Ask HN: Should you reply STOP to unwanted texts?
I have been advising people I know to block, then delete and report junk (iOS) to unwanted texts. Others have argued with me that you should reply STOP. I disagree, especially after checking a shortened link in a “campaign” text and finding the link was a phishing attempt. What do you think?
384 comments
[ 864 ms ] story [ 6154 ms ] threadUnless the behavior has changed (maybe it has)?
As an example, consider what happens when a user sends a link to a website over iMessage. In that case, the sending device will first render a preview of the webpage and collect some metadata about it (such as the title and page description), then pack those fields into an NSKeyedArchiver archive. This archive is then encrypted with a temporary key and uploaded to the iCloud servers. Finally, the link as well as the decryption key are sent to the receiver as part of the iMessage. In order to create a useful user notification about the incoming iMessage, this data has to be processed by the receiver on a 0-click code path. As that again involves a fair amount of complexity, it is also done inside BlastDoor: after receiving the BlastDoor reply from above and realizing that the message contains an attachment, imagent first instructs IMTransferAgent to download and decrypt the iCloud attachment.
⁽¹⁾ https://googleprojectzero.blogspot.com/2021/01/a-look-at-ime...
I got 7 political spam texts today. I don't think the STOP is working.
Same thing
Your messaging client may helpfully request the url they sent you to show a url preview.
In an email, your client renders the html including img tags (yes, this can be disabled, and may not even be default for most people anymore; it’s still a thing)
Back in the day, some systems used to acknowledge the request for a read receipt by default giving them the ability to determine if a number was actively watched.
Hopefully everything has it disabled by default these days.
Same for SMS read receipts.
That's still true for both email and text messages.
Just opening text messages can infect your phone too. In one case, iphone users didn't even have to open the message (https://www.bleepingcomputer.com/news/security/apple-zero-cl...).
There have been similar problems with outlook allowing unread email to infect a device (https://www.csoonline.com/article/3486789/microsoft-outlook-...)
It doesn't matter what the platform is, spam is toxic and should be handled carefully and as little as possible.
However, if they're using some other carrier or rolling their own VOIP setup, etc., or sending from a toll-free number instead of a shortcode, there's no guarantee that their particular platform will honor STOP. And there's no way for you, as a recipient, to know which is which.
Generally I will reply STOP if it's something I know I signed up for but no longer want. Things I never signed up for just get reported as spam and I don't reply.
The STOP keyword is mandated as unsubscribe at the carrier level (Verizon, ATT, TMo) not just the vendor level. So if you reply STOP, it's very likely that you will not receive another message from that number.
This will be true for any programmatic SMS vendor. There could be smaller scale & more manual approaches, but that would be rare.
There has been a big effort in the last year+ to clean up the space and require consent before any SMS is sent.
FWIW, somewhat surprisingly, my google pixel has an amazing spam filter for SMS and I rarely get SMS that I don't want.
What I want to know is, what's the purpose of those random texts that just say something like, "How's it been?" from a number that I've never communicated with? What's the angle there? Anyone know?
My understanding is that they will pretend it's a wrong number, but then make a joke or talk about some innocuous hobby and try to build up trust over weeks/months to eventually phish or scam you. I forget where I read it (maybe reddit?) but there was a poster who mentioned a personal experience with one such scam, basically a fake romance scam that led to them losing tens of thousands of dollars wiring money to a fake person who pretended to have fallen in love with them over weeks of back and forth texting.
It doesn't have to work on everyone to be profitable, just the once-in-a-while lonely pensioner!
https://consumer.ftc.gov/consumer-alerts/2024/05/why-its-not...
https://www.robokiller.com/blog/how-to-identify-text-scams
Hopefully my efforts to waste scammers time instead of “just hang up” has got me removed from a few high-value lists.
It's called pig butchering. You kidnap people, hold them in Cambodia or whatever (lots of locations where local criminal gangs rule) so the locals don't bother checking for literally kidnapped slaves.
If police stop by, pay them off and make up a story about debts and punishment.
Then you use the slaves to scam others in pig butchering scams. If the slaves refuse, you beat them until they comply.
https://www.propublica.org/article/pig-butchering-scams-raid...
This situation is a little more complicated than to be solved by a back and forth on the hacker news comment section.
I don’t think I’ll ever visit Cambodia and I can call Cambodia for a few cents a minute as well as their embassies.
Their local authorities can’t block us all!
