Hacker News new | past | comments | ask | show | jobs | submit login
FCC hits robocaller with agency's largest-ever fine of $120M (usatoday.com)
101 points by wbsun on June 24, 2017 | hide | past | favorite | 77 comments



So basically robocalls can only exist because of second tier telcos who cater specifically to them. They have enough legitimate traffic to essentially launder spam. They charge robocallers more and know exactly what they're doing.

A lot of people deal with robocalls incorrectly by declining calls from unknown numbers. Don't do this.

The correct solution is to answer the call, say nothing and hang up after 3 seconds.

If it's a real call you'll hear background noise most of the time or the caller will say "hello?" Or they'll call back thinking something went wrong. Most robocallers are programmed to do nothing until they hear a voice.

But the critical part of all this is hanging up within 6 seconds. This is the one thing that hurts the telco knowingly supporting this. If a telco has too many such calls they essentially get punished as a bad actor, which is why they need legitimate traffic. I think robocallers and their telcos have wished up to this as I suspect they'll stop calling you if you do this.

When I started this I got 2-3 robocalls a week. Not a huge amount but annoying. Now I think it's been at least 2 months since I've gotten one. It could be that crackdowns on robocalls are yielding results but I'm not convinced.


>But the critical part of all this is hanging up within 6 seconds. This is the one thing that hurts the telco knowingly supporting this

You should explain why that number is critical, what happens before, what happens after.


It is caused by the 6 second billing.


If call is cell to cell and no direct access or egress to landline does the 6 second still apply?

All kinds or rules here https://www.consumer.ftc.gov/articles/0198-telemarketing-sal...


It's not clear why the phone company with lots of 5-second-billed-as-6-second calls will suffer while the one with lots of 7-second-billed-as-12 will prosper?


Telcos judge your traffic quality by several metrics including short call percentage, usually cut off at 6 seconds. Too many calls being shorter than this, and they'll add big surcharges.

The robodialers are so stupid, though. They don't want to pay for the second 6 seconds, and will hang up quickly. So intermediary companies keep the calls open to keep their stats good, then charge the dialer guys more.

Telecom is filled with actors that can't handle basic algebra.

Source: I've run billions of calls as a VoIP network and consulted for folks doing dialer.


How can robocaller keep the call running if party on another end ended the call?


That was my question! The issue is that the robocaller is hanging up early, because they get billed on 6 second intervals. But they pay so much more for their bad traffic that it's profitable to absorb a 6 second interval on the intermediaries end, just to avoid the short-call penalties. Yes, if they'd hold the call open themselves, instead of the middle-man, they'd get lower prices overall.

I see things like this in telecom too much. Where people are mathematically going to lose, guaranteed, but prefer a certain billing because it's easier to understand, or looks cheaper. While this is understandable for an SMB that isn't in the telecom business, I've seen big names take these same deals. And I've seen the other end: they 100% are losing a few % in doing so.


Could you elaborate?


The whole point of blocking calls from unknown numbers is that your phone doesn't ring or distract you. Picking it up is obviously not a solution.


I believe that cletus's suggestion is that the short-term inconvenience of picking up on a few such calls will yield the long-term reward of reduced or eliminated robocalls.


Without any more details as to why or how this will make a difference, I think imma just keep blocking the cams.


I think it's incorrect. If you pick up a robocall, you get flagged as a legit number. They'll call you more, not less.


> say nothing and hang up after 3 seconds.

The "say nothing" is the important part here I think. Most robocall systems would wait for some kind of voice before starting their spam and that's the point where they probably mark the number as 'legit', not as soon as you pick up as they don't know if it's an actual person that picked up.


It just seems unlikely. I suppose it's not impossible, but in my experience robocalls start immediately. And maybe it would work if you pressed "mute", but without that, you'd leak environmental noises into the call. (People talking around you, cara going by on the street...)

It might just be a trick that people pass along regardless of effectiveness.


you might be able to let the answering machine pick it up on the first ring?


