Federal Communications Commission Enforcement Bureau Telecommunications Consumers Division 45 L Street, NE Washington, DC 20554 December 2, 2025 VIA ELECTRONIC DELIVERY AND CERTIFIED MAIL - RETURN RECEIPT REQUESTED To: SK Teleco LLC Saurabh Rajput Chief Executive Officer 127 N Higgins Ave, Suite 307D Missoula, MT 59802 saurabh.rajput@skteleco.net cc: Anupam Lai noc@skteleco.net Re: Notification of Suspected Illegal Traffic & Additional Notification of Robocall Mitigation Database Filing Deficiencies Dear Saurabh Rajput, SK Teleco LLC (SK Teleco or Company) is apparently originating illegal robocall traffic. The Enforcement Bureau (Bureau) of the Federal Communications Commission (FCC or Commission) provides this letter as notice of important legal obligations and steps SK Teleco must take to address this apparently illegal traffic. Failure to comply with the steps outlined in this letter may result in downstream providers permanently blocking all of SK Teleco’s traffic. The Bureau also provides this letter as additional notice to SK Teleco that its Robocall Mitigation Database (RMD) filing is deficient and outlines the steps SK Teleco must take to cure its deficiencies. Failure to cure such deficiencies may result in SK Teleco’s removal from the RMD. I. Background A. The Nature of the Identified Traffic USTelecom’s Industry Traceback Group (ITG)1 traced the sources of 29 calls, identified in Attachments A and B, placed to wireless numbers between January 21, 2025 and April 11, 2025.2 The calls were all part of an apparently illegal robocalling campaign which delivered prerecorded messages claiming to relate to a preauthorized order from Walmart.3 The 29 identified calls contained prerecorded messages purporting to be from either “Mary” or “Kimberly,” both “from Walmart,” and claiming to be alerting the call recipient to an order placed through their Walmart account.4 Specifically, all of the calls stated that a preauthorized order of $919.45 was placed for a PlayStation 5 and instructed the recipient to “press 1” to cancel the order or to speak with a customer support representative. With minor variations, each of the 29 calls contained the following message: 1 The ITG is the registered industry consortium selected pursuant to the TRACED Act to conduct tracebacks. See Implementing Section 13(d) of the Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and Deterrence Act (TRACED Act), EB Docket No. 20-22, Report and Order, 38 FCC Rcd 7561, 7561, para. 1 (2023). 2 See ITG Subpoena Response (July 23, 2025) (on file at EB-TCD-24-00036937) (ITG July Response); ITG Subpoena Response (Apr. 28, 2025) (on file at EB-TCD-24-00036937) (ITG April Response). 3 Id. 4 Id. A preauthorized purchase of PlayStation 5 special edition with pulse 3D headset is being ordered from your Walmart account for an amount of 919 dollars 45 cents. To cancel your order or to connect with one of our customer support representatives, please press 1. Thank you.5 If a number was not pressed after the message, the prerecorded message continued to repeat until the call recipient pressed a button or the call was terminated.6 Call recipients who reported pressing “1” or returning calls to the caller ID number assert that they were connected with live operators who, in some instances, impersonated a federal agency7 and phished for personally identifiable information, including social security numbers.8 Campaigns that impersonate well-known businesses not only cause annoyance, but they can also be attempts to fraudulently collect a victim’s personal information or extract payments.9 YouMail, Inc. (YouMail) estimates that between January and April 2025, nearly 8 million robocalls related to this campaign were placed to call recipients.10 The Walmart “pre-authorized calls” are “a longstanding campaign active since at least 2023 and with an estimated volume of 22.5 million since 2024.”11 SK Teleco appears to have been the primary source of Walmart impersonation robocalls during the past year. According to STIR/SHAKEN data,12 the Company was responsible for signing over 97% of all Walmart pre-authorized calls identified by YouMail between May 2024 and March 2025.13 SK Teleco began routing Walmart pre-authorized calls to another voice service provider in an apparent attempt to avoid detection. On March 27, 2025, a new voice service provider called Mexico IP Phone LLC (Mexico IP) began transmitting the same robocalling campaign and became the main signer for the Walmart pre-authorized calls from April to May 2025.14 The Bureau’s investigation revealed 5 See ITG July Response (recording of robocall received on Jan. 31, 2025, traceback no. 22774). 