[AusNOG] "Telstra" scammers still at it...

Chad Kelly chad at cpkws.com.au
Sat Mar 12 16:05:20 AEDT 2022 

Hi Ahh so its basically DMark or Dkim but for phone numbers.
It actually looks like a good system.
If a few major providers rolled this out in Australia Telstra would eventually be forced to.
While they are at it Telstra could get rid of zones for phone numbers as well it’s Voip so its all internet based now a days anyway so you should be able to move numbers more easily oh and they should let you split numbers from a 100 range as well, like the majority of providers.
Well they might still have some legacy PSTN services in regional areas but most of those have been switched.
Regards Chad.

Chad Kelly
Manager
CPK Web Services
Phone 03 52730246
Web https://www.cpkws.com.au
[cid:image001.jpg at 01D8362A.6F5C0EA0]

From: Rob Thomas <xrobau at gmail.com>
Sent: Saturday, 12 March 2022 1:04 PM
To: Sean Agius (Personal) <sean at agius.id.au>
Cc: Nathan Brookfield <Nathan.Brookfield at iperium.com.au>; Chad Kelly <chad at cpkws.com.au>; AusNOG Mailing List <ausnog at ausnog.net>
Subject: Re: [AusNOG] "Telstra" scammers still at it...

This is TRIVIALLY solvable by Australia implementing SHAKEN/STIR, which is a very simple JWT based assertion of Caller.

https://stir.tel has all the info.

In fact, I have a POC Certificate Authority in place for Australia, and written most of the code for a complete attestation and verification system, which is, or soon will be, open sourced as the reference code for the standard.

Sadly, Telstra would have to move into the 2000s and stop requiring ISDN/SS7 for peering, and move to SIP, like the rest of the world.



On Sat, 12 Mar 2022, 9:00 am Sean Agius (Personal), <sean at agius.id.au<mailto:sean at agius.id.au>> wrote:
The proposed implementation by Telstra is flawed. For example, PBX systems that use any type of forward (Sim ring/Unconditional etc.), will be affected by the dropping of that call (If the call forward target is on the Telstra network); unless the forwarded call CLI is presented as Calling Party B. A lot of our clients prefer to know who is calling them, rather than their own business DID. If authorisation was done on PAI, then Diversion, then Calling Number, then there is enough data to backtrack to the root network(s) that allowed the spam/scam call to take place.

As stated, there will be a general consensus to avoid Telstra if/when this gets implemented and starts affecting legitimate use case scenarios.

Regards, Sean.

-----Original Message-----
From: AusNOG <ausnog-bounces at ausnog.net<mailto:ausnog-bounces at ausnog.net>> On Behalf Of Nathan Brookfield
Sent: Wednesday, 9 March 2022 8:08 PM
To: Chad Kelly <chad at cpkws.com.au<mailto:chad at cpkws.com.au>>
Cc: ausnog at ausnog.net<mailto:ausnog at ausnog.net>
Subject: Re: [AusNOG] "Telstra" scammers still at it...

Nope it won’t and that’s not what it’s doing, it’s the opposite…. You can use Telstra CLI’s on other networks without an issue :(

It’s going to cause a massive cluster that’s for sure but I don’t believe it will solve much SPAM calling.

They’ll just avoid Telstra :(

On 9 Mar 2022, at 19:48, Chad Kelly <chad at cpkws.com.au<mailto:chad at cpkws.com.au>> wrote:

Hi Just on this, the Telstra preventing CLIRs I am pretty sure this will prevent the scammers from using any Telstra numbers.
From what I understand the changes will prevent the use of Telstra numbers being used as caller IDs from outside of their network, previously the scammers have been able to use random mobile numbers they have found on the internet as the caller ID this will no longer be permitted on the network level once these changes go through.
I understand from an ISP point of view that the only exception to this will be approved port out requests where Telstra has signed paperwork from the gaining  ISP to say the customer has approved to port their number out.
From how I understand this is being rolled out all other requests to make outbound calls from random Telstra numbers will be blocked at the network level.
Unless the number is on a Telstra account.
This should help significantly with cutting down the amount of scam calls.

Regards Chad.

From: Shaun Deans <shaun at kadeo.com.au<mailto:shaun at kadeo.com.au>>
To: Rob Thomas <xrobau at gmail.com<mailto:xrobau at gmail.com>>
Cc: "<ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>>" <ausnog at lists.ausnog.net<mailto:ausnog at lists.ausnog.net>>
Subject: Re: [AusNOG] "Telstra" scammers still at it...
Message-ID:
   <CA+kVNc811wfDMqREiwoK+ZkZnqMoQgNnkwbeO4n6_23v_bhw0Q at mail.gmail.com<mailto:CA%2BkVNc811wfDMqREiwoK%2BZkZnqMoQgNnkwbeO4n6_23v_bhw0Q at mail.gmail.com>>
Content-Type: text/plain; charset="utf-8"

Random thought experiment... as both someone who's worked in carrier networks and in software what ponders me is...

If my Google Phone app can detect a scammer and tell me before I answer why can't a carrier (source or destination) ?

I understand Google has a massive dataset which the humans feed (for
"free") every day. But I'm sure they just live to offer a service to carrier's for 'extreme scammers' back to carrier's. I understand the CLIR is faked but logs would show it originating.

But as someone else said the scammers' will still pay for the calls. ?

The current projects stopping of overstamping CLIRs outside the network coming back inbound will help immensely.

As someone with experience on both sides (Net & Dev) I'd love to geek out pro-bono on a project.

That said I'm sure Telstra has smarter gals & guys than me trying to crack the code.

Just 2c
_______________________________________________
AusNOG mailing list
AusNOG at ausnog.net<mailto:AusNOG at ausnog.net>
https://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at ausnog.net<mailto:AusNOG at ausnog.net>
https://lists.ausnog.net/mailman/listinfo/ausnog
_______________________________________________
AusNOG mailing list
AusNOG at ausnog.net<mailto:AusNOG at ausnog.net>
https://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ausnog.net/pipermail/ausnog/attachments/20220312/40bd5688/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 97720 bytes
Desc: image001.jpg
URL: <https://lists.ausnog.net/pipermail/ausnog/attachments/20220312/40bd5688/attachment-0001.jpg>

More information about the AusNOG mailing list