back to article Put a stop to these damn robocalls! Dozens of US state attorneys general fire rocket up FCC's ass

No less than 42 US state attorneys general have warned that the epidemic of robocalls sweeping the nation is causing serious harm to ordinary Americans. In a letter [PDF] to telecoms regulator, the FCC, the AGs note that "the explosive growth of caller ID spoofing and robocalls is being driven primarily by scams," and point …

  1. Snowy Silver badge
    Flame

    No change

    While the phone companies make money from these calls

    1. Yet Another Anonymous coward Silver badge

      Re: No change

      Upto the point that people stop answering ANY calls and just use slack/whatsapp/iMessage or whatever it is the cool kids use these days.

      Then it won't matter how much the phone companies make off scam calls because there won't be any phone companies

      1. Anonymous Coward
        Anonymous Coward

        Re: No change

        Then the scammers will move to Whatsapp and iMessage.

        1. DropBear

          Re: No change

          So how do you spoof a "caller ID" on Whatsapp and iMessage...?

          1. Anonymous Coward
            Anonymous Coward

            Re: No change

            You can't, but you can still send spam.

          2. gnarlymarley

            Re: No change

            So how do you spoof a "caller ID" on . . .

            And this is the reason I believe the FCC has not done anything is because don't appear to recognize the spoofing!

            1. gnarlymarley

              Re: No change

              How do I know the spoofing is happening? It is because I get real people that refuse to listen to the voicemail but call me back (so I know my number has been used in the scams) and also I get my own callerID showing up on my display. The FCC does have a part of their reporting form that wants a verification of the callerID actually being spoofed from my own number. However, they do not care about others that I believe are spoofed. Get a call enough times from a number and you stop picking it up and they stop calling.

      2. Eddy Ito

        Re: No change

        The thing is they provide the data connection on mobile devices. Perhaps it should be easier to unbundle the phone service from the data service and allow people to get rid of the telemonkeys.

        Until then I've taken to setting ring tones/notifications for people in my contact list turn the default notifications to off. The downside was spending the time going through each contact to identify the ~25% which hadn't already been customized.

        Perhaps there's an app or setting for that and I missed it. Oh well, it's done now.

        1. Yet Another Anonymous coward Silver badge

          Re: No change

          >The thing is they provide the data connection on mobile devices.

          For now. With 5G/wimax/etc and satellite swarms you might be getting your internet direct from Facebook/Google.

          The result will probably make us nostalgic for the customer service ethos of ATT/BT

      3. JohnFen

        Re: No change

        "people stop answering ANY calls"

        A lot of people, and particularly young people, are there already.

        I'm an old fogey, so I do answer phone calls if the calling number is one of someone in my address book. Fortunately, pretty much everybody I know understands that if you're calling someone without prearranging it, that means you're having an emergency -- so I rarely get actual phone calls.

        1. Anonymous Coward
          Anonymous Coward

          Re: No change

          I quit answering calls from unknown numbers on my landline (actually a VOIP line now) a decade ago. and leave the ringer off too - I'll see it it flash if there's a voicemail plus I get a notification on my Ooma app. I quit answering unknown numbers on my cell phone a couple years ago. People can leave messages, or send a text.

        2. John Brown (no body) Silver badge

          Re: No change

          "everybody I know understands that if you're calling someone without prearranging it, that means you're having an emergency"

          I sort of see what you are getting at, but how do you pre-arrange a phone call from/to friends and family? Call them on the phone? Contact them some other way (which probably defeats the point of calling by phone at all in many cases)

          1. JohnFen

            Re: No change

            My friends and family do that by sending me a text.

            Recently, a food delivery driver was having problems finding my place and called me to get directions. I didn't answer it, of course, so he sent me a text as well. This is pretty much the new norm.

    2. bombastic bob Silver badge
      Devil

      Re: No change

      perhaps if they were FINED for each of them... ?

      1. Anonymous Coward
        Anonymous Coward

        Re: No change

        "perhaps if they were FINED for each of them... ?"

        Read the f'n article. Million and billion dollar fines mean nothing. the FCC is toothless.

        1. JohnFen

          Re: No change

          I assumed he meant really fined, rather than doing what the FCC is currently doing: announcing fines but never worrying about actually collecting them.

          A fine that is announced but not enforced is not a fine at all.

          1. John Brown (no body) Silver badge

            Re: No change

            "I assumed he meant really fined, rather than doing what the FCC is currently doing: announcing fines but never worrying about actually collecting them."

            Since a company is a "person" as defined in law, that is the "person" who is fined. There's not much left to go after when the company has folded up/died and the re-incarnated as new company/"person". That's why the new laws here in Blighty are targetting the company owners and will be fining them directly in future.

            1. JohnFen

              Re: No change

              "Since a company is a "person" as defined in law"

              This isn't actually true, at least in the US.

              Also, any company that goes out of business likely has assets that are to be sold off. In the US, when that happens, the proceeds from that go to the government debts first.

              1. Anonymous Coward
                Anonymous Coward

                Re: No change

                Not if they all just vanish fly-by-night style. That's the gist of the article: when fined, the unscrupulous companies simply vanish assets and all. It's hard to extract multi-million-dollar judgments when there's nothing left to seize.

          2. veti Silver badge

            Re: No change

            The problem is that they're trying to fine the person who places the call.

            What they should be doing is fining the company that connects the call (i.e. the one that's making a profit out of it).

            1. bombastic bob Silver badge
              Devil

              Re: No change

              fine the company making the profit by ALLOWING the robocallers to spoof addresses, for example. A _MAJOR_ fine for NOT upgrading to prevent that, for example Yes,

        2. Mark 85

          Re: No change

          Million and billion dollar fines mean nothing. the FCC is toothless.

          Toothless or just not interested in actually assessing and COLLECTING the fines? I almost believe that if the fine collections were handled by the phone companies that suddenly there would be an uptick in collections because corporate greed and all that.

          For the FCC to say they're fining a company but not collecting is just pure eyewash for the masses.

          1. Charles 9

            Re: No change

            Don't be so sure about that. Even the phone companies can have trouble versus the international shuffle.

        3. bombastic bob Silver badge
          Devil

          Re: No change

          a one-time fine for making calls, maybe THAT is 'toothless'. how about $1 million fine for EACH CALL MADE? _PER_ _CALL_! Now, *THAT* is what *I* am talking about!

