UK watchdog fines two firms £270k for cold-calling 531,000 people who had opted out Another month and two more British companies behind nuisance marketing calls are collectively facing a £270,000 penalty for breaking the law by calling people registered by the Telephone Preference Service (TPS). As savvy Reg readers know only too well, it is illegal to make unsolicited phone calls to anyone signed up to TPS …
"whose sole director was listed on Companies House as Roberto Milanesi – had been liquidated. The ICO does have powers to go after directors of businesses that have folded"
Why not? is the obvious question.
OK if the ICO does not have the powers why are the details not passed to the police as;
"it is illegal to make unsolicited phone calls to anyone signed up to TPS"
Other wise its going to be rinse and repeat....all he way to the bank for the scammer...
Looking at the accounts data held at Companies House, the company went bust in March 2020, owing approximately 250K to HMRC + other creditors (the ICO was not a creditor at this time as it looks no fine had been raised until Feb 2021 almost a year later).
It looks like the company actually went bust properly, unlike other companies that go bust owing just the ICO fine as a method to avoid the fine.
...the company went bust in March 2020, owing approximately 250K to HMRC + other creditors ... It looks like the company actually went bust properly,
Or perhaps the sole director paid himself a nice salary, ran up debts in the name of the company in order to pay that salary, and then had the company file for bankruptcy, keeping the proceeds. À la Donald Trump.
But banning Directors doesn't work....
I came across someone who was kicked off the Directors List and banned from starting another company and then went straight ahead and did it with absolutely no problem.
You only have to look on companies house and search for this guy Roberto Milanesi to see that he has multiple profiles on there, and a history of repeatable failure. The database is a shambles....
https://find-and-update.company-information.service.gov.uk/search?q=Roberto+Milanesi
> I came across someone who was kicked off the Directors List and banned from starting another company and then went straight ahead and did it with absolutely no problem.
So report him: https://www.gov.uk/report-a-disqualified-director
The main issue is that it's possible to make up phone numbers for caller ID systems. I have often received phone calls from those that look like UK numbers, but seem to be missing a digit. If there is a way of blocking those made up numbers, it would help a great deal. I will have a legit phone number that I can send to the ICO to complain about.
There are a lot of unallocated dialling codes in the UK.
I have had calls (Indian accent but that simply helps confirm things) from what appears to the uninitiated as a call from a UK landline, but a quick check showed the dialling code was not actually used.
A pretty common trick used by would be scammers (We often get the "This is Microsoft calling about your computer" - quite amusing when I tell them I design computers for a living and besides, the computer is currently turned off).
As regards Cardiff they have been issuing "21" numbers for some time, i.e. 029 20 123456 or 029 21 123456 (not the official spacing). Actually, although "1" after the "20" or "21" might be valid now, in the days of 5- and then 6-digit numbers it wasn't, so - I presume - only Cardiff numbers issued since 029 came in will have a "1" in that position. Likewise, only numbers issued after Cardiff went 6-digits (late 1970s??) will have a "1" in the next position.
With all the reorganisations of the UK's phone numbers there are probably gazillions of little oddities like that, and exceptions to the same.
Growing up in Caerphilly - an oddity in itself in that it had a Cardiff 0222 dialling code while it was surrounded on three sides by 0443 and 0633 - it always amused me that we had to dial "9" if calling relatives in Cardiff itself, like getting an outside line from the exchange. Then there were the "medium distance" calls. Barry, for example (more relatives) wasn't Cardiff, and had a completely different dialling code from long-distance, but because Cardiff was adjacent we had to dial something odd like "87" before the local number.
Wish I'd hung on to that dialling codes book they used to supply with the phone directory. It was fascinating reading as a child (no honestly). It also had the list of the "dial-a..." services, Tim the speaking clock, dial-a-disc, dial-the-cricket-score, dial-a-bedtime-story and the like.
M.
Electromechanical exchanges were a lot less flexible in how you could allocate numbers to route calls between exchanges than modern electronic exchanges, and this was the reason why the prefixes needed to get to a particular exchange could differ depending on the originating exchange. Dialling the full national trunk code prefix would usually still work, but would use more limited resources (national trunk lines rather than local trunk lines) compared with using the local dialling prefix, so more chance of calls failing due to congestion (and the call would go via an additional intermediate exchange so have a longer path length).