6 Id.; see also FCC Complaint #7761246 (Apr. 4, 2025) (on file at EB-TCD-24-00036937) (“The message repeated itself multiple times in the same voicemail.”); FCC Complaint #7753573 (Apr. 1, 2025) (on file at EB-TCD-24- 00036937) (“it was a female voice [sic] recording that would keep repeating itself.”). 7 See, e.g., FCC Complaint #7767662 (Apr. 8, 2025) (on file at EB-TCD-24-00036937) (asserting the live operator claimed to work for the Social Security Administration); FCC Complaint #7241814 (Aug. 16, 2024) (on file at EB- TCD-24-00036937) (asserting the live operator claimed to work for the Federal Trade Commission). 8 See, e.g., FCC Complaint #7250096 (Aug. 20, 2024) (on file at EB-TCD-24-00036937). 9 See New FTC Data Shows Massive Increase in Losses to Bitcoin ATM Scams, Fed. Trade Comm’n (Sept. 3, 2024), https://www.ftc.gov/news-events/news/press-releases/2024/09/new-ftc-data-shows-massive-increase-losses-bitcoin- atm-scams (“The majority of scam losses involving Bitcoin ATMs come as a result of government impersonation, business impersonation, and tech support scams.”) (emphasis added). 10 See Email from {[ ]}, Senior Threat Analyst, YouMail, Inc. to Genesis Monserrate, Attorney Advisor, Telecommunications Consumers Division, FCC Enforcement Bureau (Apr. 30, 2025, 21:37 EDT). Material set off by double brackets {[ ]} is confidential and redacted from the public version of this document. 11 YouMail, Analysis Report of SK Teleco and Mexico IP Phone at 3 (2025) (on file at EB-TCD-24-00036937) (YouMail Report). See also Walmart Scam Claims Purchase of PlayStation 5, New Jersey Cybersecurity & Communications Integration Cell (Feb. 13, 2025), https://www.cyber.nj.gov/Home/Components/News/News/1596/214 (warning about the “Walmart Scam”). 12 The STIR/SHAKEN caller ID authentication framework is a set of industry-developed standards and protocols designed to combat unlawfully spoofed robocalls by allowing authenticated caller ID information to securely travel with the call itself throughout the entire call path. Call Authentication Trust Anchor, WC Docket No. 17-97, Eighth Report and Order, FCC 24-120, 2024 WL 4879987 at *2, para. 5 (2024) (Eighth Caller ID Authentication Order). Providers can authenticate caller ID information with one of three attestations levels: A-level, B-Level, or C-level. Id. at *4, para. 10. Thus, STIR/SHAKEN not only provides information about the reliability of the caller ID information, but it also can be used to identify providers that authenticated certain traffic. Id. at *1, para. 2. 13 YouMail Report at 4. 14 Id. 2 similarities between SK Teleco and Mexico IP. First, both providers transmitted the same calling campaigns, which includes the Walmart pre-authorized calls and government impersonation calls.15 Second, the providers used the same “voip switch infrastructure, website provider, [domain] registrar and email provider.”16 Third, the providers shared {[ ]} within a two-month period.17 Finally, the providers listed the same registered agent in their corporate filings.18 While Mexico IP has not appeared in tracebacks as an originating or gateway provider, it appears that Mexico IP is closely affiliated with SK Teleco in transmitting Walmart impersonation robocalls. B. The Company Apparently Originated the Identified Traffic in Attachment A and Failed to Respond to the Identified Traffic in Attachment B. The ITG investigated the calls identified in Attachments A and B and determined that SK Teleco originated the apparently illegal robocalls identified in Attachment A and that the Company was non- responsive to the traceback requests for the calls listed in Attachment B.19 The ITG notified SK Teleco of these calls and provided the Company with supporting data identifying each call, explaining that the identified calls were “[p]rerecorded calls impersonating a store