We've become so desensitized to spam and robocalls due to the scale of the problem - but these should absolutely be treated as attempted theft. If there were a gang going door to door trying to con elderly or otherwise gullible people into giving them thousands of dollars, there would be task forces formed and police patrols on every block. Instead, since it happens over the internet and on the phone, we give it benign names and treat it like a minor hassle and let everyone fend for themselves.
How did we become "okay" with having most of the communication that reaches people be malicious? What is Federal law enforcement doing? Why the hell hasn't the FCC nuked these companies' ability to operate? Who is lobbying for this shit?
Politicians use the exact same companies and tactics to solicit votes, so why would they fight against themselves?
A politician's job is to stay in power and work towards their reelection, not make your life better. In some cases those goals happen to align but that's merely coincidence and should not be taken for granted.
In this case, effective anti-robocall legislation would also work against their own interests.
> Politicians use the exact same companies and tactics to solicit votes, so why would they fight against themselves?
Say what you will, the 27th Amendment passed. (IE: makes it constitutionally illegal for Representatives to give themselves payraises immediately. They have to give pay-raises for the _next_ congress, which means it may give a pay-raise to the opponent if they lose the election).
Politicians do, and have, been forced by the people to make bad choices for themselves for the good of the country. And its not like its an easy thing to pass a Constitutional Amendment like the 27th.
---------------
We also used to have very strong laws with regards to campaign finance. It was actually our judges who took those laws away in the Citizen's United case.
But our politicians actually put those laws into place to allow the people to trust them more during campaign finance season.
Etc. etc. Plenty of examples. All we need is to convince enough people that a particular law is a good idea, and then that law will happen.
Sure, but the Congress that approved it never felt its consequences because it took another 200 years for it to become ratified. So the first group it affected was definitely not the same group that voted for it.
The salary is not the primary compensation. It's the network, the favors/jobs for friends and family, and the cash-out reward position taken after leaving office.
I think this is overly cynical. The playing field would be level with or without these companies existing.
This is one of many problems where the profits are concentrated among a few players highly motivated to preserve their existence, at the expense of annoyance among vast numbers of people but not to the degree that they act.
Politicians do not use the same companies. There are very specific firms that primarily handle political communications and text messages and phone calls.
And political communications are exempt from CAN-SPAM
The innovation needed here is for everyone to be able to have a premium rate phone number, and be able to set fee rates for contacts or "classes" of callers. Spam & robocalls need to become too cost-prohibitive to pursue. Everyone's time has value, so it seems mad that we can't set fees for incoming calls or texts.
I find it interesting that Americans are so afraid of regulation that suggestions like these get thrown out in response to calls for regulation. Just effectively regulate via government and move on. Don’t make everything a private toll thing.
A lot of people may not like regulation, but that excludes the issue of robocallers and spam marketers. People on both political spectrums support regulation here. The problem is that existing regulation is ignored and not being enforced
Obviously you would need an exception for calls you've given consent to receive.
But then companies would stick consent in every form license on the internet. So you'd need some kind of cookie banners that require you to give consent explicitly. But then you might miss the box you actually wanted to check opting in to appointment reminders from your doctor and then miss your appointment. So maybe we allow default opt in under some byzantine circumstances that require everyone to hire a lawyer to understand which also has the effect of exempting political donors so that everyone can continue to be inundated with calls.
What was the downside of letting people set inbound fees again?
Theoretically you already need to have a relationship with the sender today. Set an inbound fee and some people will set a high fee which catches the unwary and many legit senders simply will refuse as a matter of policy.
The obvious implementation would warn the caller that there is a fee and tell them how much it is, and then notify the recipient if they had a caller who refused the charge and provide their number.
Robocallers might then refuse the call if there is any fee at all, which is great, and then if you get the one from your doctor's office you see it in the call log and can exempt the number for next time.
Make it hard for people to reach you and they’ll be happy to just hang up. They have better things to do than get through to people playing elaborate games. It’s usually hard enough to connect to a doctor’s office as it is without expecting them to jump through hoops to get you on the phone.
"Press 1 to pay $0.10 and connect the call" is an elaborate game?
It doesn't happen to anyone who regularly calls you because you've exempted them but it handles the case of someone you know calling from an unusual number with something important, because they just pay the pittance. But spammers can't afford to do that at scale, and if they can you can raise it to $0.25.
I'm not sure what you're referring to as an unnecessary burden. Identifying who it is you consent to have call you? How do you propose to avoid that without allowing either everyone or no one to call you?
This sounds like a pretty huge hassle to me as a phone customer, honestly. I'd prefer that they just have to get my consent first. It would be a lot cleaner and easier for everyone, including the marketers.
Did you want the version where consent is easy to get and then you still get tons of spam calls, or the one where consent is hard to get and then many useful services don't exist?
And how would a consent law help anyway? Many of these calls are literally scams. They're already illegal and the problem is a lack of enforcement.
If you are that bothered by spam calls you probably need to make the tradeoff that you’re ok with not being able to reliably receive calls from numbers that aren’t on an explicit white list.
Various fixes are underway but today you have to make that personal trade off.
Phone calls to mobile phones are much more expensive in other countries.
In the US, mobile phones share their area codes with landlines, and it's the person with the mobile phone who pays for the "airtime" of their incoming (these days it's basically free so you can't tell, but historically it was much more expensive)
In the rest of the world, mobile phones have their own special area codes that are charged to a higher rate to the person who is making the call, and incoming calls are free for the mobile subscriber.
If you look at the pricing plans for VoIP providers, calling a mobile phone can be up to 10x more expensive than a landline (e.g. I'm seeing for France a landline is 4c/min, a mobile is 17c/min on RingCentral). But calling a US phone of any kind is often even completely free.
> Phone calls to mobile phones are much more expensive in other countries.
No… that isn’t why. Where I live both are rated the same which is to say, essentially free. We still don’t get this.
I’ll tell you what it actually is: American exceptionalism. Again we’re talking about a country so allergic to regulation that some poster above was talking about inbound fees. Yeah no, here we just regulate, and it works, and I’ve never had to think about it. Maybe just copy the working examples instead of being so dead set that it Won’t Work For Your Country.
