According to Ofcom, major phone networks have agreed to automatically ban practically all internet calls from overseas that claim to be from UK numbers.
Criminals have been impersonating a real phone call or SMS by exploiting internet-based calling technologies.
This summer, phone fraudsters targeted over 45 million people.
Ofcom stated that the measures will be implemented quickly as a “priority.”
According to the BBC, one operator has already implemented the new plans, while other phone networks are still looking into how to make it work.
“We’ve been working with telecommunications firms to develop technological solutions, such as banning suspected foreign calls masked by a UK number at source,” said Lindsey Fussell, head of Ofcom’s networks and communications group.
“We anticipate these steps to be implemented as quickly as possible in order to better safeguard clients.”
She went on to say that combating phone scams was a “complicated challenge” that required a collaborative effort from law enforcement, government, other agencies, and industry.
The decision comes after months of talks between Ofcom and the UK telecoms industry.
Will They Be Successful?
Every year, millions of people across the world utilize internet-based calling technology, commonly known as Voice Over Internet Protocol (VoIP), to make free or low-cost phone calls.
WhatsApp, Skype, Zoom, and Microsoft Teams are some of the popular services that leverage this technology.
The news was initially reported by the Sunday Telegraph, which quoted Whitehall insiders who questioned Ofcom’s objectives.
They claim that restricting traffic from international VoIP providers would not prevent scam texts and calls since much of the UK still uses 1970s-era copper-based networks.
However, other experts with whom reporters interviewed disagreed.
Many enterprises, in addition to consumers, employ VoIP technology for internal corporate phone networks.
When a corporate phone network makes a call, the call is transferred from the internet to the phone networks via a VoIP provider.
According to Gabriel Cirlig of the US cyber-security firm Human, telecommunications firms are not scrutinizing the traffic they get from VoIP providers, instead just allowing it to pass across the network.
“Recently, everyone may have access to vital telephone infrastructure because of the simplicity of building your own private-enterprise telephone system,” Mr Cirlig added.
“Because of the reduced entrance barrier, it is very easy for fraudsters to construct their own systems to spoof mobile numbers – cyber-criminals are effectively claiming to be official business telephone networks in order to gain access to legal telco infrastructure.”
He goes on to say that for the time being, the VoIP provider is responsible for ensuring that the calls it sends to telecommunications networks are legal.
“This isn’t a localized issue or limited to one sort of infrastructure; it’s a systemic flaw that permits criminality to traverse all boundaries,” Mr Cirlig explained.
“They don’t want to discontinue this function since it enables the VoIP business model.”
Matthew Gribben, a former GCHQ (UK government intelligence agency) expert, agrees. While working with GCHQ, he used to observe a lot of frauds.
“It’s really the foreign VoIP providers that are enabling these gangs to function technologically,” he added, adding that “it will make a tremendous dent in this.” “It doesn’t solve everything, but it’s a big step in the right direction.”
Experts agree that the only way to fully resolve the issue is to introduce new telephone identification methods that allow phone networks to verify that all calls and text messages originate from a legitimate phone number.
The new protocols, dubbed “Stir and Shaken” in honor of James Bond, were created by an international standards group, the Internet Engineering Task Force, located in the United States.
Mobile providers in the United States have been forced to adopt the protocols by the end of 2021, but Ofcom told reporters in August that full authentication will only be achievable in the UK if the equipment supporting voice services is improved, which is expected to be done by 2025.