    3. A-nonCoward
      Headmaster

      Re: No change

      While the phone companies make money from these calls

      Rrrreally? I thought that phone companies make money from monthly plans. Very few people anymore pay per call, and certainly 5 to 10 cents per call would be too expensive for robocallers. A robocaller obviously uses an "unlimited" plan

      1. John Brown (no body) Silver badge

        Re: No change

        It's the inter company termination fees they make money from. You pay ATT for what ever call charging plan but make calls to Verizon customers, then Verizon get a proportion of the call cost from ATT.

      2. Anonymous Tribble

        Re: No change

        All telcos charge for any incoming calls from outside their network (other than freephone calls). It doesn't matter what plan the caller is on.

        1. Charles 9

          Re: No change

          Not if there are peering agreements involved. Plus, with things like VoIP, there could be middlemen and rogue operators hiding the real crooks.

  2. cirby

    AT&T

    I've been getting "AT&T Alert: Fraud Risk" on most of my robocalls lately. A few still slip through, but it's nice to see that AT&T is at least starting to do a little bit about it.

    1. sal II

      Re: AT&T

      What would be great is for them (and other phone companies) to create an opt-in register where you can sign up to have these already flagged calls blocked outright. This way people that have the need to communicate with dodgy numbers/destinations can continue to do so.

      1. Yet Another Anonymous coward Silver badge

        Re: AT&T

        It's difficult for ATT to block scam calls when their business depends on the fees from scam calls. It's like asking the post office to do something about junk mail

      2. JohnFen

        Re: AT&T

        That would be great, but I think it's fair to expect that any such program would be as effective in the US as the Do Not Call list -- which means almost completely ineffective.

        1. Twilight

          Re: AT&T

          The DoNotCall list is actually very effective - at blocking legitimate tele-marketers (which is important). However, it does absolutely nothing at blocking scams as they don't care because they are already doing something illegal (so violating DoNotCall is meaningless).

  3. Robert Moore
    Mushroom

    Sad.

    "The letter this week from 42 of the 50 state attorney generals saying enough is enough should, hopefully, finally force the FCC and/or legislators to act."

    It is so sad to watch such optimism get stomped on by reality.

    I have reached a point where my default reaction to my phone ringing is anger. My family and friends will text or IM, or email me. This causes some difficulty when I am between contracts, and need to answer my phone in a pleasant manner.

    1. bombastic bob Silver badge
      Mushroom

      Re: Sad.

      make the minimum penalty DEATH for anyone who:

      a) spoofs a caller ID

      b) violates the 'do not call list'

      c) cold-calls *MY* phone.

      I get to be executioner.

      (my phone ringer has been OFF for 2 years. I either pick up when I hear who it is on the other end, and they know to say stuff so I can hear that or leave a message. phone message is 30 seconds long and starts with 'friends and family thanks for calling, and then lectures about how I get too many violations of the do not call list, so my ringer is off)

      1. gnarlymarley

        Re: Sad.

        make the minimum penalty DEATH for anyone who:

        a) spoofs a caller ID

        b) violates the 'do not call list'

        c) cold-calls *MY* phone.

        I get to be executioner.

        Please be my guest, but if I cannot track down the individual then you might not be able too. The person doing this knows exactly what they are doing and have convince your local telco to be in with them on it. When I brought up the do not call list, they laughed at me and said they are out of the country and do not need to abide by the laws of the FCC. Probably what we need to do is to stop the outsourcing of call centers.

        1. Charles 9

          Re: Sad.

          "Probably what we need to do is to stop the outsourcing of call centers."

          But that can have unintended consequences. Remember the days when support center calls were charged exorbitantly...by the minute?

  4. JohnFen

    Of course the FCC is doing nothing

    While Ajit Pai is in charge, nothing that could possibly dent the profits of the telecoms will happen unless his hand is legally forced. Pai knows his job, and his job is to funnel as much money into the telecoms as possible.

    1. Shadow Systems

      Re: Of course the FCC is doing nothing

      I fantasize about that obstructive bastard standing at Ground Zero of a small meteore impact. Nothing too big, just enough to vapourize a circle the size of a Cricket Pitch.

      Whistle. Whomp. Kaboom. Cough. Wave away the smoke. Admire the crater.

      Aaaaaaahhhhh... Politicians. Meteores for them all...

      1. BebopWeBop
        Happy

        Re: Of course the FCC is doing nothing

        Ahhh - a full pitch. Sounds as though there is room for some other participants

      2. Efer Brick

        Re: Of course the FCC is doing nothing

        Vaporise all cricket pitches - sounds like a great idea!

        1. Robert Carnegie Silver badge

          Re: Of course the FCC is doing nothing

          The FCC is not actually a cricket club... I think??

          It's not precisely a telecoms industry regulator either, although I think it's meant to be.

    2. bombastic bob Silver badge
      Thumb Down

      Re: Of course the FCC is doing nothing

      while I agree these bureaucrats need a fire lit up their asses, Pai isn't like the "other party" of corruption, deep state, swamp, and deceit.

      1. Pascal Monett Silver badge

        You're right, Pai is a party of corruption, swamp and deceit all by himself.

      2. JohnFen

        Re: Of course the FCC is doing nothing

        "Pai isn't like the "other party" of corruption, deep state, swamp, and deceit."

        Pai is corrupt to the bone.

      3. veti Silver badge

        Re: Of course the FCC is doing nothing

        Too true. He makes the worst of them look like Jimmy Stewart.

    3. Anonymous Coward
      Anonymous Coward

      Re: Of course the FCC is doing nothing

      Elizabeth Warren has been promising to stop robocalls since roughly 2015. It's not like they're weren't a problem BEFORE Pai!

      1. phuzz Silver badge

        Re: Of course the FCC is doing nothing

        From TFA "a 57 per cent increase on the previous year"

        There's failing to stop robocalls, and then there's failing to prevent them from increasing when your job is the head of the FCC...

      2. rdhood

        Re: Of course the FCC is doing nothing

        "Elizabeth Warren has been promising to stop robocalls since roughly 2015. It's not like they're weren't a problem BEFORE Pai!"

