I have no idea why I'm even allowed to get calls from V11109011700119 on my cellphone. They're so clearly scams / spam that every carrier globally should close these down.
Most calls I get have my local area code, sometimes even the same first 6 digits. You can't just block phone numbers because phone numbers are self-reported. Spammers will just keep switching.
I get a lot of that too. I haven't lived in the geographical region associated with my area code in over a decade, so I don't actually know anyone with the same prefix.
So they may as well use "I am a spammer" as their Caller ID.
I saw something interesting the other day. This company called me twice within a few minutes. The first call came from "+1 844-###-####", but it was automatically blocked as spam by Android. The second call was from the same number, but it was formatted as "+844#######". That one wasn't blocked.
I wonder if formatting the number this way allows them to circumvent spam lists, but doesn't trip anti-caller ID spoofing mechanisms?
This is a call from Memphis TN with a badly formatted ANI. The format that you would recognize would be +19011700119 or (901) 170-0119. 111 or 011 are country code prefixes in the North American Dialing Plan. The "V" may mean verified (which would be an artifact of STIR/SHAKEN, ironically), if you're using XFinity/Comcast... but likely is just an artifact of a bug in the code used to set the headers. The fact that the 901 is prefixed with a 0 hints that the PBX/SBC used to place this call was configured for international use and they missed some localization settings, which could be the culprit for the weird formatting.
This is fascinating, thanks for sharing. I noticed that I get a lot of spam calls from “Russia” (country code 7) because my local number is in an area code that starts with 7. I figured that the caller totally screwed up their caller ID. I find it hilarious that the callers are trying and failing to appear as if they are in my local area.
This is really interesting to me. I've basically just silenced all those calls and my life is much better for it. Interesting that they're in theory passing STIR/SHAKEN.
Well its all obvious now; each carrier has their own "SUPERspamGuard!®" so there is little incentive to fix the problem anymore. It is just another selling point to get customers who are fed up with their previous provider.
We need to fine companies that continue to route these calls. It is not like tracing is impossible.
Spam Callers must be identified and banned (preferably) by a global task force that is funded both by the cellular service providers and the governments.
This is a global problem and no single country or company can be expected to fix it on their own.
Or neighbors need to agree on policing, for example any company/country that lets 10% of its phone traffic be spams just gets disconnected from the network flat out. Want your service back? Fix your house first.
I'd be shocked if most of the US's spam doesn't come from within. I'm not against attempting a global body to regulate, but I doubt it would work. We can't even get internet providers to ensure their traffic isn't spoofed, and that's just firewall rules.
Edit: maybe not shocked, but personally the only out of country voices I hear now are when I call GoogleFi support.
The question is, are phone operators even interested in doing this? Marking robocalls as such - sure, but blocking altogether - I don't think so.
Something interesting happened I think a few years ago, when a hosting company in the US that turned out to be the major hoster for spammers went down for technical reasons and the world went spam free (by 90%) for a couple of days. You'd think it was obvious what to do... but nope, once the hoster was back everything was back to normal like nothing happened.
I agree, I don't think they have any incentive to, and it would take strong regulation to force them. We would also have to stop pretending that calls are some 'divine message' that can't be interfered with, and be morally ok with cutting off an entire country if they won't curb spam.
It seems easy to me, pass a law that says if a telecom can't trace the source of a call to where it entered their network, they are legally liable for the content of the call.
In my limited experience as an American, most of the callers sound like they have American accents to me; maybe 10% that actually get through sound like they're from South Asia, which is what I used to associate with spam.
I also suspect that a lot of spam calls are coming from within the prison system - not prisoners trying to run scams off payphones, but actually working from a phone bank at a prison for a nickel an hour. It's the only thing I can think of that explains their dogmatic adherence to the script in front of them. Free scammers from overseas will start insulting you once you're onto their scam; free scammers from the U.S. will typically just hang up and try again; but if you're a prison worker, the punishment for going off script is much worse than just losing your job.
I answer and talk to the scammer every time. I ask them why they do this for a living and generally try to make it psychologically hurt for the scammer. I've done this more than 50 times at least. The vast majority have Indian or Pakistani accents. A small percentage have south American accents. None have had American accents.
Weird! I wonder why there's such a difference in our experiences.