While I think a proposed "inbound fees" soloution is a ridiculous one other countries do not have spam calls figured out.
The reason it happens so much more in the U.S. more than other countries is the ease of exfiltrating money from an enviroment where on average you can get a wealthy target (relatively, even if someone is living paycheck to paycheck if they're paying $4000 in rent it's a pretty big paycheck worth targeting). If the US starts to get on top of spam calling there's a very real chance that the countries it doesn't happen often in will 'enjoy' a similar level of spam as established scammers retarget their efforts.
The good news is the US telcos are forced to do a lot of the heavy lifting in forcing foreign telcos they connect with to begin using SHAKEN/STIR protocols. This means that other countries (which are in just as bad a technical position as the US) will be able to pass similar regulation on their telcos, without having to worry about accidentally forcing them to cut off entire other countries, as most legitimate telcos will have cut their teeth while dealing with the US telcos.
N.B. SHAKEN/STIR protocol requirements basically means that you can identify a call and say to a foreign connecting telco "Here are these identifiable calls that are a problem, I'm sure it's not you so go talk to the smaller telco you provide services for that you can identify with these number (even if we can't) because we don't want to be forced to cut you off". It basically removes the deniability of "Well we've got 10 smaller sub telcos servicing the country/countries and no system implemented to tell which of the 10 is selling to bad actors" because it enforces having a system going out and if your not getting your sub telcos to use shaken/stir on the way in you're the problem.
> The research also estimates the average person now receives 6.04 nuisance calls every month, while 56% of people receive nuisance calls every single week, and 83% of people receive at least one nuisance call a month.
There are industry experts who know the technical answers to your question and lawyers who know the legal ones, why should I have to come up with it myself?
There are gangs going door to door attempting to coerce and extort elderly people. My grandmother invites them in for tea. They try to sell her funeral insurance and extended car warranties or they tell her that her grandson whose name they can't say is in jail and this is their one and only chance to ever get bailed out or would she like to donate to their political campaign.
Probably negotiating with India behind closed doors to shut down the scam callcenters, but as a recent scambaiter video (I think it was Jim Browning) showed, corruption in their police is endemic and callcenter operators still get warnings before raids. The profit these centers can make is utterly insane, and so they can afford a lot of bribes.
> Why the hell hasn't the FCC nuked these companies' ability to operate?
SS7 is an international system with seriously lax access controls, it's many decades old and as a result it's extremely difficult to get everyone to upgrade their systems - you don't want to cut off entire countries, particularly poor ones, from international telephony, the fallout would be catastrophic.
Actually I do want to cut off entire countries, if those jurisdictions are waging criminal war against our citizens. Clean up if you want to participate in the global community.
No disagreement from me here - if I had anything to say, Russia, North Korea, Iran, China and on the cybercrime side Turkey (a hotbed for scam callcenters targeting Germany) and India would be completely cut off from Internet and telephony networks.
It's time to hold bad actors accountable. Unfortunately, the cost of doing so would put way too much money at risk, I'd even see some of these escalating into outright war.
Trade is a big issue in some places. Elderly New Zealanders regularly lose their life savings to these crooks with hundreds of thousands (if not millions) of dollars leaving the country every week. The government is hesitant to do anything about it.
How much of a problem is this outside the US? In Japan I get maybe 1 call like this a month (always from a "weird" area code). Meanwhile everyone in the US seems to be constantly getting these calls. Surely other countries also have marks!
(I know about the scam calls to old people in Japan being a thing. Having a cell phone probably removes me as a mark)
Not a problem in the Netherlands. Unsolicited calls from companies you where never a customer of where made illegal a while back. In the last year i've had 1 robo spammer call and 1 telemarketer, so it seems to be working.
If you apply for a home loan, you will get about 100 calls per day for the first week and it will trickle away over the next two months. I still get 3~ per day. It's insane.
Door-to-door missionaries and college endowment call centers are the scum of the earth that intentionally prey on old folks looking for meaning and/or legacy.
Weird how police are the most funded they've ever been (every year going back like a hundred years with rare and negligible exceptions) and yet they are so bad at stopping this alleged crime wave.
I think they're referring to California upping the cutoff for shoplifting being a misdemeanor to $950.
A quick search found this (right leaning) source that might have been the one they were reading.
https://www.hoover.org/research/why-shoplifting-now-de-facto...
Police tend to spend a lot less time on misdemeanors for obvious reasons, so makes sense why funding wouldn't impact that much.
Looting a couple handbags or iPhones easily gets you over the felony limit, still no action. The police in the Bay Area just really don’t want to do their jobs unless there’s a gun involved. The law change provides a convenient scapegoat but doesn’t actually explain the inaction.
I hate to push products, but happiness is the Call Screen built into Pixel phones. If it feels the call might not be spam, I still have the option to screen it and watch the party converse with the Google Assistant in real time—kind of like the answering machines of old, but you can read instead of listen.
For my use, 99% of the time i just leave my iPhone set to silently reject all calls from unknown numbers, and that works for me.
it's pretty rare that there's somebody not already in my contacts that i actually want to be able to call me. they can go to voicemail, and i'll deal with it later.
Except for when a restaurant is calling you to let you know that your table is ready.
Or your doctor's office is calling to let you know they suddenly have an opening this afternoon.
Or your Uber driver is calling to let you know you left something valuable in their car, right after they've dropped you off at the airport.
And so forth. I've learned from hard experience that silencing all calls from non-contacts bites you in the ass. There are legitimate calls that benefit you now, where going to voicemail defeats the purpose.
To each their own, and everyone’s life has different complexities, but a decade of never answering a number I don’t know has yet to be a problem. A few times a year I’ll get a message from the doctor on my answering machine. That’s about it.
Generally they prey on people who cannot override their fear of missing out. It’s the “you may have already won!” trick in a different format.
Yeah. I’m willing to bet that the casual “so what if they can’t reach me” crowd don’t have elderly parents, kids, spouses, don’t put themselves in group trip situations where you don’t want to put everyone’s number in your permanent contacts, etc. No it’s pretty much idiocy to basically throw away voice calls because you get a usually obvious junk call now and then.