An electronic exchange can choose the most favourable or least congested trunk route without the caller needing to dial a different number. You can even include the full country code to dial the building next door, and it will be routed the same as if you had left out both international and regional codes.
Get an open source call blocker application such as ncid (http://ncid.sourceforge.net/), together with a USB fax modem which understands CLI and a Raspberry Pi or similar.
Ncid accepts regular expressions in its blocklist. UK numbers are exactly 11 digits (except for a very few places that aren't...) so a regex for ill-formed numbers is simple enough.
The list of UK number ranges which have been allocated is published weekly by OFCOM at https://www.ofcom.org.uk/phones-telecoms-and-internet/information-for-industry/numbering/numbering-data. A script in your favourite language will turn this into a list of number ranges which haven't been allocated. The list is fairly long (about 65k ranges) but it's possible to add an extra check into ncid against this list.
UK numbers are exactly 11 digits (except for a very few places that aren't...)
Proof of that statement is my home phone number - 10 digits including the STD code.
Not surprisingly, I cannot call that number from some countries (e.g. the US) since their exchanges have not been configured to support these odd numbers. Surprisingly, some UK exchanges (Swansea I know is an example) also cannot dial the number!
I have had calls from 00000000 and 123456789 !! :O
The only solution for the customer is to buy a 'call barring' -phone.. Panasonic does a very nice DECT phone with lots of fancy features.. If the caller is not in your number list, it does not ring (you can set the hours this operates), so goes to voicemail.. you can then 'bar' the number, so they will always get an 'engaged' tone..
I used to get missing digit ones, but they've got wise to that now. Most now look like regular 0+4+6 or 0+3+7 numbers. Sometimes I recognise illegal digits inside them. As our phone signals 'international' (not always reliably), I see those with apparent UK numbers and even some that are genuinish overseas numbers. In any case, they all go to the answer machine unless they are in its phonebook. I really can't be arsed to string them along. The TPS is not fit for purpose unless & until UK phone companies can block spoofed numbers. Dunno whether it's a technical, commercial or political issue that they can't/don't.
I don't get that many, but those I do get are usually valid numbers which are probably spoofed. At least once, someone else called back one of the valid numbers and confirmed that it was a normal person.
I have answered them to waste their time, but I never get any of the ones that would be fun to mess with. All mine are automatic ones. I tended to leave them connected with silence until they disconnected, but two have decided to automatically call me back when I did that. Now I'm using a new technique where it will randomly dial numbers at high speed until they disconnect. This has proven more effective.
Unfortunately I can spoof your own number to call you with - it's how the supposed phone voicemail-hacking worked. I don't know if the UK telcos have increased security since.
I once freaked out a colleague by changing my presentation number to match his mobile phone and called him on it. Fun for a laugh but it unfortunately means that I can pretend to be pretty much anyone and call you. This is why people are advised to call the number back if it seems legitimate as that will always go the the genuine owner of the number.
The caller ID system is a trust based and the number presented is entirely arbitrary and is up to the caller. While this sounds like a very bad thing, the core reason for it is so large organisations may present either a consistent calling number or to use a pool of lines for a much greater set of numbers.
For example, an organisation may have 200 unique extensions, each addressable publicy however may only have 20 incoming and outgoing lines. The organisation's phone system performs the allocation of the pooled lines as necessary, which is a somewhat different process for incoming and outgoing calls. For outgoing calls, the system will select a free line and the outgoing call will be tagged with whatever Caller ID number the system chooses to use - this could either be a common return number or the unique extension number of the caller and this need will vary between organisations for very genuine reasons.
All that is fine, but what really sucks and is disgusting is the various networking telco's insistence that they do not know the originating end point which is an obvious lie as without knowing the real end point of a call, it is impossible to route the damn data. This may be obscured by routing to a different telco's distribution network but there are plenty of charging agreements between networks and the end points have to be identifiable, they just choose to deny this.
It’s actually true - they don’t know, anymore than your postman can tell you who put the envelope they’re handing you in a postbox. All a telco knows is who handed the call to them, which route it arrived on. If a call has been through several telcos, which is highly likely, there’s no audit trail.