I also don't think making it psychologically hurt is going to make any difference, especially not when you're asking them why their fellow countrymen shit in the streets. Based on what I've heard and read, a lot of them justify their work by villainizing us in their eyes. Which isn't unfair! We're vastly richer than them, and they don't see any particular problem in what they see as being a Robin Hood-like character. Insulting and abusing them just further justifies their actions in their mind.
I used to try to waste their time as well, but after I postulatede my prison-work theory, I no longer do that - they don't have a choice, and it's cruel to put them through that.
It's not always insulting or abusing. I've noticed considerably more psychological damage from normal conversations. Questions like "do you think seeing yourself as a scammer is going to cause long term effects on your health?" Abusive questions only get a rise out of them and then they either stay on longer, incoherently angry, or they drop the call quickly.
Year 2020: 40k complaints about 18k phone numbers (12% from outside Germany) for predictive dialing. 155k complaints about phone spam (company trying to sell you something). 1.3 million Euros in fines. https://www.bundesnetzagentur.de/DE/Vportal/AnfragenBeschwer...
Do you think government regulation is the reason you didn’t get scam calls? Or is it more likely that the Indian and Pakistani scammers can’t speak German and therefor don’t target Germany?
If you were to do this, you would block millions of valid phone numbers. The "we've been trying to reach you about your vehicle's extended warranty" spammers spoof numbers in your local area code, and if you call back, you get extremely confused elderly people and small businesses.
The block would be at the source, not the spoofed number. The calls originate from somewhere, and that can be identified.
But the current system has people blocking those spoofed numbers, so its effectively doing that now. Google phones give you a fast button to just block the number, despite knowing its likely spoofed.
I don't think they're proposing blocking numbers, I think they're proposing tracing the actual origin of the calls and blocking that. The number that shows up on caller ID is completely meaningless in the face of bad actors.
I'd be happy if I could just *SPAM a number immediately after receiving it and let the phone company track them down. I worry about blocking numbers since spammers have started spoofing valid numbers of real people.
STIR/SHAKEN has barely started to be rolled out, and most major carriers don't fully support both protocols. Realistically the reason you've not seen a difference is that... well there's not been a change. The TRACED act stipulated that large carriers have to have it implemented by June 2021 (and several have... mostly) and that smaller carriers have a 2 year extension until 2023. The problem is that "smaller carriers" has a much looser definition than you think, which includes the phone systems used by most corporate businesses and most cheap/easy SIP providers (like NICE inContact, OnSIP, RingCentral, etc). That said, it'll be a couple years before you see the silver bullet you're looking for, and even then it'll be a couple more before all the kinks are worked out. (There's still some unanswered questions about attestation in smaller regional/local carriers. Also international partners aren't complying with the standard, so that increases the complexity.)
That seems backwards to me. Wouldn't big carriers be the ones who need more time due to the complexity and size of their systems? Shouldn't small carriers, like the ones you described, be able to roll this out almost overnight?
I want my phone to give me the option to only let authenticated calls through and give everybody else a busy signal. Today, the ham:spam ratio of my phone is worse than my email.
It's only really had any progress pretty recently. The "Traced Act" deadlines were only a few months ago, and I assume the carriers need some time to iterate on tuning it. Or maybe the FCC needs a few months of data before they can start smacking carriers around. I wouldn't give up yet.
The phone system is a perfect example of why literally nobody other than a few tech purists wants federated communications systems. It astounds me how many still cling to what (IMHO) is an unworkable ideal.
The only thing that has made email remotely usable is that the service is concentrated in a few providers who spent a huge amount of effort to minimize the spam.
It's classic tragedy of the commons.
Obviously we don't have authenticated caller identity in the phone system and you can argue that would solve the problem of spam. No argument it would help but I very much doubt it would solve it.
For awhile you were able to IM Gmail users from outside Gmail (through XMPP). This was unsurprisingly shut down because the likes of Microsoft (Hotmail) didn't reciprocate (ie Hotmail users could message Gmail users but not the other way around).
Spam on phone networks continues because bad actors profit from it. For example, spam traffic is "laundered" with legitimate traffic so the exchange itself isn't blocked by other parties. It also gives plausible deniability.
These things are all inevitable consequences of federated communications systems.