        You must be from the U.K., because ANYONE with a phone in the states is tire of this. I get no less than 25 robocalls PER DAY. In 2015, I got maybe ONE robocall PER WEEK. So I don't know what shitty political point you were trying to make with the Elizabeth Warren remark, but Pai is a monumental ass that is causing every single American with a cell phone account grief. PERIOD

        1. A-nonCoward
          Unhappy

          Re: Of course the FCC is doing nothing

          because ANYONE with a phone in the states is tire of this.

          that is something that surprises me. I mean, every FBI agent gets them, every FCC person. Every politician. The mother of every one of them (OK, fine, some of the later are mushroom spawn, thus no mothers to bother). And yet, they, with power to get things noticed and done, let it pass?

          and yes, this has been going on for a VERY long time, just getting worser

          1. JohnFen

            Re: Of course the FCC is doing nothing

            Behold the power of money in a society that values money above all else.

          2. doublelayer Silver badge

            Re: Of course the FCC is doing nothing

            I wonder if there are some numbers that robocallers avoid for some reason. Despite the fact that they've increased nearly everywhere and that a lot of my acquaintances complain that they receive them daily, I really don't. I've only received three types of unwanted calls on my phone, and two have ceased entirely. The first was people looking for the former owner of my phone number, but they all took "That guy doesn't have this number anymore" and left. The second was one specific robocaller with the same message and running a very primitive Eliza bot. One time when this called me, I had a discussion with a friend on how terrible the bot programming was, and forgot to hang up on it. I don't know if anyone listened to that, but they formerly called me about twice a week and they stopped after that occasion. So I probably get one robocall a month, usually the type telling me that I've won a prize. Somehow, the robocallers either decided not to call or don't know my number. I wonder if people making decisions are in that situation too. Having previously had a landline that received many more callers, that situation can be quite persuasive in the do-anything-to-shut-them-up category.

  5. Steve Knox

    My 3 steps to avoiding robocalls.

    1. Change your default ring to vibrate or nothing.

    2. Give each of your contacts a custom ring so you know who it is.

    3. Anyone of any importance you missed should leave a voice mail next time they call you; you can add them to your contacts then.

    1. IceC0ld

      Re: My 3 steps to avoiding robocalls.

      all good ideas, but again, it is putting the onus on the users to do it all, and this IS in the hands of the operators to stop this, the tech does exist, but sadly, whilst the operators get paid for the completed calls, it isn't going to happen, maybe make a charge to anyone making the call, payable in advance, a bit like the good old ? days of the public phone box, and putting in coins before you dialled, might make the whole enterprise uneconomic ?

      1. JetSetJim

        Re: My 3 steps to avoiding robocalls.

        The first thing that should be done is to remove the ability to spoof your number. That would stop a lot of it. I get calls from around the country, ask with the same "calling about the accident you had you were innocent of", or "calling about your workplace accident" recordings. All have spoofed numbers.

        Add some security and authentication to all calls please!

        Secondly, enough with the fines. Most are ltd companies, so if their accounts are empty nowt can be done. Make directors of companies that break the law criminally liable and put them away

        1. Charles 9

          Re: My 3 steps to avoiding robocalls.

          And what do you do if they're offshore and protected by foreign sovereignty?

          1. JetSetJim

            Re: My 3 steps to avoiding robocalls.

            No idea, but it will be an inbound international call, and not an in country number, so would hope that raises more of a red flag to the victim.

            Could possibly have procedures to block calls from operators in foreign countries that don't play a more active role in blocking this white, perhaps under gradual escalation to avoid over enthusiastic blocking

            1. stiine Silver badge

              Re: My 3 steps to avoiding robocalls.

              Um...they also spoof local numbers.

              1. JetSetJim

                Re: My 3 steps to avoiding robocalls.

                Umm - remove that capability. It shouldn't be difficult to introduce authenticated/secured CLI numbering within a country/operator that is unspoofable

                1. JohnFen

                  Re: My 3 steps to avoiding robocalls.

                  The phone system has an unspoofable Id mechanism in place, and has had so for almost as long as it has existed. It's what phone companies use to work out billing.

                  The reason that it's not used for Caller ID is that there situations where spoofing the CID is genuinely in everybody's best interest. For instance, when making a call from a phone bank, the phone # of the line that happened to be used to place the call is worthless -- you can't call it and expect the call to go through. Spoofing the CID to provide the correct number for people to call is a good thing.

                  What needs to be done is not to remove the ability to spoof, it's to take the power to do it out of the hands of phone customers, so companies would have to arrange to have the phone company itself set what the spoofed number is. Then the phone company could ensure the spoofed number isn't deceptive, and would have legal liability for any abuse of the capability.

                  1. Anonymous Coward
                    Anonymous Coward

                    Re: My 3 steps to avoiding robocalls.

                    "The phone system has an unspoofable Id mechanism in place, and has had so for almost as long as it has existed. It's what phone companies use to work out billing."

                    I think that was BEFORE outside-the-box technologies like VoIP came along which allowed the spoofing of everything, including the billing information (because even the billing of VoIP can get complicated).

                    1. JohnFen

                      Re: My 3 steps to avoiding robocalls.

                      "I think that was BEFORE outside-the-box technologies like VoIP came along which allowed the spoofing of everything"

                      There is nothing inherent in VoIP that leads to this. That this situation exists is a side-effect of how VoIP is integrated with the phone system. That is something that can be changed.

                  2. Cxwf

                    Re: My 3 steps to avoiding robocalls.

                    Quote:

                    What needs to be done is not to remove the ability to spoof, it's to take the power to do it out of the hands of phone customers

                    /quote

                    I think you’re on the right track, but it can be even simpler than this. The phone companies should only allow a CID to be spoofed to a number controlled by the same billing account. That way you can use any of YOUR numbers, but not anyone else’s. This mostly works for international calls too, as any business that actually buys a (for example) US phone number therefore must have at least some business presence in the US, which can be a target if the gov has to come looking for you. Of course this requires the telecoms to put at least a little good faith effort into screening cross-border new number requests, which might be asking too much.

                    1. JohnFen

                      Re: My 3 steps to avoiding robocalls.

                      Yes, I think that is a far superior idea.

                      1. Cxwf

                        Re: My 3 steps to avoiding robocalls.

                        Unfortunately I just realized why this won’t work. The scammer’s telco and your telco are likely different companies, and only the scammer’s telco has enough info to do the blocking. So even if you use an honest telco, so long as there’s at least one dishonest one for the scammers to use, they can still get through.