> No it’s pretty much idiocy to basically throw away voice calls because you get a usually obvious junk call now and then.
Seems the other way to me and I would guess you’ve never tried it for any length of time. I get 4x as many junk calls as I get legit calls. If I don’t recognize your number, I send you to VM. My parents are elderly but they leave a message or send a text if I don’t answer. I add my doctors offices, city dispatcher, and similar numbers to my phone as soon as I learn them. It’s rarely a problem to hear a message and call back a few minutes later (except when they also don’t answer, in which case I leave a message and now have their number in my phone). Even works for large multi-location offices, who often show the same number no matter which is calling. My (adult) kids have been involved in emergencies and I see “City Dispatch” come up and I answer.
> If I don’t recognize your number, I send you to VM.
This is about silently rejecting all calls from non-contacts. You don't even know somebody tried to call, and any voicemail notification is easily lost among other e-mail and SMS and app notifications.
You're totally excluding your ability to respond to anything urgent unless you happen to check your voicemail notification at that very moment.
I'm glad your doctor calls all come from the same number -- mine don't at all. Nor do calls from delivery people asking where to safely leave a package, and so forth.
I'm glad it's not a problem for you -- I thought it wasn't a problem for me until it had negative consequences for me. So it's just to warn people, you know?
it's not. that's not how the iOS feature works. you still see it as a missed call, there's a notification saying it was rejected. it just doesn't ring.
The fact they think this shows they have no idea what they’re talking about.
This problem was solved when apple introduced ignore unknown callers.
They could improve on it slightly by allowing iOS apps access to breakthrough if they can prove its from an app somehow (like Uber or doordash), but really even that is an optimization not really needed.
For the phantom “what about my kid who’s phone is destroyed and is calling me from a strangers phone with seconds to live” you’d get the voicemail and multiple calls anyway.
That said, in recent years I’ve noticed a precipitous drop of these kinds of spam calls, so it may no longer be that big of an issue.
> For the phantom “what about my kid who’s phone is destroyed and is calling me from a strangers phone with seconds to live” you’d get the voicemail and multiple calls anyway.
No need to exaggerate -- this is about restaurants and doctors and deliveries, things that happen routinely -- not hostage situations you've pulled from the movies.
So no, you don't get multiple calls, and the voicemail notification is easily lost among 10 other notifications from the past half-hour. That's the whole point.
Because my phone rings and apparently unlike other people on this thread it’s usually a legit call and I can just let it drop to voicemail if it’s one of the relatively few obviously junk calls I get.
> I’m willing to bet that the casual “so what if they can’t reach me” crowd don’t have[...]
You'd be making a bad bet.
Besides, who is taking that stance? I don't answer my phone if the caller isn't in my phone book, but that doesn't mean legitimate unknown callers can't reach me! They leave a voice mail, and I'm listening to it immediately after they're done.
Because some things are urgent and I may not notice a straight to voicemail for a long time. I understand if junk calls are so frequent that some people are basically forced to ignore non-contact phone calls but it seems sub-optimal for the couple times a week situation which is my case.
> Because some things are urgent and I may not notice a straight to voicemail for a long time.
How so? My phone notifies me that the original call came in, and also notifies me that a voicemail was left. If I'm in a situation where I wouldn't notice a voicemail was left, I wouldn't notice the call in the first place anyway.
By default, calls ring or vibrate constantly so that you don't ignore them. Because they're intended for synchronous communication.
Notifications (including voicemails) are just a short ping, jumbled in with all your other notifications. Because they're intended for async communication.
So no, by design, your phone is meant for you to notice somebody calling more than a voicemail being left.
The latest iOS instantly transcribes voicemail. I find it handy to pick up the calll midway through. Just to be clear, I’ve used it exactly once so far. We’ll see how that goes.
The only situation you describe that actually would fit the “unknown callers” is the group trips.
Family are in my contacts, problem solved.
As for group trips, turn it off for that day(s) and turn it back on. Those, for most people, I would think would be pretty uncommon, and manually switching it off and back on is a much better solution than always having to deal with robo calls.
And I’m sure I would rarely remember and it’s not a wildly rare scenario for me. I admit I’m not deluged with junk but I’m not willing to roll over and make my phone significantly less useful because of some spammers.
My doctor's office is in my phone book, so that's covered.
For things like restaurants, I know that I'll be receiving a call from an unknown number and will just answer it.
For unexpected things, like Uber, they'll leave a message on my voice mail. I'll be notified of that as soon as they're done and will check it immediately.
That all works for me. It's a shame that I have to do all of that rather than just answer the phone, but there's no other option that I can see.
The feature they’re referring to , the phone won’t even ring and send the caller straight to voicemail. You won’t know you got the call unless you happen to be looking at the screen.
That's on your notification settings though. You can make Voicemails have a higher notification priority if you want. If you just turn on reject unknown calls and keep up everything else normally, you may have issues, but if you adjust some and do things like making voicemails more obvious and add more contacts to your phone, it works ok.
For sensitive times where I know I'm expecting a doctor/contractor to call, I'll just turn it off and set a reminder for later on to enable it again.
I would do that, but my doctors office seems to have at least 100 phone lines, and the number that shows up on the caller is basically random after the first 4 digits.
Quite often you'll find that the doctors office is part of a larger system for an entire medical center. Your call can get routed out any open physical line. These days fully VOIP systems will mask the number as the primary, but some systems still have physical connectivity to the phone companny.
Oh I wish. I’m in Optimum (Former Suddenlink) territory.
It’s only in the past year I was able to upgrade from 300mbps to gigabit, and it ain’t fiber. Also obvious that the local techs have no clue what they’re doing since the link goes down several times a night briefly, always at exactly 15 minutes after the hour. It’s obvious there’s a switch or something that they’re just rebooting every night.
Google Fi is an MVNO. They give you a sim, service is provided via T-Mobile mostly. (It used to have Android required special roaming on Sprint, but T-Mobile absorbed Sprint, so that's moot)
Ahh.c that explains it. I’ve been on sprint forever, on a long grandfathered unlimited plan. I was only actually swapped to a T-Mobile sim about 6 months ago.