There was a period, over a decade ago now, where I was constantly getting scam calls from certain area codes and prefixes. Looking them up on TelcoData[0], the prefixes and thousands blocks were all from various phone companies I'd never heard of (and had nothingburger websites). It turned out that scammers had set up actual phone companies to carry their traffic. They were not only doing their usual scamming, but also raking in cash from the resulting incoming Caller ID lookups. These have either been shut down or have fallen under the radar.
It's a shame that (just like TCP/IP), SS7 was designed in an era of good faith and didn't have security baked into it from the start.
Phreaking is older than SS7. The story itself is as old as civilization. It was an era of naivety and exploitation of that naivety, not good faith. Unauthenticated protocols with no user-controlled access is always a bad idea. TCP/IP has firewalls.
You understand that federation is what allows you to call someone in New York from Berlin, right? Also, AS peering is a form of federation that allows you to open websites hosted in Netherlands while being in another country.
I think I get up to 5 spam calls a year (up in the north of Europe; knock wood).
I am not arguing with you on that. But my take is that once we notice an abuse of a federated system, we shall take steps to curb the abuse instead of saying "that's all federation's fault"!
> “ These things are all inevitable consequences of federated communications systems.”
Only of ones that have historically existed with these flaws.
One of the reasons I think urbit is cool is that the non zero (but low) ID cost solves this economically making spam non-viable and moderation easy.
I was also bummed that federated systems seemed to have these core issues that lead to centralization. It’s also why I think the non-urbit attempts at federation are DOA. To fix this for real you need to fix the entire stack. The problem is upstream from the application layer.
Your analysis of the flaws inherent in federated systems is right, but you’re wrong that it’s an inevitable consequence - it turns out there is a way to solve the incentive problem and avoid them.
Yes and: Many purists (utopians) continue to oppose infra for authenticated speech. Despite all the evidence, experience, and logic.
I wonder if this stubborn naivety comes from our modern geek creation myths. Wasn't it Ender's Game (Orson Scott Card) that had some kids conducting a Greek dialog in public, arguing both sides, anonymously, shaping the zeitgeist, thru their amazing rhetoric?
As if. If allowed, noise always overwhelms signal. More as the production costs of noise approaches zero, driving the cost of discerning signal up to infinity.
(What geekling hasn't read Ender's Game? Imagined themselves as humanity's savior? Huh. Now I wonder what fables Harry Potter reading Millennials will unwittingly foist onto the world, when it's their turn.)
Unfortunately, only the basic detection works when you're on prepaid. The calls will come in, but you'll at least be warned. No, I'm not going postpaid, especially given their history of data breaches.
Still, I like seeing "Scam Likely" when a robocall comes in. Too bad they insist on engaging my voicemail - my least time-wasting option is to just pick up the call and immediately hang up. I'm extremely lucky that my cell phone gets only a few of these a week, but that's annoying enough.
> Unfortunately, only the basic detection works when you're on prepaid. The calls will come in, but you'll at least be warned. No, I'm not going postpaid, especially given their history of data breaches.
T-Mobile prepaid is odd. It is almost like it is an MVNE using T-Mobile's network rather than a part of T-Mobile. When I switched from postpaid to prepaid, for example, the T-Mobile mobile app stopped working. It says "Sorry we're not ready for you yet. We're working on improving your app experience" and suggests using the website instead.
Checking on their forums, I see it has been doing this for years. They used to say they were working on it, but they stopped saying that.
Still, I find it worth it because of the savings. I just need voice, text, and a small amount of data. The cheapest postpaid I see at T-Mobile that would be open to most readers here is $60/month for 1 line [1]. Verizon and AT&T seem to be a little above that.
My prepaid T-Mobile plan is $15/month (around $17.something with taxes and fees, which are included in the $60 for the postpaid plan).
[1] They have a plan for people 55+ which has about the same features for $40/month (plus taxes and fees, which are included in the $60/month plan). This puts them way ahead of Verizon and AT&T, whose "senior" plans are only available to Florida residents. WTF is up with that?
I was with T-Mobile until three months ago. I used their Scam Shield service - the app is still actually still on my iPhone.
I received about 25 calls per day on average that slipped right through their service.
Senior health coverage, car warranty, etc calls. All using spoofed caller ID. All using the same technique of call screeners in India or similar that then forward the calls to US companies buying the leads. I actually had a conversation with a U.S. based insurance agent that was buying the leads and told her of the spoofing and other shady techniques they use. Her response was, “They supply good leads so I keep buying them.”
