“It may not be a national security concern yet, but the reputation (of a country) is involved, and we don’t want India to suffer on that count,” Daud told the publication.
To be fair, the person who made that statement is the FBI's legal attaché in New Delhi. One would expect a person in such a position to say something like that, to smooth relations with the host country.
But yes, I hope the perpetrators are brought to justice and the victims receive some kind of recompense.
> To be fair, the person who made that statement is the FBI's legal attaché in New Delhi. One would expect a person in such a position to say something like that, to smooth relations with the host country.
“It may not be a national security concern yet,” is actually a fairly ominous statement from an FBI official of any kind.
My understanding is that most of these scams use spoofed numbers (or legitimate forwarding numbers), so there's no "just ignore it" remediation. SHAKEN/STIR[1] is meant to address this kind of spoofing, but it's not a stretch to imagine that these kinds of scams mostly target older people who are less likely to have (or understand) Caller ID anyways.
Yeah, they spoof local numbers. I haven't lived in the city my area code is from in a long time. Occasionally I'll answer calls from there when I'm bored and it's always a scammer.
What's even more disturbing is that I'm now getting calls from people talking in Hindi. I answer in English but they ask me to switch to Hindi. (I'm from Pakistan and speak Urdu which is mutually intelligible with Hindi). I'm guessing it's to build familiarity/trust.
They want to pay off my phone, electric and other bills and in return I pay them 50% of the amount. I give them fake info and try to keep them on as long as possible... asking them to repeat multiple times. Sometimes I'll tell how thankful I am that they came to me with this 50% off offer because I'm facing financial troubles. Not once did any of them fell bad about trying to scam a poor person. Their response is usually something like "This is exactly why we are offering this service, to help people like you".
Eventually they get frustrated and hangup. This way I can hurt their ROI just a bit.
Due to that whole lack of authentication I. The phone system, we get lots of spoofed numbers here in the US. I ignore most unknown calls but manage to answer maybe one a month that is an obvious foreign (usually Indian sounding) call center.
There's no meaningful blocking here: the victimizing party is spoofing, or using a "legitimate" forwarding service. Carriers could just cut India off entirely, but (1) money finds a way, and (2) we're going to cut off service for a democratic country of over a billion people because of a few scammers?
The remediation here needs to be statutory: (1) anti-spoofing needs to happen at the carrier level and not just the terminating connection, and (2) forwarding services need to be subjected to additional oversight and transparency requirements.
I can certainly fathom $10 billion. But I take your point; my point was that, even if there are a million criminals involved in telephone fraud in India, it's a tiny fraction of overall (and primarily legitimate!) telephone traffic. Interfering with over a billion peoples' ability to talk with their loved ones requires existential damage to our country, not frustrating crime that's best resolved with international cooperation.
Edit: I think a generally useful framing for these kinds of criminal enterprises is comparison to US wage theft: nearly the same amount is stolen from US workers each year in just the top 10 states[1]. This doesn't somehow excuse phone fraud, but you don't see the same kind of grousing for cutting Fortune 500s off of the Internet.
I think Americans feel differently about a domestic issue of Americans stealing from Americans than they do about a developing country scamming elderly Americans out of their social security income.
> I think a generally useful framing for these kinds of criminal enterprises is comparison to US wage theft: nearly the same amount is stolen from US workers each year in just the top 10 states[1]. This doesn’t somehow excuse phone fraud, but you don’t see the same kind of grousing for cutting Fortune 500s off of the Internet.
Cutting F500s off the internet would do nothing about wage theft. There is considerable advocacy for strong action to bring wage theft under control, too. So, I’d say this analogy fails its purpose on multiple levels.
It's never an "Indian number," it always appears to originate locally or in the US. Either way, I just use good hygiene and ignore all outside calls unless on contact list. The only people who ever need to call me are family and PagerDuty.
I think most people are downvoting you because this advice is useless, given that those calls never come from Indian phone numbers. I'd like to note that I'm downvoting you because that's not what a tautology is.
To temper the potential for anti-indian rhetoric, US authorities work side by side with local Indian authorities to shut these down.
Mark Rober has a few videos dedicated to going after several of these scam call centers, and most recently 3 major ones were shut down and their owners arrested.
Somehow they still manage to write people a lot of tickets, something that generates revenue for the police, and steal the money of legal marijuana businesses, something else that generates revenue for the police.
There are no consequences to the police for ignoring the parts of the job that do not directly generate revenue for the police.
This is not an overarching problem with "the criminal justice system" other than the fact that the police almost everywhere in the US have a culture of graft and rentseeking, and won't do anything if there isn't money or press involved.
They could also stop civil asset forfeiture - in 2014 that surpassed burglary in the US as the top form of theft by value. Without being charged or convicted of any crime police can take cash and property, which can then be sold for funding. The case is brought against the property instead of the individual, and then to get it back they have to prove the innocence that it wasn't used in a crime, rather than the state having to prove that it was.
"Anti-Indian rhetoric"? The scams literally originate in India, and are masterminded by Indians. Further, the police are often paid off and rarely do anything about it. When enough fuss is caused about one or two they stop them and then another two crop up somewhere else. If you study the history of organized crime, especially in America, this mirrors the Italian mob once they got control of the police. This is organized crime perpetrated specifically against one nation (at scale) and should be treated as such.
Different replier - no but they're incompetently handling the problem because these call centers haven't seemed to pop up elsewhere
Now before you say "well India has high English proficiency" countries like Nigeria, Kenya and the Philippines best India here with higher English proficiency and don't have the issue (Nigeria has a similar email one of course) They're quite a bit poorer as well.
There's some major policy failure here India needs to figure out. Of course they don't want rampant crime but everything points to how they're domestically handling that crime as the problem here.
Just live abroad for a bit and you'll notice a trend.
Here in Australia, I get maybe 4-5 Indian scam calls a week, compared to maybe one per year originating from anywhere else (Philippines, Eastern Europe).
I'm sorry but suggesting Mark Rober is helping to stop the scamming industry in India is like helping Ukraine by adding sprinkles to a cupcake at an elementary school bake sale.
I have a convenient heuristic which I imagine is quite common. I have a cell phone with an area code from where I purchased it, but I have since moved, so all my local calls come from a different area code.
Calls from my area code of residence are almost never spam, while calls from any other area code, and especially my phone's area code, are almost always spam.
I believe both Android and iOS support SHAKEN/STIR, as long as your carrier supports it. On my phone, at least, I see Caller IDs tagged with "likely spam" if a check fails.
Both Google Fi and T Mobile used to show up likely spam calls regularly and accurately, but sadly the only network with decent coverage where I live is AT&T, which does exactly as good a job of this as you’d expect AT&T to do.
I wonder if this is a rollout thing -- I had AT&T for years, and towards the end (about a year ago) I began receiving spam notices. But I was in one of their "primary" markets, so it's possible they rolled it out first here.
iOS will show a small checkmark near the phone number on incoming calls in the recent call list. Which is great AFTER the fact. I have not seen a way to identify signed callers in the actual “ringing” screen.
Samsung has their own proprietary thing i think [0].
But it is great, when someone calls and i don't have them in my address book they show me the name of them, for example the name of the doctor offices, companies etc. As you can see in the demo carousel on their page, it shows "SMART" next to it, which emphazises that this isn't a number in your contacts but fetched from the internet.
Or if they are likely spam, my whole display is red and i can immediately hang up.
Google does have a bunch of features for screening spam calls.
It can identify scammers' numbers (based on user reports). And the phone app will label the call as suspected spam.
There is also a setting to outright block incoming calls from numbers labeled as spammers.
Then there is call screening. The google bot will answer the call and ask questions that you select (like "who are you and why are you calling?"). You get a real time voice transcription of the answer so that you can decide to pick up if needed. But it's handy for spammers because they usually just hang up (or you get some half-transcripted text of a robocall message that was talking over the Google bot).
It doesn't solve the problem completely but it does help.
This is the last time you'll find me praise Google but the "Screen Call" button has been a godsend for me, I haven't had to talk to a scammer in years at this point. Nobody makes it past the first couple of words.
Our phone provider has a free service, Call Control, that’s completely eliminated scam calls. Callers get an automated message asking them to enter a random number. If they enter it correctly, my phone rings as usual. This system foils automated calling services, at least for now.
Most "legitimate" robocalls from a school or doctor's office are better off as SMS. Does an appointment reminder really need my immediate undivided attention? If it's not worth having an employee manually make the call it's probably not worth my time to answer.
Google had a perfect solution for this, Google Voice (formerly Grand Central). This amazing product was languishing for years due to the lack of attention on Google side. They don't let it die, but it doesn't look like they let it live, either. Shame, could be a total game changer.
Problem is that it seems every online site now wants your cell phone number as a sort of captcha these days. And they’ll either explicitly prohibit you or shadow ban you if you use a voip number, making google voice unusable for this use case. So… I guess a burner phone for everyone? So frustrating.
I was looking for the perfect analogy and this is it - would India and other countries be justified for sanctioning the US government for something private companies did? Sanctions are something governments do to each other and this is an issue between private citizens. It just gets messy because it's international, but AFAIK we can't do anything from the US aside from investigating to get suspects then requesting extradition.
The Indian government is pretty clearly complicit. At a large enough scale, there is no difference between permitting something and encouraging that thing. And other countries are free to impose economic sanctions on the USA for the shitty things it allows/encourages US companies to do.
If there is a market incentive for companies to do something bad, and the government can, but does not act to correct/neutralize that incentive, then the government should be blamed. India is a democracy, so that blame also falls on the electorate.
As a US voter I grudgingly accept my ~4e-9 proportion of the blame for the shitty things the US allows.
Just because people come from the country that gave the world Enron, Bernie Madoff and FTX and celebrates the exploits of Frank Abagnale and Jordan Belfort doesn't necessarily mean they can't feel that foreigners are somehow much more complicit in crimes committed by their fellow countrymen...
That sounds an attack on the people of India for something a private company is doing. I also don't think the US has jurisdiction there, so I'd much rather see an investment in education or public infrastructure to help with it.
If this was similar to the Russia stuff where the goal was to affect the election and was sponsored by the govt then sanctions kinda make sense, but this is a problem of international communication between private citizens. If we wanted to make some law for this that seems cool but it'd need to be done at the UN, not in the US
Why should the US invest in Indian education and infrastructure when India, by its inaction, is responsible for such parasitism against US citizens? It sucks that sanctions would cause collateral damage, but India is a democracy. No voting citizen is absolved of guilt.
