Telephony Denial of Service (TDoS) scams are falling under the close scrutiny of the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) due to a number of attacks affecting Public Safety Answering Points (PSAPs). An increasing number of such attacks have been coming into the FBI’s Internet Crime Complaint Center (IC3)—as many as 200 to date—according to a March 28, 2013 article posted on the Association of Public-Safety Communications Officials (APCO) website. 1 The calls are coming into call centers that handle both administrative and emergency calls for police, fire, and ambulance services. Typically, the initial caller claims to represent a collection agency that handles payday loans in an attempt to collect on a debt owed by a current or former call center employee. The extortionist usually demands a $5,000 payment, and if the recipient refuses to pay, the center is attacked with a barrage of automated calls.
The FBI summarized the threat in a January 2013 scam alert on the IC3 website. “The IC3 has become aware of increased coercion tactics used by the subjects, which have created a threat to emergency services across the nation. The threats have now escalated into a Telephony Denial of Service (TDoS) attack against the victims’ employers, which some have been emergency service agencies. The TDoS attacks have tied up the emergency services’ telephone lines, preventing them from receiving and responding to legitimate emergency calls.” 2
The alert warns that the scammers call victims claiming that there is a warrant out for their arrest because they didn’t pay off their loan. By using technology to spoof a police department’s phone number, these attacks become even more convincing. The scam doesn’t end there. According to the IC3 website, “In order to have the police actually respond to the victim’s residence, the subject places repeated, harassing calls to the local police department while spoofing the victim’s telephone number.” 2
TDoS attacks have been around for quite some time, targeting individuals and other public and private organizations, including the financial industry. Some attacks occur to protest the actions of certain organizations instead of trying to extort money.
If you manage an emergency contact center, be proactive and plan ahead for these attacks. Educate and update your operators on the latest scams like TDoS attacks so they know what to expect. If you haven’t already, put a crisis plan in place that includes steps to follow once an attack occurs so your team is prepared to respond appropriately.
Security software that prevents automated calls can also be a good deterrent to these attacks; software with voice recording capabilities is an important tool in these situations. The authorities could use a recorded call and other recorded information (such as an IP address) to aid in an investigation. Report all attacks on the IC3 website. Read through APCO’s list of best practices checklist that addresses TDoS attacks here so that you and your employees stay prepared.
Kova Corporation offers a variety of customized contact center solutions, utilizing technology from Verint, to assist public safety organizations. From voice recording technology to complete workforce management solutions, we can design an effective system for you. Click here to schedule your discovery session today.
Resources
1. “Telephony Denial of Services (TDOS) to Public Safety Communications Phone Service: Recommended Best Practices Checklist.” March 28, 2013. APCO International online publication, Public Safety Communications. Available at http://psc.apcointl.org/2013/03/28/telephony-denial-of-services-tdos-to-public-safety-communications-phone-service/. Accessed April 3, 2013.
2. Internet Crime Complaint Center’s Scam Alerts. January 7, 2013. Internet Crime Complaint Center website www.ic3.gov. Available at http://www.ic3.gov/media/2013/130107.aspx. Accessed April 3, 2013.