The signalling systems were built in the days when there were national telcos that all knew and trusted each other.
If a call originating in India arrives in the U.K. on something like Arbinet, gets handed to Voda’s fixed network and then to Virgin, all Virgin know is that the call came from their connection with Vodafone. Nothing else. The only charging agreement used is the one between Virgin and Voda.
Requiring a valid number would be really stupid. All that's going to happen is that they'll start using valid phone numbers as the "from" and you'll get Aunty Enid phoning you to ask why you didn't leave a message when you called. Encryption on the whole network would help I guess but you'd have to implement it on a huge set of equipment for a communication method that whilst not dying out, is on the decrease.
They have agreements with the other carriers that allow them to trace calls, even if it's, as in your example, of going through to another carrier. Unfortunately they are likely to hit a carrier that is not trusted and has no agreement with, but within the UK they should all operate together and for many purposes there is legislation to ensure that they do so.
Unfortunately they are likely to hit a carrier that is not trusted and has no agreement with
There is a way to deal with that. Make the terminating network liable if it cannot reliably identify the source.
How would that work ?
Well Taking the example given, Virgin will finger Vodamoan (and get itself off the hook), and Vodamoan will finger Arbinet. Lets suppose that Arbinet cannot reliably identify the caller, then they are liable for any fines - and as (I'm guessing) they have a UK presence will be within reach of the authorities (and Vodamoan will be off the hook). But if Arbinet do not have a UK presence, then Vodamoan would be liable.
So what would happen is that Vodamoan would turn round to Arbinet and tell them 2 things : 1) we expect you to re-imburse us for these costs, and 2) if you want us to ever terminate a call for you again you'll fix your systems. It would be painful, but what would happen is that reputable carriers would end up blacklisting the scam friendly ones - and consumer pressure from the other end in the form of "I tried to call aunt Mabel in the UK but the call was blocked" would persuade any half-reputable carrier abroad to stop using the dodgy carriers.
The UK might not be able to pul this off by itself, but if it persuaded larger countries/blocks (such as US or EU) to join in then it would happen quite quickly.
The alternative is that Vodamoan simply increase it's termination rates to scam friendly carriers in order to cover the fines. These carriers would then either make a loss or pass on the extra costs - disrupting the business model.
While the UK and EU are the gold standard in privacy regulations, their enforcement leaves much to be desired.
Since May of 2018, the EU (which included the UK) collected $329.8m in privacy fines while the US collected almost $6b.
https://www.politico.eu/article/europe-privacy-fines-tech-what-the-us-can-teach/
Why would you try to call numbers who have literally said they don't want to hear from you? What a waste of your precious sales-call time!
I'm on TPS and have moved several friends and relatives to it, I have to say, it does make a significant difference almost overnight even if it's not perfect.
People get confused, though, when they then put their number on something and it later gets rung by that company - that's allowed. You gave them permission by giving them your number and not ticking the right boxes. It's only unsolicited calls that are affected.
In the last 20 years, my main number hasn't changed at all (I always used my mobile number for everything) and I get next-to-zero spam, and when I do, it's obviously illegal stuff: calls from far-away countries that I've never dealt with, and never leave a message. They just ring out silently on my phone, because they're not in my contacts list and then I choose whether or not to call them back after later Googling them.
But I don't get the point of calling people who have literally opted out. They're least likely to want to hear from you, and most likely to file a complaint. It just seems dumb.
Does it cost much to check that list of numbers against TPS or something? Is it prohibitive so they just don't bother and risk a fine? Because it seems stupid not to.
"But I don't get the point of calling people who have literally opted out."
I answered this question many years ago, got downvoted to high-heaven and a stream of abuse about how stupid I was.
I used to work for a marketing firm many years ago pre GDPR, and they took the view that an entry on the TPS database, indicated a clean number. They literally used the list to filter out numbers on their marketing database, on the basis that if it was on the list, then it was genuine. They are still in business to this day, and have expanded from a small company in Manchester, to a worldwide marketing firm, so clearly it worked.
They also held the view that there was no penalty for non-compliance, Which pre GDPR was also the case.