I live in Aus. Spam calls use unredacted numbers. Several places, including the police, do redact their number.
I have no idea why they don’t use a single egress number so I know who’s calling, but here we are.
Just imagine reporting to the police that a stalker is calling you from an unknown number, only to have the police call you on an unknown number.
The really funny thing is, that these calls often have called ID from within Australian network, but the caller is obviously from outside the australian network.
Seriously, just ban anyone pretending to be another number unless the telco itself has set it up. The phone is essentially useless to me these days.
I set up an IVR that requires (non-white listed) callers to press a number to ring through. My spam calls went from several most days to less than one a year. I suppose I also miss out on automated appointment reminders, but whatever.
I don't like rejecting calls. I prefer they go to voice mail/transcription, so I set my main system ringtone to a few seconds of silence, and then a custom ringtone for everyone in my contact list (plus a few additional ringtones for family and close friends).
Bonus, if I happen to notice the phone screen light up with an unknown number and I know I'm waiting for a service station to call, I can always try my luck that it is actually legit.
Do you have family? Because I've heard horror stories of people who did this, and then no one could contact them when a family member was seriously hurt.
I do this and I have family. If somebody leaves a voicemail I check it right away.
About 6 months ago I started getting 10-30 calls per day so I really have no other option. Most of them are Medicare scammers (I'm not even old enough to qualify). I cannot fathom how:
1. The FCC/telcos have managed to allow anyone to spoof any number they like with no oversight and no (effective) abuse reporting system. This has been going on for years with absolutely no improvement.
2. Medicare is apparently so easy to scam out of money that all they need is my name and birthday to get money out of the system on my behalf. When I've answered and played along by giving them fake information, they always hang up as soon as they have these 2 pieces of info.
It's helpful to have a cell phone number from an area code across the country, then it's usually easy to tell likely spam calls (in my case usually 775 or 702) from legit calls (which for me usually are 312 or 773). There are also spam calls from random area codes but I usually don't answer those...
This so much. I don't remember that spam calls exist anymore until I read a post someone complaining about getting spam calls. It works so well. I haven't had a false negative in the 3 years of using it. All the people who truly wanted to contact me would say something into the assistant, and the phone rang, and I'd pick it up.
Apple does this as well, but this is a Band-Aid. Think of the old people who get scammed by these calls. This is a system issue and should be fixed as such. It’s frankly embarrassing how the phone companies have effectively killed the “phone call” through their neglect.
I’ve recently gotten an iPhone (coming from a Pixel 7), and it’s honestly not in the same league for dealing with Spam calls. It’s much more of an annoyance since I switched.
> phone companies have effectively killed the “phone call” through their neglect.
They haven't - they're still making bank on the spam traffic, which is also why they're reluctant to implement solutions despite it technically being trivial.
If phone spam was actually making a dent in revenue (aka legitimate call revenue was going down and the revenue from spam wasn't making up for it) they would've got their act together very quickly.
Nope, not quite public yet. Google has had this for years but Apple is just now about to get it with the release of iOS 17 and "live voicemail". Still have a month or so before that's out of beta.
100%. Call Screen and the usual spam detector in Pixel has made call spam a non issue. I also don't pickup any calls that are not from my phonebook and let them go to VM/assistant, and listen to them immediately.
iOS 17 won't be bringing the automatic call screening, but it will be bringing the ability to send calls to "voicemail" and screen them yourself, picking up if you feel like it's worth answering.
In my experience (with the beta), live voicemail actually replaces carrier voicemail whenever possible.
This means that if you ignore (or even miss!) a call, it’ll record and transcribe the call as a live voicemail anyway. So I’m not sure what Google’d call screening provides above this (unless all unknown calls get sent to the call screening? You can tell iOS to “Silence unknown callers,” which does still ringback a few times before recording a what I presume is a live voicemail)
And at any point during the voicemail you can answer the phone anyway.
Of course, if you get a call while you have no signal it’ll just go to carrier voicemail. (Recorded live voicemails and carrier voicemails are played back from the same screen, so this is no more complicated to navigate than before.)
Honestly, this is what I wish Android's call screen was. Call screen starts by explaining itself, which I think could waste time, can be confusing, and possibly is insulting. Compared to a quick "Hey please leave a message after the beep."
I want to be able to send basically all unexpected calls to the screening, and only pick up if it's something I want to respond to right now. It feels rude to, eg, send a neighbor to a call screening service when I definitely have their number but don't want to drop what I'm doing to hear them complain about something.
Call Screen is a nice addition to global call control (or whatever it gets renamed to per carrier), that just prompts callers with a simple "press this button to continue the call".
Went from every day at least a dozen calls mostly from spoofed numbers, to only getting the important ones. Call Screen winds up being just a nice cherry on top.
Years ago I heard that SHAKEN/STIR were being implemented and would allow robocall blocking. I still get tons of robocalls. I've had this explained as "SHAKEN/STIR were the crypto that will eventually allow blocking, but the blocking will happen later." Is it later? Is this the start of the actual blocking?
It has started. SHAKEN/STIR are what gives the FCC the ability to trace the source of these calls backwards and hold responsible the gateways acting in bad faith.
Hasn’t changed for me. I am constantly pestered by spoofed-local-number spam calls at both my personal number and my work number, in two different area codes. My job requires me to be available on the phone so it’s particularly frustrating because of how often I have to pick them up just to hear about a warranty on yet another car I’ve never owned.
Similar experience here. I got absolutely ridiculous numbers of spam calls up until maybe early 2022? Now I get almost none in comparison. Like 2-3 a month as opposed to tons every week before.
The traceback rules are really what did that but I think those were in the same bill that mandated STIR/SHAKEN. STIR/SHAKEN just makes spoofing caller ID more difficult.
Are the provisions of STIR not necessary for the traceback rules to be applicable?
My understanding is that without STIR a gateway acting in good faith can't definitively identify malicious traffic, and a gateway acting in bad faith can claim any malicious traffic they forward appeared legitimate.
