Are Ghost Calls a Problem? Yes, if They Don’t Stop

A ghost call is an incoming call with no one on the other end when you answer it. Sometimes it’s an unrecognized number; other times the caller ID shows “Unknown.”

Getting an occasional ghost call is common and nothing to worry about. But persistent ghost calls can be a major concern — particularly for businesses. Here’s why.

• Frequent ghost calls can tie up phone lines, preventing legitimate calls from reaching the company. This disruption can lead to missed opportunities, frustrated customers, and a potential loss of revenue.
• Responding to or investigating ghost calls consumes time and resources. Employees may waste time answering these calls instead of focusing on productive tasks.
• Persistent ghost calls, especially those resulting from malicious activities like port scanning, may indicate poor encryption and security in your phone system.
• Regular interruptions from ghost calls can lead to frustration and anxiety, straining customer relationships and employee morale.

Innocent reasons for ghost calls

While these types of calls can be cause for concern, most are accidental and innocent in nature. Let’s explore some of the common innocent reasons for ghost calls.

• Predictive dialers: Call centers use predictive dialing software to increase efficiency by dialing numbers before an agent can take the call. The recipient receives an apparent ghost call if the dialer miscalculates and connects to a number when no agent is ready.
• Pocket dial: Pocket dialing is a common occurrence when someone accidentally presses their phone’s keypad, usually while it’s in their pocket or bag, causing it to call a number without the owner’s knowledge. These unintentional calls can result in ghost calls if the caller doesn’t realize they’ve accidentally dialed you.
• Misconfigured VoIP devices: Failing to set up Voice over Internet Protocol (VoIP) devices correctly might cause them to send out calls unintentionally, resulting in ghost calls to unsuspecting recipients.
• Auto callback features: Some phone systems and mobile phones have features designed to automatically call back a previously engaged or unanswered number. If this feature malfunctions or is triggered accidentally, it can lead to unintended ghost calls.
• Fax machines and modems: Older fax machines or modems that use phone lines to dial out and send data can sometimes call a regular telephone number by mistake. The recipient of such a call hears silence or beeping tones, creating the impression of a ghost call.
• Crossed lines or technical glitches: Technical issues in telecommunication infrastructure can occasionally misroute calls. As a result, you could receive a call with nobody on the other end or be connected to a completely different call.
• Call forwarding errors: When not properly configured, call forwarding can cause calls to go to the wrong number, resulting in ghost calls.
• Testing and maintenance by telecom providers: Telecommunication companies sometimes conduct tests on their network or perform maintenance activities that inadvertently result in calls going to customers without human intervention.
• Software bugs: Software bugs in business phone systems, cell phones, or VoIP services can mistakenly place calls without human oversight, leading to ghost call scenarios.
• Answering machine and voicemail callbacks: Some answering machines or voicemail services might mistakenly call back numbers that have left messages, especially if there’s a glitch in the system or incorrect setup. This can result in calls going unanswered when picked up.

These kinds of ghost calls are usually one-time or occasional occurrences. They’re annoying but aren’t something to worry about.

Malicious reasons for phantom calls

Now that we’ve covered the reasons for accidental ghost or phantom calls, it’s time to explore their dark side.

When they happen repeatedly, it can be a sign that malicious intent is behind ghost calls — they may be a sign of fraudulent activity. Let’s discuss some common not-so-nice reasons for ghost calls so you can identify when you need to take action.

• Port scanning: Cybercriminals often use automated software to scan phone networks and VoIP systems for open ports or vulnerabilities. These scans can result in ghost calls as the software tries to find entry points for hacking attempts or to launch further attacks, like accessing private networks or conducting fraud.
• Phishing: Ghost calls can be part of phishing schemes by attackers to verify the existence of active phone numbers. Once confirmed, the attackers target these numbers with scam calls or messages attempting to trick people into revealing personal or financial information.
• War dialing: Similar to port scanning, war dialing involves automatically dialing a large set of telephone numbers to identify connected modems, fax machines, or vulnerable systems. The calls made during this process often result in ghost calls to unintended recipients.
• Telephony Denial of Service (TDoS) attacks: In a TDoS attack, attackers flood a business’s phone system with a high call volume to overwhelm it. While not all calls may connect, many can result in ghost calls that disrupt normal operations and services.
• Call flooding: Attackers may deliberately flood phone systems with ghost calls as a form of harassment or to distract and divert attention from other malicious activities happening simultaneously, like cyberattacks on IT infrastructure.
• Premium rate fraud: Some ghost calls trick people into calling back a premium rate number, resulting in high charges. The initial ghost call piques the recipient’s curiosity, prompting a return call to a number that generates revenue for the fraudster.
• Voicemail hacking: Scammers may try to hack voicemail systems, especially those that use default passwords or have known security vulnerabilities. If they succeed, they could use the voicemail system for further fraudulent activities.
• Data harvesting: In some cases, ghost calls are made by bots designed to collect data about recipients. That can include verifying active numbers, gathering information on call patterns, or identifying the best times for launching more targeted scam operations.

