Over a five-month period, Pindrop Security collects and analyzes 100,000 fraudulent calls to a robocall honeypot called phoneypot.
While most of us dread being the recipient of a robocall, Aude Marzuoli actually looks to attract and collect fraudulent calls to her robocall honeypot, aka, the phoneypot. Marzuoli, a data scientist at Pindrop Security, first provided details about the phoneypot and a sample of 100,000 calls it collected in the first half of 2016 during a session at the Black Hat USA security conference last week.
In an interview with
eWEEK, Marzuoli provided additional insight into her study and the results it found.
"We suspected that out of all the phone scams that hit consumers, there would be some infrastructure behind it," Marzuoli told
eWEEK.
What Marzuoli didn't know before conducting the study was how much, or little, infrastructure it takes to place 100,000 calls.
As it turns out, more than half (51 percent) of the calls the phoneypot recorded could be attributed to only 38 distinct telephony infrastructures. Marzuoli defines a telephony infrastructure as a grouping of phone numbers and back-end call centers operated by a phone fraud group. Pindrop's technology
platform provides a voice fingerprinting capability that was used to help analyze recorded calls from the phoneypot.