2) Deploy policies to make inter-telco tracebacks easier and increase liability for carrying too much spam.
3) Drop unsigned traffic and shutdown spam friendly portions of the PSTN (analogous to open email relays).
4) Use the tracebacks and KYC to deter robocalling operations from getting onboarded and ban current customers who are robocalling. And keep them banned when they open new sockpuppet accounts. It'll never be completely eliminated.
You can get local phone numbers for a trivial amount of money - no caller ID spoofing required! Robocall operators have realized this which is why a substantial amount of robocalls are attested: https://commsrisk.com/calls-with-stir-shaken-c-attestation-n...
Even if there is thorough, mandatory KYC for VOIP services, we will just have robocalls being routed through simboxes filled with prepaid SIM cards. The whack-a-mole game will move there and the carriers will lose just like they do in Africa and the Middle East where people use them on a giant scale to arbitrage termination rates.
>we will just have robocalls being routed through simboxes filled with prepaid SIM cards.
it would cost a lot of money, especially if carriers limit the number of numbers you can call each month before an additional charge (100-200 numbers / month then extra fee ?)
> You can get local phone numbers for a trivial amount of money
and companies that provides phone numbers them can also monitor suspicious traffic.
I remember that when I first opened an account at Callcentric, they froze it until their support could reach me to ask a few questions.
Now, I've had it for a few year, did just a few calls, and I no longer have to go through that to subscribe to more services.
On a slightly different topic, cloud providers have learned to keep their IPs clean, even if you can get some for cheap. They just check what you're doing.
it would cost a lot of money, especially if carriers limit the number of numbers you can call each month before an additional charge (100-200 numbers / month then extra fee ?)
Anything like this would still have to be affordable enough for call centers and businesses. A pharmacy can easily have 10-20 lines: A few for the cash registers, a couple for the office, and a bunch for the pharmacy (they might still have a fax line too). It is easy to see how a call center or a large department store (wal-mart) might reach 100 lines.
And on top of that, you'd somehow have to make this international and get other folks to enforce this - and this is assuming the scam call centers are following the law in ways that the country in question can actually enforce.
I always like the sound of the simple solutions, but every time I get look into these details, I can understand why they don't just work.
SHAKEN/STIR are implemented but the providers have given no tools to the end users to actually do anything actionable with it. Heck, they haven't even exposed it unless you are a megacorp.
The telcos might be a common carrier, but as the end user I sure as shit should be able to block calls originating from providers I see abuse from constantly. I'm looking RIGHT AT YOU, TxtNow.
> Heck, they haven't even exposed it unless you are a megacorp.
Cell phones surface the SHAKEN/STIR attestation status to the user via a checkmark in the telephone UI.
If you want to programmatically act on that data to filter calls... Android provides access to the attestation level via the android.telecom.CallScreeningService API. (I can't speak to what iOS provides.) For VoIP, many providers will also either pass along the attestation level in the SIP headers or by appending some text to the Caller ID string.
IMO the attestation level isn't really actionable data though. A legitimate call may come through missing attestation for reasons that are not malicious. Similarly for things like B2B, the calls themselves may be attested and legal, but I'd still want to block them. We really need to be able to get the entire payload.
If end users could directly and simply block carriers that waste their time by delivering shit calls, this entire issue would have worked itself out years ago. I just don't think that the current strategy of having the FCC yell big numbers at foreigners is really doing all that much...
Personally I've seen very few robocalls these day.
I think all the IP based providers in the US have implemented SHAKEN/STIR. There is still a small amount of non IP based systems which FCC is looking for solutions. And international calls will take some time as other countries look into implementing similar methods.
A little yes, a little no. Your phone knows when it's receiving a call from an unauthenticated number, but it would be very unreliable to use this metric alone to decide when a call is untrustworthy. My understanding is that carrier telemetry is what drives the final yes/no verdict.
This method basically has not yet been used much, but it is in place.
The dangerous issue is that if a spam operator has 33% legit traffic, do you kill the spam operator and the good traffic with it, or what? Kill the traffic... innocent people harmed, or leave the traffic, spam continues.
> if a spam operator has 33% legit traffic, do you kill the spam operator and the good traffic with it, or what?
Yes, we should with these long-time, serial offenders. Having legit traffic is just a fig leaf cover for them anyway. Any legit reseller clueless or negligent enough to accidentally stumble into business with these guys will switch providers as soon as their customer's calls stop connecting.
Also, no real telecom providers are routing meaningful amounts of traffic through these shady operations. Any legit traffic on their networks is mostly coming from fly-by-night, bottom-feeding telecom resellers in the same countries the spam calls originate from. Any retail customers of those resellers are probably paying ripoff prices for unreliable per-day or per-call service anyway. It's not people with normal pre-paid monthly service from any legit telco you've ever heard of.
If a bank is comprised of 66% of their customers being narcos, the bank gets shut down.
You don’t get to facilitate in illegal shit and hide behind your legitimate customers. Likewise, if you are a customer of theirs and know they heavily transact with illegal services, it’s on you for getting blocked.
Their legitimate customers are. If that means getting the operator to clean up their act, so much the better. If they won't, then at some point their legitimate customers will suffer.
And will probably have to jump to a more expensive provider who isn't subsidizing them with spammer revenue.
> The dangerous issue is that if a spam operator has 33% legit traffic, do you kill the spam operator and the good traffic with it, or what?
You are implying that "you" means the telco or FCC decides on behalf of "everyone." That is not the correct viewpoint. If the telcos are the common carrier, they dont get to decide. I am the customer; I get to decide. Problem solved. No additional regulation or debate is needed. This isn't hard.
If the spam calls have spoofed source numbers, the provider should be within their rights to refuse the traffic regardless of common carrier status.
I am the customer and I would love to see the data of which providers _originated_ each call that I'm about to answer. That would make it trivial to set rules about which ones don't even ring. But until I can have that data, I wish they'd just drop the obvious junk.
>I am the customer and I would love to see the data of which providers _originated_ each call that I'm about to answer.