I'm saying we should invest in educating people in the US to stop falling for the scams, or for infrastructure to stop in here in the US.
As another comment notes, the US is responsible for plenty of parasitism (MLMs, ponzi, crypto) that is likely a higher total value, but I suspect most citizens would feel it's unfair to sanction them because of some bad actors in the economy
I think this is an "ought VS is" thing - I know realistically the US could just hit people until they agree, but this is something that would need to be handled by an international governing body. If someone in NY scams someone in CA, CA can't just unilaterally prosecute them, it becomes a federal crime because it's across state lines. Similarly this is between countries and I don't know if we even have international laws for stuff like this, so it may not even be truly illegal. The US could request extradition but I think that's the extent of the legal actions the government could take.
> That sounds an attack on the people of India for something a private company is doing.
It's the responsibility of the Indian government to police what happens within its borders. The Indian government has turned blind eye to scammers in their country targeting the US, they're effectively endorsing it.
Why should the US continue to do business with a country that leeches off of the US citizenry?
Historically, the US has done the same thing to Japan, and more recently, China, when their businesses undermine US businesses. Either by not respecting US IP or by running US businesses under through collusion.
I don't agree with the Russian sanctions, you're doing collective punishment on a population of people, many of whom presumably don't even support the war. It may be an effective strategy but that alone doesn't justify it
How do you punish and manipulate a government without punishing its people, either as a side effect or direct goal?
Even if you come up with some way to somehow target specifically how the government functions but entirely spare the citizens from externalities, the government will just hold its citizenry "hostage".
I don't think we should be coercing their government to do anything, we should educate our own citizenry, build infrastructure to protect against it, lobby the international community to make a legal process for it, or all three
How many people in India have lost money to crypto scams based in the US or US-aligned places? The US has sports arenas named after crypto Ponzi schemes.
This is a global problem. It boils down to the Internet and modern telco networks opening up cheap ways to address many millions of people, allowing scammers to troll for marks at scale. Gift cards, easy wire transfers, in-app purchases, easy card charges, and crypto have made it easy to get money from people with low friction too.
Another giveaway is an extra pause before they start talking. This is call software that lets them dial a bunch of numbers at once until someone answers and it switches the person that answered over to an available headset.
If you answer and say hello and there's an extra second just hang up. They'll call back if it is important.
There’s also a very distinct “bloop” sound from their phone system, I assume it’s the sound of “connecting” you to their conference. Honestly, that is a 100% signal of a scam call that would be trivial to detect en masse in an automated system.
This is my advice to my parents now, who sometimes get anxious over the disgracefully manipulative bait these scammers deploy.
"If it's an Indian, hang up."
If there's a legitimate need to get in touch, they will find another way. My (naive) hope is that this might also discourage offshoring and/or reward companies employing Americans, if enough people do likewise.
I honestly just literally never answer the phone unless its already in my contacts. If it's so important, they'll leave a message.
If the message mentions anything about stupid stuff like tax fraud/social security number its just immediately deleted, you'd 99% of the time receive official mail for anything about these items.
my wife almost fell for one because she needed to do an amazon return.
She Googled "Amazon support phone number" on her phone and the 2nd link had a 800 number but it was a site either legit or setup by scammers to review the phone number. She called it and figured someone was funny when they asked her to install an app on her phone.
I don't shop at Amazon if I can at all help it, so as someone unfamiliar with the return flow: this actually sounds expected. Telling the person you're trying to scam "It's a new feature not built into the main app yet" sounds totally believable, and almost expected for a digital-first company like Amazon. And if a legacy retailer said the same thing, I would consider them mildly slow and fragmented, not necessarily scamming me. "Scammer" wouldn't be the first thing to pop into my head.
Combined with how easy it is to get "support" from scammers instead of actual companies and high-pressure act-now tactics scammers use, and your wife was probably one of the few that caught on.
It just marks all of their posts dead. If you have showdead:on set then you can see them, and choose to vouch for individual posts if they add value to the conversation.
The calls is one aspect, how they get money out is another. The gift card business needs some revamping. It should not be so easy to transfer billions every year with no accountability.
Also caused me to completely miss an appliance delivery because the driver called me from his personal cell, I forgot I had "unknown callers" filtered, and he gave up when he couldn't reach me. Even though I get way more spam calls than legitimate calls, I realized that fully half of the legitimate calls I get are from numbers not in my contacts: delivery drivers, doctors offices, restaurants confirming reservations, etc. The collateral damage of this setting was worse than the scam calls for me.
I'm not convinced the solution to the problem "I'm not able to deliver this item because you're not answering the door or phone" is to expect delivery drivers to use asynchronous communication methods and plan their day around making deliveries when people that can't or won't respond immediately get around to replying.
I receive more spam SMS than scam calls too. Some of them are even asking me to provide information for the benefit of fake deliveries...
Exactly, that's why I love this feature. I don't even have to ignore the call, it just silently goes to VM.
Worth the occasional missed call IMO; I say on my VM msg if you are calling me and I don't know you leave a message otherwise your call will go to VM without ringing.
I have two kids, am self-employed (tutoring) in my community, and have many friends and acquaintances are over 40 (from church, for instance). Sending unknown numbers to voicemail has been completely fine in every case. I've never missed an urgent call that I couldn't call right back after I read the voicemail transcription.
By contrast, in December, I had these time-sensitive calls from unknown numbers: airline lost luggage delivery, Amazon delivery who couldn't get in, my kids' doctors, my pharmacy, someone from my accountant's firm, a bank rep, and a few organizations returning my call. December was a typical month, if a bit slow.
In theory, I could get a voicemail and then follow-up, but that would result in significant time wasted for both sides (e.g., calling doctors again or setting up re-delivery), and the total time I spent on dealing with spam calls is ~1 minute (5-10 seconds x 5-10 occurrences).
Snail mail is so overloaded with spam it might as well be the same.
The fact two fundamental and official mass communication channels are functionally useless is a sign of the rot in our country.
Email is teetering on the void. Chat is balkanized and siloed, same with social media, unlike telephony there is no source monopoly or tradition of cross standards.
Txt is the last bastion. It'll die in the next decade I'd guess.
> The fact two fundamental and official mass communication channels are functionally useless is a sign of the rot in our country.
It's a problem everywhere. This is what you get when you let the advertising industry operate unchecked. Scam calls and snail mail spam are just piggybacking on the fact that phone companies and postal services encourage and make money on telemarketing and mass marketing e-mails.
It's going to be hard to solve one without solving the other, as the difference between those scams and typical marketing communication is a matter of degree, not kind.
It is not a problem everywhere. I do not get snail mail spam or call spam in Germany. For post it was enough to put up a sticker that forbids advertisements. No idea really why call/sms spam isn't a problem.
I envy you. You're either incredibly lucky, or Germans are really law-abiding.
Here in Poland, the sticker that forbids advertisements does jack all. The post office might stop delivering spam, but most of the garbage in my mailbox comes from private individuals, hired by local companies, delivering the spam personally.
Call/SMS spam dropped somewhat thanks to GDPR, though I've experienced a uptick in the past few years, primarily driven by cryptocurrency scammers and fly-by-night companies selling photovoltaics. I do get an extra amount of phone spam, because I had a business and my phone number is listed in the business database.
Note that I do consider first-party (as in, from companies I have relationship with) cold calls as spam and scam too. Telcos in particular are notorious for scamming people - at this point, there is not much of a difference between scams discussed in this thread, and technically legal upsells and bullshitting done by my phone operator.
(They're not that better off-line, either. Only few weeks ago, a sales rep from a high-profile salon tried to scam my grandmother, by deceiving, manipulating, outright lying and using psychological pressure tactics, to get her to sign for a TV and Internet service she doesn't want or need. That happened physically, in the salon, when she went there to take over my late grandfader's phone contract.)
1. Reading a message is low-obligation compared to answering a phone or taking physical mail out of a box.
2. A shorter message has less room to both contain a scam and a cover story. Necessarily, either the payload or the cover story or both are thinner in an SMS message than a scam email.
3. But most importantly, social customs around text messages conversations are different from phone etiquette: besides being unauthenticated, caller-id came after decades of being expected to answer the phone without knowing who was calling or why.
A stranger sending a legitimate but unexpected text message feels obligated to explain WTF they're contacting you. "You don't know me, but..." Scammers, on the other hand, are trying to bypass this. "Oh, you know me."
Tying into point #2, a low-data channel like an SMS conversation is a high-context interaction. Have you ever gone back and read old SMS conversations and noticed a difference between the richness of your memory of the interaction and the sparseness of what the text actually said?
(Google search results pull the quote, "Generally, high-context cultures prefer oral communications, while low-context cultures favor written communications." My thesis is the telephone is a technology that turns oral communication into a low-context activity, and SMS is a technology that turned textual communication into a high-context activity. It's not impossible but more difficult for untargeted scams to go unnoticed in a high context channel.)
If it can be used to reach you and the cost of sending messages is low or zero, it will be destroyed by spam. I'm not sure anything can stop it, even serious dedicated police action and regulation.
Drivers I have had in the past just don't want to waste the mileage and gas if they can't guarantee that someone will be there, which to some extent I can understand even if it has caused me to miss delivery windows..
They often call at dispatch time to ensure you’re there to accept delivery. They don’t want to drive out, only to have to return the appliance because nobody was home.
I’ve had several occurrences where a delivery person would get all the way to my house, park on my street, call my phone, and if I didn’t answer, just drive away. I don’t think it’s always about the mileage, sometimes the driver is just lazy and wants any excuse to not have to do their job.
(It’s happened with a package delivery, as well as a washing machine installation. In the latter case it was Home Depot, when I finally got ahold of them they said it was my fault for not answering the phone and that I had to reschedule for 2 weeks out, meanwhile I didn’t have a working washing machine. I cancelled the order instead, went to Lowe’s and had a washer in a few hours.)
Mobile phones just don't offer it by default --- the best most have is a "Do not disturb" setting.
There is a marketing opportunity here for some software developer --- lots of people would actually *pay* for a mobile app that could effectively weed out auto-dialers and/or selectively send only unknown callers directly to voice mail without ringing the phone.
Yes, he should have totally gone to the dispatch warehouse the day before and looked up the delivery driver schedule and called the delivery driver at home to let him know that when he delivers his appliance the next day, he should text instead of call if communication was required the next day.
Or even simpler, put on his Beam-a-Thought helmet and sent a message back in time directly into the noggins of every delivery driver at the warehouse.