I pick up the calls because I hate having to clear the "missed call" notification. If they leave a voice mail, my entire day is filled with fury. If it's a human and I'm not doing anything important, I usually say something stupid or make gross/odd background noises for fun. I'm not sure if what you saying about the 3 to 6 second stuff is a real thing or if it would make a difference in the grand scheme of things but if so, it would be nice to have a "Punish Them" button on my incoming call screen that does all of this for me.


The correct solution is to answer the call, say nothing and hang up after 3 seconds

Actually I like the idea of fining people into bankruptcy so I don't have to deal with their nonsense. This is literally the basis for paying taxes. If I have to do my own guerilla defense against robocalls it's literally a waste of my time, so I typically let calls go to voicemail instead.


> The correct solution is to answer the call, say nothing and hang up after 3 seconds.

Fwiw this hasn't worked with the calls that I get (landline) which start out with what sounds like a fax tone at the start (but is definitely not a fax machine).


IMHO, the way to stop robocalling is to go after the services that employ them. If they're asking people to buy something, follow the money and slap a fine on the seller instead of the robocalling service. Robo calling profits ought to dry up as vendors become wary of using them.


The problem I see with this is:

If a business wants to damage their competitor, they can just start making robocalls on their behalf.

I like your idea and would like it to happen for pretty much all advertising, but it seems like it can be easily abused.


Of course you won't just follow the "product". You'll follow the money, too. And that will probably very clearly not lead to the target product that you're trying to damage.


In this case the entity using the robocalls was foreign, so no FCC fine there.


And how do you go after the seller when scam voicemails don't disclose the name of the company, and when you get a human they hang up as soon as you ask?


They have to collect payment from you at some point, unless they're running as some sort of weird anti-charity. Make a payment, and then follow it.


That seems like a big commitment unless I'm on a mission.


Right, the "you" in that case really needs to be some sort of law enforcement.


I've quit answering any unknown calls due to this out of control robocall spam. At first I felt tinges of anxiety thinking that I might miss an important call, but that passed very quickly. Now I figure that if it's really important the interested party will find another way to reach me (email, sms) and I feel zero anxiety. It's an interesting change in behavior. I'd almost be willing to use an app that restricted calls to my address book plus a whitelisted group of vetted companies.


The Android app for this is called Extreme Call Blocker, and it's easily the best money I've ever spent on an app. It is event-based behavior that you define. For example, I whitelist my contacts, and anytime I receive a call from any other number, it picks up the phone and immediately hangs up, and I receive no notifications whatsoever. This has the nice effect of denying any access to voicemail. For my contacts, I have ECB let it ring a few times, and then also deny voicemail to people in my whitelist. Obviously I hate voicemail. Then, if ECB ends up picking-up-hanging-up-to-prevent-voicemail on a few of my special contacts after I don't answer (e.g. coworkers or family), I have it set up to helpfully send a "form SMS" to the contact telling them I'm not available and to call again or SMS if it's an emergency. Absolutely the best app I've ever purchased.


My attitude as well. If someone wanted to get in touch with me for something important, I imagine they would leave a voicemail or text or email me.

In my iPhone I have "do not disturb" setup and it only allows people in my address book through.


I ended up subscribing ($19/yr) to NoMoRobo and it's worked well so far. Hiya was moved to a secondary position. That and T-Mobile's Call Protect (free) and the number of junk phone calls has dropped to maybe 2 a week, where it was up to 5-7 a day.


Unfortunately I don't have the luxury of declining an "Unknown Number". Correctional complexes do not identify the number as only the inmate can call out and no call back number is provided.

However I have not received any spam from "Unknown Number" due to this herd immunity to unknown number spam, which I am grateful for.

Given my area codes are no longer where I live, I just assume numbers close to mine are accidents and don't bother answering them. Voicemail seems to validate this when a message is left.


I think that for the most part, people aren't talking about when the phone literally says "unknown number", but when they've received a call from a number similar to their own that they don't recognize.


