95 comments

[ 0.18 ms ] story [ 165 ms ] thread
Is something going on with these? About two months ago I started getting 3-4 spam calls per day. Never had anything before that.
same here. insta-blocking helps a little but the net effect is I use the phone a lot less. the carriers should be concerned that this could lead to a lot less phone usage in the long run. spam effectively killed email for me. these calls are doing the same thing.
ME TOO. I don't understand wtf happened! I just blocked the numbers but it frankly just doesn't help. I now just screen every single call that I get.
I've seen a big uptick as well.
> Is something going on with these? About two months ago I started getting 3-4 spam calls per day. Never had anything before that.

I think there are "waves" of it picking up. There was a time a few years ago where everybody and their dog was receiving a robocall about buying an extended vehicle warranty or Rachel from card services "just checking in".

Don't forget the "This is your captain speaking..." one with the blasted foghorn.
Interesting, I experienced the same, I used to get 1 a week tops and now it's more like 1 every 1-2 days, extremely frustrating as I'm on the DNC (Do Not Call) list and have made multiple reports about numbers calling me illegally to no avail.
The company probably got sued or law rewritten to prevent it enough states. They are skirting the law and they know it. So every time it changes they have to adopt the script to not get caught. For example to take them to small claims court you have to know who they are. To do that you can't often pretend to want to sign up, because then they can claim you wanted a business relationship and so on.

So time to move on to the next scheme.

Fake tech support calls from India to "remove viruses from your Windows machines" is popular now. It targets seniors and those who are not computer literate.

They called an acquaintance of ours she is in the 70's and she ended up paying 100s of dollars or so and probably got all the files and password stolen as well. That was before I knew what it was to warn her. She was convinced they helped her and she was talking to "Microsoft" all that time.

I have noticed an uptick as well (upto 3-4 calls a day). If it's not a number I recognize, I just silence the ringer and let it go to VM. And then block the number.
The problem with the laws it that they are specific to the US. Many of these scams are coming from the Philippines.
I wonder if AT&T customer list got leaked.
For a while, I used Jolly Roger [1] as a sort of DDOS / attempt to get my number removed from the call lists. I have no problem paying for it if it were integrated/automatic. But after a while, I just got tired of manually adding it to a call.

[1] - http://www.jollyrogertelco.com

I just spent an hour listening to some of their recorded call sessions on youtube, it is hillarious. (https://www.youtube.com/channel/UC3OxCWLEmoIhNMm-hnvBm9Q)

It's also genius, if we can automate transferring telemarketers to stuff like this, we'd be using technology against them, use up all their human paid time and make it unprofitable to spam call.

I've heard there's a do not disturb hack for the iPhone. You can set it to do not disturb but still allow numbers in your contacts through.

I'm really tempted to try that but I'm worried about missing important calls.

It would be neat if they simply let you block every number that's ever been reported. Sort of like a real time global blacklist.

The problem with a global blacklist is that they're spoofing the number they are calling from. How long do you keep a number in the blacklist? What I'd you get assigned a number that used to be a spammer?
> What I'd you get assigned a number that used to be a spammer?

In fact the particularly evil ones will probably do that. It makes sense say to put popular numbers there, as it would discourage people from black-listing.

The blacklist would have to somehow know that this is an indeed a good number (say the number of a local hospital) and not actually a spam number.

> I'm really tempted to try that but I'm worried about missing important calls.

i think most people are starting to realize that there really isn't any such thing as an important call from a number you don't recognize.

I don't answer calls from numbers I don't recognize. If it's important they'll leave a message and I can call them back.
Same. It's really annoying. I finally changed my voice mail to say, "If it's important, leave me a voice mail or send me a text message. Otherwise I will not answer and you will never hear back from me." Just sayin'
Unfortunately, if you are dealing with medical issues (your own or someone else's), you are going to get lots of important calls from numbers you don't recognize, and from phones with blocked caller id (doctors, for instance).

And because of privacy considerations, they are often reluctant to leave a detailed message.

Yep, when I get a call claiming to be a phone number that's not likely scammy (e.g. a state that no close friend or family member lives in or is visiting), I hesitate to just ignore it a lot of the time. Certainly if it's a possibly relevant area code, I'll tend to pick up.