                  3. doublelayer Silver badge

                    Re: My 3 steps to avoiding robocalls.

                    No, what they should do is continue to allow a phone number to be sent as an identifier and a callback, but have that be a secondary one. Kind of like how an email can be sent from one account but have a reply to address for a different mailbox. Blocking would be done on the real number, which would always be sent. Caller ID would start with the real number, and if it wasn't found, continue on the stated number. That way:

                    If a company owns a block of numbers and sends the main one no matter who calls, the company name appears on caller ID, and the company can be blocked.

                    If I'm using a spoofing service to make a VOIP call from my number, it will show up as me, but clearly indicate that it's not my normal phone.

                    If someone else is making a call and spoofing my number, it will show up as me, but the number could still be blocked without blocking my real number, and it could also be tracked.

                    It is dangerous to allow impersonation of numbers without any detection.

          2. stiine Silver badge
            Mushroom

            Re: My 3 steps to avoiding robocalls.

            Well, after yesterday's news from the middle east, I'd suggest that we start calling Mossad, or if you'd like, the DGSE also has experience with off-shore wet work.

          3. JohnFen

            Re: My 3 steps to avoiding robocalls.

            Calls from abusing offshore outfits can be blocked entirely. Or, their ability to spoof CID can be blocked.

            Even if international calls are difficult-to-impossible to deal with (which I don't think is true), that in no way means it's not worth tackling domestic ones. Just because you can't solve all aspects of a problem doesn't mean you shouldn't solve the parts that you can.

          4. veti Silver badge

            Re: My 3 steps to avoiding robocalls.

            Calls from overseas should show the caller's number correctly. If they don't, then don't connect them.

            Until the responsibility for this shit gets placed squarely on the carriers, nothing will happen. Fining the callers accomplishes nothing, they're too small and too slippery.

    2. Anonymous Coward
      Anonymous Coward

      Re: My 3 steps to avoiding robocalls.

      "1. Change your default ring to vibrate or nothing.

      2. Give each of your contacts a custom ring so you know who it is."

      Bit convoluted, just turn on Do Not Disturb and set it to 'contacts only' or 'favourites only'. Any aps you still want messages from you can set to allow as priority also.

    3. Martin Gregorie

      Re: My 3 steps to avoiding robocalls.

      Encourage telcos to add a fixed premium to any call made using a spoofed number, say $10, £10 or 10 Euros depending on where the call is coming from. This way everybody wins except the pest making the call, and who cares about them.

      1. Charles 9

        Re: My 3 steps to avoiding robocalls.

        Not if the pest is using stolen and laundered funds...

    4. Kevin McMurtrie Silver badge

      Re: My 3 steps to avoiding robocalls.

      I get tired of deleting robocall voicemails too.

      I complained to T-Mobile about all the crap going to voicemail. There was no advantage of not answering calls if I then have to listen to all of the voicemails. They couldn't do anything about the robocall floods but they gave me free voice-to-text so I can bulk-delete voicemails faster.

  6. Carl D

    Here in Australia I've have a Telstra Call Guardian 301 Mk2 cordless phone/answering machine for the past 12 months.

    Its a rebranded BT call blocking phone that's been available in the UK for quite some time.

    My attempted scam calls has dropped to almost zero since I've had this phone.

    At the moment I have it on the 'strictest' setting - the only numbers that can get through are the ones I've entered into the phone (work, family, friends, etc.). Everything else is blocked, the phone doesn't even ring but the phone and the modem/router it is plugged into keeps a log of the attempts.

    I like to Google some of the numbers occasionally when I'm bored and they're always reported scam/survey/etc. numbers.

    I'm keeping it on the 'strictest' setting until the Australian Federal election is over after May 18th because some of the pollies are getting clever and instructing their live callers to press the # key after the announcement in the default Call Guardian setting then they leave messages on the answering machine.

    They must know there's a lot of these Call Guardian phones in use these days where most owners just keep them on the default setting where unknown callers need to press # to be connected.

    1. Andy The Hat Silver badge

      Unfortunately it doesn't always work in the UK when doctors, dentists and schools use withheld numbers to contact you and often use automated systems to confirm/cancel appointments ... As was said earlier, this is putting the onus onto the innocent recipient not the guilty caller

    2. pogul

      So BT provide the scammers with the ability to call you from a spoofed phone number, then sell you kit to block it!? I feel like the phone system has barely changed in decades and it's about time they addressed the root cause of things like this. Does the phone just send the number it would like to appear at the caller display?

  7. Kev99 Silver badge

    42 AGs telling Pai to enforce the law? Good luck with that.And somehow either these jerks have figured out how thwart caller id or our phone company (POS Frontier) has decided to selectively reveal numbers. If the phone companies need to know who to bill for service, then should sure as heck know the real number as well.

  8. a_yank_lurker

    Feral Pay Masters

    Nothing will be done until the feral pay masters start losing money because of the scams. I only answer the phone on 2 conditions: someone in my contact list calls or when I am reasonably expecting a call and am not sure of the phone number. Otherwise, the are ignored.

    1. Neil Barnes Silver badge

      Re: Feral Pay Masters

      Indeed: my phone answering policy is very similar. There are *very* few people whom I do not know who might have a reason to call me that is in my interests. Also, my octogenarian mother, living on her own in the middle of nowhere, has very strict instructions regarding what to do with calls (and emails) even mentioning money - basically, get a callback number, put the phone down, and call me or my sister whose voice she can definitely identify to let us sort it out.

      Do you suppose that one day advertisers will start to work out that people don't actually like, as a rule, having adverts shoved at them day and night? And that doing so is a good way to stop their product ever being bought again?

      1. Olivier2553

        Re: Feral Pay Masters

        Do you suppose that one day advertisers will start to work out that people don't actually like, as a rule, having adverts shoved at them day and night? And that doing so is a good way to stop their product ever being bought again?

        I think that there is a gap between the one who manufacture the good and the one doing the phone call and the you and me final customer.

        The one doing the phone calling knows that it does not work, but as long as they can convince the manufacturers that they should put money in such a scheme...

        The one paying to have the phone call made are ignoring the fact that is has a contrary effect on the way their products are percieved and the company selling the phone call will certainly not reveal that fact.

        1. Doctor Syntax Silver badge

          Re: Feral Pay Masters

          "The one paying to have the phone call made are ignoring the fact that is has a contrary effect on the way their products are percieved and the company selling the phone call will certainly not reveal that fact."

