Biology is a heck of a thing. In 1948, chlordane was the first chemical deterrent used in homes. Though chlordane was thought to be invincible at the time, German cockroaches developed immunity within three years. More recently, bed bugs in the United States developed resistance to the most commonly used insecticide in the world. So as you spray your Raid and Black Flag, beware that its effectiveness may only last so long. Just think about the fight against Covid-19. Despite having concocted a vaccine in record time, the world’s scientists fear how mutations of the virus could eventually affect the efficacy of our shots over time. We already see it in antigenic drifts and shifts in flu — the same reason we are given new formulations of flu vaccine every year. In other words, despite man’s greatest strides in science, the spirit of survival (aka evolution) often wins out, even in annoying little bugs. As it turns out, the plague of robocalling is no different.
In this article, we cover:
- The inevitability of evolution.
- The aftermath of STIR/SHAKEN.
- What 2022 holds in store for robocall scams and spam.
This brings us to June 30, 2021. It was meant to be a day of triumph over our robotic prank-calling nemeses. It was the deadline for most voice service providers to switch on the Secure Telephony Identity Revisited (STIR) and Secure Handling of Asserted information using toKENS (SHAKEN) standard, effectively ridding the world of call spoofing — when a fake caller ID is used to deceive a call recipient into believing the call is from someone else.
Well, a funny thing happened on the way to the victory parade.
Despite the fact that we saw a steady decline in robocalls from June 2021 (in which about 4.4 billion robocalls were placed) through September 2021 (in which nearly 4 billion were placed), the numbers have recently ticked back up (about 4.1 billion robocalls placed in each of October and November 2021). For comparison, October and November of 2020 — pre-STIR/SHAKEN — didn’t look all that much different, with about 4.2 billion and 3.8 billion robocalls placed, respectively. That’s right, robocalls were actually up year-over-year in November.
The pandemic itself had a far greater impact on robocall trends than legislation that was seven years in the making. Robocalls were wildly out of control in February of 2020, peaking at just over 4.8 billion calls placed. But the pandemic caused the bottom to fall out over the next two months, with robocalls crashing down by more than 40 percent over the first two month of lockdowns in the United States (March and April of 2020).
You can glean all of these trends and more from our veritable time machine of recent robocall data, the Robocall Index.
What Comes Next in 2022?
Well, just like cockroaches and bed bugs adapting to pesticides, robocallers have found ways to insulate their processes from our deterrents. Rather than leaning so heavily on call spoofing to create the illusion calls are coming from a specific neighborhood, they’ve taken to leasing phone numbers that were legitimately allocated to wholesale VoIP service providers to weasel their way through robocall security.
Caller ID shenanigans be damned, the fraudsters are still finding ways to deceive the general public. From January through the first half of October of 2021, 17.3 percent of spam complaints were from business impersonators claiming to be from fraud prevention departments. Indeed, Amazon and Apple are the top impersonated businesses for fake charge complaints. Amazon accounted for nearly half of all business imposter complaints, followed by Apple (25.5 percent of imposter complaints), PayPal (7.7 percent), CashApp (5.5 percent), Craigslist (5.1 percent), Ebay (4.5 percent), and Zelle (2 percent).
Furthermore, consumers lost more than $27 million to Amazon business impersonation scams from July 2020 through June 2021. That’s from 96,000 targeted people, nearly 6,000 of whom lost money. The median individual loss was $1,000. This is no small matter.
The lesson? STIR/SHAKEN is great, but it’s no silver bullet. Unfortunately, there is no foreseeable scenario in which we can completely lower our defenses because the plight of the robocalling has been completely eradicated.
Into 2022 and beyond, we’re going to continue to need government agencies to provide more tools, like STIR/SHAKEN, to head off specific types of attacks, as well as the cooperation of voice service providers. For the consumer’s part, employing an advanced personal robocall blocking defense, such as that offered for both iOS and Android for free by YouMail, continues to be the most effective strategy available.
As we enter the new year, you’re still free to pop that bottle of champagne and sing holiday diddies with great zeal — and bonus points if you can tell us what exactly an “auld lang syne” is. Rest at ease because YouMail’s No. 1 resolution, same as it is every year, is to continue to win the fight against robocalls in the coming year.