The guy working one computer over elbow-to-elbow is gonna narc you out for better treatment, though.
1. Someone texting the previous owner of my number (John). I got all kinds of traffic for him, including debt collectors, friends, ex-girlfriends, employers, etc. I gather John ran into a spot of financial trouble, dropped his phone-number, and skipped town.
2. An old high-school classmate trying to find my mom found my number on one of those people search sites, probably associated with her address.
3. A random girl who just wanted to chat. I talked to her for a few messages, but didn't progress to a romance scam. She seemed real to me, but who knows?
It's well worth the watch, but tl;dr: it's a long-con scam. They invest as long as it takes to establish a relationship with you, and then engage you to do something (crypto mostly, apparently) involving cash online. They will say they made a bunch of money, and point you at the super-easy online exchange they used. You buy the crypto, you see the crypto increase in value (because it has in the real world) so you buy more, and more and more.
The problems start when you say you want to cash out. They switch from "buy more, it's going up" to "there are fees to withdraw, just deposit another <whatever> and then you'll get the withdrawal amount plus <whatever>" and of course no money ever comes out.
Oliver interviews people who have lost hundreds of thousands of dollars this way, some of whom still believe that if they just toss in another <whatever> it will all be resolved and they'll get their money back. It's very sad, and I'm not doing the video justice.
That's only vaguely true. The FCC has effectively said "here's a list of words that are considered reasonable opt out words and let the courts decide what is reasonable when there is a dispute." [0] They're basically deferring to the courts to determine reasonableness.
Obviously it's a good practice to remove people who are intentionally obtuse, but the courts really don't like people who don't follow the instructions, especially because sending "please don't send me messages" is more inconvenient than sending "STOP":
> The court held that “[t]he totality of the plausibly alleged facts, even when viewed in Plaintiff’s favor, militate against finding that Plaintiff’s revocation method was reasonable.” It also rejected the notion that there is something improper about prompting called parties to text “STOP,” explaining that “heeding Defendant’s opt-out instruction would not have plausibly been more burdensome on Plaintiff than sending verbose requests to terminate the messages.”
[1]
That said, it's reasonable to expect that replying "stop" regardless of case should stop those messages from coming through.
[0]: https://docs.fcc.gov/public/attachments/FCC-24-24A1.pdf
[1]: https://tcpablog.com/2017/revocation-consent-must-reasonable...
If you contact me without my consent I now have to follow your instructions to stop your harassment?
Nonsense.
How do they know I consented vs the person who had the number prior to me? I recieve texts I didn't sign up for all the time for companies I've never heard of for people with names and addresses that are different than mine.
I really feel the burden of consent should be on the sender vs the receiver.
Think of it this way, the receiver must carefully read what they have received in order to correctly opt out but the sender can just run a regex for "STOP" and call it a day. The more difficult burden should be on the sender. They should have to validate every message received to see if it is requesting to opt out. Put another way, the consent is retracted even if your regex didn't detect it.
When it comes to sex consent doesn't work that way; "She didn't say the safeword I texted her a year ago your honor so I had consent!"
Yikes. The lawyer dog comes to mind (a Fifth and Sixth Amendment Supreme Court case). Suspect speaks voluntarily to police until he realizes they suspect him of a crime. He stops and says, "I want a lawyer, dawg." What is meant to happen then is that the interrogation is stopped until that point. Police carried on the interrogation, and the Court ruled that statements he made in that period of time were admissible in securing a conviction against him.
When this was appealed, the Louisiana Supreme Court declined to hear it, saying, with a completely straight face, that there was ambiguity, and that since the police could reasonably believe that he was in fact asking for a canine lawyer, i.e. Lawyer McDog, Esquire, and that they couldn't find such an attorney, there was no invocation of counsel that warranted a termination of the interview.
Something something greatest legal minds of their generation.
But then they continued spamming three weeks after saying they wouldn't. Pathetic.
Also on a side note, the scams are really horrific. Although obviously scams I can imagine especially the older people getting tricked with "hello grandad here's my new number". Makes me wonder what I'll be getting tricked with when I am old.
wonder if STOP will work for only the same number, or globally.
I also know political messages have lots of loopholes, thanks to the politicians who create the laws.
Replied to that, same deal. Did it for 20+ numbers before getting bored with it.
1) SMS supports receipt functionality, which means the sender can be notified when a message is delivered to a handset. This happens at the carrier level, so you can't turn it off.
2) SMS supports 'silent' messages which are a different message class that is not shown to users.