The telcos have this information, but they only usually relay the CallerID (which is user-specified, ie "spoofable") to the end user. ANI, RPID, and now SHAKEN/STIR information which does identify the origin and origin carrier are simply not passed to end users to do anything with, or at least I have not been able to get them to do it despite having capable interfaces.
> I am the customer; I get to decide. Problem solved.
If only we actually had that ability. The best mechanism available to me is what I do: if I get a call from a number that isn't in my phone book, I don't answer it.
"We" do, if people would ask properly for it instead of trying instead to break the customer/common carrier contract.
The carriers withhold information from customers that is useful to determine the nature of traffic and whether it should be accepted or rejected. The amount of metadata that accompanies a modern phone call is substantial, and the carrier typically relays only ONE FIELD to the customer.
Customers should demand access to all call/circuit/packet metadata that is necessary or useful to implement their own traffic policy. To the average person, I can see why it might seem that the carriers appear to be ideally suited to police this problem, but the correct way for them to do it without violating their obligations as a common carrier is to empower their customers with the information and the tools to do it on their own.
The Spamhaus approach (and one that is increasingly popular in telecom) is to say "f*** it, kill the provider." A lot of people disagree with this obviously.
This is technically true but practically irrelevant. A Spamhaus listing is the Internet equivalent of a sanctions designation and the process to get removed is equally as Kafkaesque as OFAC's. Not to mention the fact that addresses in the [DROP list](https://www.spamhaus.org/drop/drop.txt) effectively can't even connect to the broader Internet because every important tier1/tier2 uses these lists and drops all their packets.
I've looked into the history of some of these perps before and I'm always shocked at how many chances they've been given to stop being shady-as-fuck scammers and it's almost like they're addicted to it. So yeah, they deserve whatever the FCC, FTC or whoever is dishing out (and probably much more).
Looking through this docket, these assholes have playing stalling games for years and they STILL aren't blocked yet. They get at least 14 days to respond, then the FCC has to decide they're still doing it, then it'll take another 30 days for the block to be mandatory.
> One Owl will have at least 14 days to respond to the Initial Determination Order. Id. § 64.1200(n)(5)(ii)-(iii).
> If One Owl’s response to that order is insufficient or One Owl continues to allow substantially similar traffic onto the U.S. network, then the Bureau will publish a Final Determination Order in EB Docket No. 22-174 finding that One Owl is not in compliance with section 64.1200(n)(5). Id. § 64.1200(n)(5)(iii).
> In the event that the Bureau issues a Final Determination Order in this matter, pursuant to section 64.1200(n)(6) of the Commission’s Rules, all U.S.-based voice service providers shall be required to block One Owl’s traffic. Id. § 64.1200(n)(6). Providers must monitor EB Docket No. 22-174 and initiate blocking beginning 30 days from the release date of the Final Determination Order.
After I moved states, I discovered a pretty effective anti-spam call heuristic. If the call is coming from the same area code as my phone number, it is most likely spam.
It seems spam callers assume most calls will likely be from a local number and so they initiate calls from the same area code as the target. However, since the area code in my local area is completely different from mine (since I moved), this tactic actually backfires and acts as a pretty good spam signal.
I used to think that was a dumb move on the part of the scammers, and probably would only be effective in a small town where most of the people you know have the same prefix… Then I realized that most of the successfully scammed victims probably live in those small towns.
This probably had some logic historically with landlines—a neighbor is calling. It’s an anti-pattern for cell phones in the “wrong” area code. Used to get this a lot. Rarely today.
Now if only they'd take some sort of action against all the spam text messages I get. I swear I get a dozen texts a week from stringofnumbers@fakeemail.com telling me my amazon account has been suspended or a USPS package is on hold.
I get 5-10 a day honestly. I have to ban every one of them or they become accumulative with repeat calls because they keep calling and calling. They frequently then just move to another number and we do it again…
It’s obviously a handful of companies behaving very badly. Let’s me share some examples…
They say the same things from the same companies:
- “Hi this is Jamie with the RTC helpdesk I'm calling to let you know that substantial business tax incentives that are still available through the employee retention tax credit _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ can provide business funding up to $26,000 for each W-2 employee you had on staff during 2020 and 2021 if you qualify we do all of the work and submit your application …
- “Hi this is James calling from coastal debt resolved we help small business owners lower the payments or restructure any merchant cash advances that they've taken out and are having a difficult time getting them back we thought it was possible you might have one or more of these I want to see if we can offer our help my direct line is 877-412-0535 please give me a call at your earliest convenience so we can discuss your current situation thanks and have a great day…”
- “888-310-9170 I'm contacting you regarding a potential refund opportunity for your business related to the year 2020 and 2021 please be aware that this refund does not involve any taxes or loans and there is no need for repayment to proceed with the refund process we simply need to verify some details regarding your businesses employee account during those years if you believe this call was not meant for you or if you wish to opt out of any future communication please press nine when calling back thank you for your time and I'm eagerly awaiting the opportunity to speak with you best regards Eva…”
- “Hey this is Mark reaching back out again please give me a call back at 205-460-5936 so I did receive a notification today at your business is done and Bradstreet score was recently upgraded up to a 76 now this is a big deal because I put you in the top 10% of businesses in your industry and revenue range now because it is great score we're happy to see that your business has been preapproved for a business credit line up to $500,000 and the interest rate on these lines start his lowest 4.8% so they really don't cost very much at one of the best things about this offer is how fast we can get the money over to you if you were to say yes to this credit line we can have the funds over to you within just 24 hours please remember these offers don't last forever so please call me back directly at 205-460-5936 to make sure there's no confusion that's 205-460-5936 hope you have a really good day I have a blessed day and thank you…”
- “Hey it's Tiffany with capital group I'm just touching base regarding your business plans of corner am I still have immediate funding options up to $250,000 with limited to no documentation necessary so am I can be reached at 949-4645479 I'll give you that number again it's …
The capital group hits me up many times a week from many different sources.
I don’t even bother to answer calls. I just ask people to leave a message. It’s made my phone basically unusable.
They're talking about text messages. You can send a text message from an email address. For example "8675309@txt.att.net" would send a text message to Jenny if she were an AT&T subscriber.