Compromise solution --- send unknown callers directly to voice mail.
Or better yet, ask them to press a random number to connect the call --- before the phone will even ring or go to voice mail. This effectively weeds out most auto-dialers.
I have a Panasonic phone (connected to VOIP) that has this feature built in. It also has text to speech that reads the caller ID out loud. It's amazing how creative these hardware vendors have gotten now that their market is shrinking.
Same problem with physical mail in the U.S. 99% of physical mail I get is commercial garbage, but I still have to sift through them since I don’t want to miss the remaining 1% from IRS.
And emergency calls of various kinds etc. Fortunately it's not so bad for me that I'm willing to make myself harder to reach for legitimate, and possibly important, purposes.
I use voicemail for that, I still get alerts for a new voicemail, and often the scam calls will just move on when there isn't an answer, or you can listen and it's pretty easy to tell if it's legitimate
I assume in the parent they still accept voicemails. I'm sure your partner would be aware of your policy of not picking up unknown numbers and think to leave a voicemail in this situation.
When I worked in telefony abuse, like this, was pretty hard to track because of all the middlemen involved. They'd have phone banks with multiple phone numbers that they'd lease from providers in India who worked with them to rotate through outbound numbers. India doesn't allow Americans telefony companies, much less voip (in order to provide these telefony companies business), so looking at India from a telefony perspective is much like looking at several black boxes.
Tldr; because of India's policies the country of India has to do something about it. Much like Chinese knockoffs and IP theft.
What would happen if the American companies just started playing hardball? For example, what if they required that contracts with foreign telephone companies had a fee based on scams detected as coming through and just refused to work with any company that wouldn't agree to those terms? I have no idea if that exact idea would make sense or even be possible to implement, but my thinking is that in many cases the American companies might be able to afford to lose the business more than their international partners, so playing a game of chicken might be worthwhile. In other words, just because American telecoms might not be able to do anything from a technical perspective doesn't mean that they don't have social or business pressure they could apply if they actually wanted to solve the problem. Ultimately, it seems like the American companies haven't done anything because they don't really have any business incentive to; as long as they aren't held culpable legally and don't lose sales due to the PR hit, trying to use their influence to solve this is purely a risk from a financial perspective.
I don't at all subscribe to the Friedman perspective that businesses are ethically obligated to maximize profits at the expense of literally everything else, but I do think that it's a reasonable description of the way businesses trend toward acting; an entity structurally designed for making profits will inevitably end up acting in a way that only considers that measure unless the incentives are changed, which is precisely why we _do_ need to regulate things to curtail business behavior that's a net bad for society as a whole by making it unprofitable, whether that's through direct fines or making business liable either civilly or criminally for their actions.
The form of hardball (that I'm aware of) would be blacklisting providers, which means good faith people get blocked along with bad faith people. That'd limit a lot of people from the US communicating back to India. It would be possible to block inbound but not outbound calls though, I believe.
I may be too cynical, but I can't help but assume that none of them will actually follow through with this unless/until someone gets actually sanctioned for not doing this in a significant way (i.e. something that costs them more than they make from not doing so).
I suppose it's not that easy. They can use international VOIP providers to route their calls, maybe even run their own, rotating the numbers they use and disguising the actual origin. If that wouldn't work you could probably hire people in other countries to put some agent software on something like a smart phone and use these.
It is that easy. Regardless of what convoluted setup they're using, at some point those calls need to get to the US-based carrier. That is where they can be blocked. The carrier can simply say "we'll stop peering with you if more than 10% of your calls are spam" and the upstream carriers will have to clean up their act (better screen their customers or implement similar terms) or be cut off from being able to reach the US.
The problem is that the US carrier gets paid for terminating the call, regardless of whether it's spam or not. Why would they kill the golden goose?
The problem is bad enough that a us customer might pay extra to not receive those calls. So maybe the phone company can profit off of a service to solve the problem.
That works until you land in a situation where the calls are coming from a carrier who can't (or won't) do enough about it, but the carrier has enough legitimate traffic that it will annoy many of your customers to just shut them out. Remember: All the actual companies or carriers you can identify have nothing to do with the actual scammers. They are intermediaries and the scammers will hide between legitimate calls in one way or other.
You can call Indian industrial-scale criminal scam operations strategic centers deployed against US , if that helps victims get back their money and justice.
Canadian public broadcaster, CBC, reported this as "financial terrorism" back in 2019. Now it seems the references have been scrubbed out. $10B drained from old and financial vulnerable is absolutely ridiculous and should be called financial terrorism.
I have to preface this with saying that most Indians are decent people, and do not work at call centers scamming Americans. Within India, they deal with this type of phone crap on a level beyond what we do. There are some shady loan companies there that require you to upload your contacts list and harass every one of your contacts if you miss a payment.
Anyways, I'm all for insulting a call center scammer, and a rude comment about their mom, especially comparing them to a dog or something, will probably piss them off. Then if they overreact back, threaten to email their boss the call recording.
Stopping the use of gift cards sold by Target or restricting their use would go a long way towards stopping this. Cracking down on the money mules who forward the cash would help as well. Reporting the bank accounts the scammers use and shutting them down is also key.
Is there any way to coerce the Indian government to take action on this?
Looking at YouTube videos where these scammers literally run corporate offices to steal from old and financially vulnerable people is heartbreaking.
These operations have to be sponsored by the state at this scale. At the bare minimum they're at least looking the other way.
My grandparents are the targets for this kind of scam, and when they call their bank they get an Indian customer service rep to discuss the situation with. Absolutely disgusting that the situation has been tolerated for so long.
They’re state sponsored at the local level. Local law enforcement is underpaid and gets huge bribes from these call centers. At the national level India doesn’t have the law enforcement resources to stop it with local law enforcement working against them. It’s a mess.
> These operations have to be sponsored by the state at this scale. At the bare minimum they're at least looking the other way.
Its more like
1. They don't care
2. Those who care, don't have time to work on problems of Non-Citizens when the citizens are suffering too
India is a country of almost 1.4 Billion people. That is 1 Europe + 1 North America + around 200 Million people more (figures from google search, may not be accurate)
Indian law enforcement is archaic, understaffed, and riddled with corruption. They prefer to sit on their asses all day and collect paychecks rather than working. For the select few that actually work, they have all the local issues to deal with that comes with a population of that size. They simply do not have the time to work on things that are affecting someone on the other side of the planet.
And tbh I don't blame them for putting citizen's problems over non-citizens. Thats literally what every country would do.
> Indian law enforcement is archaic, understaffed, and riddled with corruption...And tbh I don't blame them for putting citizen's problems over non-citizens. Thats literally what every country would do.
Not to mention consistently and effectively prosecuting people for this sort of crime takes two sides of law enforcement to tango (the perpetrator of the crime may be in India, but the victim is in the United States, as is the local police report they file, the spoofed number and the first part of the telco chain that eventually ends up in a normal looking office in an Indian city). Sometimes a relevant Indian police department may get that information in a form which is useful to both shut down operations and punish the operators, but even if the Indian police were incorruptible, a model of efficiency and particularly hot on white collar crimes committed overseas, I'm not sure their US counterparts are providing so much information that scammers wouldn't feel they could get away with it often enough to try.
It's mind-boggling that the United States allows this kind of thing to happen.
In the EU I get maybe one spam call every couple of months. From the stories you hear from Americans on HN, Americans get multiple spam/scam calls a day, and the vast majority of their inbound calls are spam/scams.
What is going wrong in the US that isn't going wrong in the EU? Language barrier? Regulatory capture?
we do have that info (perhaps presentation of such depends on phone software of course).
almost all my inbound calls are spam, in the united states. when i've listened to voicemails left, they even have native north american accented people reading the prerecorded scripts, so there's deep roots to the depravity that cross country borders.
> This thread makes me wonder if Americans have such info (whether a call is a likely spam) automatically pop up when receiving text or calls.
We do have that, but it probably depends on the carrier and the type of phone you have. On my iPhone with Verizon, there's a setting to "Silence Junk Callers", in which "calls identified by Verizon as potential spam or fraud will be silenced, automatically sent to voicemail, and displayed on the Recents list."
It's not perfect, though, and I still get a ton of spam calls. As a rule I almost never answer the phone if I don't recognize the number.
> This thread makes me wonder if Americans have such info (whether a call is a likely spam) automatically pop up when receiving text or calls.
Yes, of course we do. Verizon and T-Mobile, at the very least, mark calls as "likely spam" reliably. Can't speak for any carriers as I've not been a customer of theirs for some time.
1. It was introduced only within the last couple of years, even though spam calls have been happening for much longer than that
2. A bunch of calls escape the “spam likely” designation even though I’m on one of the major carriers
So I’d say although we have it, it’s not nearly as reliable as I’d expect it to be.
Certainly most of my inbound calls in Ireland are scam calls. Not sure this is solved EU-wide, maybe just in your specific EU country?
As far as I know the solution is to require more anti-spoofing techniques (e.g. SHAKEN/STIR) for caller ID and then cut off the carriers who don't provide that, plus the carrier providing the numbers enforcing stronger terms on their users.
The only anti spoofing technique that works for me is restricting calls to people in my contacts. It’s a bit of a pain with transactional things, but (at least in the US) it seems we’re long past the days where you could just call someone with no warning. I usually get a text or IM first now.
A couple of items to our advantage: there are quite a few carriers here but only very few of those have physical infrastructure and those tend to have strong political connections. They are tied in with LE and AIVD at the operations level and have excellent security departments and a reputation to uphold. Then there is the willingness of the local authorities to put time into this, and publicize when they nab some of these scammers. And finally, NL is a small market with a weird little language that isn't spoken much outside of our borders. (South African doesn't count ;) ).
Would you ever expect a legitimate call from your bank / government / business to be in English? Particularly English with a strong Indian accent?
I think the US gets targeted mostly because of language. Indians learn English in school and it's not uncommon for a legitimate call in the US to come from someone with a strong accent.
Here in NL, however, it does seem like scammers are occasionally taking advantage of the comparatively high English proficiency and are trying to scam people in English - this one was doing the rounds for a while: https://www.fraudehelpdesk.nl/alert/engels-telefoontje-namen...
I'm confused by this. Huge parts of Germany (and maybe Greece) are English speaking. In Berlin you hear more English than German being spoken on the street. Denmark and Holland seem to have high numbers of English speakers as well.