You could, for instance, be texting an unattended device.
Receiving a receipt is not a real indication of delivery, and absence of receipt is not a real indication of absence of delivery.
Some people are seriously lonely - eager to pick up any chance of real interaction. And those scams prey on that.
On telegram those spam usually comes together with a profile picture of a pretty women. With text only, it targets the imagination.
TL;DR they are scams
https://www.youtube.com/watch?v=pLPpl2ISKTg
Unless it is political
Also, my understanding is that this isn’t even a case of the politicians making an exception for themselves but for this being protected speech, so there are legal issues with blocking it without the kind of majorities American congress is not capable of anymore.
Just like for the longest time it wasn’t insider trading if you were a politician.
https://en.wikipedia.org/wiki/Hatch_Act
The “do not call” registry had a purpose, and it’d have been so easy to add an additional “and also no political anything” to it. Let them burn.
I inadvertently replied to one of those spam messages because the number coincidentally matched the location a relative had recently moved to (I figured it was them trying to joke around while informing me of their new number, it was something along the lines of "Can you guess who I am?"). They replied with a picture of a girl and some question trying to start a conversation. So, I figure they're just fishing for easily tricked or lonely people to manipulate into sending them money.
FWIW I didn't notice much of an uptick in scam texts/calls after that.
Is that just for programmatic messages, or all messages?
I could see problems if it was all messages. For instance suppose a relative coming to visit for weekend and due to arrive around 5 pm Friday. You get a text from them that afternoon saying that there was an accident that has blocked traffic and police say it will be several hours before the road reopens.
They ask if you would prefer that they continue as soon as the road reopens, which will probably mean they will arrive around 1 am Saturday, or stop and spend the night with another relative who lives near where they are currently stuck, and then come Saturday morning which will get them to your place around 9 am.
You text back "stop" to indicate the latter option, and now texts from that relative are blocked. Oops.
When a company or service sends text messages using an automated system like SMS marketing software or bulk messaging service), these platforms are by design and mandatorily programmed to recognize keywords like "STOP" as a signal to unsubscribe the recipient from future messages. This is a requirement for all such systems under Telephone Consumer Protection Act (TCPA).
Text messages to your friends do not go through such platforms and so are not subject to that law.
>I'm Alyssa. are you the equestrian instructor that Tina referred me to?
>I'm very sorry, I just checked the number and it was my assistant who sent the wrong number, I hope I'm not disturbing you.
>Thank you for understanding, you are a friendly person, I have found the right number, your number and the riding instructor's number are only one number away, haha, it was a wrong encounter, but it was a kind of fate. Let me introduce myself, my name is Alyssa Chow what is your name?
Also got it from a "Lillian." I do hope they and her assistants find Tina's equestrian instructor.
I still get notifications for these on my Pixel. I just don't want them.
I only recommend responding STOP to short codes since there's more investment and vetting on getting a short code. Carriers will intercept the request for TFN/local numbers sometimes but I don't really trust it. These numbers are all going to be spammers buying pools of numbers to churn and burn. They'll just import their list into a new account if it unsubs.
Oh and btw, it's actually easier now as a spammer to tell when numbers get burned. A few years back when the CTIA handover on regs happened (and sending costs went up) the carriers finally started to respond with the delivery status of the sent messages. Before this they didn't respond and you only knew your provider delivered the messages to the carrier, not whether the carrier delivered them to the handset.
I think it's different if you're applying for a shortcode vs a regular or toll free number though. There are different regulations governing all of those.
Having been on the purchasing end for wholesale marketing SMS I can tell you most of sales people will suggest the 'correct' way and happily sell things that let you do it the 'wrong' way.
https://help.twilio.com/articles/1260803965530
The only phone number I ever texted was my real cell number, it's no longer worth having a Twilio number for a hobby project.
(Which, as an end-user, I'm happy about...)
I report their spam to twilio, but twilio claima they cant do anything about spam from their sub
There is a tiny bit of vetting involved and you've got to be a slightly larger account, but it is possible, so it's not safe to assume that if the message is coming from Twilio that STOP will block them at the platform level.
Also, the provider relayed the STOP to the last of their client that reached the number, they had no way to trace it back with 100% confidence.
STOP/HTTP 403/unsubscribe all tell the other end that the address has something there. You’ll end up just reinforcing your place on a list of phone numbers to pass around.