I am with TPS both home and mobile number have been for years and all in all it does seemed to block a lot. But not with PPI my mobile was getting numerous calls. I was never going to go for a PPI claim, but a friend suggested that if I made a claim the calls would stop.
So, ignoring any company that had phoned me I contacted a company. They did their stuff and to my disbelief I got £11000. But they said they still had not finished as there looked like there was another claim and a few weeks later, bingo £4000.
I agree what’s the point phoning numbers “who have literally said they don't want to hear from you”, they never got anything by calling me after all. But I am glad they called in the end (as was the company I dealt with) as I ended up £15000 richer.
BTW my friend was right the calls stopped after I made a claim.
A little add to my PPI story. My bank that had the claims against it paid the money directly into my account with them. This bank is a VIP customer of the company I work for, so there are probably plenty of undiscovered bugs in their systems that are down to me.
As I said I was not going to make a claim originally so when the money appeared there was for a brief second a little tinge of guilt but only for a second. Then I thought BANK too big to fail bailouts etc. ;)
I would agree. I was getting several spam calls a week about six or seven years ago. Signed up to TPS, and the calls tailed off pretty much to zero over the next week or two. I still get a couple a month, mostly automated "I'm calling about the accident you were in..." calls, so it's not perfect, but it's a big improvement.
I rarely get a real marketing call to my TPS number. The ones that do are usually people operating as a franchisee for a service like oven cleaning. I suspect they are fed the number from an automated call to which I pressed "1" to find out who was behind it.
I get several calls a week for "BT" etc scams - sometimes several a day. Some are International - but some appear to originate in the UK - probably also spoofing a number. They vary between bot recordings "press 1" - to a human doing the call.
I log them all with the BT scam page - and often abuse the caller in a way that they don't expect a la M*A*S*H. eg pleasantly asking "do you moan?" - then expanding the question. Usually upsets them nicely.
Yes there is a monthly fee for an up-to-date copy of the TPS. Perhaps if this was waived it would help, but it's a part of the income stream for the ICO.
I did once work for a company that got a copy of the TPS data and called that exclusively for their leads. In those days, when you were notified of a breach of the TPS, you simple removed that number and apologised for some IT issues/said it came from Thompson or some-such and they left you to it. Now it seems they have at least started to clamp down.
However, if the ICO don't go after the directors then these people will keep opening new call centres and closing them every few months while using the same data. Valid, opt-in data can be very expensive so they just re-use the old lists each time they start up.
Is it possible to report unsolicited calls to the ICO? I have occasionally received calls about my 'recent car accident', despite the last one being in 2000. On enquiring where they got the information from, the caller generally hangs up, but it would be nice to report them to the ICO.
They are unsolicited to the extent that I certainly have not asked for them, and the idea that they have personal information about me that is incorrect (a spurious 'car accident') could be covered by data protection legislation.
Yep. ICO or even Ofcom. It's a bit of a faff but there's a webform for either that will direct you to the right place. And if you're on TPS you can complain to TPS directly too.
It won't stop those kinds of calls, but it'll limit them somewhat.
Far easier is to just configure your phones better - unless you know the number, have it silently push to a voicemail. If you know the number, have it ring as normal. That's really easy on mobile (and no app required), easy on SIP and available on traditional landlines if you pay (but, to be honest, just get a mobile phone SIM, virtual office or a SIP line and live in the 21st Century a bit).
I'd rather not rely on some third-party to police that for me, to be honest, and just have a system that works for me rather than tries to sell me out and then expects me to pay to keep that away. I've used two mobile SIMs, one for the last 20 years on the cheapest calls package, for years, one kept utterly private, and never bothered with a landline number at all. I get basically no spam. What I do get rings off silently into nothing and doesn't disturb me, while my contacts get straight through to me.
I also have a SIP account with its own number and, hell, even Skype can give you a number for a tiny monthly amount now. They'll never stop all the Indian / Asian / Cayman Islands etc. ones because they are just out of their jurisdiction, so just have your phone send them silently to voicemail or even just to a permanently-ringing extension (which is what my phone does... if you want to hear from me genuinely, you'll realise after the 10th ring and just text me instead).