I think several other countries conduct a lot of business in English, but I haven't spent enough time in Europe to know this for sure.
i get plenty of sms though. very annoying to get it to stop. you can reply STOP or whatever they suggest to reply to stop the messages but it doesn't seem to do anything.
As with replying "unsubscribe" to spam messages, replying with "stop" to spam texts may just notify the senders that your email account is still active and being read by a human. If it's not from a legit organization which will actually respect your "stop/unsubscribe," just delete the message and don't reply at all.
The US just has large number of people in one country code who mostly speak English, have high incomes, a uniform retail landscape ("go to CVS and get a Google Play card" works everywhere), and an abundance of options for telephony.
It's not like Indian scammers are beholden to EU law but not US law.
We also have policy problems. As previous commenters with experience in the industry point out, this problem is easy to solve. It’s not a technical problem, it’s a policy problem.
It’s not an ideals problem. Even very conservative economists would agree that there exists a negative externality in the transaction between the call center and the telecom company on the person being called where there should be some cost on the transaction to account for that externality.
So, it’s not even a conservative liberal thing (intentionally not using party names as those names may not reflect conservative or liberal ideals). It’s a policy problem. Write your member of congress.
I'm replying to someone who says the EU is too diverse for it to be worth spammers' effort. If it's worth their time to spam people with northern California area codes in Chinese that makes no sense. Calling people in Germany in German, for example, would be much more reliable.
In Germany scam calls often come from callcenters in Turkey. There is a huge quantity of people who speak both Turkish and German quite well and a small portion of them who for some reason or other reside in Turkey now participate in scam operations.
Turkey doesn't have much interest in stopping this. One could argue they have quite a few bigger problems, crime related or not, to try and shut down a source of foreign currency. Same as India.
Well. The UK is not immune to spam calls. Here is a YouTube video of hacker going after a call centre that was targeting the UK. They were making millions of dollars per year.
Same reason the U.S. allows all other sorts of privacy invasion like the White-Pages-like search sites that will gladly share ( for free ) your past 11 something U.S. mailing addresses you've resided at, the names, ages & addresses of your family members & a whole host of other information ( you may have to pay for this bit ). All you need is someone's First & Last name. Even the U.S. state is not really needed.
The reason being someone is reaping massive benefits from whatever loophole allows for this kind of data collection & is shoring up initiatives so that loophole isn't plugged.
Now try the same search with a U.K. resident or E.U. resident you know of. I'd say you will have a markedly tougher time gaining access to similar information, with just a few clicks & without ever pulling out your credit card. I have no clue if U.K. is similarly compromised off late but a few years ago ( prior to Brexit ) it was not the case.
To everyone suggesting to silence unknown callers, most of these scams come through email or text messages, and the victim is tricked into calling the scammer.
Best defense: don’t ever call a phone number you receive in a text or email message. Delete the message and look up your bank’s, Amazon’s, or PayPal’s phone number yourself through the company’s official web site.
Also, don’t get scared by messages about your finances…stay calm. The scammers count on you getting freaked out and doing something stupid.
I once had an issue with Microsoft at work and had to get MS support to help me. They literally called me on the landline and asked for remote control of my computer. It was totally legit.
Still I felt uncomfortable and asked for a Teams session with screensharing instead (and not remote access), but this 'was not possible'.
So, how are people to distinguish between 'fake' calls and real ones if companies still use such shitty techniques?
OK, looks like "microsoftsupport.com" is taken, but GoDaddy is happy to offer me alternatives like microsoftsupport.app, microsoftsupport.site, microsoftsupport.tv, or microsoftsupport.uk that should work equally well for scam purposes. Or microsoftpcsupport.com is available, if a ".com" is particularly desirable.
Doesn't Microsoft use a thousand different domains, most of which look sketchy?
What if you receive an email from microsofts-support@live.com? Could you immediately tell that it is not legitimate compared to, e.g. contact@microsoftsupport.com?
These days whenever I hear Indian voice, I just reject call. They way they target grandparents is surreal. One day they told my my friends parents that their children is in accident and they have to pay in gift cards. It is so distressing to elderly people.
US must take strict actions and call out India publicly. Elderly people are weak, education isn't going to solve the scam problem. Scammers must be punished harsly. They erode the trust in system.
Also, Indian government is not doing anything. In many places like Kolkata, scammers can get away easily by bribing police. Our phone are being redirected to India, and they can abuse our phone number. I wish, the US government passes strict rules and regulations to keep these scammers in check.
Telco's could put a stop to this if they really wanted to. Start with disabling number spoofing for international calls, if the number presented isn't in the country of origin then reject the connection request. Another choke point is the gift card system.
Edit: I was thinking of a totally different gift card scam. Whoops
Gift cards should require some amount of destruction in order to get to the actual barcode… something to make tampering obvious.
The same way clothes have a little ink exploder the clerk removes… just a quick easy step that is destructive to the packaging… but still presentable when you give it to someone
Nothing can stop that. The goal is lowering the victims / profit. How to do that, that's the question. It comes to no surprise to me poor countries (with bribed police force) try to scam rich ones.
They already do? Usually I see gift cards packaged in a sealed paper envelope that and the redemption code itself is covered up with tamper evident paint.
Gift cards don’t have a value until you purchase them, the package is meaningless. The barcode is scanned and the value is added when the transaction is completed.
Using SIM boxes is already standard practice, sketchy VOIP providers and SMS spammers have been doing for years because it is cheaper to do this than to pay for legitimate routing.
Just put something along the lines of "sim box grey route" into Google and you'll find loads of relevant industry materials.
Besides, you're drastically moving the goalposts here. We went from "could put a stop to this" to minor obstacles.
You tackle these things one-obstacle-at-the-time. Telco's are borderline complicit in this today, they don't have to be. Note that in some countries these scams are far more prevalent than in others, they'll go for the low hanging fruit first just like any other business. Make it harder and definitely there will be a response and then you aim to tackle that one. Shipping a SIM box would already be much more work than just changing a number in a database. Require that a phone number is used in the country of origin before you allow it to roam is another step in that process and so on. Rome wasn't built in a day and I'm sure that getting rid of this problem is going to be a series of steps.
But as long as telcos willingly cooperate and allow remote call centers to basically pick any number in the locality of the recipient even though that number is not currently roaming in India they are making things much worse.
> Note that in some countries these scams are far more prevalent than in others, they'll go for the low hanging fruit first just like any other business
The reason for this is language barriers, it's not some countries doing things better than others.
> Shipping a SIM box would already be much more work than just changing a number in a database
They don't even actually need to ship one, there are thousands of them operational already. This is a massive industry.
Even if you cracked down hard on SIM boxes, the scammers will just purchase routing from botnets. This won't really impact their costs, and will be essentially impossible to take any meaningful action against.
Yes, but that would at least put them at the same level as burner phones with a physical presence required in the target country (or close to it).
Anyway, since you are willing to shoot down each and every suggestion in this thread short of rolling over and accepting the damage how would you tackle it?
Can you give a single example of similar fraud being successfully tackled? Not just the scammers being caught, but the entire scam being rendered unprofitable.
European authorities haven't managed to do anything about the car selling scams Romanians have been running for decades now. Nobody has managed to do anything about the Nigerian prince scams. BEC with truly shitty phishing pages keeps on growing and growing.
The best bet would be for US authorities to force India to crack down on these activities and prevent these scams from operating at an industrial scale.
The actions you propose would work well to address lower return activities, such as marketing robocalls. They can not work to address high-return scams.
> Can you give a single example of similar fraud being successfully tackled?
Plenty of such cases here locally. Your point about the language barrier is on the money though, I never really gave that much thought but the number of Dutch speakers in India is most likely so low and the market so small that it isn't worth a massive campaign to them. Especially not if there are millions of gullible people in markets that are more accessible to them.
As for forcing Indian authorities: I've seen up close how corrupt things are there and I have very little hope that that would be a viable avenue to resolution of this problem.
I'd be super curious to hear about any local success stories.
>As for forcing Indian authorities: I've seen up close how corrupt things are there and I have very little hope that that would be a viable avenue to resolution of this problem.
Then you're left with education. These scams are very profitable and can easily afford resistance from telcos and banks.
If we can make it harder to run a scam call business by changing things on our end, and these changes do not impede non-fraudulent use, why not go for it?
I don’t see why you’re pushing so hard against this line of reasoning, I guess. You’re making it sound like a hopeless endeavor to even try, in a “don’t lock your doors because thieves will just use lock picks” kind of way.
> If we can make it harder to run a scam call business by changing things on our end
How much harder? If your changes increase the telephony costs of a scam call centre from 0.001% of revenue to 0.002%, you have not actually made their operations harder.
> and these changes do not impede non-fraudulent use, why not go for it?
Most of these scammers already have physical presence in the US. I feel the solution is probably to be found in more policing and prosecution than in creating tiny obstacles.
I think the subtext is that given valid caller IDs, then block lists can be made. The US FTC might manage them like it does the do-not-call lists, or the perhaps the US Attorney's office, after some criminal complaints.
Ideally, the telco would implement these block lists, but also ideally, they could be traded around like web ad block lists for individuals to load on their phones.
I think we all know scam calls are a serious source of revenue for carriers, so they will need to be led to this conclusion by force.
None of that happy future would come without true caller id, thus the resistence from carriers to fixing spoofing.
Logically, there must be enough benefit for them carrying spoofed robocalls to risk regulatory attention AND driving away all their voice revenue. Many people have stopped answering their phones altogether since voice calls became unusable.
Enough minor inconveniences and the barrier to entry will go up, this will favor the larger players but those you can then go after with other means. It's never going to be a one-stop solution.
Ideally there would be a warning that a call does not originate locally, routing the call through a local representative would generate yet another signal that you might be able to close off, including the possibility to declare the possession or hosting of certain gear illegal. You'd have to maybe do some pattern matching to spot problematic numbers and/or have a place to report them easily.
If the will was really there I'm pretty sure this problem could be tackled.
Yeah, and this is almost the bottom of the food chain, the only people below crimemarket are those too dumb to use internet forums.
Anyone can easily buy European bank accounts opened with fake IDs, or money laundering services where you're provided an IBAN and receive a % of the money sent there to your cryptocurrency wallet.
Want a fake passport good enough to travel with? No problem, will just run you a 1000 euros.
> If the will was really there I'm pretty sure this problem could be tackled.
Probably, but not with any of your proposed methods. I have talked with some SMS spammers and none of what you proposed would affect them. And for SMS spammers these inconveniences are a much bigger part of the cost of doing operations than for a company which needs to have employees in a call center. They have to spend a lot of money on buying new SIM cards as old ones get blocked.