          You have just described the entire advertising industry and the marketing departments that pay them.

      2. Anonymous Coward
        Anonymous Coward

        Re: Feral Pay Masters

        But what happens when the call comes from a hospital whose number you don't recognize AND it's about your mum whose condition may well be grave?

        1. Anonymous Coward
          Anonymous Coward

          Re: Feral Pay Masters

          They can leave a message asking me to call back.

        2. Doctor Syntax Silver badge

          Re: Feral Pay Masters

          "But what happens when the call comes from a hospital whose number you don't recognize...about your mum"

          A bit more immediate than that - the local hospital ringing with your appointment time.

          1. JohnFen

            Re: Feral Pay Masters

            They can leave a message for that as well.

            I have a very strict policy of not answering the phone if the calling number is not in my address book. So strict that my phone won't even ring -- it just gets shunted directly to voice mail.

            This policy has never caused any trouble, and I can't imagine a circumstance where it would cause more than an inconvenience.

        3. a_yank_lurker

          Re: Feral Pay Masters

          They will leave a message with a verifiable contact number. Also, in a family emergency someone who is on my contact list is likely to be calling.

  9. Andromeda451

    SIT tine

    I put an SIT tone in my home answering machine. The special instruction tone tells the predictive dialers that my line is not in use. The 3 rising tones are the answer then you get my voice saying leave a message. Humans leave one, the others drop off. It took about 4 weeks and we noticed a dramatic drop in calls. I can now sit down to a cocktail uninterrupted.

    1. Charles 9

      Re: SIT tine

      Tried that before, but apparently they've reached the point they don't trust the SIT tones anymore. They call back ANYWAY.

  10. Filippo Silver badge

    Spoofed ID

    I still haven't understood how this is technically possible. The telecoms own the wires. They know where the call is physically connected. How can stopping spoofing not be trivially easy? The only answer I can come up with is that they don't want to do it, because those calls make money.

    1. Anonymous Coward
      Anonymous Coward

      Re: Spoofed ID

      It isn't that simple. In the days of landlines the number you had was based on where you live - if you moved to a different city you had to get a different phone number. So someone spoofing a number similar to yours (same prefix xxx-yyy in the US) would be easy to detect, since the switch would see an outside call entering with an inside number and know it was bogus and reject it.

      Now your phone number bears no relationship to where you live, or where you are at any moment. Even if you still have that old landline, the switch can't reject an outside call with an inside prefix because it might be someone who ported their number to a cell phone or VOIP provider. There's no simple way for the switch to know what calls to reject. If it is an outside call with an outside number it REALLY can't know.

      So the only alternative is to catch them where they enter the network, but that's not so easy either. If the calls entering AT&T's network destined to go through their network to your AT&T cell phone enter from another carrier, how can AT&T tell if the call is legit or not? Basically their only alternative would be that when they find spam calls happening 'live' they trace the carrier it is entering AT&T's network from and block ALL calls from that network and tell the network to improve their call screening and they'll be unblocked.

      But I'm pretty sure that would be illegal in the US, since AT&T is a common carrier and can't block ANY legitimate calls. Even if they blocked a million spam calls if one legit call was blocked they could be fined by the FCC. But personally I'd be fine with lifting that restriction, and allow some legit calls to be blocked if they can show it was by accident while blocking spam/spoof calls. Just make them play a message to the caller so you know why your call was blocked and you can vote with your feet by choosing a carrier that doesn't allow spam/spoof calls to use their network!

      1. A.P. Veening Silver badge

        Re: Spoofed ID

        It is easy, the operator of the calling number should verify. If it doesn't belong to that operator, the number is definitely spoofed and should be blocked. If the number does belong to that operator, check if it is on the right line. Similar for calls coming in from abroad but claiming a domestic number.

        There is so much operators can do.

      2. Olivier2553

        Re: Spoofed ID

        There is no reason with the caller ID should be specified by the caller instead of the operator they used to enter the phone system.

        The spamer has to have a phone number registered with a phone operator. It is the responsibility of that operator to properly and truly identify the caller.

        At least while it stays inside one country, there should be a routing list available and the first operator, the one used by the spamer to make a call should be held responsible (fine, punishment, public flogging) if they let through a faked ID.

        1. Charles 9

          Re: Spoofed ID

          Not if it's a VOIP number where there is NO operator. Also, how do you deal with ROGUE operators from outside the country?

          1. Anonymous Coward
            Anonymous Coward

            Re: Spoofed ID

            I'm sure the three-letter agencies have a way to trace calls to their source, whatever VOIP and SIP trickery is afoot. Just present the same information to the recipient via CLI.

            1. Charles 9

              Re: Spoofed ID

              Wanna bet? Some of the rogue operators are out of countries hostile to the West. If the TLAs had the ability to get past them, wouldn't you think there'd be more than a few international espionage cases making the papers?

          2. Martin Gregorie

            Re: Spoofed ID

            There's no difference between local, VOIP or international calls. In all cases the telco that supports your landline or mobile number knows exactly who you are, regardless of any spoofing you may try or whether you withhold your number. They have to know precisely who is making the call so they can bill the caller for every call.

            Its a little more complex for international calls: the chain of telcos who carry your call to its destination know the exact route it took because they all collect a portion of the call's cost.

            As for every service - follow the money. The telcos don't know why a call is being made, wanted or unwanted, legal or not, but they always know who to charge for making it.

            1. Charles 9

              Re: Spoofed ID

              Yes, there is. A BIG difference. VoIP creates degrees of separation that can be used to disguise rogue operators and such. So no, the phone company may NOT be able to know just who you are or even who to bill properly (as in who they actually bill may not be who's supposed to be billed).

            2. Anonymous Coward
              Anonymous Coward

              Re: Spoofed ID

              Hmm, seems there aren't many old school phreakers in these parts.

            3. Anonymous Coward
              Anonymous Coward

              Re: Spoofed ID

              Most operators don't bill callers anymore, especially with VOIP it is just a flat rate. The only billing they do is operator to operator - and rogue operators have an incentive to let the spammers alone since they can get more revenue that way. It is a tiny amount of money per call per minute, but it adds up.

            4. John Brown (no body) Silver badge

              Re: Spoofed ID

              "The telcos don't know why a call is being made, wanted or unwanted, legal or not, but they always know who to charge for making it."