So thanks for validating my decision :)
I wish we had something similar for phone numbers
You have to give your name and address as a public record, and they will likely find your phone number and email and will call, text, and spam you from there.
Maybe if donations go to 0 they’ll finally get the message that citizens don’t want to be harassed for donations.
Super-throwaway email addresses in the terminal
I gave a few small donations and foolishly didn’t use a disposable email address. That was over four years ago and I’m still getting over a dozen spam emails a day from candidates I have never even heard of.
Maybe there is some central actblue list I can opt out of but I don’t even think I created an account with them
Never donated a penny since
I have a politics label in gmail that is blue/red from 2012 onwards. All the GOP emails are from poking around Romney 2012, and nothing else.
I'd say you'd be surprised on the reuse, but you shouldn't be.
The whole industry is mature and super targeted like any other spammer, but mostly immune to spam regulations (because politics are specifically exempt from CAN-SPAM etc., and most voter registration and donation data is public record). The whole pipeline is thoroughly automated and you're marketed and remarketed to just like you are with Google or Amazon, but without any of the already-minimal consumer and privacy protections.
If the price of living in a democratic society with transparent voter/donor records is a few annoying emails, we should all be paying that price gladly.
What happens is that the campaign you donate to to puts you on their list (allowed) and then shares that list with others in the party (also allowed). They share back and forth so fast you can't get out of it.
This is why it's the email that's shared not the name. FEC records don't have your email attached to to them, but the spam still follows unique emails like "candidate@customdomain.com".
If I don't reply "stop" to anything, it seems like one day "Retired Democrats PAC" will suddenly stop sending me messages and "Save Democracy PAC" will suddenly begin, and that pattern is what makes me think a single group is behind a lot of it.
If I do reply "stop" to one, of course they will stop from that PAC, but a few days later another one will always pop up and pick right back up.
Every few days I send out a mass "stop" to all of the numbers I've gotten messaged by, and it usually gives me 3-4 days of peace.
For email spam: you can use your email provider’s report spam feature so more of their emails end up in spam folders and their money is wasted. You can look at the email headers to figure out which platform sent the email (like Mailgun or Sendgrid or whatever) and report the email to them, which may cause their account to be shut down and then to be banned as a business from that platform. You can use the FTC and FCC reporting websites from my other comment. You could also report each incident to your state’s authorities like your attorney general’s office, by saying you suspect potential fraudulent practices or abusive practices or violation of privacy or whatever.
I would suggest simply wasting their time as much as possible (I've lead on such people pretending to be naive and caused great frustration). But ideally, not to waste your own time.
I think in the near future android-local chatbots will be further along, or iphone-local, and ideally one can run the chatbot. and you can just set the chatbot to "waste this person's time" as we will have chatbots for "flirt with this potential date and schedule drinks". Of course the endpoint of such a world is chatbots all around and no humans.
Thankfully, Gmail catches 99% of the spam emails and my Pixel phone filters out spam texts and calls. It has a built-in Google Assistant mode that screens unknown callers with a robot voice picking up and asking them to describe what they're calling about. Most of the callers just hang up as soon as they hear that, and if they don't and actually say they're calling about so-and-so candidate, I just click the block button.
I tried to switch to iPhone for a few weeks (for iMessage), but the spam problem was SO bad (even with Robocaller and some SMS spam filtering app) that I switched back to Android. Google's spam blocking is phenomenal on the Pixel, but they barely even advertise it. It's an afterthought for them, but a lifesaver for me. My phone would be completely unusable without it.
----------------
In the back of my mind, I keep thinking it'd be cool to have an app that automatically looks up whoever the candidate is running against and automatically donating 10 cents (or however much) to their opponent every time they spam you. "Hi, it sounds like you're running in District _____ against ______. Because of this spam, I've donated 10 cents to your opponent. So far, this app has donated $1,234 to your opponent because of your messages. Goodbye!"
Our government is so corrupt and broken they're never going to fix any of this, so it's up to the technologists and market incentives instead...
It's a feature that's good enough to warrant me replacing the otherwise superior Xiaomi dialer/SMS apps on my phone with the Google ones. I don't get the screen calling, but all the other parts work 80% of the time.
The problem is that once they identify you as voting against spammers it encourages them to false flag spam you from a PAC that looks like it supports their opposition.
A relative won an award from an organization a decade ago, the consultants just steal or otherwise retain the mailing lists and use them forever. I get pitches from many NYC council candidates from that one dinner
It takes advantage of a difference from regular spam where there's nothing the spammer would dislike you to do.
