In 2020, our phones became an even more valuable lifeline to the outside world. But instead of picking up the phone to hear the familiar voices of our friends and families, many of us were greeted with automated robot voices, exclaiming, “Good afternoon, your warranty is up for renewal!” or “Congratulations, you have won a once-in-a-lifetime holiday!”
Even though the number of robocalls declined by 22 percent in 2020 (YouMail), the calls received were more targeted. Cybercriminals were quick to adapt to the pandemic and targeted the most vulnerable, which resulted in them making fewer calls but more money than the previous year.
What happened in 2020?
- Americans received an estimated 45.87 billion robocalls–a 22 percent decrease on 2019’s figure of 58.54 billion (YouMail)
- Americans made 2.86 million robocall complaints to the FTC’s Do Not Call Registry–a 20 percent decrease on 2019’s figure of 3.61 million (FTC)
- Robocalls accounted for 71 percent of all the call complaints received by the FTC (up slightly from 70 percent in 2019)
- 46 percent of all robocalls were scams, 42 percent were alerts or reminders, and 13 percent were telemarketing (YouMail)
- April saw the lowest number of robocalls (2.9 billion) and robocall complaints (113,000) (FTC, YouMail)
- Georgians received the most robocalls per person over the year (280), while Marylanders made the most complaints per 1,000 people (12.3). At the other end of the scale, Alaskans received the lowest number of robocalls per person (34) and made the lowest number of complaints (3.2) along with Mississippians
- The average loss to a spam call was $182 in 2020. Men lost 48 percent more ($297) than women, who lost 50 percent less ($109). 7 percent of victims also lost more than $500 (Hiya)
- At the end of the year, 241.5 million people had registered for the FTC’s National Do Not Call Registry. This is a 2 million increase on 2019’s figures
This report features the costs and trends of robocalls in 2020, including how the COVID-19 pandemic altered the robocall landscape. It also examines the future of robocalls and the action that needs to be taken going forward.
What trends did we see in 2020?
- In March, both bad actors and legitimate call originators struggled with the shutdowns and shifting resources to working from home (TNS). This coincides with the dip in robocalls and complaints in April.
- From April onward things began to climb before the volume of robocalls reached a peak in October–the month before the presidential election. In total, Americans received 434 million political robocalls and 14 billion political robo texts (RoboKiller).
- Political calls accounted for approximately 10% of unwanted call volume from July to October. (TNS)
- Of the complaints submitted to the FTC, imposter scams topped the list, accounting for over 14 percent of all call complaints. Around 1 in 5 people lost money to these types of scams in 2020, with an average median loss of $850.
- As of 20 June 2021, calls and texts accounted for 31 percent of COVID-19 fraud reports received by the FTC (based on known contact methods), costing $43.16 million in total. Phone calls resulted in 76 percent of these losses.
What was the cost?
There is no exact figure which gives us the true cost of robocall scams in the United States. But, thanks to numerous reports on the number of robocalls, scams, and average loss per scam, we can begin to build a picture as to just what the cost may be.
In 2019, the Federal Communications Commission (FCC) estimated that robocalls cost at least $3 billion per year based on lost time alone–not including any monetary losses to fraud.
The FTC, meanwhile, reported that $3.3 billion was lost to fraud in 2020 with the average victim losing $311. Of the 2.2 million fraud reports it received, just over 1.25 million stated the contact method used by the fraudster. Of those who detailed the contact method used, 31 percent said they were contacted by phone and 27 percent by text. 13 of those contacted by phone and 5 percent of those contacted by text reported a monetary loss.
The median loss to phone call fraud was $1,170 and amounted to a total loss of $436 million, while the median loss to texts was $800 and amounted to a total loss of $86 million. As we can see, both of these median losses far exceed the average of $311, being 116 and 88 percent more, respectively.