I made the mistake of registering a .us domain and using my regular phone number, after six months I've started receiving the infamous robo IRS calls. The robot call is listed as being from 1-866-978-6618 and in the voicemail requests that I call back that same number. Online this number is listed as being used for the IRS scam in June 2017. How does a scammer set up an 800 phone number without having it traced back to them? Why is this number still operational after a week of scam calls?


I've resorted to only using a google voice number for my domains. It's insane how much spam you get from being forced to provide contact info to the public.


I have a VoIP line that goes no where (no voicemail, just drops the call) for things like this. Absolutely no legitimate communication will be made to my whois contact, so why bother routing it anywhere?


I probably get about 5 spoofed Caller ID robocalls a day between my cell and my landline. I don't pick them up but they're still enough to jerk me out of whatever I'm doing.

I just wish there was an easier way to report them. At this point I've given up on the going online and filling out a form which basically requires me to have listened to the whole spiel to answer fully. I block the number but it's pretty pointless as they rotate at least the last four digits.


Well Heather certainly loves to call me and its a combination of either using my area code and prefix or other companies randomly choosing long distance numbers.

I have noticed spoofing of 8 numbers as well. how do these get through the phone system, can't they detect ANI being bad at the source? I used to work for a company where we logged our workers on and off shift; rent a cop; based on the ANI data from the phone call. So I am really curious how this isn't blocked by entry into the system.


Some providers send an ANI that has nothing to do with the actual caller, and some allow it to send nothing at all. See http://www.oldskoolphreak.com/tfiles/voip/voipani.txt


What's worse is false positives. It conditions you to ignore any calls you don't immediately recognize, which can have consequences if someone is trying to get ahold of you for some timely legitimate reason. Some people don't leave voicemails, either.


Which makes the local ID spoofing especially annoying. I'm pretty sure no one in Florida has a reason to contact me. Someone ostensibly in my town? Not so sure.

Cell phone is actually easier because it's not a very local number anymore. But it also means I have to set it to Do Not Disturb while traveling across time zones. So no one can get me in the middle of the night in a legitimate emergency.


This is the one time in my life that I've been glad to have a number from a place I don't live. All the hassle of trying to explain to people that yes, my area code is actually an area code, no it isn't from around here, etc. All absolved when I know I can ignore any number from my area code, 'cus who the hell wants to call me from there? Nobody.


Mine is from close enough that people recognize it, but far enough that the only people from there that would ever contact me are family members, and of course I already have their numbers programmed in. It is very convenient!


If people don't leave a voicemail (or send text), they don't have a "timely legitimate reason" then.


How about CAPTCHA for unknown calls - numbers not in your contact list will be required to answer something only a human is capable of answering before getting through to you.

Or another approach that Google does with Google Voice is to ask the caller to identify before the call goes through. Then the phone rings on your side and you hear the name of the caller before you decide to answer.


I'm working with a friend to build this. You can sign up to beta test at https://quitcalling.us. You can also text a telemarketer's number to 865.407.2730 and our system will file a complaint with the FTC on your behalf.


Do you know that these callers will spoof numbers that don't belong to them? Filing a complaint based on them can be effectively a Joe Job.


This is only effective against the relatively honest telemarketers that use correct Caller ID information. The really bad ones, like the one involved in this article, use spoofed Caller ID -- reporting them to the FTC is a waste of time for everyone involved.


It wouldn't be if anyone actually followed through on the complaint. Each company knows who sent them the call, even if the caller ID is misleading. (Though you might have to keep digging though several companies to find the actual call sender.)


I think this is a great idea! Good luck!


I have a something like this that I setup via Anveo.

Whitelisted numbers ring my line. Blacklisted numbers are hung up immediately. Everyone else gets a message saying "Press 1 to be connected." If they don't, they go to voicemail.


When I get a call from a spoofed number, can my carrier tell which carrier sent them the call? After I started getting a lot of these, I called T-Mobile, who proceeded to be completely unhelpful and offered to block it based on the caller ID number, acting as if that would somehow help.


Not really. They'll know who immediately delivered it to them, but then need to get that company to reveal their customer. This chain may run several companies deep.