Don't pay the people creating the problem money, with "Caller ID Blocking" charges, etc. on your BT line. That's just dumb. You're just paying them to solve the problem they created. Just start using a number on your mobile or move to IP phones (so even your house phone can just be a IP extension). I have one SIM for work (10+ years of self-employment, 10+ years of general usage on top), one for personal, neither ring unless it's someone I know and the personal number almost nobody knows. They're even on different networks, so if one stops working, I can just switch to using the other.
And for business, virtual office numbers are dirt-cheap and a real live human answers your calls like a secretary, with your company name, just takes a message, and then sends it to you some other way.
I've given up reporting the "recent accident" phone calls. I think most of them originate in India and are basically scams and the ICO has no power to do anything about them. The first part of the call is automated and is from a pleasant sounding woman with an English accent. If you continue with that you get put through to an Indian call centre. I either wind them up with a non-existent accident or ask them to confirm that they like a big stiff cock up their arse. The number of such calls has diminished considerably. I swear one such caller dropped a cup of coffee based upon a clattering noise followed by cussing on the other end of the line, which wasn't aimed at me and more towards some sort of mishap at his end.
Mine have moved on to Virgin Media tech support calling me about a problem with my internet - claiming the events in Event Viewer prove there is a problem. When I ask them what my name is, or to provide my account number, they either try and bluff it out with "we can't give that information out" or swear and hang up. All come from spoofed numbers, so ICO/TPS are unable to do anything about it. Have complained to VM who are my actual provider as have never published my number so it's quite feasible that this is a data breach on their part - have had the brush-off on first complaint, and a 28-day cycle time on responding means the follow up is rather slow.
Wish I was less busy enough to setup a spare machine to play with them a bit, a la Lenny.
It should be much harder to spoof numbers than it is and much easier for telcos to trace the original source and provide it to you.
Ohm and one think, here in Huddersfield (cannot speak for other places) ALL NHS calls do NOT provide a telephone number. Never heard a good reason for that?
Data protection. If a sexual health clinic calls your home number and someone other than the intended recipient dials 1471 and gets the number for the clinic read out to them then person B knows person A has been unfaithful, or picked up an STD, or become pregnant etc...
Because nobody's partner ever got suspicious when they received an unexpected letter from the local NHS trust?
There are any number of reasons to withhold the number being called from. For instance, my partner works in victim services for the police. When she calls a victim of crime, she has to make sure she is talking to the right person, especially if they happen to be a victim of domestic violence (DV), which makes up about half of her case load. Withholding the phone number here has an obvious use case, especially when she has to use her own mobile phone, when working from home, because the shitty cheapest-you-could-find Nokias the local force got hold of get no reception, despite being on the same network.
As for sending letters with sensitive information, which a DV perpetrator could open, that is the sort of thing that can get someone killed. A woman is killed in the UK as a result of domestic violence every two days, or thereabouts. Since the pandemic started, the case numbers have gone up sharply as well, with people staying at home.
"[...] like a big stiff cock up their arse"
Qualifying that with "dog" often generates instant abuse and phone slam - or what sounds like a ritual religious curse or cleansing prayer. Watch the wind-up of Major Burns in M*A*S*H for an apparently innocuous delivery style.
Solution is a simple '1471' type number to report nuisances.
Phone numbers may be spoofed but billing information gets a much higher degree of protection.
Say three annoyed people dial 1-2-2-1 after a nuisance call. Hey what! Does that go into somebody's spreadsheet at the ICO or whoever? NO! It goes into a real time reporting system via your phone company who knows who the upstream billable company is. So the cost of that origin's dialings being dealt with by your company are now doubled (say). More nuisance calls are reported and so the cost per call at the time of calling increases. Robocalls or whatever.
Automated calls are not the only nuisance calls though. So 1-2-2-1 should have a menu of annoying and threatening issues to respond to. eg 1 for Threats and pervs, 2 for scammy IT support, 3 for etc..
If they’re not in the U.K. the ICO has no power over that company. Just because an act is illegal in the U.K. it doesn’t follow that it is everywhere.
Most of these calls don’t start with SIP, they’re standard PSTN /ISDN calls made with an operator who doesn’t police the signalling systems, somewhere in the world.