It is also important to note that these FTC fraud reports are not inclusive of the National Do Not Call Registry figures. Even though the FTC doesn’t provide figures for the monetary losses of these complaints, we can apply the aforementioned statistics to create some estimates for the robocalls. If 2,859,762 robocalls were received in 2020 and 13 percent of these resulted in a monetary loss of $1,170 that would result in losses of around $435 million.
How does this compare to 2019’s figures from the FTC?
Only 5 percent of fraudulent calls resulted in a loss in 2019 with an average loss of $1,000. With a total of 3,616,165 robocalls received that year, this creates an estimated total loss of $180.8 million–58 percent less than 2020.
While high, these costs are a fraction of the estimates produced by several other industry-leading caller ID and spam checker services.
According to TrueCaller Insights, as many as 56 million Americans (22%) report having lost money as a result of a phone scam in 2020–a 30 percent increase on 2019’s figures of 43 million. 61.5 percent of victims suggested this was a result of a robocall. This means around 34,440,000 people may have lost money to robocalls.
The average loss to these scams was $351 (up from $244 in 2019), which puts the estimated total loss to scam robocalls calls at around $12.09 billion. This figure is an 88 percent increase on the estimated $10.5 billion lost in 2019.
A multi-billion-dollar loss is something that’s estimated in Hiya’s State of the Call report, too. A study conducted by the company found that 38 percent of Americans had lost money to a scam call in 2020 with the average loss being $182. This equates to around $23.89 billion worth of losses. Hiya also reported having prevented $2.3 billion from being lost to its customers (worldwide) to fraud in 2020. (No previous $ figures for 2019 are available).
While there are vast differences between the estimates provided, what these figures do suggest is that the amount lost to robocalls is well within the billions, especially considering that so many scams still go unreported. And what it also shows us is that while the number of robocalls declined in 2020, the number of people falling victim to these scams has risen dramatically–as has the amount lost to them.
How did it happen?
According to the FTC, imposter calls were the main type of call complaint for 2020, with 410,962 complaints in total accounting for over 14 percent of all robocall complaints. The other top complaints came from:
- Warranty and protection plans (282,574 complaints – 7.85% of total)
- Reducing debt (166,027 complaints – 5.81% of total)
- Computer and tech support (103,639 complaints – 3.62% of total)
- Medical and prescriptions (85,247 complaints – 2.98% of total)
- Vacation and timeshares (41,446 complaints – 1.45% of total)
- Energy, solar, and utilities (37,797 complaints – 1.32% of total)
- Lotteries, prizes, and sweepstakes (14,563 complaints – 0.51% of total)
- Money-making opportunities (10,943 complaints – 0.38% of total)
- Home improvement and cleaning (8,183 complaints – 0.29% of total)
- Home security and alarms (5,906 complaints – 0.21% of total)
The fact that imposter scams account for the biggest chunk of robocalls is no surprise. From pretending to be government entities or businesses to wearing the guise of a family member or friend, imposter scams target victims using trusted organizations and/or relationships. The FTC also found that government and business imposter scams were at the heart of COVID-19 scam reports. Scammers follow the news and adapt their tactics to suit, whether that’s selling a “cure” for COVID-19, urging someone to sign up for a government or business relief loan, or offering financial help during lockdowns. Scammers found a way to hit the general public where they’re most vulnerable.
For example, Robokiller saw an increase in Social Security scams. They account for 14.2 percent of all spam calls in 2020. This was followed by vehicle warranty scams at 12.9 percent.
The FTC category with the greatest increase in complaints, however, was warranty and protection plans (over double the complaints in 2020 compared to 2019 when there were 116,089). This could be due to the increasing amount of economic uncertainty amid the pandemic. Should things take a turn for the worse, people may have been keen to take precautions to protect their assets. Having warranties in place would help reduce the risk of big payouts in the not-too-distant future.
Another event in 2020 resulted in a huge rise in robocalls, too–the presidential election.
In total, RoboKiller estimates that 434 million political campaign robocalls and 14 billion political texts took place in the lead-up to the election. Over 72 percent of calls (314 million) and 70 percent of texts (9.8 billion) supported Republican candidates and causes.