This isn't because I can't resist picking up the phone. But checking for voicemail after the fact takes even more time and cycles. And I don't want to end up playing telephone tag if someone actually does need to reach me.

The job I currently have reached out to me by phone after I had given a resume at a career fair. I never corresponded with the company by email until after I had already had a phone interview.

I recently got into a car accident. I occasionally get important calls from the involved insurance companies, on numbers I might not have seen before.

And never mind that even when I am expecting a call, I don't necessarily know the exact phone number beforehand.

There are such things as important calls from numbers you don't recognize.

I would have done this if Do Not Disturb didn't also block notifications. I want notifications, but don't want phone calls. I have been trying to figure out how to make that one work for awhile now.
There's an obvious market here for a dialer with out of band signalling at least for cellphone to cellphone traffic... Only devices that have key you recognize are allowed through.
How about the caller id that's being sent has to match the billing number and company ?

The telcom companies know who to bill, why do they have to develop any method to fight abuse ?

Being a suspicious person, I suspect it'll be a new feature to add to the bill.

https://en.wikipedia.org/wiki/Caller_ID_spoofing

That isn't an easy problem to solve.

What do you do when a company has a large set of numbers on a single trunk? Do you maintain a list of authorized CID source numbers? How do you enable 3rd parties to make calls on your behalf?

> How do you enable 3rd parties to make calls on your behalf?

Why should that be possible? If anything the disadvantages of nuisance or even scamming obviously far outweigh the benefits.

Few companies over a certain size run their own call centers. It's no different from a software startup using AWS or Rackspace instead of building a server room in their rented office space. I think it is both acceptable and desirable for my phone to tell me Comcast is calling me (as they currently do), even though it's technically an outsourced call center that makes/takes calls for several different companies from the same building and same set of phone numbers. Requiring caller ID match the billing address for the phone number would be like requiring Hacker News be hosted on a cloudflare.com subdomain because the IP space we're talking to isn't actually owned by YC.
You can set the CallerID name to whatever you want.

We once had a customer that set their callerID name to "DEAD" to signal that the phone number was no longer in use. People thought they were issuing threads on their outbound calls.

(comment deleted)
SPF records are reasonably simple to set up and something similar would solve this issue completely.
To build SPF for the PSTN you'd first have to build DNS for the PSTN, then convince the manufacturers of carrier-grade switches to implement it, then convince telcos to buy new switches, then convince every single telco on Earth to throw out its last remaining equipment that doesn't enforce "SPF" for caller ID (or spammers would just use those companies).
DNS for the PSTN exists, e164.arpa; mostly not public though. It would be a slog to get it implemented, but if spammers are limited to spoofing international numbers or from rural carriers, that's still a win because I can ignore calls from out of the area.
More specifically (in case anyone wants to know more---I know it surprised me to learn that caller name information is sent via DNS) NAPTR records.
Not sure what the US situation is here, but in the UK end users (of an ITSP provider I worked at) who could originate non-local numbers had to sign a "we have reasons and we won't abuse this feature, you're free to disconnect us if we do" contract.

I see how it's a hard problem to solve in 100% of cases, but I don't see why it's not solved for most of them. Carriers have their own interconnects, pricing, and contracts. I believe 99.99% of call spam can be solved in a few months by major telcos coming up with a definition of spam callers and updating contracts to say: if you route more than N such calls within M days, and don't report who you disconnected because of it, we're disconnecting you instead. Real small telcos would have to drop misbehaving lines immediately. Fake telcos selling services only to spammers could not continue to do business.

Businesses like to send one outgoing CID number from branch offices in several states, serviced by several local carriers, without having to route those calls through a central location first.

Individual telecom companies know who to bill, but "the telecom companies" don't have collective knowledge except by deliberate effort.

There's no incentive to expend that effort unless it's "a new feature to add to the bill," and all it takes to make that effort worthless is one carrier who refuses to play along.

Every call has a CIC code (carrier identification code). If callerID was similar to ssl certs, the world would be a better place
They don't. The company getting the call just knows who they get it from. The reseller chain can be a dozen companies deep.