SMS spammers could be tackled with a couple of regexps if the will was there. The fact that these scams still work is a sign to me that there simply is no will to tackle any of this at the telco level. They know exactly what is going on.
Lots of telcos are doing exactly this, doesn't really work very well. The spammers just switch to more generic messages you can't realistically filter out.
There is already keyword filtering. Try using the word "election" in SMS at a certain time of year. A certain US political party complained about this. E2EE is not compatible with content based filtering.
There's no reason consumer SIMs should be able to call more than N distinct numbers in any 24h period. You can implement reasonable rate limits to prevent abuse.
However, even if we assume that SIM boxes are a magic solution to carrier interventions, that still raises the cost from the current status-quo. Implement enough of these barriers and the entire scam operation becomes unprofitable and no longer worthwhile.
And what do you propose would be such a reasonable rate limit?
>However, even if we assume that SIM boxes are a magic solution to carrier interventions, that still raises the cost from the current status-quo. Implement enough of these barriers and the entire scam operation becomes unprofitable and no longer worthwhile.
Why do you assume that the call routing is a meaningful cost to these operations? For all we know they spend less than 0.01% of their revenue on call routing.
The difference between this and cooking/toasting bread is that your bread-making activities have no way to negatively affect someone else - we don't have an epidemic of spammers paying people to bake "underground bread" in their homes.
Of course, an override should be provided - the restriction should be relaxed over time once the account is established for a long time without any complaints.
What you are describing is already done by carriers in countries with high sim box usage. (Basically, it costs ~$0.01/min to make a local call in Nigeria but $0.25/min to make an international call to Nigeria so people there set up SIM boxes and Asterisk to terminate calls locally and profit the difference between these rates. The reason it costs $0.25/min to call the official way is due to many governments taxing incoming international calls because they see it as an easy way to raise revenue at other people's expense). But anyways, because governments don't like this kind of arbitrage, they force carriers to add detection mechanisms. So they check for high ratio of outbound to incoming calls, high amount of distinct phone numbers called, 24/7 usage patterns, etc. Except Africa is still losing a few billion dollars a year to this kind of toll bypass because it is still massively profitable (see https://en.antrax.mobi/request-pricing/ for example) and these changes just require them to rotate sim cards slightly more often. Essentially what I am saying is that unless you can reduce the fraudsters' margin by a substantial amount you are wasting your time.
> Ther is no reason a consumer oven should cook more than 5 meals a day. There is no reason a consumer toasteer should toast mpre than 10 times a day.
Consumer ≠ business/commercial. A home oven (or toaster, fryer etc) isn't made for such use, a commercial one is. You should really spend the monies in commercial gear if you're gonna feed such hordes of people.
Similar thing with SIM cards. Why would a normal person be making 100+ calls a day on a simple, personal line? That's clearly commercial use and as such, it oughta be regulated somehow.
Yes, that's exactly what STIR/SHAKEN does - in theory. In practice, like most complex systems, mandating a change like this requires software and hardware upgrades and compatibility testing, all of which takes time. The FCC tracks >10k telcos and providers. Last time I checked, only a quarter of the companies had fully implemented STIR/SHAKEN since the deadline and the FCC has recently started enforcement action on telcos that have ignored it. There is some evidence it has reduced spoofed calls, but just like email, the scammers have also moved to adapt their techniques.
Can't they implement DKIM, SPF etc. like system? Not aware of technical reality of Telcos but international number spoofing should be easily solvable as billing is done through the origin location
It's still in the early days of even deploying signing. Telcos are dragging their feet asking for exemptions and delays. Once virtually all calls are signed, then there has to be agreement on when to block unsigned traffic, and finally whack a mole with banning spammers and KYC to keep them banned.
It can be very easy, depending on your comfort with breaking existing systems. Disable all inbound international calling and you no longer have a problem. That would remove 99% of spam and would have zero negative impact to 99% of individuals who receive calls.
Of course, businesses with a lot of money care about use cases in that last 1%.
A carrier could probably do that, individuals could not. The challenge is that caller ID is generally kinda like your email display name: It doesn't mean anything. The important part, which STIR/SHAKEN is adding verification requirements to, is what telcos are actually involved in the exchange.
I'd love a setting I could flip to disable inbound voice calls from any carrier that isn't like... Verizon, AT&T, T-Mobile, and Comcast.
There’s a common scam on FaceBook Marketplace for sellers. They contact you and are interested in buying what you have. Once they have your phone number they send a google verification code and ask you to send it back to verify each other.
The goal is to setup a US google voice number to abuse later.
I experienced this, but am tech literate, so did not reveal pin.
But I had wrongly assumed that Facebook marketplace would experience less scam than craigslist because verified users would be their competitive advantage
It’s bonkers to me that gift cards are so readily available to enable these scams. There’s no way the gift card providers (Target, etc.) don’t know about this, but they go out of their way to make it as easy as possible and make sure there is zero support available for scams.
It’s so infuriating. I know people who have lost hundreds of dollars to people impersonating US Social Security and immigration officers. The gift card providers do not care. The impersonated government agencies do not care. The local police do not care. The phone companies do not care. There is total and utter impunity for everyone perpetrating and enabling these scams.
Every store I've been in within the past couple of years has had warnings posted everywhere not to buy gift cards and read the codes to unknown people over the phone.
I'm not sure if there's an alternative, since I'd seriously rather not ID be required to buy or use a gift card.
Consider that many victims might be new to the language, new to the country, and know very little about the culture except that they absolutely must immediately and carefully comply with all instructions from US immigration regardless of how arcane and bizarre.
And as far as making gift cards safer, shouldn’t that be the responsibility of the gift card providers, not to mention regulators tasked with consumer safety? Why is it that the scammers seem to ask for gift cards rather than, say, banking details? (I’m sure there’s also some banking scams, but I have a feeling there’s non-zero recourse for victims in those cases.)
If it truly is somehow impossible to make gift cards safe to use, then I’m convinced society could survive without them. But I doubt it’s impossible. I suspect gift providers deliberately go out of their way to make sure victims have no recourse.
I had to instruct my elderly father to do the same -- any kind of accent and he hangs up. He got scammed by one of these people in 2018 or so -- he gave the person his debit card number over the phone to remove malware on his computer while I was out on a super-long run. Luckily he couldn't remember his PIN, and his bank was great at blocking the charge. There's a special place in hell for these animals who prey on old people.
These days I’d recommend just not answering any unrecognized number. If they’re waiting for a call for some specific reason, they can look at voicemail transcripts to see if it’s the call they were expecting and call back. Otherwise it’s best to ignore any incoming calls. Anything truly important won’t use a phone call as the only contact method.
Make sure your voicemail provides a verbal escalation path for a loved one who needs to reach you from an unknown number (first responder, jail, hospital, etc).
They can leave a message or text. I have been doing this for years as this is the only way to be able to use a phone line without getting crazy. If your number is not in my phonebook you go to my voicemail.
That is a cost I will accept. I used to get about 3 robocalls per day, or 1000 robocalls for every legitimate unknown caller. There is a fundamental tradeoff between optimizing for minimizing false positives or false negatives.
Your intention might very well be good but this is very bad advice, please do not install Truecaller! This app is a privacy nightmare. From accessing your phonebook/contact info to location, it has been known to be responsible for leaking information of journalists and for storing user data without consent.
> While TrueCaller may have laudable intentions, the privacy implications for people who end up in their database raise concerns. When a number is tagged, the person who is tagged ends up having their name and phone number stored on the TrueCaller database, despite not having consented – or even being aware – that their data was collected.
My experience with Trucaller is that it does just about nothing. I suspect that by the time a number has been marked as spam, the offender has already switched to a new number. I wouldn’t be surprised to learn that scammers were monitoring Trucaller and it’s ilk to determine when to change numbers.
You'd think India would be on top of this and come down hard. If folks just start associating Indian accents as 'scammers', businesses abroad that currently rely on outsourcing support and other services are going to eventually have to pull out. You can't run effective customer support if the customer assumes you're a bad actor just because of your voice and hangs up.
These are people who don’t have accents but good job prejudicing your father against a whole group of people while not actually protecting him from scams.
I’m not sure businesses care. Everyone I know associates Indian accent with either scam or useless call center rep who can’t actually see the account or help in any way. India is often given the informational customer service, and only Americans can make account changes. Or someone not in India at any rate.
And it's not just the accent. The popular guidance on /r/scams is that if an email uses the word "kindly" where a native English speaker would say "please", it is vastly more likely than not that it is a scam.
Unfortunately, that use of that word is popular among Indians, but any half-measure guidance leaves room for an already susceptible mark to convince themselves that maybe this email is not a scam.
I’m worried what will happen when deepfaked voices improve to the point that you can get a realistic impression with only a very small training set. Imagine receiving a phone call in the voice of a family member telling you that they’re in serious trouble.
I once got a spear phishing call from a scammer claiming to be the CEO of the company I work for. Even though I barely know the CEO, the phrases he was using was obviously wrong.
I'd imagine that's even more obvious for any family member. If a family member calls from any number that's not their number, my first question will be an honest "How the heck did you remember my phone number?"
On a personal level I keep a referee's whistle handy in case I'm talking to a scammer live. They are usually wearing headsets and any damage I can do to their hearing with that may save an old persons savings in the following few minutes. Best technique is to speak softly so they turn their volume up then let rip on the whistle
The answer? A scam call answering AI bot which engages with the scammer (or the scammer AI bot) and wastes as much of their time and international call fees as possible without giving them a valid bank account or gift card number, Kitboga[1]-style. As soon as you detect the call is coming from a scammer, you push a button and your phone takes it over from there.
Eventually we'll just have a network of AI scambots calling up AI scambaiters and having completely useless conversations in synthesized English with each other for hours upon hours and nobody will remember why.
Thankfully that’s still easy enough to spot - it sounds like a better version of those early speech synthesizers we played around with as kids in the nineties - but I can see the elderly having trouble distinguishing it from a real voice.
Maybe they should have sent an FBI liaison earlier. Or maybe they should consider appointing an ambassador to India, 2 years into the new administration.
The basic problem is that in highly un-regulated & legalistic economy & polity like the United States, failures such as these are not easily corrected especially where everyone except the weak make money. Everyone who could stop this is making money, the telco operators, amazon, the banks and everyone is weighing the cost of taking any legal or other action and is maximizing their own gain... nobody is really looking to is this socially good.