Fine collection can/should be levied against the terminating telco as they've already collected income from the lawbreakers and it woudl give them a strong incentive to shut the operations down
Remember: Telcos get paid for incoming calls. If you want to stop them supporting this behaviour, take away their revenue.
you can guarantee that a telco whos lost their income will embark on recovery procedures that the ICO and Ofcom cannot.
"Solution is a simple '1471' type number to report nuisances.
Phone numbers may be spoofed but billing information gets a much higher degree of protection.
Say three annoyed people dial 1-2-2-1 after a nuisance call. "
Isn't 1572 already supposed to do the first part of this? Since around 2017?
https://newsroom.bt.com/more-than-two-million-now-on-bts-free-service-to-crack-down-on-nuisance-calls/
Press releases elsewhere talk about the dodgy numbers being passed in real time to BT's ops cetnre in Oswestry so that the dodgiest numbers can be identified and blocked, network wide, without further ado.
That’s not quite how it works. Transit calls are regulated in terms of cost and ITU rules demand all inbound routes are treated equally.
All the terminating telco knows is what route the call came in on, not where it originated. The terminating telco will likely have no contractual or billing relationship whatsoever with the originating telco. A telco isn’t going to disable an inbound route because one call in every ten thousand is unwanted, and even if they did the call would simply route around the blockage.
The terminating telco doesn't need to immediately block the route; they pass the info upstream and wait for the originating telco to cut off the subscriber. If the originating telco doesn't do so, then whoever's downstream of them has to cut them off. And ultimately, yes the terminating telco in the UK would have to cut off the inbound route, if the intermediate telco on that route has not dealt with nuisance calls upstream of them.
Clearly none of them are going to do this voluntarily, especially when they're all taking their cut from all these calls. International treaties and legislation will be required. Or at least the threat of legislation, if the telcos can't collectively get their house in order.
If it's ITU rules that are preventing anyone addressing this problem, then maybe the ITU is the organisation that should be tasked with solving it.
"Solution is a simple '1471' type number to report nuisances."
It won't happen until terminating telcos get FINED for facilitating the business
Remember: Telcos make ~1/3 of their money from TERMINATION revenue.
it's not in their financial interest to prevent this stuff getting through (unless they're not being paid, which is what the outright fraudster outfits are doing with VOIP origin spoofing)
You’d be handing criminals an incentive to use the threat of bringing down international PSTN traffic as blackmail. If you create a situation where legitimate businesses are fined for the actions of criminals some of those businesses will end up paying protection money to those same criminals. That doesn’t do anything to improve security, capacity or reliability.
Think about the unintended consequences. Simple answers to complicated problems are usually wrong.
"Is it possible to report unsolicited calls to the ICO? "
Here you go: https://ico.org.uk/make-a-complaint/nuisance-calls-and-messages/
"They are unsolicited to the extent that I certainly have not asked for them, and the idea that they have personal information about me that is incorrect ... could be covered by data protection legislation."
PECR would be enough, here ...
You can add
- Insurance on your Sky equipment
- Not having a TV license
- About to be arrested by HMRC
- Being sued for non-payment of a debt
- Having a High court writ outstanding - pay up or else.
- Netflx subscription denied -(Attempt to get CC or bank details)
Here in the US, I’ve had my current mobile number for almost 10 years now, and am still plagued with calls for the previous holder of the number. Used to be predominantly legit calls, from which I have deduced that Fred <last name redacted>: owed a lot of money to collection agencies, was elderly, diabetic, and subscribed to porn sites.
These days, now that I’ve called the legit pharmacies/insurers/bailiffs and explained the situation, it’s mostly pure scam calls and texts... “FRED we have a fedex package for you click here ://dherht.cx/fuehtc (ie totally shady looking URL)” or “FRED I am so horny for you now click here to see my cam” (and far worse than that... if I had a small kid who saw some of these texts pop up on my phone I’d be even more homicidal). Basically, the dozy old twazzock still seems to be giving out my number to all and sundry.
Oh, more recently I’ve had several texts addressed to “Ramon”, so I can only assume there’s a similarly-senile Mexican version of Fred out there too.
AT&T, of course, couldn’t care less and will not do anything about it. Horrible company.