I've ran companies doing 1B+ calls a week. Any time there's some sort of complaint from a customer or vendor, we just kick it down the line and say "please verify caller ID xxx is correct". We block it, everyone moves on. No one cares. I tried a few times to get the end user to file a complaint. Vendors and customers would just get annoyed; nothing happened.

Even in cases where an AG gets involved and sends out a subpeona, I've never seen anything happen. Hell, even on DHS investigations (like where callers are pretending to be IRS agents), nothing happens.

Until the FCC starts getting serious about it, that'll remain the status quo.

(Only time I've seen things actually happen is when the request is incidental to another investigation, like "terrorism" or drugs. Why the hell they fwd us any details about the suspect beats me. All over plaintext, too.)

1B+ as in one billion a week??
Yes over 1 billion a week. And we weren't a huge reseller. Granted, a lot of calls were junk and didn't connect. But still have to do routing, setup, check billing, etc.

(And did it on simple commodity stuff, including just a $5000 SQL Server box for accounting/recording.)

Just to chime in on the matter, there are actual legitimate reasons to spoof a caller ID. There's even legitimate reasons to spoof a caller ID that you don't own. Right now I've got a couple phone systems that are set up to spoof the caller id of incoming calls that are transferred to an outside line. As far as the outside party is concerned, the party that originally dialed in is calling them directly even though our phone system is really just conferencing two separate calls together. If we didn't do this then whoever we transferred the call to wouldn't know anything about who is calling them other than that the call was through us.
The company I work for also provides a service to spoof the originating number. It's meant for companies that send employees out into the field that might need to make phone calls from a cell phone (think a plumber or a delivery person). If the "field agent" makes a call, the customer gets the company number, not the number of the "field agent."
My cell and landline have been getting increasing robocalls. The ones to my cell have randomly generated caller id's that are near my own number. One day I got 3-4 scam/spam calls and I kept them on the line for a good 10-15 minutes. Every one was a free trip to Mexico. At the end, I would say (after the first time) "this is the Nth time you called me to day" and the people would actually argue with me that it was the first. Now, when I see an unknown number, I just send it to voicemail.
or worse other people getting robocalls with your number as the caller id. I had a few weeks of angry people calling me a couple of years ago.
> My cell and landline have been getting increasing robocalls. The ones to my cell have randomly generated caller id's that are near my own number.

You can exploit this, get a number in an small area code where you know no one and do no business with. Then don't answer any calls with that area code. This is highly effective.

(comment deleted)
For me, they also tend to throw in large cities like New York and Chicago. A lot of people know someone in a big city and might be willing to pick up an unknown number.
File an FCC complaint, every time. Changing caller IDs is illegal and is supposed to have a $10K fine per day.

When dealing with end users, the FCC can get really hyper. I've had them call me at 8PM Eastern, on a Friday, to tell us to emergency port a customer or things like that.

If enough people do this it might result in some pressure. It might get them kicked off one provider and move to another. Maybe.

I've always been confused as to why the phone companies refused to put any effort into this. Do they make significant money from spam calls? I can't see how that would be. Does anyone have any info?

In fact, when nomo robo (www.nomorobo.com) came up with a pretty good solution (they won an FCC robo blocking contest ), the phone companies lobbied congress to shut it down. No only were they not helping, they were blocking progress from others.

> Do they make significant money from spam calls?

There is also the other side, do they lose any money from spam calls? If they don't or it's negligible, they aren't going to be open to spending money to block them.

Good point. They could offer a small competitive advantage though. Many people in my neighborhood constantly change between Optimum and FIOS. Maybe if one had robo blocking, it would slightly tip the scales in their favor?
Do people in your neighborhood have home phone service?
Yes. I'm in the 'burbs. Everyone has Internet based land lines.
Are you in an area with poor cellular reception or something?
Nope. NY area. Great cell reception. If you're a family living in the 'burbs, it just can be convenient in many ways to maintain a redundant land line. We have all the "cord cutter" services an apartment dwelling millennial would have, but we have the cord stuff too.
Perhaps, it's getting to that point. In my case, if I decide to drop landline as part of my Comcast bundle one of these days--I keep it for various non-essential but useful reasons--the number of spam calls I get will probably be a factor.
I wonder if, as common carriers, they are even allowed to arbitrarily block calls.
It was one of the main reasons I gave up my land line. A few calls every day is pretty annoying.