Contrast this with how the Singapore government in a similarly highly capitalist economy dealt with this - basically telling banks - "you'd better make good the consumers & deal with your holes or else"
https://www.channelnewsasia.com/singapore/mas-will-consider-...
In many ways in domain after domain, US nowadays seems to act as the "economic proving ground of the world" where lax regulation allows a million ideas to flourish. Then folks in other parts of the world seem to take the best winning ideas, figure out how to make it work in a socially & governmentally acceptable way in other parts of the world and out-compete the US originators (eg. how Uber, Lyft, Amazon, US based social media firms have effectively been pushed out of dominance in Asia)
Consideration needs to be made when thinking that a policy which works in Singapore, one of the smallest countries in the world by area and one with a strong tradition of rather strict governance in the modern era, can be applied to vastly larger ones with some pretense of respect of constitutional civil rights and a history of distrust of strong government.
My grandmother got hit with one of these, she has a weak heart and was in severe mental distress all day because she couldn't get ahold of me to confirm what the scammers were telling her.
I try not to judge others, but what monster can do this for a living?
If someone is being told that yadda yadda (story doesn't matter) and they have to pay in gift cards, and they seriously believe that, then surely education seems to be the right fix.
503 comments
[ 4.5 ms ] story [ 338 ms ] threadWhat about the victims?
But yes, I hope the perpetrators are brought to justice and the victims receive some kind of recompense.
“It may not be a national security concern yet,” is actually a fairly ominous statement from an FBI official of any kind.
This translate to "we even conceive going into war because of this".
> but the reputation (of a country) is involved
And this translated to "and economic sanctions are very likely".
So, don't think this is a bland statement.
[1]: https://en.wikipedia.org/wiki/STIR/SHAKEN
What's even more disturbing is that I'm now getting calls from people talking in Hindi. I answer in English but they ask me to switch to Hindi. (I'm from Pakistan and speak Urdu which is mutually intelligible with Hindi). I'm guessing it's to build familiarity/trust.
They want to pay off my phone, electric and other bills and in return I pay them 50% of the amount. I give them fake info and try to keep them on as long as possible... asking them to repeat multiple times. Sometimes I'll tell how thankful I am that they came to me with this 50% off offer because I'm facing financial troubles. Not once did any of them fell bad about trying to scam a poor person. Their response is usually something like "This is exactly why we are offering this service, to help people like you".
Eventually they get frustrated and hangup. This way I can hurt their ROI just a bit.
The remediation here needs to be statutory: (1) anti-spoofing needs to happen at the carrier level and not just the terminating connection, and (2) forwarding services need to be subjected to additional oversight and transparency requirements.
Edit: I think a generally useful framing for these kinds of criminal enterprises is comparison to US wage theft: nearly the same amount is stolen from US workers each year in just the top 10 states[1]. This doesn't somehow excuse phone fraud, but you don't see the same kind of grousing for cutting Fortune 500s off of the Internet.
[1]: https://www.epi.org/publication/employers-steal-billions-fro...
Cutting F500s off the internet would do nothing about wage theft. There is considerable advocacy for strong action to bring wage theft under control, too. So, I’d say this analogy fails its purpose on multiple levels.
Mark Rober has a few videos dedicated to going after several of these scam call centers, and most recently 3 major ones were shut down and their owners arrested.
My recollection wrt Rober was the police aided him to help drive awareness.
For the “normal peoples theft” what would you like to police to do?
- show up when called.
- if they’re not going to show up, AT LEAST call back.
- make at least a token effort to apprehend someone of whom there is a clear video.
This does not seem to be outlandish expectations of the service provided by the largest line in city budget.
Basically, our criminal justice system is not built to handle minor crimes, and criminal organizations are exploiting that at scale.
There are no consequences to the police for ignoring the parts of the job that do not directly generate revenue for the police.
This is not an overarching problem with "the criminal justice system" other than the fact that the police almost everywhere in the US have a culture of graft and rentseeking, and won't do anything if there isn't money or press involved.
These call centers are a problem.
One that requires cooperation between the US and India to resolve.
Now before you say "well India has high English proficiency" countries like Nigeria, Kenya and the Philippines best India here with higher English proficiency and don't have the issue (Nigeria has a similar email one of course) They're quite a bit poorer as well.
There's some major policy failure here India needs to figure out. Of course they don't want rampant crime but everything points to how they're domestically handling that crime as the problem here.
Here in Australia, I get maybe 4-5 Indian scam calls a week, compared to maybe one per year originating from anywhere else (Philippines, Eastern Europe).
But no that wasn’t what I was suggesting.
https://www.youtube.com/c/JimBrowning/featured
ScammerPayback also does an incredible job.
https://www.youtube.com/@ScammerPayback
Calls from my area code of residence are almost never spam, while calls from any other area code, and especially my phone's area code, are almost always spam.
I wonder if this is a rollout thing -- I had AT&T for years, and towards the end (about a year ago) I began receiving spam notices. But I was in one of their "primary" markets, so it's possible they rolled it out first here.
But it is great, when someone calls and i don't have them in my address book they show me the name of them, for example the name of the doctor offices, companies etc. As you can see in the demo carousel on their page, it shows "SMART" next to it, which emphazises that this isn't a number in your contacts but fetched from the internet.
Or if they are likely spam, my whole display is red and i can immediately hang up.
[0] https://de.hiya.com/products-smart-call
It can identify scammers' numbers (based on user reports). And the phone app will label the call as suspected spam.
There is also a setting to outright block incoming calls from numbers labeled as spammers.
Then there is call screening. The google bot will answer the call and ask questions that you select (like "who are you and why are you calling?"). You get a real time voice transcription of the answer so that you can decide to pick up if needed. But it's handy for spammers because they usually just hang up (or you get some half-transcripted text of a robocall message that was talking over the Google bot).
It doesn't solve the problem completely but it does help.
If there is a market incentive for companies to do something bad, and the government can, but does not act to correct/neutralize that incentive, then the government should be blamed. India is a democracy, so that blame also falls on the electorate.
As a US voter I grudgingly accept my ~4e-9 proportion of the blame for the shitty things the US allows.
If this was similar to the Russia stuff where the goal was to affect the election and was sponsored by the govt then sanctions kinda make sense, but this is a problem of international communication between private citizens. If we wanted to make some law for this that seems cool but it'd need to be done at the UN, not in the US
As another comment notes, the US is responsible for plenty of parasitism (MLMs, ponzi, crypto) that is likely a higher total value, but I suspect most citizens would feel it's unfair to sanction them because of some bad actors in the economy
It's the responsibility of the Indian government to police what happens within its borders. The Indian government has turned blind eye to scammers in their country targeting the US, they're effectively endorsing it.
Why should the US continue to do business with a country that leeches off of the US citizenry?
Historically, the US has done the same thing to Japan, and more recently, China, when their businesses undermine US businesses. Either by not respecting US IP or by running US businesses under through collusion.
Even if you come up with some way to somehow target specifically how the government functions but entirely spare the citizens from externalities, the government will just hold its citizenry "hostage".
This is a global problem. It boils down to the Internet and modern telco networks opening up cheap ways to address many millions of people, allowing scammers to troll for marks at scale. Gift cards, easy wire transfers, in-app purchases, easy card charges, and crypto have made it easy to get money from people with low friction too.
If you answer and say hello and there's an extra second just hang up. They'll call back if it is important.
"If it's an Indian, hang up."
If there's a legitimate need to get in touch, they will find another way. My (naive) hope is that this might also discourage offshoring and/or reward companies employing Americans, if enough people do likewise.
I doubt that. Instead they'll probably start using a service like https://www.respeecher.com/
If the message mentions anything about stupid stuff like tax fraud/social security number its just immediately deleted, you'd 99% of the time receive official mail for anything about these items.
She Googled "Amazon support phone number" on her phone and the 2nd link had a 800 number but it was a site either legit or setup by scammers to review the phone number. She called it and figured someone was funny when they asked her to install an app on her phone.
Combined with how easy it is to get "support" from scammers instead of actual companies and high-pressure act-now tactics scammers use, and your wife was probably one of the few that caught on.
(My entire understanding of law comes from law and order so take what i said with a grain of salt)
Maybe requiring them to post a large bond (proportional to the liability) and/or have insurance?
I'm guessing it has something to do with the snowshoe-spamming reference, but I'm totally in the dark.
Or does it just insta-kill all their posts?
I receive more spam SMS than scam calls too. Some of them are even asking me to provide information for the benefit of fake deliveries...
Worth the occasional missed call IMO; I say on my VM msg if you are calling me and I don't know you leave a message otherwise your call will go to VM without ringing.
In theory, I could get a voicemail and then follow-up, but that would result in significant time wasted for both sides (e.g., calling doctors again or setting up re-delivery), and the total time I spent on dealing with spam calls is ~1 minute (5-10 seconds x 5-10 occurrences).
Snail mail is so overloaded with spam it might as well be the same.
The fact two fundamental and official mass communication channels are functionally useless is a sign of the rot in our country.
Email is teetering on the void. Chat is balkanized and siloed, same with social media, unlike telephony there is no source monopoly or tradition of cross standards.
Txt is the last bastion. It'll die in the next decade I'd guess.
It's a problem everywhere. This is what you get when you let the advertising industry operate unchecked. Scam calls and snail mail spam are just piggybacking on the fact that phone companies and postal services encourage and make money on telemarketing and mass marketing e-mails.
It's going to be hard to solve one without solving the other, as the difference between those scams and typical marketing communication is a matter of degree, not kind.
Here in Poland, the sticker that forbids advertisements does jack all. The post office might stop delivering spam, but most of the garbage in my mailbox comes from private individuals, hired by local companies, delivering the spam personally.
Call/SMS spam dropped somewhat thanks to GDPR, though I've experienced a uptick in the past few years, primarily driven by cryptocurrency scammers and fly-by-night companies selling photovoltaics. I do get an extra amount of phone spam, because I had a business and my phone number is listed in the business database.
Note that I do consider first-party (as in, from companies I have relationship with) cold calls as spam and scam too. Telcos in particular are notorious for scamming people - at this point, there is not much of a difference between scams discussed in this thread, and technically legal upsells and bullshitting done by my phone operator.
(They're not that better off-line, either. Only few weeks ago, a sales rep from a high-profile salon tried to scam my grandmother, by deceiving, manipulating, outright lying and using psychological pressure tactics, to get her to sign for a TV and Internet service she doesn't want or need. That happened physically, in the salon, when she went there to take over my late grandfader's phone contract.)
