A system and method for dynamically providing safe call back numbers to use to respond to an inbound communication, the method comprising parsing message records from a message server, analyzing the message records for untrustworthy phone numbers by comparing content of the message records to a reference data set that is retrieved from a database, the reference data set including genuine and fraud data wherein the genuine and fraud data includes entities and contact information corresponding to the entities, determining untrustworthy phone numbers in the message records from the analysis, and generating remedy actions based on the determination of the untrustworthy phone numbers.

Novel tools and techniques are provided for implementing monitoring and detection of fraudulent or unauthorized use in telephone conferencing systems or voice networks. In various embodiments, a computing system might monitor call activity through telephone conferencing system or voice network. In response to detecting use of the telephone conferencing system or voice network by at least one party based on the monitored call activity, the computing system might identify incoming and/or outgoing associated with a call initiated by the at least one party. The computing system might analyze the identified incoming and/or outgoing call data to determine whether the call initiated by the at least one party constitutes at least one of fraudulent use or unauthorized use of the telephone conferencing system or voice network. If so, the computing system might initiate one or more first actions.

Techniques for caller verification in Rich Communication Services (RCS) for text messaging are discussed herein. A communication client can be the communication client designated to receive incoming communications for the user equipment. The user equipment may use the communication client to send, to a network device, a Session Initiation Protocol (SIP) instance to set communication client. The SIP instance may include a primary designator and a Universally Unique Identifier (UUID) associated with the client. The network device may store the information for the user equipment including the UUID and capability set. A second user equipment may poll the network device for the communications capabilities of the first user equipment before establishing a connection.

A suspicious call handling system that detects and handles a suspicious call within a communication network includes an outgoing and incoming call information collecting server 10 and session control servers 20A to 20C. The outgoing and incoming call information collecting server 10 includes a storage unit 15 that stores a suspicious call condition, a collecting unit 11 that collects outgoing and incoming call information from each of the session control servers 20A to 20C within a communication network, and a searching unit 12 that searches for a phone call that matches the suspicious call condition from the outgoing and incoming call information and gives a notification of the phone call to the session control servers 20A to 20C accommodating a user to which the phone call is connected. The session control servers 20A to 20C include an action unit 24 that executes an action, which has been set in advance, in a case where it is detected that a call has been transmitted to a user who has received the notification from the outgoing and incoming call information collecting server 10.

A user interface for a fraud detection application includes a visual display; a plurality of panes displayed on the visual display, each pane including an identifier corresponding to a communication received; a graphical representation of a threat risk associated with the identifier; a numeric score associated with the threat risk, wherein the numeric score is a weighted score based on a plurality of predetermined factors updated substantially continuously. The graphical representation may include a status bar indicative of a threat risk associated with the identifier, the threat risk provided by the fraud detection algorithm and based on a weighted score. Each pane may include additional information about the identifier, such as a number of accounts accessed or attempted to be accessed associated with the identifier; a number of days the identifier has been active; a type of channel associated with the identifier; and a number of communications initiated by the identifier over a predetermined period of time. A user may access further information by activating a portion of the visual display to access additional information related to the threat risk. The communication may be a phone call, a chat, a web interaction or the like.

A system may include a processor that may execute computer-executable instructions that cause the processor to receive caller information regarding an incoming communication from a caller and receive a request from a user to route the incoming communication to a virtual assistant application. The virtual assistant application is configured to interact with the caller and determine whether the caller is associated a fraudulent caller activity stored on databases accessible by the processor. The processor may then receive an indication from the virtual assistant application that the caller is associated with the fraudulent caller activity and forward the incoming communication to another party in response to receiving the indication.

There is disclosed in one example a mobile telephone, including: a hardware platform including a processor and a memory; a telecommunication transceiver; and instructions encoded within the memory to instruct the processor to: identify a call made via the telecommunication transceiver; analyze the call and assign the call a predicted local reputation according to the analysis, including a legitimacy confidence score; if the legitimacy confidence score is less than a first threshold, terminate the call; if the legitimacy confidence score is greater than a second threshold, cease analysis of the call; and if the legitimacy confidence score is between the first and second thresholds, continue analysis of the call.

A computer-implemented method and system for improving caller verification is provided. The method comprises registering an intended communications session by generating a key using, at least, a first call time window identifier, and storing the key in a database; in response to registering the intended communication session, receiving a request for caller verification, wherein the request comprises data representing a second call time window identifier; in response to receiving the request for caller verification, generating a comparison key based on the request; comparing the comparison key with the key stored in the database; and verifying the intended communication session in response to comparing the comparison key with the key.

Disclosed are example methods, systems, and devices for allowing caller computing devices to authenticate calls via a service provider computing system. Users may opt to have entities register to contact the user with a positive ID, icon, or other notification on the user's computing device transmitted by the service provider computing system. A caller computing device may use a unique security token of the user to activate the notification on the user's device. The user device may be used to exert control over the security token via a service provider client application running on the user device. The caller computing device may initiate authentication via an API call to the service provider computing system. The caller computing device is able to have items (text, images, documents, etc.) delivered to the user computing device if authenticated.

A system and method may identify a fraud ring based on call or interaction data by analyzing by a computer processor interaction data including audio recordings to identify clusters of interactions which are suspected of involving fraud each cluster including the same speaker; analyzing by the computer processor the clusters, in combination with metadata associated with the interaction data, to identify fraud rings, each fraud ring describing a plurality of different speakers, each fraud ring defined by a set of speakers and a set of metadata corresponding to interactions including that speaker; and for each fraud ring, creating a relevance value defining the relative relevance of the fraud ring.