              The phone company knows how the call came into their network and bills that operator and the only info they have on the call is what was passed to them by that operator. That may not be the originating network for the call and the information passed to them may be neither accurate nor true for any number of reasons, including incompatible systems somewhere down the line.

    2. bombastic bob Silver badge
      Boffin

      Re: Spoofed ID

      fixing THIS might do 90% of the job, right? So "get hot" FCC, and make it NOT possible to spoof caller IDs !!!

    3. Mark 85

      Re: Spoofed ID

      The problem isn't the in country calls. They could be blocked by the Telco's if they were motivated to do so. What I see is the calls coming in from off-shore call centers. Unless the country that call center is located in takes action not much will change. The off-shore centers provide jobs and also money to the country (and their government officials) and since the US is "rich", they (the originating country) feels that it's ok.

    4. sanmigueelbeer
      Thumb Up

      Re: Spoofed ID

      How can stopping spoofing not be trivially easy?

      Getting a US-based SIP number with unlimited outbound calls is VERY, VERY easy.

      I, for example, got one ($0 per month) recently. And I'm living in Australia!

      Next, point the call server to the SIP IP address and Bob's-your-uncle.

      Once this is set up, the scammers go into action to "discover" the phone numbers. They do this by setting up one of their outgoing numbers to call a "series" (and not random) from a number prefix or exchange. For example, your number is (212)123 4567. So they have a dialer that calls (212)123 0000 all the way up to 123 9999.

      If the number rings, hang up. Put the number up in a list.

      And here's where the money drop comes in: With a "working" list of numbers that ring, the scammers can either start calling those number OR they can SELL the working list to other gangs.

      At the end of the day, it's a win-win scenario for them.

      In order for me to "fight back", I use Lenny. Why is Lenny important (in this case)?

      Because once the scammer finds out I've got Lenny, they take my number off their "working" list.

      How do I know? I used to get about 4 calls per week with Lenny turned on.

      Nowadays, the last scam call I got was February 2019. And before that, August 2018.

      I don't care what the FCC/FTC decides or not. I can't wait for SHAKEN & STIR to get enacted in Australia. I have Lenny and it has given "instantaneous relief" from scam calls.

    5. Antron Argaiv Silver badge
      Thumb Up

      Re: Spoofed ID

      Yeah, they're using VOIP gateways. And it's multi-level: One company autodials you, through another company's VOIP gateway, when you answer, they transfer the call to a third call center company in India (or wherever).

      The VOIP gateway is where you nail them...but they pay the phone companies, who are making nothing off landlines anymore, so are desperate for income...you see why they're not doing anything.

      FCC could tag a huge tax on VOIP gateway calls, but that would punish the rest of us who are using them legitimately. They know who the offenders are, you can't miss a VOIP gateway pushing calls onto the network at the rate the robocallers do, they just don't want to kill the golden goose.

      The "quiet ring" trick for unknown callers is the best one. My phone only rings for people in my contacts list. Everyone else is welcome to leave a message.

      1. Charles 9

        Re: Spoofed ID

        "My phone only rings for people in my contacts list. Everyone else is welcome to leave a message."

        Tried that. Bastards got snarky and started leaving lengthy pre-recorded messages, filling up my inbox. And since they can spoof legitimate numbers, some of them STILL get through.

  11. Rhuadh

    Been here too long. Elderly parents getting over 40 scam calls a day, now since I got a Truecall unit, down to maybe 4 a week and those are set not to ring but given a chance to leave a message.

    So how do these ba******ds get away with it. There is an international treaty where phone calls are guaranteed to get through from caller to callee, which dates from several decades ago. Back in those days, quite simply, nobody would have been able to believe how technology has "improved". To make it possible, the telephone companies each receive a micro payment for every call that passes through its system and into the next company. Many micropayments make major bucks.

    While the technology does exist to block the spammers and scammers, obviously by some of the telephone companies selling boxes which do the work, until the governments around the world sit down and renogiate the treaties, nothing will happen. The government's are quite happy to allow the companies to take the blame as they don't want to be involved, but as too many people block the calls, they question is how long will it be till people question the requirement to have and pay for a telephone line when other alternatives exist. The telephone companies are major tax cows for government Exchequers so expect to see some movement reasonably soon.

  12. Zebranky

    ItsLenny

    The frequency of calls I was getting about a year ago lead me to unplug the phone, resulting in complaints from relatives that they can no longer ring us. (I also have no intention of telling 90 year old grandparents to use a mobile instead). To resolve this I ended up setting up RasPBX on my Pi3 and configuring it so that whitelisted calls ring the home phone and everything else gets answered by Lenny, the calls are recorded for my entertainment and emailed to me on completion.

    I went from being irrationally angry every time the phone rang (like Robert) to looking forward to the next scammer call so I could tweak the system and attempt to trap the scammers on the phone longer, this has kept me entertained and engaged for hours and I've learnt a lot about Asterisk and telephony in general as well.

    Since first configuring the system I have managed to get the system to press 1 when an IVR call comes in in order to try to get connected to a human, and also randomly select Between Lenny, Astycrapper (Jordan) and the "are you there" child recordings.

    Incidentally I have discovered in my fiddling that at least some scammers seem to be utilizing poorly configured (probably asterisk based) PBX's themselves, they seem to have the incoming calls being dumped into a conference type call they are already on and that the DTMF recognition is still turned on but without any actual error handling configured. I have had multiple calls where Lenny has incorrectly identified the speaker as a IVR robot and pressed 1 only to have the call suddenly disconnected by the remote end when the scammer PBX barfs on the DTMF tone.

    I have wondered if you could look up the default Asterisk conference DTMF commands and find a way to cause greater disruption by shutting down the conference or conferencing in external parties (like the police) to the call vie the scammers PBX.

    1. Charles 9

      Re: ItsLenny

      Bet you credits to milos they start developing a Lenny Detector to prevent Lennies going to humans.

  13. Herby

    Fines?

    Maybe if the fine was doubled and split 50/50 with the phone provider. Incentive works quite well.

    Everybody wins!

    1. Charles 9

      Re: Fines?

      And if the provider's out of the country (which they probably are)?

      1. Doctor Syntax Silver badge

        Re: Fines?

        Switch to a system where it doesn't matter where the provider is.