Even though this isn’t a new campaign tactic, the COVID-19 pandemic meant robocalls were one of the primary ways to communicate with voters. And, inevitably, scammers caught on to this.
According to a survey conducted by TNS, 43 percent of Americans believed they’d been targeted with a robocall or text that contained false or misleading information about the election. 54 percent also believed that these robocalls/texts had been used to try and undermine confidence.
Montana, North Carolina, Wisconsin, Maine, and Iowa saw the largest number of calls per population. All of these states, bar Wisconsin, saw a 200 to 700 percent increase in political calls in the last few weeks before the election. Wisconsin saw a whopping 2,300 percent increase with an average of 1.2 million calls per week.
According to our recent study on personal voter data, all of these states bar Maine have publicly available voter lists. North Carolina’s is even published online for all to see (although phone numbers aren’t included) and there is no law in place surrounding its use. Montana and Wisconsin suggest non-commercial use only, while Maine and Iowa stipulate their voter lists are for political purposes only. However, if scammers are known not to adhere to Do Not Call rules, why should they follow voter list rules?
One particular call gained a lot of traction. This was a 13-second “Stay Safe” robocall that urged voters to stay at home and is estimated by Robokiller to have been made over 3.7 million times. 800,000 of those who received the message were swing state voters. Texas was the main target of calls where 798,000 numbers were dialed, followed by Florida with 534,000.
Robokiller also comments that: “Given the large increase in volume of this robocall on election day, we do believe that the robocall took on a life of its own following the widespread media attention it received. We believe this is evidence that scammers closely follow the US and global media cycles and craft their scams accordingly.”
Read our case study:365 days of phone spam data shows just how bad it’s gettingWhy did it happen?
While robocalls plummeted in the months of April and May when most of the US went into lockdown, scammers were quick to adapt to the situation. The COVID-19 pandemic teamed with the presidential election gave scammers the targeted campaigns they needed to get back on track for the remainder of 2020. They focused on the fact that more people were now reliant on telecommunications, that people were facing uncertain times, and that many were looking for financial help or were keen to protect their finances.
Scammers were also able to find ways around the various measures in place that aim to reduce robocalls. Legitimate telemarketers may adhere to the Do Not Call Registry, but scammers aren’t so courteous. And despite there being various call blockers, caller ID, and spam identifiers available, there’s no silver bullet.
According to TNS, VoIP numbers accounted for 50 percent of unwanted calls and 54 percent of high-risk calls in 2020. VoIP numbers not only give criminals a low-cost way of contacting thousands of people but also enable them to spoof numbers. Whether they spoof a dial code that’s local to the target or they spoof a well-known number (a recent case even saw criminals spoofing “911” numbers), criminals use this method to gain the trust of the recipient so they’re more likely to answer the call. And with 94 percent of unknown calls going unanswered (Hiya), it’s not hard to see why this is a favored method for scammers.
But scammers also cottoned on to the fact that many people are now aware of these scam calls from their own same area codes. Hence why TNS noted a 43 percent decrease in the number of these “neighbor spoofing” calls from 2019 to 2020 (on a per-subscriber basis). Instead, codes within the same metropolitan area were used (“near-neighbor spoofing”), increasing 17 percent from 2019 to 2020.
That said, high-risk calls from VoIP numbers weren’t at the same level they were in 2018 and part of 2019.
Why?
It is likely due to the STIR/SHAKEN framework which has been introduced by the Federal Communications Commission and is a necessary requirement for all VoIP providers (of a certain size–over 100,000 subscribers) by the end of June 2021. It had already been implemented by AT&T, Comcast, T-Mobile, and Verizon in 2020. The regulation works to eradicate robocalls by authenticating and verifying encrypted information and ensuring the legitimacy of the caller ID.
However, with only 6 percent of high-risk calls in 2020 coming from the aforementioned companies and CenturyLink (down from 11 percent in 2019), scammers were able to remain one step ahead.