Anyway, I switched to Verizon and it is no better. I ended up setting my phone in Focus mode 24x7 and whitelisted almost my whole contact list. It was either that or change my phone number. Can’t concentrate on work when you’re being called every 20-30 minutes.
Good work identifying one of the purchasers of leads. Sue them under the tcpa which will cost them money - and land you a few hundred dollars for your time. Best of all, it will dissuade them from buying said “good” leads.
Hi, I previously served as CTO of the FCC's Enforcement Bureau, where I worked on then-Chairman Wheeler's Robocall Strike Force. I'd like to offer a few observations that might be of interest.
* T-Mobile, like the other carriers, is offering a numerator and not a denominator. These call filtering services are plainly valuable, but it's difficult to evaluate how effective they are based on current public evidence.
* It isn't a coincidence that the top robocall destinations include locations that are popular for retirement. These scams disproportionately target and take advantage of older customers.
* Call authentication (STIR/SHAKEN) is helping, and will continue to become more effective. The FCC did not push carriers to rapidly adopt call authentication during the last administration; Congress eventually stepped in with the TRACED Act, and the FCC has since made STIR/SHAKEN a top priority.
From anecdotal evidence (n=1) the call blocking feature on T-Mobile is about 70% effective. Unfortunately I don’t know of an api to pull my full phone and spam shield records but I estimate I received about 2,000 calls over the past three months. About 90% of those were spam/scam calls. Of those, T-Mobile identified and blocked about 70% of them.
It is reassuring to see the stir/shaken “checkmark” on my iPhone call log indicating that the call has been authenticated. Unfortunately as you say it’s not very effective yet.
I’ve noticed that there are carriers/voip gateway providers who are proactive on shutting down spam emanating from their networks and others who are not. Not affiliated but the list here seems to be accurate: https://scammerblaster.com/the-ultimate-method-of-scammer-pa...
Correct. I think my high water mark was about 30 calls in one day. I would receive a call while messing with another, so I would sometimes conference them together for hilarity to ensue.
One time I received 30ish calls everyday for a few days and each one of them was from a different number but with same prefix. It bothered me that I couldn’t block that prefix.
At some point my phone number was sold as part of a list of “old people”. So my calls consisted of a mix of Medicare supplement plans, Medicare scams (“free” diabetic supplies, something about chronic pain, and my favorite which was “a five year renewal” of my Medicare card. All they needed was all my PII, doctors name and Medicare card number!)
I also received a lot of other scam calls targeting older folks: namely callers impersonating Social security administration officials who scare you into sending thousands of $$$ to them so you avoid getting arrested - you’re told that your SS benefits are suspended and you’ll be charged with a crime because your SS# was associated with some vague crime in the “southern border of Texas”…
It’s honestly sickening to see in real time how these low lives fleece innocent people and it makes me furious. I do what I can to try and shut them down but I’m sure it’s just a drop in the bucket and they just pop back up with a different voip provider in a few days anyway.
They can be very persistent and they will track your “identity” for years. I had invented a persona back in 2015 and forgotten about it. Someone called several dozen times - very aggressively - asking for that persona. I had fun messing with him but it was scary having him pull up personal details from over 7 years ago even if it was totally fabricated.
It seems ridiculous to me that I regularly receive calls that are clear indicators of illegal activity but that nobody is being held accountable.
Why is there no way to find the people who are making these calls and why are the phone companies not liable for allowing these calls to be made without accountability?
It’s a lot of work and honestly the telcos don’t care. Even if and when you do find them, what can you do? They’re calling from halfway around the world - so “impersonating a us government employee” is not a law you can enforce on a citizen of another country.
Why can't the telcos be held liable for routing these calls? If you get scammed and could sue the phone company, they'd very quickly find real solutions.
The phone companies standardized on a hopelessly insecure protocol in 1975, and have no financial incentive to fix it.
If the FCC mandated a $1/spam call fine for cell phone providers (automatically paid as an unbounded rebate to subscribers), I suspect they would fix it in under 12 months.
More reading on the protocol (Signaling System 7) is here:
> The phone companies standardized on a hopelessly insecure protocol in 1975...