I guess the article above describes the phone companies are working on it.

Do they not call on mobiles then? I've never received a robocall so I don't really know how this works.
It's illegal to robocall a mobile number without permission. I still get a few per month.
I get a few per week. Sometimes a few per day. If your phone number has ever been publicly available, those breaking the law can potentially get access to it. And all of them sell the lists to others in the space.
300 million Americans, 10 digits 0-9. Even dialing totally blind you'd expect a ~3% hit rate. Limit that to actual area codes (public information) and bias it towards the more populous ones, and you could probably do considerably better.

I'm not sure how important lists are.

tell that to the avg 2/day calls i get
I get more on landline than mobile although YMMV and the delta seems to be shrinking based on anec-data. It has gotten to the point with mobile though that I find I do need to follow "Do Not Disturb" hygiene when traveling internationally lest I get awakened in the middle of the night.
I have not had a landline in years. I get several robocalls a day on my mobile. Any caller I don't have in my address book gets sent to voicemail.
As a data point, I get more robocalls on my cell than home phone. Both numbers have been registered with the ineffective donotcall.gov
They do not make money from it. Actually, robocalls are really looked down upon in the industry, as the traffic is not profitable. Imagine this - telco carriers are charging per minute. No monthly fee, no setup fee, no per-call fees, only per minute with 6 second minimums and 6 second increments. Now imagine all the robocalls where they keep calls open for 3 seconds ( enough to determine if it's a live human or answering machine ). That carrier has a lot of resource utilization to "setup" a call, but after that, there is not much that the carrier needs to do.

In order to combat this, all tier-1 carriers now have ASR (answer ratio) and ACD (average call duration) minimums. In addition, if you have more than ~10% of your calls less than 6 seconds, you get an ADDITIONAL 1-2 cent per call surcharge. That's a lot of money given that my average cost of long distance is .17 cents ($0.0017) per minute.

It's the second tier carriers that is "blending" this traffic with good traffic in order to get the minimums then charge the telemarketers much higher costs per minute.

Related to this there is now a whole subset of shady/gray market VoIP, SIP trunking providers who specialize in "dialer" traffic and calls which have low ACD. They specifically market to outbound call centers and automated dialer traffic and have their own special rate tiers for such traffic.

Conversely there are a number of large, more ethical SIP providers who will cut you off if your outbound traffic consistently falls into the same pattern with low ACD. "No dialer traffic" is turning up in Terms of Service agreements with greater frequency.

Yep and it's a huge business for them. (I work in this industry, with these kinds of companies.) It results in great deals for non-robo callers, as they are desperate to get good conversational traffic to add to the mix.

It depends on which provider, but the dialer penalties usually aren't that harsh. Regardless, everyone's cautious. And they'll mix right to the limit. Put on restrictions on how many times a number can call? They'll switch up numbers and keep the mix perfect.

It creates a huge opportunity. If the FCC was serious, they'd just start cracking down and push liability on down the line. Then no one would want to take the risk. It's high volume, so without huge deposits and guarantees, no one would touch it.

Last I heard they have integrations with all the major telephone providers - comcast, verizon etc...? Where did you hear about the congress lobbying shutting it down?
>> "where did you hear ..."

You are correct in that I think they (telcos) lost. I believe the founder of nomrobo had to testify before congress. He emailed a petition to users a year or two ago, asking us to write supportive testimonials. I think he presented the testimonials to congress and won.

I'm using the Android 6.0 "mark call as spam" feature and it's working pretty well so far!

https://support.google.com/nexus/answer/3459196?hl=en

Cool. Unfortunately, I get a new number every call, so this would do nothing.
You'd be surprised how many of your spam numbers end up repeating, on a long enough cycle...it also feels good to mark a spam call as "spam".

Google is using that info to black list those numbers, so you'd be contributing to the greater good...

We need something similar in UK and Europe. For the last year I've been getting 3-5 calls a day on weekdays and a couple of silents. Always the same scams and spam - Bank misselling, upgraded boiler or glazing. Something changed or I was just lucky up til the start of this year, but it's got really annoying.