This is also clear in their shift toward toll-free numbers. TNS saw a jump in the number of high-risk calls coming from these types of numbers, increasing from 28 percent in 2019 to 35 percent in 2020. Again, this is likely due to the efforts made by telecommunications organizations to shut down bad traffic by identifying unwanted calls. Furthermore, toll-free numbers provide the perfect trap for imposter scams. These toll-free numbers will often mimic a legitimate number, e.g. a financial institution or a healthcare insurer, making it more likely that the unassuming recipient will hand over personal information when asked.
Finally, TNS also notes that landline numbers have twice as much chance of receiving unwanted calls compared to wireless numbers. With many major wireless providers offering call blocking and caller ID services as standard (users opt-out rather than in) and many wireline providers making call blocking and caller ID services optional (users opt-in rather than out), this could be having a huge impact on who criminals are choosing to target.
Landlines also tend to be favored by older generations. And while younger age groups are more likely to fall victim to phone scams (those aged 18 to 44 account for over half of all victims according to TrueCaller), older generations tend to have greater monetary value for scammers. The FTC 2020 fraud report states that those in the 20 to 29 age group suffered a median loss of $324 (just 4 percent more than the overall median loss of $311), but those aged 70 to 79 suffered median losses of $635 (68 percent more than average) and those aged 80 and over suffered median losses of $1,300 (123 percent more than average).
What needs to be done?
As we have already seen, there isn’t one, conquer-all solution, especially when scammers, like all criminals, will continue to adapt and exploit the weakest areas.
With regards to regulations, state-level laws and fines that don’t have any technological means of enforcement are likely to fail–as we saw with Virginia’s Anti-phone spam bill. After it was introduced in early 2019, robocall figures (as estimated by YouMail) barely altered. In fact, they reached a record monthly level of 155 million just six months after the bill was introduced.
But, as we have already seen, the FCC’s focus on implementing the TRACED Act (which mandates the STIR/SHAKEN caller identification framework) has seen potential benefits with the reduction in VoIP robocalls in 2020. The success of this act already seems to have moved forward into 2021, too, with the FCC issuing its largest-ever fine ($225 million) against telemarketers in Texas. They were found to have made around 1 billion robocalls which falsely claimed to be selling health insurance for various companies, including Blue Cross Blue Shield and Aetna.
However, while STIR/SHAKEN may have helped reduce the number of nuisance robocalls to some extent as it ensures the authenticity of the caller’s number, it doesn’t know the purpose of the call. Plus, the focus of the regulation lies with larger service providers, which, as we’ve seen, account for a low volume of the highest-risk calls.
Along with these continued efforts from FCC, a multilayered approach is perhaps the answer:
- Greater customer education and control: TNS found that while 1 in 4 people use a robocall blocking app, two-thirds of seniors aren’t even aware that this protection is available. With seniors being a particularly vulnerable group (both in the monetary values lost and in lack of awareness), improved app branding and marketing could help reduce the number of victims within these age brackets. But it’s important that carriers enable customers to retain some control over robocall blocking, too. Nearly 80 percent of customers in a TNS survey want their provider to block high-risk calls but let all others through so they can choose what to do with them. This is also key to the FCC’s vote in June 2019 which allows wireless carriers to automatically block unwanted robocalls. TNS found that just 39 percent of wireless customers want their carriers to do this.
- Branded calling: Because of the vast number of calls customers receive, it’s often difficult for legitimate businesses and services to get their message across. But Hiya found that, by adding branding to a call (e.g. a company name and logo), answer rates were increased by almost 50 percent. Branded calls increase customer confidence and trust and ensure important calls are answered straight away.