I vaguely remember an interview with somebody involved in early ARPANET standardization efforts stating pretty definitively that the prevailing direction for network protocols was source based routing. Anybody who has ever had to write an email address parser has seen vestiges of this (multiple @, ! and : symbols). Supposedly a representative from the NSA helpfully "suggested" they abandon that line of thinking and just mimic the PSTN's approach of trusting the next hop to do the routing.
I wonder how accidental it is that SS7 was implemented in such a plainly insecure manner.
Then every time I travel overseas I cannot use my phone or a US phone number? What about living close to Canada, Mexico, Caribbean…etc and you pick up international towers?
It’s an easier fix, but not really a solution.
The reality is that everyone wants fairness but no one really wants government regulation (Russia is a great example of this where your phone number is essentially treated like an assault rifle. Registered, monitored, and geo-tracked).
They are providing me a phone but most callers are spoofed and it can't be answered any more in the way a reasonable person would expect a phone to be useful.
Prior to VoIP it was easier to trace the source of a call. With VoIP, the call could come from anywhere. Also, that VoIP service may have been resold several times and the end of that chain might look like a shady foreign entity with fictitious names. You kill one shady reseller and 3 more pop up.
It makes me feel old to realize that I grew up in a time when, if the phone rang, you could pick it without hesitation because the other person on the line was a genuine caller. Things don't always improve with time.
Considering the old school trope of the 70s-late 90s of the telemarketers calling during dinner time, it being a real person doesn't mean they weren't someone trying to sell something.
There's one call I get once a month or so that's a pretty convincing robot. It's a guy asking for donations for some sort of police association. It seems to try to use the robot to gauge interest, then sends you to a real person if you say the right things. They don't change the pitch script at all, though, so I recognize it in the first few words now.
It’s probably a soundboard system. It’s a sneaky way that telemarketers can “technically” say they’re not robocalling you because there is a person behind the soundboard listening to you and clicking buttons to send the response.
I don’t care either. However the telemarketers and scammers are hell bent on making sure the laws are written and interpreted in such a way to benefit them and not you.
I'm thankful my phone number's area code is from a different part of the country. All the spoofers use the old area code thinking they are tricking me into picking up. But I know that no one from where I lived in 2006 is calling me.
Interestingly, my mechanic sends invoice links over text. Mine didn't come through so they asked if I had TMobile.
Turns out, T-Mobile charges businesses a fee (I want to say they said something like $250/mo?) to allow messages through even though I opted in and wanted this communication.
Seems a little bit like they introduced a "solution" but then can simply charge to profit off letting people through the solution?
85 comments
[ 3.5 ms ] story [ 143 ms ] threadI have no idea why I'm even allowed to get calls from V11109011700119 on my cellphone. They're so clearly scams / spam that every carrier globally should close these down.
So they may as well use "I am a spammer" as their Caller ID.
I wonder if formatting the number this way allows them to circumvent spam lists, but doesn't trip anti-caller ID spoofing mechanisms?
We need to fine companies that continue to route these calls. It is not like tracing is impossible.
This is a global problem and no single country or company can be expected to fix it on their own.
I'd be shocked if most of the US's spam doesn't come from within. I'm not against attempting a global body to regulate, but I doubt it would work. We can't even get internet providers to ensure their traffic isn't spoofed, and that's just firewall rules.
Edit: maybe not shocked, but personally the only out of country voices I hear now are when I call GoogleFi support.
Something interesting happened I think a few years ago, when a hosting company in the US that turned out to be the major hoster for spammers went down for technical reasons and the world went spam free (by 90%) for a couple of days. You'd think it was obvious what to do... but nope, once the hoster was back everything was back to normal like nothing happened.
I also suspect that a lot of spam calls are coming from within the prison system - not prisoners trying to run scams off payphones, but actually working from a phone bank at a prison for a nickel an hour. It's the only thing I can think of that explains their dogmatic adherence to the script in front of them. Free scammers from overseas will start insulting you once you're onto their scam; free scammers from the U.S. will typically just hang up and try again; but if you're a prison worker, the punishment for going off script is much worse than just losing your job.
Wish I could prove or disprove my theory.
Not all of them, but enough that I don't think messing with them is morally justifiable.
I also don't think making it psychologically hurt is going to make any difference, especially not when you're asking them why their fellow countrymen shit in the streets. Based on what I've heard and read, a lot of them justify their work by villainizing us in their eyes. Which isn't unfair! We're vastly richer than them, and they don't see any particular problem in what they see as being a Robin Hood-like character. Insulting and abusing them just further justifies their actions in their mind.