1. Reading a message is low-obligation compared to answering a phone or taking physical mail out of a box.
2. A shorter message has less room to both contain a scam and a cover story. Necessarily, either the payload or the cover story or both are thinner in an SMS message than a scam email.
3. But most importantly, social customs around text messages conversations are different from phone etiquette: besides being unauthenticated, caller-id came after decades of being expected to answer the phone without knowing who was calling or why.
A stranger sending a legitimate but unexpected text message feels obligated to explain WTF they're contacting you. "You don't know me, but..." Scammers, on the other hand, are trying to bypass this. "Oh, you know me."
Tying into point #2, a low-data channel like an SMS conversation is a high-context interaction. Have you ever gone back and read old SMS conversations and noticed a difference between the richness of your memory of the interaction and the sparseness of what the text actually said?
(Google search results pull the quote, "Generally, high-context cultures prefer oral communications, while low-context cultures favor written communications." My thesis is the telephone is a technology that turns oral communication into a low-context activity, and SMS is a technology that turned textual communication into a high-context activity. It's not impossible but more difficult for untargeted scams to go unnoticed in a high context channel.)
(It’s happened with a package delivery, as well as a washing machine installation. In the latter case it was Home Depot, when I finally got ahold of them they said it was my fault for not answering the phone and that I had to reschedule for 2 weeks out, meanwhile I didn’t have a working washing machine. I cancelled the order instead, went to Lowe’s and had a washer in a few hours.)
Mobile phones just don't offer it by default --- the best most have is a "Do not disturb" setting.
There is a marketing opportunity here for some software developer --- lots of people would actually *pay* for a mobile app that could effectively weed out auto-dialers and/or selectively send only unknown callers directly to voice mail without ringing the phone.
Or even simpler, put on his Beam-a-Thought helmet and sent a message back in time directly into the noggins of every delivery driver at the warehouse.
Victim blaming at its most absurd.
Or better yet, ask them to press a random number to connect the call --- before the phone will even ring or go to voice mail. This effectively weeds out most auto-dialers.
I have a Panasonic phone (connected to VOIP) that has this feature built in. It also has text to speech that reads the caller ID out loud. It's amazing how creative these hardware vendors have gotten now that their market is shrinking.
Mobile phones have some catching up to do.
Which at least I think is a grave mistake.
You might argue that you barely use the phone as a phone, and that might have been a good argument if there was anything remotely equivalent.
When I worked in telefony abuse, like this, was pretty hard to track because of all the middlemen involved. They'd have phone banks with multiple phone numbers that they'd lease from providers in India who worked with them to rotate through outbound numbers. India doesn't allow Americans telefony companies, much less voip (in order to provide these telefony companies business), so looking at India from a telefony perspective is much like looking at several black boxes.
Tldr; because of India's policies the country of India has to do something about it. Much like Chinese knockoffs and IP theft.
I don't at all subscribe to the Friedman perspective that businesses are ethically obligated to maximize profits at the expense of literally everything else, but I do think that it's a reasonable description of the way businesses trend toward acting; an entity structurally designed for making profits will inevitably end up acting in a way that only considers that measure unless the incentives are changed, which is precisely why we _do_ need to regulate things to curtail business behavior that's a net bad for society as a whole by making it unprofitable, whether that's through direct fines or making business liable either civilly or criminally for their actions.
Pretty much everyone who communicates overseas use apps now because they’re free.
The problem is that the US carrier gets paid for terminating the call, regardless of whether it's spam or not. Why would they kill the golden goose?
Indeed you managed to break several of them with this one post. Not cool.
https://news.ycombinator.com/newsguidelines.html
de facto sanctioned by India and USA by not enforcing the law and busting the scammers
I think it would be more effective if I learned a Hindi curse.
Anyways, I'm all for insulting a call center scammer, and a rude comment about their mom, especially comparing them to a dog or something, will probably piss them off. Then if they overreact back, threaten to email their boss the call recording.
When asked, just tell them your name is "Ben Chod". Gets em every time.
My grandparents are the targets for this kind of scam, and when they call their bank they get an Indian customer service rep to discuss the situation with. Absolutely disgusting that the situation has been tolerated for so long.
I'd argue that one such state is the U.S.
Congress could pretty trivially order that carriers give each customer a choice about what kinds of spoofed / unreliable-origin calls to let through.
E.g.: For calls originating (inside | outside) the U.S.: (allow-all | allow-whitelist-only | allow-only-when-presenting-callee-issued-passcode | etc.)
But Congress doesn't do this.
This isn't exactly Congress sponsoring this behavior, but I suspect there's some bribery and/or unsavory lobbying going on.
My own thesis, is because politicians, and PACs, use robocalls extensively.
They don't want you blocking their junk calls.
I doubt it, its easy enough for them to just exempt their own calls (which, incidentally, they do from existing Do-Not-Call rules.)
How so?
Its more like 1. They don't care 2. Those who care, don't have time to work on problems of Non-Citizens when the citizens are suffering too
India is a country of almost 1.4 Billion people. That is 1 Europe + 1 North America + around 200 Million people more (figures from google search, may not be accurate)
Indian law enforcement is archaic, understaffed, and riddled with corruption. They prefer to sit on their asses all day and collect paychecks rather than working. For the select few that actually work, they have all the local issues to deal with that comes with a population of that size. They simply do not have the time to work on things that are affecting someone on the other side of the planet.
And tbh I don't blame them for putting citizen's problems over non-citizens. Thats literally what every country would do.
Not to mention consistently and effectively prosecuting people for this sort of crime takes two sides of law enforcement to tango (the perpetrator of the crime may be in India, but the victim is in the United States, as is the local police report they file, the spoofed number and the first part of the telco chain that eventually ends up in a normal looking office in an Indian city). Sometimes a relevant Indian police department may get that information in a form which is useful to both shut down operations and punish the operators, but even if the Indian police were incorruptible, a model of efficiency and particularly hot on white collar crimes committed overseas, I'm not sure their US counterparts are providing so much information that scammers wouldn't feel they could get away with it often enough to try.
In the EU I get maybe one spam call every couple of months. From the stories you hear from Americans on HN, Americans get multiple spam/scam calls a day, and the vast majority of their inbound calls are spam/scams.
What is going wrong in the US that isn't going wrong in the EU? Language barrier? Regulatory capture?
Bless the people keeping that red list up to date.
This thread makes me wonder if Americans have such info (whether a call is a likely spam) automatically pop up when receiving text or calls.
almost all my inbound calls are spam, in the united states. when i've listened to voicemails left, they even have native north american accented people reading the prerecorded scripts, so there's deep roots to the depravity that cross country borders.
Sometimes but not consistently.
Though honestly in the US I get maybe one SPAM call or text a week these days.
We do have that, but it probably depends on the carrier and the type of phone you have. On my iPhone with Verizon, there's a setting to "Silence Junk Callers", in which "calls identified by Verizon as potential spam or fraud will be silenced, automatically sent to voicemail, and displayed on the Recents list."
It's not perfect, though, and I still get a ton of spam calls. As a rule I almost never answer the phone if I don't recognize the number.
Yes, of course we do. Verizon and T-Mobile, at the very least, mark calls as "likely spam" reliably. Can't speak for any carriers as I've not been a customer of theirs for some time.
1. It was introduced only within the last couple of years, even though spam calls have been happening for much longer than that 2. A bunch of calls escape the “spam likely” designation even though I’m on one of the major carriers
So I’d say although we have it, it’s not nearly as reliable as I’d expect it to be.
As far as I know the solution is to require more anti-spoofing techniques (e.g. SHAKEN/STIR) for caller ID and then cut off the carriers who don't provide that, plus the carrier providing the numbers enforcing stronger terms on their users.
I think the US gets targeted mostly because of language. Indians learn English in school and it's not uncommon for a legitimate call in the US to come from someone with a strong accent.
No one in the EU (outside UK) will receive a call in English and think this is legitimate
In the US if you call any company you would expect someone with an accent
Here in NL, however, it does seem like scammers are occasionally taking advantage of the comparatively high English proficiency and are trying to scam people in English - this one was doing the rounds for a while: https://www.fraudehelpdesk.nl/alert/engels-telefoontje-namen...
I think several other countries conduct a lot of business in English, but I haven't spent enough time in Europe to know this for sure.
It's not like Indian scammers are beholden to EU law but not US law.
It’s not an ideals problem. Even very conservative economists would agree that there exists a negative externality in the transaction between the call center and the telecom company on the person being called where there should be some cost on the transaction to account for that externality.
So, it’s not even a conservative liberal thing (intentionally not using party names as those names may not reflect conservative or liberal ideals). It’s a policy problem. Write your member of congress.
I regularly get spam calls in Chinese. My best guess is this is because if they randomly dial Bay Area area codes they sometimes get Chinese people.
Turkey doesn't have much interest in stopping this. One could argue they have quite a few bigger problems, crime related or not, to try and shut down a source of foreign currency. Same as India.
https://www.youtube.com/watch?v=tyEoOfSECp0
Indian knows english. It's hard to target non-english speakers.
The reason being someone is reaping massive benefits from whatever loophole allows for this kind of data collection & is shoring up initiatives so that loophole isn't plugged.
Now try the same search with a U.K. resident or E.U. resident you know of. I'd say you will have a markedly tougher time gaining access to similar information, with just a few clicks & without ever pulling out your credit card. I have no clue if U.K. is similarly compromised off late but a few years ago ( prior to Brexit ) it was not the case.
1: https://www.theguardian.com/world/2022/jul/12/europol-phone-...
Best defense: don’t ever call a phone number you receive in a text or email message. Delete the message and look up your bank’s, Amazon’s, or PayPal’s phone number yourself through the company’s official web site.
Also, don’t get scared by messages about your finances…stay calm. The scammers count on you getting freaked out and doing something stupid.
Still I felt uncomfortable and asked for a Teams session with screensharing instead (and not remote access), but this 'was not possible'.
So, how are people to distinguish between 'fake' calls and real ones if companies still use such shitty techniques?
OK, looks like "microsoftsupport.com" is taken, but GoDaddy is happy to offer me alternatives like microsoftsupport.app, microsoftsupport.site, microsoftsupport.tv, or microsoftsupport.uk that should work equally well for scam purposes. Or microsoftpcsupport.com is available, if a ".com" is particularly desirable.
aka.ms
Or “cudaserv.com”, which is auto enabled link scanning for Office365
US must take strict actions and call out India publicly. Elderly people are weak, education isn't going to solve the scam problem. Scammers must be punished harsly. They erode the trust in system.
