Telemarketing Fraud Presents an Unacceptable Risk to Businesses

Is there anything more annoying than getting calls from telemarketers? We all get them, and many of us have fallen for one at some point in time. The simplest response is to just not answer calls from unknown numbers, and accept this as a public nuisance that may infringe on our privacy a tiny bit, but otherwise not worth giving any more thought. We’re hitting peak holiday shopping season now, and those calls will keep coming, so this is a good time to put a spotlight on telemarketing fraud.

 

For consumers, telemarketing may only be a nuisance, but wearing our various industry hats, there’s a much bigger story that needs to be told. No Jitter speaks to many audiences, including those in IT, contact center, C-Suite, Finance, Marketing, Consultants and Compliance, and they all to need to understand the risks that arise from the dark side of telemarketing.

 

To set the stage, consider a voicemail recently left on my business phone line – here’s the gist:

This call was unsolicited, I have no idea who the caller is, and I most certainly did not call the number back. So, why did this call happen, and what are the bigger implications for No Jitter readers?

 

There are both legitimate and fraudulent forms of telemarketing. All types of businesses use telemarketing to communicate with customers, as well as initiate engagement with prospects – both via telephony and text messaging.

 

I have long wondered how, in this day and age, the 10-digit phone number is still our most important form of identity. The public switched telephone network (PTSN) may be viewed as an archaic communications network, but it remains a vital channel for most of us.

 

If you’re old enough to remember the White Pages, there was a time when you wanted your phone number – and home address – listed in the phone directory that every household had. Long before the Internet and social media, this was a trusted source for finding and connecting with others in your circle. Today, telemarketing has become so insidious that the last thing you want is to make your phone number accessible to anyone outside your circle.

 

Since the advent of VoIP, mobile messaging, and digital channels, we’ve been using the PSTN a lot less now for human-to-human communication, and a case can be made that most of that traffic is now automated forms of telemarketing. As a result, most of us now no longer trust telephony except among those we know, so there’s a bigger problem at hand here. While legitimate forms of telemarketing can be effective – otherwise they wouldn’t keep doing it, right? – there are all kinds of bad actors that exploit the PSTN in ways that few of us understand.

 

At a high level, there are two basic types – spam and scam – and these terms often get used interchangeably. Spam is one-way communication, where we get bombarded en masse with unsolicited pitches. This is the world of robocalling, where there’s nothing illegal about the activity, and it usually ends once the message has been sent – until you get called again and again with the same annoying message.

 

Scams are far more harmful since the intent is to engage directly with targets to get their personal information and often to conduct fraudulent transactions. These schemes are financially lucrative for the fraudsters, and a scam call's impact is far greater than a spam call's. Like the example I cited earlier, many scams will cite a familiar, trusted brand to appear legitimate, and once you call back, they know every trick in the book to execute the scam.

 

Not only is financial fraud illegal – of course – but so is brand impostering, i.e. misusing brands to conduct the fraud. When legal action arises from consumer fraud complaints, these brands are often the target of litigators, so there is a cost incurred to defend against these claims, along with potential damage to the brand’s reputation, especially in high-profile cases. Aside from their brand being exploited by fraudsters, these types of cases undermine their own, legitimate forms of telemarketing.

 

Another impact of telemarketing fraud that will resonate with many No Jitter readers is how these bad actors exploit telecom networks. The PSTN has always excelled at what it was built for, but the Bell System never envisioned the lengths to which fraudsters would go to abuse their networks to carry out their scams. Fraudsters have devised sophisticated methods not only to run their scams using the PSTN, but to operate them at little cost over carrier networks. This is a murky world unto itself, and a good starting point to learn more would be to read up on “Caller-ID Spoofing” and “One-Ring Scams.”

 

Telecom-related technology is very much at the heart of this story, but so is the realm of regulators and the legal system. To counter this whack-a-mole world of telemarketing fraud, there is an extensive web of regulations with far-reaching enforcement mandates, with much of it driven by well-intentioned policies to protect consumers.

 

This shouldn’t be surprising given telecom’s roots as a regulated utility, and if this is new for you, a good starting point would be the FCC’sTelephone Consumer Protection Act (TCPA). At face value, this provides recourse for consumers who are victims of telemarketing fraud. However, the scope of TCPA violations is broad, creating a litigation-heavy climate where both carriers and companies behind well-known brands are the targets of both small-scale and class action lawsuits.

 

The regulatory landscape is complex, and a key reason why these are targets is that the perpetrators of telemarketing fraud - entities known as lead gen farms - tend to be offshore, beyond the FCC’s jurisdiction. Compounding this is the equally complex carrier world, where call flows often take several hops between fraudsters and their targets, making it very difficult to pinpoint which carrier is essentially enabling these calls to happen.