I used to try to waste their time as well, but after I postulatede my prison-work theory, I no longer do that - they don't have a choice, and it's cruel to put them through that.
Year 2020: 40k complaints about 18k phone numbers (12% from outside Germany) for predictive dialing. 155k complaints about phone spam (company trying to sell you something). 1.3 million Euros in fines. https://www.bundesnetzagentur.de/DE/Vportal/AnfragenBeschwer...
I received one spam call in 2020.
But the current system has people blocking those spoofed numbers, so its effectively doing that now. Google phones give you a fast button to just block the number, despite knowing its likely spoofed.
I’d request two features.
- Some API that allows apps to get through (like door dash)
- Ability to disable for a brief period (30min? A day?) when expecting a call from an unknown number.
This is a far better solution than the blacklists that hardly work.
I want my phone to give me the option to only let authenticated calls through and give everybody else a busy signal. Today, the ham:spam ratio of my phone is worse than my email.
The only thing that has made email remotely usable is that the service is concentrated in a few providers who spent a huge amount of effort to minimize the spam.
It's classic tragedy of the commons.
Obviously we don't have authenticated caller identity in the phone system and you can argue that would solve the problem of spam. No argument it would help but I very much doubt it would solve it.
For awhile you were able to IM Gmail users from outside Gmail (through XMPP). This was unsurprisingly shut down because the likes of Microsoft (Hotmail) didn't reciprocate (ie Hotmail users could message Gmail users but not the other way around).
Spam on phone networks continues because bad actors profit from it. For example, spam traffic is "laundered" with legitimate traffic so the exchange itself isn't blocked by other parties. It also gives plausible deniability.
These things are all inevitable consequences of federated communications systems.
It's a shame that (just like TCP/IP), SS7 was designed in an era of good faith and didn't have security baked into it from the start.
[0] https://telcodata.us/
I think I get up to 5 spam calls a year (up in the north of Europe; knock wood).
Only of ones that have historically existed with these flaws.
One of the reasons I think urbit is cool is that the non zero (but low) ID cost solves this economically making spam non-viable and moderation easy.
I was also bummed that federated systems seemed to have these core issues that lead to centralization. It’s also why I think the non-urbit attempts at federation are DOA. To fix this for real you need to fix the entire stack. The problem is upstream from the application layer.
Your analysis of the flaws inherent in federated systems is right, but you’re wrong that it’s an inevitable consequence - it turns out there is a way to solve the incentive problem and avoid them.
Yes and: Many purists (utopians) continue to oppose infra for authenticated speech. Despite all the evidence, experience, and logic.
I wonder if this stubborn naivety comes from our modern geek creation myths. Wasn't it Ender's Game (Orson Scott Card) that had some kids conducting a Greek dialog in public, arguing both sides, anonymously, shaping the zeitgeist, thru their amazing rhetoric?
As if. If allowed, noise always overwhelms signal. More as the production costs of noise approaches zero, driving the cost of discerning signal up to infinity.
(What geekling hasn't read Ender's Game? Imagined themselves as humanity's savior? Huh. Now I wonder what fables Harry Potter reading Millennials will unwittingly foist onto the world, when it's their turn.)
Still, I like seeing "Scam Likely" when a robocall comes in. Too bad they insist on engaging my voicemail - my least time-wasting option is to just pick up the call and immediately hang up. I'm extremely lucky that my cell phone gets only a few of these a week, but that's annoying enough.
T-Mobile prepaid is odd. It is almost like it is an MVNE using T-Mobile's network rather than a part of T-Mobile. When I switched from postpaid to prepaid, for example, the T-Mobile mobile app stopped working. It says "Sorry we're not ready for you yet. We're working on improving your app experience" and suggests using the website instead.
Checking on their forums, I see it has been doing this for years. They used to say they were working on it, but they stopped saying that.
Still, I find it worth it because of the savings. I just need voice, text, and a small amount of data. The cheapest postpaid I see at T-Mobile that would be open to most readers here is $60/month for 1 line [1]. Verizon and AT&T seem to be a little above that.
My prepaid T-Mobile plan is $15/month (around $17.something with taxes and fees, which are included in the $60 for the postpaid plan).