regarding an order or purchase that was made.”20 The traceback requests directed SK Teleco to investigate the suspected illegal traffic and “[i]f, in investigating the call, the end user originating the traffic claims that the traffic complies with applicable U.S. laws and regulations, provide . . . a description of the traffic, and the basis of the claim that the traffic complies with U.S. laws and regulations.”21 SK Teleco did not contest that it had originated the calls listed in Attachment A and identified two customers as the sources of all of the calls.22 SK Teleco did not respond to each of the calls listed in Attachment B.23 II. Apparent Violations First, it is unlawful to place calls to cellphones containing artificial or prerecorded voice messages absent an emergency purpose or prior express consent.24 Here, the identified calls in Attachment A all featured artificial or prerecorded voice messages and were placed to cell phones.25 Furthermore, the Company did not contest that it had originated the calls and it did not provide proof of consent.26 In any case, given the apparent fraudulent nature of the calls, it appears the Company will not be able to provide any evidence of prior express consent, written or otherwise, from the call recipients, or that the calls were made for an emergency purpose. Finally, the Bureau also found no evidence suggesting the calls identified in Attachment A were subject to exemptions described in section 15 Id. at 7. 16 Id. at 8. 17 See ITG Subpoena Response (June 11, 2025) (on file at EB-TCD-24-00036937) (ITG June Response); Industry Traceback Group, Providers of Interest – Group 2 (Apr. 25, 2025). 18 YouMail Report, supra note 11, at 9. 19 ITG July Response, supra note 2 (recording of robocall received on February 3, 2025, traceback no. 22823); ITG April Response, supra note 2 (traceback no. 25439). 20 ITG July Response, supra note 2 (recording of robocall received on Jan. 21, 2025, traceback no. 22306); ITG April Response, supra note 2 (recording of robocall received on April 11, 2025, traceback no. 25439). 21 Id. 22 See ITG July Response, supra note 2. 23 See ITG April Response, supra note 2. 24 47 U.S.C. § 227(b)(1)(A); 47 CFR § 64.1200(a)(1). 25 ITG July Response, supra note 2. 26 Id. 3 64.1200(a)(9) of the Commission’s rules.27 Accordingly, we find that the identified calls in Attachment A were apparently illegal.28 Second, all voice service providers are required to “to respond fully and within 24 hours to all traceback requests from the Commission, law enforcement, and the industry traceback consortium.”29 Here, the Company failed to respond to traceback requests for all of the calls identified in Attachment B. Therefore, SK Teleco may face removal from the RMD for its deficient certification. III. Potential Consequences As a result of originating apparently illegal calls, the Company potentially faces permissive blocking under section 64.1200(k)(4)30 of the Commission’s rules, mandatory blocking under section 64.1200(n)31 of the Commission’s rules, and additional consequences under section 64.6305(g)32 of the Commission’s rules. A. The Company Faces Permissive Blocking Under Section 64.1200(k)(4) Under the safe harbor set forth in section 64.1200(k)(4) of the Commission’s rules, any downstream provider may (without any liability under the Communications Act of 1934, as amended, or the Commission’s rules) block all traffic from an upstream originating or intermediate provider that, when notified by the Commission, fails to either (a) effectively mitigate illegal traffic within 48 hours or (b) implement effective measures to prevent new and renewing customers from using its network to originate illegal calls.33 Prior to initiating blocking, the downstream provider shall provide the Commission with notice and a brief summary of the basis for its determination that the originating or intermediate provider meets one or more of these two conditions for blocking.34 This letter provides notice, pursuant to section 64.1200(k)(4), that SK Teleco should effectively mitigate illegal traffic within 48 hours and implement effective measures to prevent new and renewing customers from using its network to originate illegal calls within 14 days of this letter in order to avoid having its traffic blocked by downstream providers.35 The Company should inform the Commission and the ITG, within 48 hours of the electronic delivery date of this letter, of the specific steps it has taken to mitigate illegal traffic on its network.36 27 See 47 CFR § 64.1200(a)(9) (establishing exemptions from liability for entities placing calls regarding certain package delivery calls, certain inmate collect call billing calls, certain calls made by financial institutions, and certain calls made for healthcare purposes); see also ITG July Response, supra note 2. 