Also, Indian government is not doing anything. In many places like Kolkata, scammers can get away easily by bribing police. Our phone are being redirected to India, and they can abuse our phone number. I wish, the US government passes strict rules and regulations to keep these scammers in check.
Gift cards should require some amount of destruction in order to get to the actual barcode… something to make tampering obvious.
The same way clothes have a little ink exploder the clerk removes… just a quick easy step that is destructive to the packaging… but still presentable when you give it to someone
Just put something along the lines of "sim box grey route" into Google and you'll find loads of relevant industry materials.
Besides, you're drastically moving the goalposts here. We went from "could put a stop to this" to minor obstacles.
But as long as telcos willingly cooperate and allow remote call centers to basically pick any number in the locality of the recipient even though that number is not currently roaming in India they are making things much worse.
The reason for this is language barriers, it's not some countries doing things better than others.
> Shipping a SIM box would already be much more work than just changing a number in a database
They don't even actually need to ship one, there are thousands of them operational already. This is a massive industry.
Even if you cracked down hard on SIM boxes, the scammers will just purchase routing from botnets. This won't really impact their costs, and will be essentially impossible to take any meaningful action against.
Anyway, since you are willing to shoot down each and every suggestion in this thread short of rolling over and accepting the damage how would you tackle it?
European authorities haven't managed to do anything about the car selling scams Romanians have been running for decades now. Nobody has managed to do anything about the Nigerian prince scams. BEC with truly shitty phishing pages keeps on growing and growing.
The best bet would be for US authorities to force India to crack down on these activities and prevent these scams from operating at an industrial scale.
The actions you propose would work well to address lower return activities, such as marketing robocalls. They can not work to address high-return scams.
Plenty of such cases here locally. Your point about the language barrier is on the money though, I never really gave that much thought but the number of Dutch speakers in India is most likely so low and the market so small that it isn't worth a massive campaign to them. Especially not if there are millions of gullible people in markets that are more accessible to them.
As for forcing Indian authorities: I've seen up close how corrupt things are there and I have very little hope that that would be a viable avenue to resolution of this problem.
I'd be super curious to hear about any local success stories.
>As for forcing Indian authorities: I've seen up close how corrupt things are there and I have very little hope that that would be a viable avenue to resolution of this problem.
Then you're left with education. These scams are very profitable and can easily afford resistance from telcos and banks.
I don’t see why you’re pushing so hard against this line of reasoning, I guess. You’re making it sound like a hopeless endeavor to even try, in a “don’t lock your doors because thieves will just use lock picks” kind of way.
How much harder? If your changes increase the telephony costs of a scam call centre from 0.001% of revenue to 0.002%, you have not actually made their operations harder.
> and these changes do not impede non-fraudulent use, why not go for it?
Because these changes would not be free.
Ideally, the telco would implement these block lists, but also ideally, they could be traded around like web ad block lists for individuals to load on their phones.
I think we all know scam calls are a serious source of revenue for carriers, so they will need to be led to this conclusion by force.
None of that happy future would come without true caller id, thus the resistence from carriers to fixing spoofing.
Why would they be a major revenue source? The carriers make their money from normal users, not dodgy call centers.
Ideally there would be a warning that a call does not originate locally, routing the call through a local representative would generate yet another signal that you might be able to close off, including the possibility to declare the possession or hosting of certain gear illegal. You'd have to maybe do some pattern matching to spot problematic numbers and/or have a place to report them easily.
If the will was really there I'm pretty sure this problem could be tackled.
Anyone can easily buy European bank accounts opened with fake IDs, or money laundering services where you're provided an IBAN and receive a % of the money sent there to your cryptocurrency wallet.
Want a fake passport good enough to travel with? No problem, will just run you a 1000 euros.
Probably, but not with any of your proposed methods. I have talked with some SMS spammers and none of what you proposed would affect them. And for SMS spammers these inconveniences are a much bigger part of the cost of doing operations than for a company which needs to have employees in a call center. They have to spend a lot of money on buying new SIM cards as old ones get blocked.
Right now, an actionable report really needs a traced call, which is hard to actually make.
Certainly, it doesn't get you right to a chargable person, but it gets you a lot more than today.
However, even if we assume that SIM boxes are a magic solution to carrier interventions, that still raises the cost from the current status-quo. Implement enough of these barriers and the entire scam operation becomes unprofitable and no longer worthwhile.
>However, even if we assume that SIM boxes are a magic solution to carrier interventions, that still raises the cost from the current status-quo. Implement enough of these barriers and the entire scam operation becomes unprofitable and no longer worthwhile.
Why do you assume that the call routing is a meaningful cost to these operations? For all we know they spend less than 0.01% of their revenue on call routing.
Oh jesus please no, whats next?
Ther is no reason a consumer oven should cook more than 5 meals a day. There is no reason a consumer toasteer should toast mpre than 10 times a day.
The bread you make tourself is unauthorised in a toaster
Of course, an override should be provided - the restriction should be relaxed over time once the account is established for a long time without any complaints.
Consumer ≠ business/commercial. A home oven (or toaster, fryer etc) isn't made for such use, a commercial one is. You should really spend the monies in commercial gear if you're gonna feed such hordes of people.
Similar thing with SIM cards. Why would a normal person be making 100+ calls a day on a simple, personal line? That's clearly commercial use and as such, it oughta be regulated somehow.
However, just like email spam, stopping spoofed calls is harder in practice than in theory.
Is it really? Couldn't the carriers simply require a certificate to allow you to spoof a phone number?
SS7 doesn't have a clean way to do this hence needing to make SHAKEN/STIR, but I don't think anyone did the signalling work for POTS.
https://www.fcc.gov/document/fcc-remove-companies-robocall-d...
Of course, businesses with a lot of money care about use cases in that last 1%.
I'd love a setting I could flip to disable inbound voice calls from any carrier that isn't like... Verizon, AT&T, T-Mobile, and Comcast.
https://en.wikipedia.org/wiki/STIR/SHAKEN
No way to selectively block SMS on phones (at least natively). Only reason I don't disable it completely is due to the 1 percent
The FCC has started enforcement actions, in October they announced they are cutting off seven telcos who failed to comply. Only ~7000 more to go!
At some point, the way to fight crime is to fight crime. It's not that hard to find and prosecute most call centre scammers.
A lot of these scammers would not do it if there was risk. They're not often hardened criminals.
Or, you invent a shop that also trades on Amazon and "buy" the stuff from yourself. That might explain some odd shops that you see online.
The goal is to setup a US google voice number to abuse later.
This makes so much sense. Thanks!
But I had wrongly assumed that Facebook marketplace would experience less scam than craigslist because verified users would be their competitive advantage
It’s so infuriating. I know people who have lost hundreds of dollars to people impersonating US Social Security and immigration officers. The gift card providers do not care. The impersonated government agencies do not care. The local police do not care. The phone companies do not care. There is total and utter impunity for everyone perpetrating and enabling these scams.
I'm not sure if there's an alternative, since I'd seriously rather not ID be required to buy or use a gift card.
And as far as making gift cards safer, shouldn’t that be the responsibility of the gift card providers, not to mention regulators tasked with consumer safety? Why is it that the scammers seem to ask for gift cards rather than, say, banking details? (I’m sure there’s also some banking scams, but I have a feeling there’s non-zero recourse for victims in those cases.)
If it truly is somehow impossible to make gift cards safe to use, then I’m convinced society could survive without them. But I doubt it’s impossible. I suspect gift providers deliberately go out of their way to make sure victims have no recourse.
so i unpause the silence during that time
the hospital is def an issue, i don’t have a great solution there especially for unplanned emergencies.
> While TrueCaller may have laudable intentions, the privacy implications for people who end up in their database raise concerns. When a number is tagged, the person who is tagged ends up having their name and phone number stored on the TrueCaller database, despite not having consented – or even being aware – that their data was collected.
- https://privacyinternational.org/node/2997
Some of the features require excessive permissions.
- https://support.truecaller.com/support/solutions/articles/81...
- https://globalvoices.org/2022/10/14/the-true-colours-of-true...
You'd think India would be on top of this and come down hard. If folks just start associating Indian accents as 'scammers', businesses abroad that currently rely on outsourcing support and other services are going to eventually have to pull out. You can't run effective customer support if the customer assumes you're a bad actor just because of your voice and hangs up.
The vast majority of scams are “romance” scams.
These are people who don’t have accents but good job prejudicing your father against a whole group of people while not actually protecting him from scams.
do you have any sort of citation for that?
They "try", but the scammers just pay off the cops
Unfortunately, that use of that word is popular among Indians, but any half-measure guidance leaves room for an already susceptible mark to convince themselves that maybe this email is not a scam.
Be warned. AI accent changers will eliminate that line of defense as well.
I'd imagine that's even more obvious for any family member. If a family member calls from any number that's not their number, my first question will be an honest "How the heck did you remember my phone number?"
On a personal level I keep a referee's whistle handy in case I'm talking to a scammer live. They are usually wearing headsets and any damage I can do to their hearing with that may save an old persons savings in the following few minutes. Best technique is to speak softly so they turn their volume up then let rip on the whistle
Eventually we'll just have a network of AI scambots calling up AI scambaiters and having completely useless conversations in synthesized English with each other for hours upon hours and nobody will remember why.
1: https://www.youtube.com/@KitbogaShow
Contrast this with how the Singapore government in a similarly highly capitalist economy dealt with this - basically telling banks - "you'd better make good the consumers & deal with your holes or else" https://www.channelnewsasia.com/singapore/mas-will-consider-...
In many ways in domain after domain, US nowadays seems to act as the "economic proving ground of the world" where lax regulation allows a million ideas to flourish. Then folks in other parts of the world seem to take the best winning ideas, figure out how to make it work in a socially & governmentally acceptable way in other parts of the world and out-compete the US originators (eg. how Uber, Lyft, Amazon, US based social media firms have effectively been pushed out of dominance in Asia)
My grandmother got hit with one of these, she has a weak heart and was in severe mental distress all day because she couldn't get ahold of me to confirm what the scammers were telling her.
I try not to judge others, but what monster can do this for a living?
If someone is being told that yadda yadda (story doesn't matter) and they have to pay in gift cards, and they seriously believe that, then surely education seems to be the right fix.
Rule no. 1: Gift cards = scam.