Table of Contents
In today’s digital age, phishing scams continue to pose significant threats to individuals and organizations alike. Customers frequently receive fake phone calls from malicious actors pretending to represent banks, government agencies, security services, or even medical institutions, attempting to gather sensitive identity information. Phishing can lead to serious security breaches, financial losses, and damage to trust between companies and their customers.
Empowering customers with voice anti-phishing solutions
To combat this growing menace, forward-thinking companies can leverage advanced solutions to proactively protect their customers against phishing attacks. By integrating sophisticated anti-phishing measures directly into their applications and websites, organizations can offer transparency and safety assurance regarding inbound calls.
How big is the challenge
Nearly every metric shows the same brutal curve: phishing is surging, and the voice channel is now firmly in the cross‑hairs. APWG counted 989,123 unique attacks in Q4 2024, the biggest quarter on record, and an Interisle review puts the 12‑month total at just under 1.9 million attacks. Voice‑based phishing (vishing) is the fastest‑growing subset. Consumer exposure is just as stark: 39% of UK mobile users said they received at least one suspicious call in the previous three months, despite stepped‑up blocking rules. No surprise, then, that ENISA ranks phishing and vishing among the EU’s top social‑engineering threats. For operators, this surge is both a trust issue and a revenue opportunity. Here’s how Netaxis’ Service Routing Engine (SRE) is helping carriers embed advanced voice anti‑phishing defenses directly in the network.
How Netaxis supports operators to face the challenges for its customers?
Netaxis Session Routing Engine (SRE) is a carrier‑grade, centralized routing platform that already powers least‑cost routing, number portability, STIR/SHAKEN authentication and more for Tier‑1 and challenger operators alike. It is currently integrated in tens of leading operators across the globe. SRE sits logically between the operator’s Session Border Controllers (SBCs) and every downstream trunk, making real‑time policy decisions via SIP, ENUM or HTTP. Because the routing logic is data‑driven and exposed through REST APIs, new services—like anti‑phishing—can be rolled out in days, not months.
How the SRE anti voice-phishing module works for enterprise customers?
Netaxis’ Session Routing Engine (SRE) already serves as the carrier‑grade “brain” that orchestrates every call flowing through an operator’s SBCs, thanks to its centralized, multi‑protocol design and real‑time policy engine. Building on that foundation, the new Anti‑Phishing module simply adds one more data‑driven rule set: each legitimate outbound call is fingerprinted the moment it leaves the network, then stored in an SRE table that external apps can query over a lightweight REST interface.
Because SRE is already analysing SIP traffic for spoofing and CLI anomalies on the fly, it can validate or reject those APIs look‑ups in under 100 ms without touching the SBC firmware or interrupting call flow. The approach aligns neatly with the wider industry shift toward verification APIs—which analysts predict will underpin more than half of all mobile‑identity revenues by 2029—making it future‑proof for both telcos and their enterprise customers
In a nutshell :
- Call registration
Every outbound call your enterprise customer places is automatically registered in SRE’s anti‑phishing table—duration, CLI, destination, time stamp. - Instant API look‑up
When a B2B end‑user taps “Verify caller” in the customer’s app (or enters the number on the company website), the app fires a lightweight API request to SRE. - Response in < 100 ms
SRE returns “Green” (call ID matches, in‑progress) or “Red” (no match / spoof) plus optional metadata (agent ID, reason for failure).
Operator benefits
Traditional voice margins are under intense pressure. Faced with that squeeze, telcos are pivoting to value‑added services; IDC’s 2024 tracker flags network‑embedded security and open APIs as two of the “most solid return” opportunities for the next five years. Early movers are already cashing in and industry bodies warn that trust is now a competitive differentiator, with GSMA data showing 168 million spoof calls and texts detected in a single market last year, up 112%. Packaging Netaxis SRE’s Anti‑Phishing module as a premium API lets carriers ride that growth wave, monetize trust, and cut fraud‑related churn in one move.
- Differentiated, billable service – Monetize anti‑vishing as a premium feature for enterprise SIP trunks.
- Reduced A‑leg fraud – SRE can pre‑emptively block spoofed CLIs at the network edge.
- Compliance & reputation – Demonstrate proactive measures to regulators (EU EECC, Ofcom, FCC).
- Low‑touch deployment – No firmware upgrades on the SBC; the new logic lives entirely in SRE’s GUI / API framework.
Enterprise and consumer benefits :
Benefits of Implementing anti-vishing measures:
- Enhanced Customer Trust: Demonstrating proactive protection strengthens customer relationships.
- Reduced Fraud Risk: Minimizes financial and reputational damage from phishing scams.
- Improved Customer Experience: Provides clarity and peace of mind through easy-to-use verification processes.
By integrating these anti-vishing solutions, operators not only safeguard their customers but also position themselves as responsible, trusted, and secure providers in an increasingly digital world.
Why act now?
Regulators are moving from guidance to hard deadlines. In the UK, Ofcom’s updated CLI rules give operators just six months (‑‑> 29 January 2025) to block calls that spoof a UK number, while the U.S. FCC now requires every voice provider to file robocall‑mitigation plans and STIR/SHAKEN compliance certifications. At an EU level, ENISA 2024 Threat Landscape lists vishing and other social‑engineering attacks among the bloc’s top eight cyber‑threats. Acting now avoids regulatory penalties, protects customer trust, and positions the operator as a proactive security partner rather than a passive conduit for fraud.
- Attack volume is still climbing – APWG saw a record near‑million attacks last quarter alone of 2024.
- Voice is the new soft spot – vishing initiated losses are estimated to exceed a global impact of +1Bio € and are growing faster than email fraud.
- Regulators are tightening the rules – Ofcom and EU telecom codes explicitly task providers with blocking spoofed calls.
