A telecommunications service provider's real time analysis system analyzes communications data to detect potentially fraudulent communications data, where the analysis is performed in real time in the routing path of the communications data. The communications data may include calls (e.g., SS7, VoIP, etc. based calls) and messages (e.g., SMS, MMS, etc.). The real time analysis system rejects potentially fraudulent communications data and non-fraudulent communications data in order to be used in real time in the routing path of the communications data. A rejection by the real time analysis system may cause non-fraudulent communications data to still be sent to the intended destination of the communications data. The real time analysis system can be in the routing path of the communications data without further routing non-fraudulent communications data traffic to the next appropriate hop in the routing path.

Controlled-environment communication systems are increasingly using voice over internet protocol (VoIP) to serve their users. VoIP allows voice to be sent in packetized form, where audio is encoded using one of several codecs. Because of bandwidth constraints, particularly during peak call times, codecs may be used which sacrifice audio quality for bandwidth efficiency. As a result, several features of communication systems, including critical security features. The present disclosure provides details for systems and methods by which a controlled-environment communication system may shift between codecs to perform security-related features or to alleviate bandwidth considerations. This involves the special formatting of control-signaling messages, including session initiation protocol (SIP) and session description protocol (SDP) messaging.

Computer-implemented methods of placing and processing calls in a communications network are provided. The computer-implemented method of processing calls in a telephone network comprises: identifying a plurality of calls that have been made by a particular telephone number to telephone numbers in the telephone network; determining whether a sequence in which the calls were placed corresponds to a correct order for calling those telephone numbers, the correct order being determined based on a predetermined order for calling telephone numbers in the telephone network; and determining that one or more of the calls were made by spoofing the particular telephone number if the sequence in which the calls were placed does not correspond to a correct order.

A system, method and computer-readable storage device are disclosed signing a voicemail and confirming an identity of the speaker. A method includes receiving a request to verify a speaker associated with a communication to a recipient, receiving first data from the speaker in connection with the communication, accessing second data associated with the speaker to verify the speaker, determining whether a match exists between the first data and the second data to yield a determination, retrieving a communication address of the recipient, generating a notification for the recipient, wherein the notification reports on the determination and transmitting the notification to the recipient at the communication address.

Methods and apparatuses for managing spoofed calls to a mobile device are described, in which the mobile device receives a call transmitted over a cellular or mobile network. The call may include a set of information associated with the network, such as a geological location of a device that generated the call, a hardware device identifier corresponding to the device, an internet protocol (IP) address associated with the device, or a combination thereof. The mobile device may determine whether the call is spoofed or genuine based on the set of information. Subsequently, the mobile device may assist a user of the mobile device to manage the call, such as blocking the call from reaching the user, informing the user that the call is spoofed, facilitating the user to report the call as spoofed to an authority and/or a service provider of the network.

Disclosed herein are systems and methods for handling unwanted telephone calls. In one aspect, an exemplary method comprises, intercepting a call request for a call from a terminal device of a calling party to a terminal device of a called party, generating a call recording containing media data transmitted within a connection established by the intercepted call request, determining attributes of the generated call recording, classifying the call as an unwanted call based on the determined attributes, wherein the classification is performed by a classifier trained on previously collected unwanted calls, and wherein the call is classified as unwanted when the attributes belong to an unwanted call class that is known, and handling the call in accordance with the classification of the call, the handling including at least securing information of the call.

A computer-implemented method for validating the origination of an incoming customer call on a wireless communication network may include receiving a SIP invite message at the wireless communication network when the call is initiated, determining whether the SIP invite message includes one or more indicators indicating that the call originated within the wireless communication network from a device with a SIM registered in the wireless communication network, and writing a classification code to a database indicating that the call is validated if the SIP invite message includes the one or more indicators. The method may further include receiving the call at an agent computer device with caller identification information, querying the database via the agent computer device according to the caller identification information to obtain the classification code of the customer call, and suppressing a step used for call authentication if the classification code indicates that the call is validated.

Devices and techniques are generally described for fraud detection. In various examples, first data may be received from a remote computing device, the first data specifying at least one of a first internet protocol (IP) address or a first telephone number by a fraud detection service using an application programming interface (API) of the fraud detection service. In some examples, a first machine learning model of the fraud detection service may determine a first confidence score indicating a likelihood that at least one of the first telephone number or the first IP address is associated with fraudulent activity. In some examples, output data may be sent to the first remote computing device via the API, the output data indicating a determination as to whether at least one of the first IP address or the first telephone number is associated with fraudulent activity.

Methods and systems are described herein for manipulating a communication acceptance screen, manipulating an interactive communication acceptance icon, and restricting access to accounts based on voice communication parameters. In particular, when a communication is detected from one device to another device, that communication may be risky. Thus, the risk is mitigated by giving a user information about the source of the communication to give a user a chance to reject the communication. In addition, in instances where the user accepts the communication, the system enables monitoring the communication and restricting any accounts that are disclosed within the communication.

Systems and methods for detecting indications of a scam caller are disclosed. Call data, such as call audio, is received and used to create a training dataset. Using the training dataset, a machine learning model is trained to detect indications of a scam caller in a phone call. An Interactive Voice Response (IVR) model is trained or configured, using voice samples of speech of a subscriber of a telecommunications service provider, to simulate speech and conversation of the subscriber. A conversational agent is generated using the IVR model and the trained machine learning model. The conversational agent receives a phone call, engages a caller in simulated conversation, and detects indications of whether the caller is a likely scam caller. If the caller is determined to be a likely scam caller, an alert can be generated and/or the call can be disconnected.