I went through a massive campaign of explicit/sketchy/spam email-texts... Textra(SMS app) introduced an ignore feature that captured that thankfully after a few weeks of nonstop aggravation. My carrier would not disable that feature despite multiple requests(likely wouldn't know how either).
Yeah the first time it happened to me it was surprising and I looked it up. But now it's practically weekly. Most spam texts still come from regular numbers though. "hi /cars* compro/carros"
OK now do the bigger providers that allow robotexting without consent...
I received unsolicited texts from a "Buy your house cash" company last year. Of course, they did not identify the company name in the texts, not even with prompting...
I was able to trace the number to a larger provider... [0] The provider was unwilling to tell me who originally called me. Which is strange. If a company wants my business, shouldn't they be willing to say who they are? If a VOIP/TOIP provider doesn't disclose who communicates with you, isn't that a way to shield harassment?
But, as always, it's about who pays the most money to the lawmakers via lobbying...
[0] - By 'Large', I will say that they are a provider for Microsoft Teams Voice calls/texts in the US.
Yeah, I actually worked on the compliance side for a publicly traded company.
The amount of work 'legitimate' providers make you put in can sometimes be painful, especially when they don't do what they say they are gonna do. But we did our part to make sure we stayed compliant. Making sure that even our 'semi-automated' messages (i.e. the user selected from a dropdown and the template filled in blanks) were registered, making sure appropriate unsubscribe verbiage was always present, while still fitting meaningful context into 160 characters. Then making sure each of those messages was registered, reviewed, and approved with the provider. Unfortunately there were still times that the provider failed to do their part, and despite being told we were 'good to go' we would discover a large volume of our texts were blocked by our provider or a downstream network, because someone dropped the ball. [0]
I guess that's what frustrates me; our company did the right work, and even then our provider sometimes got in the way with their own mistakes... But far less scrupulous companies appear to get away with all sorts of non-compliance and their provider doesn't care for whatever reason. [1]
[0] - Worth mentioning, the texts in question were not even solicitations. They were texts related to the 'process' people had already agreed to. Without divulging the actual industry, the best analogy would be things like being told that there was a problem with your vehicle order and to call us, or that your vehicle had been delivered was ready to be picked up tomorrow. [2]
[1] - My gut says, the reason those providers don't care, is that they get to collect more money for more texts sent.
[2] - No, it wasn't automotive, I'm just trying to give a good analogy here. Less life impacting than surgery but more life impacting than a simple package delivery.
There could be an unfortunate consequence of this: picking and choosing who's traffic to accept. Telcos generally operate as common carriers, meaning they have to accept traffic from anybody. Obviously, that doesn't seem right when we don't like that traffic. But imagine if telcos could start deciding on their own which businesses they were willing to work with or deliver calls to. What if they could just cut off your business because they don't like what you're selling.
I'm not saying we're on the way there - this doesn't have to be a slippery slope. But it's something to keep in mind.
You're right, which is why they needed the FCC to step in and explicitly allow Telcos to block this specific bad actor. The FCC exists to ensure all the Telcos play fairly, so it's up to them when actions like this are allowed to be taken.
It’s high time we start prosecuting cold robocalls as harassment. We don’t need to fundamentally change the rules of the system to keep around pests that don’t provide a useful or necessary service.
Why is the FCC giving other companies the right to block One Owl if they fail to comply, rather than simply terminating One Owl's connection to the network?
I really like it when someone in the middle has changed the caller id to say "FRAUDULENT".
Someone I know believes strongly that the telco's don't care to police and would rather push people onto cheaper to maintain mobile technology. (We get orders of magnitude more scammer calls on our landline than our mobiles.) But there's a lot of assumptions in that belief...
Is there any truth to those economics? Is there a bad incentive here for the telcos?
The product isn't necessarily true (mobile -> landline push), but the profit-seeking is certainly expected, as it is for all businesses.
While the amount of minutes & attentions that are generated from spam calls helps the telcos, because they get paid either way... that doesn't mean they're negligent.
They just don't have the right tools to police this since they're common carriers. Things are changing little by little and with upcoming changes in telco infrastructure, I expect Q4 this year to show a strong signal of what the future holds.
Can they not just monitor the statistics from an incoming <insert phone system collective noun here> and notice that they're randomly calling millions of numbers per small unit of time and swapping their caller id for every one of them... and then just block them?
Is there a legal reason they can't? Is it a liability reason?
What's really getting my goat the last year is the scam center pretending to be Comcast / XFinity / AT&T / Spectrum offering to lower my bills. They constantly rotate through the four companies and often also have my name, stolen from one of those provider's databases.
I've stopped calling them scammers on the phone and call them thieves, or "chor" in Hindi. Often they hangup immediately, but 1 in 10 or so get sheepish and embarrassed.
Isn’t perfect but this is why I suddenly like voice mail again. I don’t answer any numbers I don’t recognize. If it’s important they will leave a voicemail.
The submitted text file is missing some formatting, making it difficult to read. Links to PDFs for this letter, as well as a related press release and a letter sent to One Owl, are available here: https://www.fcc.gov/document/fcc-notifies-carriers-repeated-...
As long as political orgs, including the major parties, rely on robocalling of the vilest sort to raise their funds, don't expect Congress to pass any meaningful legislation.
These people aren't "using" numbers that they own. The phone system largely does not track or care about the actual source of a phone call, and the caller ID value is only voluntary metadata that is not expected to correspond to the source of the call (it often doesn't in legitimate situations). The telephone system simply doesn't have a sense of "from" in the way that even protocols like email do; most telephone equipment neither knows or cares who the call is from. You don't need control of a single telephone number to introduce calls into the system.
STIR/SHAKEN was created essentially to address this problem by introducing a strict sense of the origin of a call for the first time. STIR/SHAKEN is still early in its process but it does already make it easier for the industry tracing group to determine the actual source of these calls. STIR/SHAKEN compliance is also relatively expensive so it has sort of created a pay-to-play situation, both raising prices a bit and introducing a sort of KYC to the telecom industry where getting VoIP termination service now often involves sending the provider a passport, business registration documents, etc.