I wish I could simply globally block international and unknown numbers unless on a whitelist. Every blocking solution I've seen works on individual caller IDs, which is obviously useless for witheld or spoofed calls. Sending to voicemail is a sort-of solution, but results in a lot of half scripts recorded - they must always start speaking the moment the answering message starts playing.

If you're on android and are rooted, root call blocker works great. I had to do this a few months ago and only let through calls in my address book. Funny thing is all this started after I added my number to the do not call list
So a contact in your phonebook can have many phone numbers associated with it. We can make an open source contact that includes all of "possibly spam" numbers and if you have that contact on your phone, you'll see "possibly spam" is calling.
That's exactly what I've been doing for years. I also gave it a custom ringtone that's 4 seconds of silence and turned vibration off, so unless I'm actually doing something with my phone, or else listening to music, I don't notice the interruption.

The issue is that nowadays, I rarely get spam from the same numbers multiple times. They just generate a new fake number if the first one didn't get a response.

At get about a half dozen robocalls a day. I'm using nomorobo on the home office VoIP line, so they only ring once. Still annoying but livable. Unfortunately, the scammers are now setting caller ID phone numbers of XXX-YYY-???? where XXX-YYY are the first 6 digits of your own number and the ???? are 4 random digits. As they randomly set this for each call, it gets around nomorobo and the call comes through. As more folks start using something like nomorobo, expect to see most scam callers adopt this approach.
That's correct and could cause the opposite problem (where a legitimate callerID gets blocked).

Smaller telcos restrict the outbound callerID to only CallerIDs (DIDs) that you own. This would be very difficult to enforce for a wholesale carrier - where their customer is an aggregate of thousands of customers.

It's not even feasible. Like IP, the outbound calls go via many paths. So like ISPs almost never filter your source address, same for telcos. Small ones with tiny accounts might, but no one even remotely on wholesale.

But changing IDs is already illegal, so the FCC could decide to chase it down if enough people complain.

Do you have a source for the claim of caller ID spoofing being illegal? AFAIK that's only illegal if you're using it to further a fraud.
Yeah I knew someone would point that out. In the case of evading robo laws, it'd be fraud, right?
> This would be very difficult to enforce for a wholesale carrier

Billing in telcos is important and has all the details you need. This is either information of who placed the call (if they're your customer) or which carrier the call came from (if they aren't). The only problem right now is that there's no reason for responsible behaviour. As soon as carriers are forced/want to say "stop sending us spam calls, or we stop taking your traffic" to both customers and other carriers, this will get sorted.

Interesting no one has mentioned this page in the thread: https://www.fcc.gov/general/traffic-pumping

As I understand there is an incentive model in place to encourage this type of traffic.

That's not true, the carriers are compensated through CABS (carrier access billing) based on number of minutes, not number of connected calls.

Carriers have to accept traffic from other carriers, even if they have not paid their CABS bill.

Right now, no one is paying anyone. That's why fair cross-carrier compensation and flat-rates are a big talk in the FCC instead of what's called "Tariff rates" which vary by carrier and by destination.

Freeconferencecall.com exists because of CABS and having very high tariff rates. They do NOT want lots of short duration calls. That doesn't help them at all.

Excuse me if I am less than enthused with AT&T being involved.

They send me physical mail addressed to resident. I called them to cancel it. They took my name and soon no more mail is going to resident. Its addressed to me personally.

I later call to cancel that mail. Soon, no more mail is going to me. Its going to resident again.

The ridiculous thing is even after the FCC said it was OK numerous times AT&T still refuse to do anything to work on robocalls claiming that they needed judicial approval.

The FCC had to pass a memorandum (or something) earlier this year explicitly spelling out the AT&T had absolutely no grounds for their believe and was allowed to and SHOULD work on the issue.

For the last 2 years I've been receiving calls from some call center in India sometimes up to 5x a day asking if I want viagra. I've asked, pleaded, demanded and have blocked by now hundreds of the numbers they call me with which can range from a local number to one across the country.

I've had my number since I was a teenager and don't want to stop using it but I've been seriously considering it lately because the calls feel like harassment. I don't get how they are able to do this and why something hasn't been done about it.

People should stop using phone numbers all together, just 4g signal is fine.