Sorry, I kind of went on a rant there. Felt good to vent!
So this is what you get for living in the land of the free. Companies are free to haras you anyway they want with little comeback. And advertise you until you scream.
America looks like a country that is designed exclusively for the corporations. Customers are a very poor second.
Do not answer a call just because the CLI looks legitimate.
There is a thing called type 7 dialling. Where you can present a CLI of your choice when dialling out. The purpose of this was originally said to be one of two things. One was to present a CLI local to the recipient because they then could call back at local rate. The other slightly less trustworthy reason was that if somebody sees a dialling code they don't recognise or a none geographic number they are less likely to answer than if they see a local dialling code.
Legally you are only supposed to present a CLI that you own and also that will be answered if the call recipient calls back, but plenty of scammers use this technique to present a number that doesn't exist or sometimes a number for a totally different company.
There is a legitimate use for type 7 dialling, but the legal aspects are hard to enforce. One way to limit it would be to introduce a degree of liability to the originating CP. They are in a position to check if the presented CLI is actually owned by their customer.
I have to answer. As Chairman of the Parish Council, it may be a call from a parishioner or one of the councils/public bodies etc. that I have to answer.
Or even my GP with the offer of a Covid jab - Oh no wait! The NHS, Police and anyone else like that who you really want to talk to, always use call number withheld!
9 Thumbs Down, presumably from companies that need phone numbers to target people. No, seriously, what is there that you need one for? The land line is essentially only a target for spam, either business or home it’s not needed full stop. Mobiles - what do they actually authenticate by underneath. Not by your phone number... And it’s a digital network, why use analogue facsimiles over the top of it (for legacy compatibility only).
The IP phone has been a thing for quite a long time. WhatsApp etc permit targeted voice calling by user ID independent of phone number? MS Teams / Zoom practically the default in corporate land already. Whatever your flavouring, more capable than phones and don’t need numbers for autodiallers to chase.
Keep hanging onto a hundred year old tech... Or move on to something better.
A consumers association in France proposed to ban unsolicited calls for marketing purpose. The proposal was very popular. Unsurprisingly, the politicians refused to implement the ban.
Personally, I call that corruption.
"Unsurprisingly, the politicians refused to implement the ban."
The same in the UK. It's easy to stop scammers making scam phone calls. Just make it illegal for anyone to make an unsolicited sales call or "survey" call. Require any organisation that wants to contact members of the public obtain a licence before they can operate and post a bond to cover compensation claims. All sales calls to be opt-in, and no blanket opt-ins permitted. This went before Parliament and what we got was the TPS, an opt-out system with no real teeth.
"Personally, I call that corruption."
So do I. It's obvious that politicians will not take effective action if there's a chance that a party donor will no longer be able to make money hand over fist.
"what we got was the TPS, an opt-out system with no real teeth."
Even worse, the PAPER junkmail optout system has to be opted out of every 2 years (not MPS, the royal mail system for fliers)
I'm surprised the legality of that hasn't been challenged sinve GDPR laws changed
https://personal.help.royalmail.com/app/answers/detail/a_id/293/~/how-do-i-opt-out-of-receiving-any-leaflets-or-unaddressed-promotional-material%3F
In the USA you have Form 1500 and Rowan vs USPS, which HAS teeth.
I got yet another "no fault accident" call the other day and explained to the caller that they had been swindled as they had been sold my details but the accident was more than ten years ago. They seemed to be very upset by this and said they would get back to the supplier.
Less frequently now I get a call for a Mr.X when in fact only Mrs.X lived here. I patiently explain that their calls cause great embarrassment to the family as Mr.X died in the arms of his favourite woman in a French house of ill repute. Had I collected all the reactions to this I could have written an entertaining book.
The TPS are as much use as a chocolate fireguard to be fair...
As I'm registered with them I always used to contact hem with the details of scaling/spamming calls, usually I checked the perpetrators out myself first. Most occasions the TPS got back to me saying that the number or company didn't exist, or the phone number couldn't be contacted - this despite having called the perpetrator back myself. I would even check again after the TPS response and the number did actually exist and with who I said it was.
