Finland has effectively stopped #calleridspoofing from faked Finnish phone numbers - "According to FICORA Regulation 28, the telecommunications operator of the call originating network must ensure that the calling party number it transfers in call origination and, in case of a forwarded (redirected) call, the forwarding number is valid and unambiguous." https://www.kyberturvallisuuskeskus.fi/sites/default/files/media/regulation/EN%20Recommendation%20to%20Telecommunications%20Operators%20on%20Detecting%20and%20Preventing%20Caller%20ID%20Spoofing.pdf #infosec #telcos
Discussion
Loading...
Discussion
RE: https://infosec.exchange/@harrysintonen/111291548609414904
Finland's "Scam call and payment fraud prevention" has won 2025 European Crime Prevention Award:
https://www.eucpn.org/document/finland-scam-call-and-payment-fraud-prevention
As I understand it there were quite some challenges in implementing this #calleridspoofing blocking. My understanding is that the global telephony system is an ancient #hack which can’t really be changed quickly or easily. Any solution that would require major changes or replacing hardware or software globally is unlikely to get much traction. So any relatively quick and robust solution to this problem has to be a local one, and cannot trust any outside co-operation. A major problem is also that the spoofing capabilities have legitimate use cases, which you don’t want to nuke in the process of implementing the spoofing protection.
In Finland, the telcos and #Traficom worked together: Number of different technical solutions were proposed, tested and the best solution(s) were selected, and eventually implemented. I’m sure that something like this has also been done elsewhere, too, or there are ongoing plans to implement something similar.
There are limitations to the solution too: It does not protect spoofing foreign numbers, nor does it protect attacks towards foreign users who are roaming in Finnish networks. It doesn’t not prevent abuse via hacking the #SS7 system itself. It does however block one major attack vector that has been exploited by international fraudsters.
In technical terms this #calleridspoofing blocking is allowlisting - rather than trying to block evil calls, only good ones are let through. As is well understood this is the more robust way to filter things. Doing blocklisting would only result be a game of whac-a-mole with the block lists always trying to catch up.
Elisa, one of the largest telcos in Finland reported that before implementing this blocking, 70-80% of the incoming phone calls from foreign networks were using a spoofed Finnish number (tens of thousands of calls per day). The problem was effectively fixed overnight 2023-10-02 and the spammers gave up within couple of days.
Of course it is still possible to forge numbers, but at least they cannot appear to be originating from Finland. This makes it far easier to weed out spam calls.
bonfire.cafe
A space for Bonfire maintainers and contributors to communicate
Automatic federation enabled