 

This barely scratches the surface of how these carriers operate, but an important takeaway is that these carriers are not the ones perpetrating the fraud, and in many cases, they aren’t even aware it’s happening until the legal claims arise, and the call flows are traced back to their network.

 

When TCPA violations arise, aside from the monetary fines, the regulators can revoke their operating license, so the implications for carriers are major. This brings us back to the role of technology, as most carriers don’t have to financial means or ability to deploy the monitoring tools that can help defend them against litigation asserting their network is enabling the fraud.

 

Since the FCC cannot directly prosecute the perpetrators, the carriers and the brands are the targets to seek compensation when consumer claims arise. The rationale is clear since these entities are domestic and within the FCC’s jurisdiction, but also because many of them have the financial means to settle these claims. This litigation-based approach may be financially sound – although many of these carriers, known as intermediaries, are small, and these fines could put them out of business- but it’s not addressing the root of the problem.

 

Again, this is where technology comes back into play, as the perpetrators are simply using more advanced technology than what the carriers and the regulators are using to support these claims.

 

The oxygen for telemarketing fraud is the easy accessibility of phone numbers, the sale of which is a big revenue driver for carriers. When a carrier’s numbers are blocked from accessing the PSTN – as a result of a claim labeling them as enabling fraud – the perpetrators will simply move on to another carrier to buy their numbers. During my research, I spoke with Omar Luna, CEO of Voyce Telecom, who described the telecom scamming environment thusly: “The traffic is like water – it goes to the least resistant path. Blocking our numbers doesn’t work, unless the regulators want to shut down the intermediaries. I might go out of business, but the scammers will always follow the easiest, least costly route.”

 

The legal landscape is equally daunting. I spoke with Michele Shuster, Partner at Mac Murray & Shuster LLP, a law firm that helps businesses be compliant with telecom regulations and defend against TCPA violations. She told me, “Telecom carriers are a major channel for marketers, but it’s become difficult for consumers to distinguish between legitimate and illegitimate offers. The risks are real, not just for consumer fraud, but also for entities connected to TCPA violations. Compliance requirements are complex, and business operators should not underestimate this to protect against harm done by bad actors.”

 

This is a just peek behind the curtain for understanding the scope of telemarketing fraud, and as a conclusion, I hope you now see why this is much more than a public nuisance. When regulators implicate brands and carriers for TCPA violations, they may be doing exactly the right thing, but just as likely, they’re not getting the bad guys.

 

Regulatory bodies will levy fines, lawyers will do well and fraud victims will get some degree of compensation, but telemarketing fraud will continue – there are just too many leaks in the dam to eradicate it, and the regulatory framework does not get to the root of the problem

 

The fraudsters are using better technology than the enablers, and can always find a willing source of new phone numbers to keep their schemes going. Initiatives like STIR/SHAKEN can be seen as a potential solution, but it only addresses one problem set, is costly to deploy, and depends on the will of each carrier to implement.

 

What’s really needed is an industry-based response, where the carriers collectively devise policies and solutions to prevent fraudsters from accessing their phone numbers. Tied to this is the need for better technology – namely AI-based – that can intelligently track call flows at scale to block these calls, but also let legitimate calls pass. Currently, it’s all-or-nothing – either all the calls are allowed through, or they’re all blocked – and since carriers are in the business of routing calls, they’re not terribly inclined to do the latter. That might solve the telemarketing fraud problem, but at the cost of them staying in business.

 

I’m oversimplifying things here, but the reality is that these problems will not be resolved any time soon. For the foreseeable future, all the roles I cited at the outset above should recognize the risk facing them as the repercussions unfold once consumers file claims with the FCC.

 

For contact center leaders, mitigating fraud with your customers needs to be viewed right up there with PCI compliance. For CFOs, the financial risks for TCPA violation claims are real, especially since they are open-ended and not fixed. CEOs need to worry about brand reputation management when their company has been tied to a phony scheme like an Amazon gift card scam.

 

Marketers need to clearly communicate that customers provide informed consent when third-party marketing agencies contact them on their behalf. When consumers don’t read the fine print, consent is implied, giving these agencies free reign to contact them repeatedly, and not just for your legitimate campaign.

 

The list goes on, as do the risks that arise when telemarketing fraud isn’t understood in this broader context. Whether you’re buying or selling telephony-related technology, the risk exposure is real, and by the time any legal allegations or claims cross your desk, it’s too late and you’ll need to connect the dots I’ve been talking about here really fast to figure out your next steps. So, the next time you get a shady-sounding call or a voicemail like I did, hopefully, this article will come to mind. Ignore the call – but don't ignore the risk.