Front Page: NCSC-FI
Front Page: NCSC-FI

Information security now!

This week we talk about the spoofing of Finnish phone numbers and remind our readers not to worry too much about denial-of-service attacks, as they rarely have more than minor impacts.


Topics covered in this week’s review

  • Dozens of reports about the misuse of Finnish phone numbers
  • Denial-of-service attacks rarely have more than a minor impact
  • Have you detected an information security incident? Report it to us!
  • New EU regulation on the cyber security of smart products

Dozens of reports about the misuse of Finnish phone numbers

In recent weeks, Traficom’s National Cyber Security Centre Finland (NCSC-FI) has received numerous reports from people whose phone numbers have been used for scam and harassment calls. While this is not a new phenomenon globally or in Finland, reports about it have been increasing in recent weeks.

What is the phenomenon about?

Caller ID spoofing is a practice frequently used by criminals to make it appear as if a phone call is coming from a number other than the one that the call was actually placed from, such as an actual Finnish number. One of the motives for doing this is that calls coming from domestic numbers are generally perceived as being more trustworthy than ones coming from foreign numbers, increasing the likelihood that the receiver will answer the call. The caller may claim that they are calling from technical support and need to remotely connect to the receiver’s computer, for example.

If you end up following the scammer’s instructions and installing a remote access tool on your computer, your personal data may be stolen by criminals. The alleged remote access tool can also turn out to be malware. The caller may also claim to be a customer representative of a bank and attempt to convince you to hand over your bank credentials or provide direct access to your online bank account. The majority of the calls reported to the NCSC-FI have been in English. If you receive a call from a phone number with a Finnish area code and the caller speaks English, you may be dealing with a scammer.

“If you receive a call from an unknown number, there is no harm in listening to what the caller has to say. If the caller says that their matter is urgent and asks for your personal data or bank credentials, you are almost certainly dealing with a scammer and should therefore think twice before disclosing any information to them,” reminds Information Security Specialist Niclas Koskinen from the NCSC-FI.

Calling back can be costly

Scam calls can also come from numbers with foreign area codes. The call attempts are typically very short and there may be many of them in a row. This is because the caller’s actual aim is to get you to call them back. If you do, you might not hear anything on the line or be asked various questions, the aim of which is to keep the line open as long as possible. Criminals benefit from call backs by getting a share of the termination payments associated with transmitting calls.

What should I do?

Scam calls can potentially cause financial harm to the receiver. In addition to this, caller ID spoofing also damages the reputation of the owners of the phone numbers being spoofed, which is often done without their knowledge.

If you find out that your phone number has been used for caller ID spoofing, you should contact your operator. If you become the victim of a scam call and the caller gained access to your phone or computer, you should have your devices checked for possible backdoors. In addition to this, it is also recommended to contact your bank and file a police report.

Traficom in collaboration with Finnish telecommunications operators has been looking for ways to prevent caller ID spoofing and thus hinder the activities of international criminals. A regulation intended to prevent the use of spoofed phone numbers in Finland entered into effect for fixed network numbers on 1 July 2022 and will enter into effect for mobile network numbers on 2 October 2023.

More information:

Denial-of-service attacks rarely have more than a minor impact

The number of denial-of-service attacks carried out against the websites and services of Finnish organisations is over 10,000 per year. What this means is that denial-of-service attacks are things that people deal with and defend against every day in different parts of Finnish society.

"Denial-of-service attacks are detected all the time, but they rarely have more than minor impacts,” states Information Security Specialist Olli Hönö from the NCSC-FI.

Denial-of-service attacks have grown in relevance as society and business have become more and more dependent on the internet. Being able to effectively defend against them requires being familiar with denial-of-service attacks as a phenomenon and the techniques used to carry them out.

Have you detected an information security incident? Report it to us!

Do you know what to do if you detect an information security incident? Information security incidents should always be reported to the authorities. Whether the incident concerns a company, an organisation, an operator critical to security of supply or a regular private individual, it is also a good idea to contact the NCSC-FI. The NCSC-FI investigates information security incidents, gathers information on them and disseminates information on security matters. In addition to providing general information about information security, we can also assist with the technical investigation of information security incidents.

We want to encourage everyone to report information security incidents to us without hesitation. There is no shame in becoming a victim of an information security incident. Instead of handling things yourself, you should keep in mind that help is available. You should also not hesitate on account of whether your issue is something that should be reported. Things that you can report to us include phishing, security breaches and denial-of-service attacks and attempts thereof. If you are unsure, it is better to submit a report than refrain from doing so.

By submitting a report to us, you also help others. Reports of information security incidents help create situational awareness of information security events. This makes them essential for our ability to share information about information security phenomena. We can also provide you with advice on how to handle information security incidents.

New EU regulation on the cyber security of smart products

New requirements will be introduced for the information security of smart devices as of 1 August 2024. How can excellent information security be turned into a selling point? Why is ensuring information security part of corporate responsibility? What if your company’s smart device does not meet the new information security requirements?

These are just some of the themes that will be explored in the ‘Towards cyber-safe smart devices’ mini seminar to be held in Jyväskylä on 25 April 2023. The event will feature discussion on security by design and corporate social responsibility by experts from the University of Jyväskylä, Secapp Oy, Telia Finland Oyj and Airbus Finland. In addition to this, Traficom experts will be talking about the regulation concerning the information security of smart devices that will enter into effect on 1 August 2024.

The event is intended for management in charge of corporate business operations and marketing.


This is the weekly review of the National Cyber Security Centre Finland (NCSC-FI) (reporting period 31 March–5 April 2023). The purpose of the weekly review is to share information about current cyber phenomena. The weekly review is intended for a wide audience, from cyber security specialists to regular citizens.