I've seen a ton of these complaints come through. They're basically ignored or given a useless "that caller ID has been blocked" response just to say something was done. At the end of the day, sales wants these calls to keep flowing so they're not gonna get too hard on customers unless they're really abusing the betiejr (placing tons of no-answer or short-duration traffic).


Can someone explain what "neighborhood spoofing" technology is? Is it legal (beyond the fact that it lets you spoof and match the first few digits)? Can anyone do it? What's a legitimate use case for it?


It's just spoofing caller ID. Caller ID has no verification or security around it, other than what a provider might optionally choose to put in place.

Here's how to do it with the open source asterisk pbx: http://allanfeid.com/content/caller-id-spoofing-w-asterisk

Or, just find a cheap VoIP provider that doesn't verify control of a number before allowing it to be used as CID. Voip.ms lets you spoof CID right from their web based config: https://wiki.voip.ms/article/Caller_ID

The legit use cases are where you spoof a different number that's still your number. Like your landline presenting your cell number. Or a business presenting the main number for all phones.


To add to the other response you got, yes, it's illegal. The specific federal code that it breaks is in the article.


The CallKit blocking list feature in iOS 10 helps with this, at least in the case where the caller is not spoofing a legitimate number.

I have a Miami area code and robocalls were a constant problem until I installed Nomorobo.


The CallKit framework is definitely a welcome addition, and Nomorobo is quite good. I am actually working myself on a new app similar to Nomorobo, but with some additional features that so far no other app using CallKit provides. I decided to write such app because of the daily robo/telemarketers calls I am getting.


I will pay well for this provided you do not harvest call activity and your TOS has teeth against that.

All others I’ve found so far harvest and resell your call network.


I look forward to a Show HN post!


The first time I've received a robocall here in Russia I was really amazed at the impudence: it's bad enough when a live person calls you, but when you get a robocall? Immediate blacklisting of the number and the brand. And when I'll get another one, I'll probably go out of my way to report to some agency.

IMO this is nearly as bad as a stranger insulting you in the street: they're at least a live person taking your time.


How is it that we haven't solved this yet the same way we solved email and blog spam? Why can't I mark a number as spam on my phone and if "enough" people do that the number will be automatically blocked. This could just beer implemented by a single phoned manufacturer and already have a significant impact. Not mentioning of one of the big ones like Apple did it.


The Google dialer already marks numbers as spam. If a call comes from a spam number, the dialer pop-up is red instead of green and says "Suspected spam call". There is also a "report not spam" button.


Great, now I know who was kindly calling me several times a week on behalf of Marriott offering a "free hotel stay".


Awesome. I think I was called by these guys, and I reported them to the FCC via Do Not Call Registry, which I'm on.


I got hit by this several times a week for over a year and then it suddenly stopped a month ago. I was always confused how they were allowed to spoof phone numbers with my area code and first 3 digits.


The best solution imo is to block any call from a number that is not on your contact list and direct all other people that need to reach you to email. Your friends and family can still reach you and legit people who need to reach you can still reach you via email. Email spam filters are much better at blocking unwanted traffic.

It's far from ideal, and people might give up and not try to pursue getting to you but the situation with robocalls has got so much out of hand that drastic measures are needed.


Rather than go that drastic, you could simply get one of those answering service apps that require the user to announce themselves and press 1 to get through. You can set that functionality to only happen for numbers not in your phone book.


Actually I am wondering how much these companies can make by doing this so that they may be able to afford the $120M fine.


I'm assuming that is a fine meant to completely destroy your company. I would be very surprised (and angry) if they are able to pay that fine.


The fine has been levied against an individual, not a company. He won't be able to afford it.


I'm guessing they couldn't afford to lobby Ajit Pai.


Perhaps they'll be comforted by this notion: his future lobbying efforts will be that much more effective when he mentions what a shame it would be to donate too little, like those poor robocallers did.


They should triple the fine.


[flagged]


Same here. I would prefer if my phone did not ring unless the caller's number was in my address book.


This is a copy and paste quote of a post from user 'nugget' about nine hours earlier. Looks like spam or thread manipulation.





Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: