33000 direct junk calls to enterprise MS Teams users.
That’s how many unauthorized calls a multinational IT services and consulting company received on its users’ MS Teams accounts in 50 days.
Unwanted junk calls have become a significant issue for enterprise Unified Communications (UC) users, particularly those relying on Microsoft Teams. It’s not uncommon for users to receive calls from unknown numbers on their MS team accounts – with them having no way to know who’s calling.
Any company serious about its security will understand the importance of safeguarding its UC numbers from external users. Besides the obvious security risk, there’s also a productivity issue – users end up answering these calls, wasting company time on these calls, and later, manually flagging them to the company’s SOC. This was exactly what was happening to the MNC we spoke about earlier.
A Story from the Field
The company, with offices and employees across the world, relied on MS Teams for enabling real-time voice communication for its employees. Its VoIP system relied on four SBCs, distributed across Europe and US, to route all calls to its enterprise users on MS Teams.
However, after enterprise users complained of unwanted calls on their MS Teams accounts, the organization put in place a ticketing system for users to flag such numbers.
Each time a user was interrupted by a junk call on MS Teams, they had to deal with the call, and raise a ticket to flag the number to the Voice Ops team/SOC team.
With volumes in the range of up to 20K spam or scam calls a month, the current approach of manually handling these calls and raising tickets is not only time-consuming but also ineffective.
The Solution: Analyzing, Identifying, & Blocking Fraudulent Calls Before They Reach UC Users
The junk call menace on MS Teams is just one of the problems that Assertion® SecureVoice™ solves for enterprise UC setups. Here’s how it does so.
Assertion® SecureVoice™ leverages AI and a continuously evolving database of malicious activity from across the world to combat the growing threats in the UC environment.
Here are some of the different, but malicious and suspicious patterns that Assertion® SecureVoice™ looks for, while detecting malicious calls:
- DID Walking
Attackers attempt to identify enterprise extension ranges by systematically dialing out extensions in a fixed order or by sequentially increasing extension numbers.
By analyzing the sequence of called extension numbers, this solution can identify and block such attacks, ensuring the security of enterprise users.
- Human Voice Detection Fraud
Attackers employ automated calls to detect active phone numbers by analyzing responses from human voices.
By filtering short-duration calls and employing AI heuristics algorithms, SecureVoice™ can accurately identify and flag potential attackers.
- One-Ring Call-Back Fraud
In this type of attack, scammers place missed calls, expecting the recipient to call back. Such calls can lead to social engineering attacks and voice scams.
Assertion® SecureVoice™ identifies these short-duration unanswered calls, effectively mitigating this type of fraud.
- Low Duration Calls
Spammers often inundate enterprise users with numerous short-duration calls, which are disconnected once the recipient realizes they are spam or telemarketing calls. By analyzing such caller behavior, SecureVoice™ can successfully identify and block such spam callers.
- High Fail Rate
Attackers attempt to identify legitimate extensions by calling a large number of extensions and analyzing the response codes. SecureVoice™’s AI detects failed calls and their response codes, enabling enterprises to protect their legitimate users.
- Fixed Duration Calls
Robocallers frequently target enterprise IVR numbers, resulting in a flood of fixed-duration calls that are disconnected by the IVRs. Assertion® SecureVoice™’s AI heuristics algorithm analyzes call durations, effectively identifying and blocking these malicious calls.
- Machine Behavior (Parallel Calling)
To expand their reach, scammers make multiple parallel calls to different extensions within an enterprise. By leveraging an AI expert system algorithm, Assertion® SecureVoice™ can detect parallel calls made by the same caller to multiple extensions, providing organizations with advanced protection.
An example of how Assertion® SecureVoice™ analyzes and categorizes incoming junk calls
How Assertion® SecureVoice™ Helps Enterprises Secure its UC Users on MS Teams
With Assertion® SecureVoice™, companies have
Complete visibility and control into every call going in and out of their VoIP environment.
This means that
- >60% of malicious calls are blocked even before they reach MS Teams users
- Users no longer have to engage with, or even flag malicious calls
- The remaining calls are analyzed and closely monitored, to track their behavior
Assertion® SecureVoice™’s Anomaly Detection
Confidence scores that are updated in real-time to continuously track the behavior of suspicious callers
- Insights into how their telecom service providers fare when it comes to carrying (and dropping) junk calls
- Security insights into targeted attack activity
- Control and visibility over outgoing calls
- Enterprises get a direct line of sight into the calls going out of their environment, while also getting control over
- Blocking of calls to unauthorized locations
- Real-time prevention of toll fraud attempts or calls to high-rate destinations
Wrapping Up
Protecting UC numbers and ensuring the privacy and security of enterprise users has never been more crucial. Unwanted junk calls on MS Teams and other UC platforms pose significant security risks to enterprises.
However, by leveraging the power of AI and implementing intelligent algorithms to analyze call patterns, durations, and behavior, enterprises like yours can proactively identify and block malicious calls.
To see this in action, sign up for a no-cost POC of Assertion® SecureVoice™ for your VoIP setup.