        Assign a short code. In the UK we have 1470 to mask one's own CLI and 1471 to give the number of the last incoming call. AFAIK the remaining 147n range is unused. Assign a number to one of them*. Dial that after a call and it's registered as probably problematic**. If the telecoms company recognises the source as problematic (and don't forget they do know where the call came from because they use it to bill the caller) then they credit the callee with a fee for receiving the call and add the fee and a handling charge to the bill. If the call originated with another telecoms company, even an overseas one, they bill that company. That company can pass the bill on with another handling charge added. Double (or more) the fee if the number called is on a do not call list.

        In theory the victims get paid with credits against their phone bill and it's cost neutral at worst for the telecoms companies because their handling charge at least covers the costs unless the callers default. Defaults would be the equivalent of folding to avoid the fines. The telecoms companies have credit controllers so defaults will be limited. A telecoms company which doesn't keep proper track of the calls gets handed the bill and will change its ways PDQ or go out of business.

        In practice, of course, this would kill the whole thing stone dead as the costs to the robocallers would go through the roof. The telecoms companies will realise this and know that if they're obliged to prepare for it they'll never get enough handling charges to cover their up-front costs. So proposing to enforce this will incentivise them to clamp down on the problem before the proposal gets taken any further. Once they're incentivised I'm quite sure they'd be very effective. On the principle that there should only be once chance to self-regulate any subsequent slackening off and the whole thing goes ahead.

        * Vary for whatever numbering system works in your area.

        ** There's a risk of fraud if some toerag were to try responding to legitimate calls so the telecoms companies would need to gather a few reports from different people before actioning them.

        1. Anonymous Coward
          Anonymous Coward

          Re: Fines?

          Your post advocates a

          (X) technical () legislative () market-based () vigilante

          approach to fighting

          () Spam

          (X) Robocalls

          () Cybercrime

          Your idea will not work. Here is why it won't work.

          (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

          (X) Legitimate uses would be affected

          (X) Requires immediate total cooperation from everybody at once

          () Many users cannot afford to lose business or alienate potential employers

          () Anyone could anonymously destroy anyone else's career or business

          Specifically, your plan fails to account for

          (X) Lack of centrally controlling authority

          () VPNs and proxy servers

          (X) Asshats

          (X) Jurisdictional problems

          () Armies of worm riddled broadband-connected Windows boxes

          () Eternal arms race involved in all filtering approaches

          () Joe jobs and/or identity theft

          () Technically illiterate politicians

          () Extreme stupidity on the part of users

          and the following philosophical objections may also apply:

          (X) Ideas similar to yours are easy to come up with, yet none have ever

          been shown practical

          () Blacklists suck

          () Whitelists suck

          (X) Countermeasures should not involve sabotage of public networks

          () Why should we have to trust you?

          () Feel-good measures do nothing to solve the problem

          Furthermore, this is what I think about you:

          (X) Sorry dude, but I don't think it would work.

          () This is a stupid idea, and you're a stupid person for suggesting it.

          () Nice try, assh0le! I'm going to find out where you live and burn your house down!

    2. A.P. Veening Silver badge

      Re: Fines?

      Maybe if the fine was doubled and split 50/50 with the phone provider. Incentive works quite well.

      How about fining operators for every spoofed call originating from their network? And for added fun, include naming and shaming.

      1. Anonymous Coward
        Anonymous Coward

        Re: Fines?

        Just take their operator's licence away if they allow more than, say, 5% of fake calls to go through.

        1. Charles 9

          Re: Fines?

          Like I said, that won't do diddly if the operator is operating internationally with the tacit or explicit consent of the country in question.

  14. Pascal Monett Silver badge

    Lots of ideas about controlling ID spoofing

    It makes for an interesting read, to be sure, but let's get real : what is it you want ? Peace and quiet, only disturbed by a call from someone you know.

    In France, we have the Red List. It is a list maintained by a government-controlled entity and imposes that any number on that list may not be called by commercial entities without prior approval from the person.

    So cold-callers avoid numbers on that list like the plague because, if they do make the mistake and call me all I have to do is call my operator and lodge a complaint and they will be found and fined - I don't know how and I don't need to care.

    About fifteen years ago I got mighty angry at one point about all the marketing calls at dinner or during the evening film, so fed up was I that I signed up to that service. Since I explained to my operator how much of a nuisance the marketers were, my operator signed me up for nothing.

    Ever since that day, I have been asking myself why I hadn't signed up earlier. Even if you pay the one-time fee of €50, it is worth it for the peace and quiet you experience for the rest of your life. For the last fifteen years, I got one call. The lady started her speech and I just said, "Excuse me, you are aware that I'm on the Red List ?" (except it was in French, of course). After a half-second of silence she immediately started offering excuses and saying how sorry she was, then hung up in a hurry. I had never felt so good.

    Does that not sound like a good solution ? I don't care if the ID was spoofed, it's not my problem. If they call, I just complain, then it will be their problem.

    1. Anonymous Coward
      Anonymous Coward

      Re: Lots of ideas about controlling ID spoofing

      You're one of the few people it works for, then. I'm in France, signed upto la listed rouge and bloctel. I still get several scam calls each day, from solar panel companies, fake energy subsidies, insurance, etc. I've given up complaining to the authorities, it wastes too much of my time. Many of the calls are clearly from N. African call centres who don't care about French rules anyway. I just ignore any call whose number I don't recognise, and delete the voicemail later.

    2. Doctor Syntax Silver badge

      Re: Lots of ideas about controlling ID spoofing

      The same thing exists here. It gets ignored. From time to time, as reported here, ICO go after offenders and presumably their fines are increased if listed numbers are being called. Unfortunately the calling companies fold to avoid paying but they're now starting to get directors banned and at some point in the future I'm sure there'll be criminal convictions. I still favour a charge back onto the caller's bill with added charges if the celled number is on such a list. At the very least the problem would be contained by the telcos' credit departments.

    3. Anonymous Coward
      Anonymous Coward

      Re: Lots of ideas about controlling ID spoofing

      In Italy there is a similar list, with the name "Register of Oppositions" - it's free to add you number - although opt-out still leaves outside many people who are too little informed to know it exists.

      Still, this kind of systems work well for countries where language barriers don't make easy to call for abroad. English-speaking countries unluckily have that big source of cheap people (and some willingly to make some easy money) which are Pai's cousins (maybe one the reasons of his reluctance to act in US).