And for what it's worth, getting a phone number for inbound calls already involves a fee and $1/month is actually pretty close on for an average. It goes as low as around $0.20 a month from low-cost bulk providers and as high as $8/mo from some more consumer-oriented services (that nonetheless offer DIDs). It's just that control of a phone number (prior to STIR/SHAKEN) only matters for inbound, not outbound.
> The phone system largely does not track or care about the actual source of a phone call
Sure they do. When I worked for a small telecom, the provenance of every call was meticulously tracked for billing purposes. Figuring out who to bill for what on each link of the chain is tricky and requires excellent recordkeeping.
That system is entirely unrelated to Caller ID, though.
It's also unrelated to who's actually calling - only the originating carrier. In the case of VoIP gateways (where basically all of this traffic ultimately originates), billing ANI typically gives you one number for the entire carrier that handed over the traffic. Since these calls often traverse multiple carriers (across multiple countries often) that's usually a billing indicator for a carrier that's already one or two steps into the PSTN.
ANI does tell you something, but it is not the number of the caller, it's an identifying number their carrier has chosen to use for billing purposes! For most calls not originating from POTS that's basically an arbitrary identifier and normally different from CID and other properties of the caller. Even on a lot of POTS calls it's different, for example, with institutional customers using PABXs where there is usually only one ANI number regardless of the number of DIDs etc they possess.
Then the price is not right. Make it expensive from the start, and then gradually give back most of the price when the user has had a good standing for long enough.
Unlike IP addresses, phone numbers don't need to be "routable" to originate a call. Most spam robocalls are made from spoofed numbers, often from a randomly chosen number in the same exchange as the recipient.
To be fair, Trump's FCC was pushing STIR/SHAKEN hard but it takes years for the major telcos to implement and push it downstream to all of the various SIP providers that buy numbers from them.
Biden's FCC is able to take action because those were finally finished and now can enforce with the call source traceability they didn't have a few years ago.
>In response to the FCC’s enforcement action against Illum in October 2021, the CEO and Director of Illum, Prince Anand (Anand), who sometimes uses the alias “Frank Murphy,” Prince Anand Skype Chat, June 10, 2021 at 8:18:53 AM (“Frank Murphy” introduces himself as Prince Anand) (on file at EB-TCD-20-00030805) (Anand Skype Chat). created One Eye. Id. at October 24, 2021 at 8:16:14 AM and 8:16:21 AM (Anand telling Great Choice Telecom to expect a new sign up under the name “One Eye” that day).
> To deflect the FCC’s scrutiny, Anand intended to keep his name off One Eye’s corporate documents. Id. at 7:40:25 AM, 8:11:13 AM, 8:13:20 AM, 8:14:48 AM, 8:14:55 AM, 8:15:04 AM, 8:16:14 AM, 8:55:50 AM, 9:01:49 AM, 9:02:21 AM, and 9:02:26 AM (Anand explains that due to the Commission’s cease-and-desist letter he will “not be included in any companies” but will work “on the backend [sic]”).
> Aashay Khandelwal, the Human Resource Representative for Illum, subsequently formed One Owl and became the CEO. See Illum Telecommunication, https://www.illumtelecommunication.com/ (last visited July 14, 2023); see also One Owl Telecom Inc. Listing, Fed. Commc’ns Comm’n, Robocall Mitigation Database (Apr. 25, 2022), https://fccprod.servicenowservices.com/rmd?id=rmd_form&table... (showing Khandelwal as the CEO of One Owl).
> Julya Barros, a seemingly close acquaintance of Anand, Compare @illum_telecom, Twitter, https://twitter.com/illum_telecom?lang=hi (as archived by Google and last visited May 16, 2023) (screenshots on file at EB-TCD-20-00030805), with Julya Barros (@julyabarross), Instagram, http://www.instagram.com/julyabarross (last visited July 14, 2023).became Vice President of Sales and Marketing at One Owl. See Julya Barros, LinkedIn, https://ae.linkedin.com/in/julya-barros-928008245 (last visited July 14, 2023) (screenshots on file at EB-TCD-20-00030805).
>One Owl and One Eye used the same IP address to conduct their business. March ITG Subpoena Response, supra note 4.
> One Owl and One Eye communicated under the same email domain, @oneeyetelecom.com. Compare Incorp Services Interrogatories Response at para. 15 (on file at EB-TCD-20-00030805) (Incorp Services Interrog.) (showing One Eye used the @oneeyetelecom.com domain), with id. at para. 3 and Ex. A (on file at EB-TCD-20-00030805) (showing One Owl used the @oneeyetelecom.com domain).
>The personnel connections between One Owl, One Eye, and Illum are summarized in the table below.
The FCC is just playing whack-a-mole as soon as it begins enforcement on a company, the people involved just get together with their buddies and form a new company.
This will never work to curb robocalls.
Instead, the US Government needs to do the following
1. Require a $10 million dollar 5 year bond to start one of these companies. If the company engages in facilitating robocalling, the bond is forfeit
2. Criminal charges and enforcement against the agents of these companies
3. Immigration action against the agents and associates of these companies including deportation and permanent visa bans.
Only then can the US government begin to combat this. Otherwise, doing more of the same is going to be completely ineffective and a waste of time and resources.
That used to be the case of the HN hivemind maybe three, four years ago (just noticed, my account is over ten years old, WTF).
IMO, I think the general vibe here started to shift back with the Jan 6th putsch attempt, and completely turned during the Russian war: undeniable signs showing how far a situation can escalate when malicious actors are left to roam free, and that a truly free market requires at least some sort of regulation as guardrails.
I responded to a person who said that usually HN would cry about regulations... which is a viewpoint I have seen diminish over the last years in popularity and offered an explanation why that may be the case.
All you need is access to SS7/Delimeter, there are people who will grant you that for a price. If you stick to abusing users and do nothing that would anger telecoms you are most of the time free to do what you want.
How did we become "okay" with having most of the communication that reaches people be malicious? What is Federal law enforcement doing? Why the hell hasn't the FCC nuked these companies' ability to operate? Who is lobbying for this shit?