28 47 U.S.C. § 227(b)(1)(A); 47 CFR § 64.1200(a)(1)-(2). 29 See 47 CFR §§§ 64.6305(b)(2), (c)(2), (d)(2)(iii). (e)(2)(iii). (f)(2)(iii). 30 47 CFR § 64.1200(k)(4). 31 Id. § 64.1200(n). 32 Id. § 64.6305(g). 33 Id. § 64.1200(k)(4). 34 Id. 35 See id.; see also id. § 64.1200(n)(2)(i)(A) (requiring a minimum of 14 days to comply with the notice). 36 See Advanced Methods to Target and Eliminate Unlawful Robocalls, CG Docket No. 17-59, Third Report and Order, Order on Reconsideration, and Fourth Further Notice of Proposed Rulemaking, 35 FCC Rcd 7614, 7630, para. 42 (2020). 4 B. The Company Faces Mandatory Blocking Under Section 64.1200(n)(2) The Commission may order all providers that are immediately downstream to block all traffic from an upstream provider that does not comply with the obligations identified in section 64.1200(n)(2) of the Commission’s rules.37 This letter serves as a Notification of Suspected Illegal Traffic (Notice) under section 64.1200(n)(2) of the Commission’s rules.38 The Company must take the following actions in response to this Notice: 1. Promptly investigate the traffic identified in Attachment A for which the Company served as the originating provider;39 2. If the Company’s investigation determines that the Company served as the originating or gateway provider for the identified traffic, block or cease accepting all of the identified traffic within 14 days of the date of this Notice and continue to block or cease accepting the identified traffic, as well as substantially similar traffic, on an ongoing basis (unless the Company determines that the identified traffic is not illegal);40 3. Report the results of the Company’s investigation to the Bureau within 14 days of the date of this Notice.41 Depending on the outcome of the investigation, the report must contain certain details as described below:42 1. If the Company determines it is the originating or gateway provider for the identified traffic and does not conclude the traffic is legal, the report must include: (i) a certification that the Company is blocking the identified traffic and will continue to do so, and (ii) a description of the Company’s plan to identify and block or cease accepting substantially similar traffic on an ongoing basis;43 2. If the Company determines that the identified traffic is not illegal, the report must provide: (i) an explanation as to why the Company reasonably concluded that the identified traffic is not illegal, and (ii) what steps it took to reach that conclusion;44 and 3. If the Company determines that it did not serve as the originating or gateway provider for any of the identified traffic, the report must: (i) provide an explanation as to how the Company reached that conclusion, and (ii) if it is a non-gateway intermediate or terminating provider for the identified traffic, identify the upstream provider(s) from which the Company received the identified traffic and, if possible, take steps to mitigate the traffic.45 37 47 CFR § 64.1200(n)(3). 38 Id. § 64.1200(n)(2). 39 Id. § 64.1200(n)(2)(i)(A). 40 Id. § 64.1200(n)(2)(i)(A)-(B). 41 Id. § 64.1200(n)(2)(i)(A). 42 Id. § 64.1200(n)(2)(i)(A). 43 See id. 44 Id. § 64.1200(n)(2)(i)(B). 