      France can be targeted from French-speaking African sources. Other countries speaking less widespread languages are harder to target. For Italy Albania and Romania could be some sources, but probably they already make enough money with "legal" call-centers operations.

      Still, starting to hinder local robocallers is still a good start - since my number was added to the list calls decreased to almost zero.

      Anyway, avoiding to give one's phone numbers away to any entity asking if for "marketing purposes" is a first step. In Europe privacy laws do allow that, and the fewer lists you numbers ends in, the fewer calls you get.

  15. A.P. Veening Silver badge

    Maybe a stupid idea but ...

    How about naming Pai as being complicit to robocalling through dereliction of duty. That will enable at least 42 states to prosecute him. Even if he is only convicted to one month in each state, he'll be out of the running for nearly four years and that is without including trial time.

    1. Charles 9

      Re: Maybe a stupid idea but ...

      But Pai's part of the FCC, a Federal institution. The Constitution specifically claims Sovereign Immunity, saying the federal government can't be sued or charged unless they want to.

      1. A.P. Veening Silver badge

        Re: Maybe a stupid idea but ...

        In that case just inform him they will be waiting for him once he is out of office.

        1. Charles 9

          Re: Maybe a stupid idea but ...

          He's already got friends high up, though, as he's a former big telco exec. Try to pressure him and he can pressure back. And if a friend of his happens to be President, he can just pardon him.

  16. Doctor Syntax Silver badge

    "a bipartisan bill proposed last year that gives regulators more powers to go after robocallers."

    Clearly "gives powers" is the wrong approach. "Obliges" seems to be what's needed.

  17. Cuddles

    Collection isn't really the problem

    "have resulted in $488 million in consumer losses, a 49 per cent increase over 2017...

    Since 2015, the FCC has fined such companies a total of $208.4m but has collected less than $7,000: a 0.003 per cent claim rate that is so low it has virtually no deterrent value."

    Fines issued over the course of four years are less than half the profit to scammers in a single year. While the hilariously pathetic amount actually collected certainly doesn't make anyone look good, even if they collected 100% of the fines it would have zero effect since there would still be hundreds of millions in profit to be made.

  18. ratfox
    Paris Hilton

    What makes the problem worse in the US?

    How come this is such a plague there and we get so little spam calls in Europe? What is different?

    1. A.P. Veening Silver badge

      Re: What makes the problem worse in the US?

      What is different?

      Telephone calls are more expensive here in Europe and international calls even more so, with countries that individually are a bit smaller.

  19. Chozo
    Joke

    It's a weird world we live in... a sales drone asks for my email & phone number at the supermarket checkout and am expected to give both up freely,

    but when I ask for theirs in return they call the cops on me...

  20. Anonymous Coward
    Anonymous Coward

    Not hard to stop

    What's odd about all this is how easy it is to stop. I guarantee a majority of robo calls come from SIP trunks (they're cheap), which means CLIP-No Screen is enabled by the provider. CLIP-No Screen allows the caller to provide any number they'd like as the source of the call. Look at the list of SIP providers and marvel at how many support it.

    Want to stop the spoofing? Get rid of CLIP-No Screen. If every provider did this the amount of robo calling would drop off a cliff in a day as the real source numbers got added to block lists.

    1. Charles 9

      Re: Not hard to stop

      Bet you credits to milos many of the SIP trunks that run the robocallers are also rogue operators who mix the robocalls with legit call center calls to help ensure they stay up (knock them down, knock down the help desk calls and watch legit companies get lots of flak).

      1. A.P. Veening Silver badge

        Re: Not hard to stop

        In that case the legit call centers should be a bit more careful in their choice of operator. And I am betting a lot of people would consider not being able to reach a help desk (until they have another operator) to be the lesser evil. And the companies getting flak for it do deserve it anyway for outsourcing the call center and not making sure those call centers use legitimate operators.

        1. Charles 9

          Re: Not hard to stop

          Those ARE legitimate operators. Or would you like to go back to support calls being 900 numbers or the European equivalent costing you $2 a minute while your device is a virtual brick in front of you? And no, there's no substitute for the product in question, meaning jumping ship is not an option.

  21. A-nonCoward

    AI in 2019 is a joke, and robocalls are the proof

    it takes a RIDICULOUS low level of any "artificial intelligence" to figure out robocalling and stop it dead, or at least do grievous injury to it, make it expensive.

    A normal user cannot physically make more than N calls per day, and most legitimate calls do get an answer.

    Your software notices spikes of calls that either do not get answered (they're calling random numbers), or get cut after a few seconds (most people hang up).

    Moreover, that phone number was activated just a few days ago.

    I mean, those geniuses that say AI is good for something, is it that hard?

    Also, a simpler means to report robocalls. It takes 15-20 minutes to do it in the FCC website. And you have to put a lot of personal information, with the only goal to make the process unpleasant, as supposedly your anonymity is assured and you are not going to be called to testify, etc,. Of course that should limit prank reports, but since even the legitimate reports are not paid attention...

    OK, the robocaller can start using hundreds, thousands of lines to make himself invisible.

  22. Kevin McMurtrie Silver badge

    Blacklists

    It's time to treat phone calls like e-mail spam and app attacks. You tell the network operator to clean up or their traffic is refused. Well-prepared statistics shown to Congress would instantly make it legal.

    I use network blacklists on my personal mail server and it's refusing between 50 and 24000 connections per day from known spam hosts. Most are from DigitalOcean, with the usual background noise from Yahoo, Amazon, Wayfair, SendGrid, and dirty networks in Brazil.

    1. Charles 9

      Re: Blacklists

      "Well-prepared statistics shown to Congress would instantly make it legal."

      Wanna bet? People in Washington are masters of, "I reject your reality and substitute my own."

  23. GrapeBunch

    Colour me reclusive

    I could get along OK without a telephone. Problem solved. But other members of the family, not so much. E-mail, great, computer video-calling maybe not as great as it used to be, but OK. But banks, even the cable company, seem to be implementing 2FA - two-factor authentication and the first thing they want is a phone number. So how does that mesh with methods sending all calls from unknown numbers to an answering machine, etc? A naive mind wants to know.

    1. Charles 9

      Re: Colour me reclusive

      Begs a bigger question. How can you do two-factor authentication when you only ever have ONE factor on you?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like