[1] They have a plan for people 55+ which has about the same features for $40/month (plus taxes and fees, which are included in the $60/month plan). This puts them way ahead of Verizon and AT&T, whose "senior" plans are only available to Florida residents. WTF is up with that?
I received about 25 calls per day on average that slipped right through their service.
Senior health coverage, car warranty, etc calls. All using spoofed caller ID. All using the same technique of call screeners in India or similar that then forward the calls to US companies buying the leads. I actually had a conversation with a U.S. based insurance agent that was buying the leads and told her of the spoofing and other shady techniques they use. Her response was, “They supply good leads so I keep buying them.”
Anyway, I switched to Verizon and it is no better. I ended up setting my phone in Focus mode 24x7 and whitelisted almost my whole contact list. It was either that or change my phone number. Can’t concentrate on work when you’re being called every 20-30 minutes.
* T-Mobile, like the other carriers, is offering a numerator and not a denominator. These call filtering services are plainly valuable, but it's difficult to evaluate how effective they are based on current public evidence.
* It isn't a coincidence that the top robocall destinations include locations that are popular for retirement. These scams disproportionately target and take advantage of older customers.
* Call authentication (STIR/SHAKEN) is helping, and will continue to become more effective. The FCC did not push carriers to rapidly adopt call authentication during the last administration; Congress eventually stepped in with the TRACED Act, and the FCC has since made STIR/SHAKEN a top priority.
It is reassuring to see the stir/shaken “checkmark” on my iPhone call log indicating that the call has been authenticated. Unfortunately as you say it’s not very effective yet.
I’ve noticed that there are carriers/voip gateway providers who are proactive on shutting down spam emanating from their networks and others who are not. Not affiliated but the list here seems to be accurate: https://scammerblaster.com/the-ultimate-method-of-scammer-pa...
Holy crap. That's six a day. I would have thrown my phone away.
I also received a lot of other scam calls targeting older folks: namely callers impersonating Social security administration officials who scare you into sending thousands of $$$ to them so you avoid getting arrested - you’re told that your SS benefits are suspended and you’ll be charged with a crime because your SS# was associated with some vague crime in the “southern border of Texas”…
It’s honestly sickening to see in real time how these low lives fleece innocent people and it makes me furious. I do what I can to try and shut them down but I’m sure it’s just a drop in the bucket and they just pop back up with a different voip provider in a few days anyway.
They can be very persistent and they will track your “identity” for years. I had invented a persona back in 2015 and forgotten about it. Someone called several dozen times - very aggressively - asking for that persona. I had fun messing with him but it was scary having him pull up personal details from over 7 years ago even if it was totally fabricated.
Why is there no way to find the people who are making these calls and why are the phone companies not liable for allowing these calls to be made without accountability?
If the FCC mandated a $1/spam call fine for cell phone providers (automatically paid as an unbounded rebate to subscribers), I suspect they would fix it in under 12 months.
More reading on the protocol (Signaling System 7) is here:
https://en.m.wikipedia.org/wiki/Signalling_System_No._7
The fundamental issue is that is assumes 100% of global telephone exchanges are trustworthy.
I vaguely remember an interview with somebody involved in early ARPANET standardization efforts stating pretty definitively that the prevailing direction for network protocols was source based routing. Anybody who has ever had to write an email address parser has seen vestiges of this (multiple @, ! and : symbols). Supposedly a representative from the NSA helpfully "suggested" they abandon that line of thinking and just mimic the PSTN's approach of trusting the next hop to do the routing.
I wonder how accidental it is that SS7 was implemented in such a plainly insecure manner.
"Five U.S. states, Costa Rica, Guatemala, India, Mexico and the Philippines are where most robocalls originate."
I imagine it's much more complicated to prosecute robocallers that live overseas, as you're now dealing with having to extradite people.
Won't solve everything but maybe a little bit.
It’s an easier fix, but not really a solution.
The reality is that everyone wants fairness but no one really wants government regulation (Russia is a great example of this where your phone number is essentially treated like an assault rifle. Registered, monitored, and geo-tracked).
They are providing me a phone but most callers are spoofed and it can't be answered any more in the way a reasonable person would expect a phone to be useful.
Turns out, T-Mobile charges businesses a fee (I want to say they said something like $250/mo?) to allow messages through even though I opted in and wanted this communication.
Seems a little bit like they introduced a "solution" but then can simply charge to profit off letting people through the solution?