trusted party, the called party connects over a second, independent, connection 7 to a server associated with the trusted party and shares a code with the server. That code is then transmitted over the first connection and, if the connection is genuine, it is intercepted by the server which generates a message over the second connection confirming that the code has been matched. This gives the called party assurance that the call is from a party associated with the trusted server. If a rogue caller attempts to call the termination, the called party's transmission of the shared code will be routed over the caller's connection, which is not associated with the trusted server, so no match will be identified by the server and no confirmation is returned over the second connection.

One example method of operation may include determining a call received from a calling party and intended for a subscriber device has an elevated likelihood of being a scam call, determining a percentage of calls over a current period of time being filtered as scam calls by a carrier server, when the percentage of calls being filtered as scam calls during the current period of time is above a call threshold percentage, retrieving call history information associated with a subscriber profile of the subscriber device, identifying one or more call patterns from the call history information of the subscriber profile corresponding to the received call, and determining whether to permit the received call based on the identified one or more call patterns.

A system and method may identify a fraud ring based on call or interaction data by analyzing by a computer processor interaction data including audio recordings to identify clusters of interactions which are suspected of involving fraud each cluster including the same speaker; analyzing by the computer processor the clusters, in combination with metadata associated with the interaction data, to identify fraud rings, each fraud ring describing a plurality of different speakers, each fraud ring defined by a set of speakers and a set of metadata corresponding to interactions including that speaker; and for each fraud ring, creating a relevance value defining the relative relevance of the fraud ring.