45 Id. 5 1. Initial Determination Order The Bureau may issue an initial determination order stating the Bureau’s initial determination that SK Teleco is not in compliance with section 64.1200 of the Commission’s rules if: (a) the Company fails to respond to this Notice; (b) the Company provides an insufficient response; (c) the Company continues to originate substantially similar traffic or allow substantially similar traffic onto the U.S. network after the 14-day period identified above; or (d) the Bureau determines the traffic is illegal despite the Company’s assertions to the contrary.46 If the Bureau issues an initial determination order, the Company will have an opportunity to respond.47 2. Final Determination Order The Bureau may issue a final determination order in EB Docket No. 22-174 concluding that the Company is not in compliance with section 64.1200 of the Commission’s rules and directing all downstream providers both to block and cease accepting all traffic from SK Teleco beginning 30 days from the release of the final determination order if: (a) the Company does not provide an adequate response to the initial determination order within the timeframe specified in the initial determination order; or (b) the Company continues to originate or allow substantially similar traffic onto the U.S. network.48 A final determination order may be issued up to one year after the release date of the initial determination order.49 C. The Company Faces Removal from the Robocall Mitigation Database Under Section 64.6305(g) This letter also serves as notification to SK Teleco of apparent deficiencies in its RMD filing and outlines the steps SK Teleco must take to cure the deficiencies. Failure to cure all deficiencies in SK Teleco’s RMD filing may result in its removal from the RMD. Pursuant to section 64.6305(g) of the Commission’s rules, intermediate and voice service providers shall only accept traffic from a domestic voice service provider or gateway provider if that provider’s certification appears in the RMD.50 Such filings must include the specific reasonable steps the provider has taken to avoid originating, carrying, or processing illegal robocall traffic as part of its robocall mitigation program.51 If a company’s filing is deficient in some way, the Bureau may initiate a proceeding to remove it.52 46 Id. § 64.1200(n)(2)(ii). 47 Id. 48 Id. § 64.1200(n)(2)(iii), (3); Advanced Methods to Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor, CG Docket No. 17-59, WC Docket No. 17-97, Seventh Report and Order in CG Docket 17-59 and WC Docket 17-97, Eighth Further Notice of Proposed Rulemaking in CG Docket 17-59, and Third Notice of Inquiry in CG Docket 17-59, 38 FCC Rcd 5404, 5417-18, para. 37 (2023). 49 47 CFR § 64.1200(n)(2)(iii). 50 Id. § 64.6305(g)(1), (3). This requirement also extends to accepting traffic from foreign providers using “North American Number Plan resources that pertain to the United States in the caller ID field to send voice traffic.” Id. § 64.6305(g)(2). 51 Id. § 64.6305 (d)(2)(ii), (e)(2)(ii). 52 See Call Authentication Trust Anchor, WC Docket No. 17-97, Second Report and Order, 36 FCC Rcd 1859, 1904, para. 83 (2020) (Second Caller ID Authentication Order) (noting that if a certification “is deficient in some way,” the Commission may take enforcement action as appropriate, including “removing a defective certification from the database after providing notice to the voice service provider and an opportunity to cure the filing”); Advanced Methods to Target and Eliminate Unlawful Robocalls, Call Authentication Trust Anchor, CG Docket No. 17-59, WC Docket No. 17-97, Sixth Report and Order in CG Docket No. 17-59, Fifth Report and Order in WC Docket No. 17-97, Order on Reconsideration in WC Docket No. 17-97, Order, Seventh Further Notice of Proposed Rulemaking in CG Docket No. 17-59, and Fifth Further Notice of Proposed Rulemaking in WC Docket No. 17-97, 37 FCC Rcd 6865, 6899, para. 80 (2022) (Gateway Provider Order) (noting that the rule applies to gateway providers as well as 6 To remove a provider, the Commission first contacts the provider, notifying it that its filing is deficient, explaining the nature of the deficiency, and providing 14 days for the provider to cure the deficiency.53 If the provider fails to cure, the Bureau releases an order concluding that a provider’s filing is deficient based on the available evidence and directing the provider to explain, within 14 days, “why the Enforcement Bureau should not remove the Company’s certification from the Robocall Mitigation Database’ and giving the provider a further opportunity to cure the deficiencies in its filing[.]”54 If the provider fails to rectify the deficiency or provide a sufficient