Securing a business phone system from ghost or phantom calls

Should you, as a business owner, put up with repeated ghost calls? We say, “Heck no!”

Tolerating ghost calls can put business operations at risk, expose security vulnerabilities, drain resources, damage your reputation, and increase fraud risk.

Ignoring these calls can lead to lost sales, customer distrust, regulatory compliance issues, and lowered employee morale. So addressing a ghost calling issue is critical for maintaining operational efficiency, security, and customer satisfaction.

Let’s look at the steps necessary to tackle ghost calls before they harm your business.

Detecting ghost calls

The first place you’ll often detect ghost calling patterns is through anomalies in your call logs. You’ll likely notice a pattern: high incoming call volumes from unknown or suspicious numbers, usually with short durations or no interaction.

Other critical red flags include frequent calls with silence on the other end upon answering, calls that disconnect as soon as they’re answered and patterns of calls at odd hours.

So it’s essential to closely monitor your communication system analytics and call detail records (CDRs) for signs of these activities. Also keep an ear out for feedback from employees and customers who report receiving these kinds of calls, as this can be another key indicator of a spam calling problem

Investigating phantom calls

If you’ve identified a pattern of ghost calling, it’s time to start investigating it.

The best way to look into ghost calls more deeply is to use technological tools to monitor and analyze your network traffic to root out the source and nature of the calls. Here are three of the top tools for this task.

• Wireshark is an industry-standard network protocol analyzer that lets you capture and interactively browse the traffic on a computer network. With Wireshark, you can examine detailed information about incoming calls, including the originating IP address and the protocols used to identify patterns or anomalies that indicate ghost calls or other malicious activity. The software looks for unusual call patterns, origins of calls that don’t match known customer or partner networks, and signs of scanning activity.
• VoIP Monitor is an open-source network packet sniffer with VoIP traffic filtering capabilities specifically designed for analyzing and troubleshooting VoIP calls. You can use VoIP Monitor to visualize Session Initiation Protocol (SIP), Real-time Transport Protocol (RTP), and other protocol interactions to help identify the source of ghost calls.
• Asterisk is primarily a VoIP PBX, but you can configure it to log detailed call information and perform call pattern analysis. Asterisk’s logging capabilities make it possible to track call origins, durations, and frequency.

Stopping ghost calls

The tools above enable you to identify where ghost calls come from, and whether or not you should worry.

Armed with that information, you can implement measures to mitigate or block those calls. Some measures can be implemented at a business level, while others live with your upstream communications service provider.

Let’s start with the strategic actions you can take independently to tackle ghost calls.

1. Update and secure your VoIP system: Regularly update your VoIP software and hardware to patch known vulnerabilities. Also use strong, complex passwords and change them frequently to prevent unauthorized access. See our complete guide for how to future-proof your VoIP system.
2. Implement firewalls and access control lists (ACLs): Use firewalls designed explicitly for VoIP systems to monitor and control incoming and outgoing network traffic based on predetermined security rules. Configure ACLs to restrict access to the network so that only trusted IPs can connect.
3. Enable call-blocking features: Turn on built-in features in your VoIP system to block calls from suspicious or unidentified numbers.
4. Use CAPTCHA for web-based call initiations: If your system allows call initiation from a website, implement CAPTCHA verification to ensure that humans, not bots, make the call requests.

Tapping into resources offered by your upstream service providers is critical to stopping ghost calls. Here are some standard tools many upstream providers offer.

• Advanced call filtering services: Ask your telecom or VoIP service provider to turn on advanced filtering techniques to identify and block ghost calls before they reach your system. Leading VoIP providers use sophisticated algorithms to detect abnormal calling patterns or known fraudulent numbers.
• Network-level security enhancements: Inquire about additional security measures your provider can implement at the network level to protect against ghost calls and other threats. These security features often include enhanced encryption, robust firewall protections, and intrusion detection systems.
• Fraud management services: Some providers offer fraud management services that monitor for suspicious activities that could indicate hacking or fraud, including ghost calls. These services can alert you to potential issues and help block malicious activities.
• Traffic analysis and reporting tools: Providers can often offer deeper insights into your call traffic than you can access independently. Request access to detailed analytics and reporting tools to better understand and monitor your call patterns.