I complained about this to TPS to no avail, still get stock email replies from them
I don't bother with TPS now, much more satisfying to give whoever calls a mouthful of abuse instead
money-wasting org, happily involved in whack-a-mole game. But hey, they were appointed, and funded, right? And those, who appointed and funded them were, themselves, appointed and are, funded. So, as usual, I blame voters. Including myself. But then, would I expect ANY party to be more on the ball? With everything?
It's very easy to spoof numbers (but best not post the "how to" info on a public forum).
I signed up to TPS as soon as it became available (20+ years ago?) and used to report but I got so many that reporting took too long. Some years later I sent an information request to the ICO asking what happened to those reports. Their lengthy response came down to, in summary: if there are enough complaints the offender was reminded of the legislation, if complaints continued they't get a strongly worded letter. At that time they'd NEVER prosecuted.
I still get at least one and up to half a dozen junk calls a day (and fewer than one legitimate a day), I use CLI to screen, after 8 rings it goes to answerphone. Automated blockers may block "number withheld", that's a problem because calls from my doctor and the hospital are "number withheld" - and of course if the blocker let number withheld calls get through, that's what the scammers would use.
The ONLY answer is to go after the individuals involved with a heavy handed approach, we need really aggressive legislation and it needs to be implemented. There must be a perceived benefit to government in taking a soft-touch approach. "Reputable marketing businesses" (an oxymoron) seem to have some political influence...
> It's very easy to spoof numbers (but best not post the "how to" info on a public forum).
Actually it's a bloody good idea if you do.
Having it VERY publicly displayed will force action to be taken whereas "Shhhh, it's a secret" will ensure it continues to happen.
If you are afraid to do it under your name, send it to me and I'll post it widely
"The ICO does have powers to go after directors of businesses that have folded when it chooses."
This should not be a matter of choice for the ICO. It should be mandatory in any case where the directors have wound up the company. It seems to be standard practice for so many "call centre" (that is to say automated dialer scam-meister) companies to enter voluntary liquidation when it looks like the authorities might be on their tails or if a large bill might be about to fall due.
So what? The whereabouts of both places other than "somewhere in England" (and therefore within the ICO's jurisdiction) had no bearing on the story at all. If any of ElReg's readers #really, really# needed to know where Nottingham or Bournemouth is, the interwebs have lots of on-line maps and apps which could explain. I'm told these things work for people who are outside the UK too.
I don't know but I doubt it as it is an incoming nuisance call. I give them hell, but for best effect remain calm and don't shout abuse, just question their sexuality in the most polite but obscene way possible. The combination of polite sincerity with obscene questions sends them reeling.
Yes, section 127 of the telecommunications act, causing distress to the hearer (a siren is also a bad idea, apart from the issue of most call centres having companders on the line if you actually hurt someone you can be charged with assault)
Besides they'll usually just hang up on you.
It's more fun to string them along for 20 minutes and let THEM realise they just blew their daily bonus whilst milking as much information as possible to positively identify the company for ICO and Actionfraud
One thing I manage, though not with spoofs..
Truecaller and sundry other apps will show the company hosting the number you're calling from..
Ive had about half a dozen times when I've rang that provider - usually UK based telcos, leasing out numbers to a company who are the scammers - and basically politely but sternly read em the rights and advised they're in for it when it's clear their customer has broken their contract.
Sometimes I've been thanked, sometimes nothing back. But a decent amount of times, the number I captured stops working.
I do resent having to go to such mad lengths though.
In the PDF of the CCO ruling the names of some of the 3rd parties they worked with are redacted. Given that these are either companies that outsourced their calling schemes to cowboys, or sold data to cowboys without proper consent why are they redacted? It's precisely these types of companies who profit from and directly enable such cowboys to operate that I want to be sure I never do business with.
There is plenty of phone number spoofing going on in North America as well. I have received a call from a fellow who asked if I wanted my air ducts (heating/cooling) cleaned. I responded that I didn't have ducts as we are all electric. He then severely berated me using language which will not be permitted here, for having called him to offer this service. I assumed that my number had been spoofed into some VOIP system to do marketing calls. I have also received calls from Canada Revenue informing me that I owe them money (which I do, quarterly) although they do not generally call you about it, tell you a warrant has been issued and threaten you with jail.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