explanation why its filing is not deficient within that 14-day period, the Commission releases an order removing the provider from the RMD.55 This letter serves as notice that SK Teleco’s filing is deficient, or may be deficient, for the reasons stated below.56 1. Origination of Illegal Robocalls SK Teleco certified in its RMD filing, under penalty of perjury, that calls that it carries or processes are subject to a robocall mitigation program.57 As described above, the ITG identified SK Teleco as the originating provider of the apparently illegal calls. SK Teleco did not contest that it had originated the calls listed in Attachment A. Continued origination of illegal robocalls may be used as evidence that SK Teleco’s RMD certification is deficient with respect to its robocall mitigation plan. 2. Failure to Respond to Tracebacks SK Teleco certified in its RMD filing, under penalty of perjury, that it will cooperate with the FCC and the ITG in investigating and stopping any illegal robocallers that use its service to carry or process calls.58 Between March 31, 2025 to April 11, 2025, SK Teleco failed to respond to traceback requests from the ITG for the 16 calls listed in Attachment B to this letter.59 To cure this deficiency, SK Teleco must respond fully to the 16 traceback requests listed in Attachment B within 14 days of the date of this letter. Furthermore, SK Teleco must thereafter respond fully in a timely manner to any future traceback requests within 24 hours of the request in accordance with section 64.1200(n)(1) of the Commission’s rules.60 If SK Teleco fails to cure the deficiencies set forth above, the Bureau may release an order concluding that the Company’s filing is deficient and directing it to explain, within 14 days, why the voice service providers); see also Call Authentication Trust Anchor, WC Docket No. 17-97, Sixth Report and Order and Further Notice of Proposed Rulemaking, 38 FCC Rcd 2573, 2590, para. 31 (2023) (Sixth Caller ID Authentication Order) (“[A] provider’s program is ‘sufficient if it includes detailed practices that can reasonably be expected to significantly reduce’ the carrying or processing (for intermediate providers) or origination (for voice service providers) of illegal robocalls. Each provider ‘must comply with the practices’ that its program requires, and its program is insufficient if the provider ‘knowingly or through negligence’ carries or processes calls (for intermediate providers) or originates (for voice service providers) unlawful robocall campaigns.” (citations omitted)). 53 Sixth Caller ID Authentication Order, 38 FCC Rcd at 2604, para. 60. 54 Id. 55 Id. 56 Id. 57 See SK Teleco LLC Certification (No. RMD0014982), Fed. Commc’ns Comm’n, Robocall Mitigation Database (filed Aug. 12, 2024), https://fccprod.servicenowservices.com/rmd?id=rmd form&table=x g fmc rmd robocall mitigation database&sy s_id=3f92798c1ba8b150680f657ae54bcb2a&view=sp (SK Teleco Listing). 58 Id. 59 See ITG April Response, supra note 2. 60 47 CFR § 64.1200(n)(1). A voice service provider is required to respond within 24 hours regardless of whether the provider certified to do so in its RMD filing. See id. 7 Company’s certification should not be removed from the RMD.61 If SK Teleco does not adequately respond to that order, the Enforcement Bureau may subsequently release an order removing SK Teleco from the RMD.62 As noted above, if SK Teleco’s certification is removed from the RMD for any reason, all intermediate providers and terminating voice service providers must cease accepting all of the Company’s calls within two business days of the release of the Bureau’s order removing the Company from the RMD.63 Please direct any inquiries regarding this letter to Genesis Monserrate, Attorney Advisor, Telecommunications Consumers Division, Enforcement Bureau, FCC, at Genesis.Monserrate@fcc.gov and cc: to Daniel Stepanicich, Deputy Division Chief, Telecommunications Consumers Division, Enforcement Bureau, FCC, at Daniel.Stepanicich@fcc.gov. A copy of this letter has been sent to the ITG. Sincerely, Patrick Webre Acting Chief Enforcement Bureau Federal Communications Commission 61 Sixth Caller ID Authentication Order, supra note 52, at 2604, para. 60. 62 See id. 63 See 47 CFR § 64.6305(g) 8