- Data analytics: To quickly and accurately determine the validity of a call, TNS suggests utilizing human analytics with machine learning is the way to ensure the right calls are blocked and legitimate calls are recognized. Working with service providers and analytics companies, call originators can then indicate what their normal calling patterns are, including expected volume and at what time of day. TNS also hosts a free website that allows call originators to provide feedback. Businesses can upload bulk telephone numbers along with information to ensure calls are accurately labeled. A growing number of phones also come with built-in call screening options. This includes Google’s Call Screen function which screens calls based on phonebook contacts and spam call/robocall numbers in Google’s spam database.
- Improved confidence in customer reporting: As we can see from the below chart, the number of robocalls per person per state just barely correlates with the number of complaints per 1,000 people. This highlights how customer confidence in reporting these types of crimes is incredibly low. In fact, TrueCaller found that only 28 percent of people reported their robocall to any authority (e.g. the police, FCC, or FTC) and 29 percent contacted their phone carrier (some may have done both).
Insights and Observations
- Telecommunications providers could be stricter but don’t want to be responsible for legitimate calls not going through because they’ve been erroneously flagged as spam.
- Some phone companies like AT&T charge extra for call blocking features.
- Implementing effective network-level call screening would require upgrades to old copper-line infrastructure, an investment that providers won’t make if they don’t have to. Such an upgrade would allow for simultaneous ringing on the user’s device and on a server owned by the provider. If the server recognizes the number as spam, it can end the call on the user’s device.
- Vulnerabilities exist in SS7, Diameter, and GTP protocols that underpin our telecommunications–something that isn’t addressed by the TRACED Act or STIR/SHAKEN framework.
Conclusion
“For those quick to judge the effectiveness of STIR/SHAKEN, consider that it took Firefox 17 years, 70 versions and 80% of webpages to be secure before it would mark websites as not secure. Similarly, it took Google 11 years and 68 versions.” – TNS
The pandemic may have put a halt to robocalls for a short period of time, but scammers quickly turned things around to use customer vulnerabilities and stay-at-home orders to their advantage. And based on the figures we have for 2021 so far from the FTC and YouMail–they are continuing to reap the benefits. As of May this year, YouMail estimated that almost 22 billion robocalls had been made in the US (2.5 billion more than in the same period last year). Meanwhile, the FTC recorded 965,020 robocall complaints as of March 2020 (nearly 300,000 more than in the same period last year). Both YouMail and FTC show a monthly increase in calls and complaints up until March, but YouMail does note a decline in both April and May. Whether this is reflected in the FTC’s call complaints remains to be seen.
With no single solution to combat robocalls being available, a multi-layered approach of federal regulations (like STIR/SHAKEN), third-party apps, and service providers’ initiatives continue to be the best way forward. But, as the above quote from TNS shows, and as the statistics for this year already indicate, the battle against scam robocalls is far from over.
RoboKiller suggests “scammers will design smarter, more believable phone scams as they attempt to recover financial losses from 2020.” And that “this trend could potentially result in higher annual consumer losses to phone fraud and more unwanted calls and texts if consumers do not protect themselves.”
Data researchers: Charlotte Bond, Rebecca Moody
Sources
FTC: https://public.tableau.com/app/profile/federal.trade.commission/viz/DoNotCallComplaints/Maps and https://www.ftc.gov/system/files/documents/reports/consumer-sentinel-network-data-book-2020/csn_annual_data_book_2020.pdf
TNS: https://tnsi.com/forms/tns-robocall-report-mar-2020/
Truecaller Insights: https://www.truecaller.com/blog/insights/truecaller-insights-2020-us-spam-scam-report and https://www.truecaller.com/blog/insights/truecaller-insights-top-20-countries-affected-by-spam-calls-in-2020-2
Hiya: https://www.hiya.com/state-of-the-call
RoboKiller: https://www.robokiller.com/robocall-insights/ and https://www.robokiller.com/political-message-insights/ and https://www.robokiller.com/robocall-insights/robocall_insights_2020.pdf
YouMail: https://robocallindex.com/history/time and https://www.prnewswire.com/news-releases/americans-hit-by-just-under-46-billion-robocalls-in-2020-says-youmail-robocall-index-301215139.html