In the 2020 election cycle it seemed some of the texts had people behind them, so I’d reply and told them if they kept texting me I’d vote for the opponent out of pure spite. That was actually quite effective, but did have to say it to a half dozen people.
This time around, I keep getting texts asking for $40. Most I report as spam, others I say stop. But it seems these lists are distributed out far and wide, so removing the name from one, or 10, doesn’t do much.
Like you, I will never again donate to a politician and will encourage everyone else to save their money. No one should pay money to be harassed. I’m not sure how they think this is a good idea or will win people over.
I tried sending Goatse back to them, but whatever text spamming software they're instructed to use doesn't support receiving images, unfortunately :)
They sold it to a liberal political group, who then sold it to an extreme liberal group.
I get dozens, sometimes hundreds, of spam emails, every day, with the most batshit insane messages. It’s especially bad, now, with the US election coming up. The one saving grace, is that it wasn’t a right-wing group. They make the ultra-liberals look like a bunch of teetotalers.
Since she used the iCloud.com variant of the address, I simply nuke all emails that specify that, as a destination. Apple won’t let me block the domain, so I have to apply the rules, after they fill my inbox.
Sometime in there, one of the spammers figured out that icloud.com will also receive iMessage texts, so they have started coming to that, as well (so far, it is from legit political groups. I don’t expect that to last). I delete and report as junk. I very rarely respond with STOP.
Is it an optional field? If not one could practically enter any digits or can one get punished for that?
As far as I know, physically mailing a check is the best way to avoid sharing information as you only need to provide your name, address, and employer. This information is the only federally required information.
What would happen if you type in a number of somebody else?
The credit card input screen was just there to make you feel comfortable consenting to endless SMS texts for life.
If anyone legitimate gets caught up in that, I’m not sorry, blame the spammers for ruining it for everyone.
This is what I really hate about the pig butchering scams. They start out like a wrong number text, and don’t even get into the scam. From what I understand it takes them months as they build a relationship. Now when there are legitimate wrong numbers from people making mistakes, people are likely to ignore it or report it as spam, and the person never knows they didn’t reach their friend.
Was it real? Did she really just call a wrong number? Or was it an emotional hook for a scam? I don’t know, because I decided it was best for me to simply ignore it.
Once upon a time I might have called back and let her know it was a wrong number instead of leaving her wondering. Not anymore though. Thanks scammers for shitting all over society with more ease than ever before.
Once you've done that, they have 31 days to comply. There's plenty of legal entities that still will call you. If you answer, be polite, play the dope a bit to get the necessary unfortunately, ask how they got the number, then request a manager (yes, they have one, they will tell you they don't. Be polite but insist). When you get the manager politely ask for the company details, then tell them to immediately remove you from their list. Their business can be shut down for violations so once they know you know, they take you seriously (FCC takes reports more seriously when more detailed). They'll probably hang up on you, this is okay. Report them anyways (do this legal or not. They can get their voip removed and whatever shell they're using. It's still annoying for them and they might remove you because you're not worth it)
Second, don't answer phone calls. It is a practice to call, listen for a voice, then log that number as active.
Text messages are more difficult. It depends on the service but you can probably text stop. The difficulty of blocking is that legit services will use the same number to text you verification codes (can we fucking kill sms 2FA‽)
You can also sign up for a relay service (I use Firefox, but use whatever). I do this for email and every website has a unique email. Things like + for Gmail don't work and are filtered. You can also do this for phone numbers but it's more expensive.
Fourth, aggressively unsubscribe, report to FCC, change settings on devices, and so on. Do this for your non-tech savvy friends and family. Get them to use services like signal that are privacy preserving, don't leak metadata, AND is easy enough Grandma can use. Install ublock origin into their browsers and some other privacy preserving stuff and edit settings. Get them to use Firefox instead of Chrome if you can.
You need to do this to others because they will leak your information (most of my information leak comes from my parents. I even get emails in their names...)
If you want to take a step further, get a scrubbing service like optery. There's a lot of shady shit so be careful who you pick.
Edit: you can do a similar thing for mail. There is a $5 processing fee. Sucks, but sadly it's junk mail that keeps the post office alive (do not put "return to sender" unless it's prepaid. You need to give a reason otherwise your postal worker is just being nice and throwing it away for you. Don't create more work for them)
https://consumer.ftc.gov/articles/how-stop-junk-mail
If you work somewhere that is spamming and enshitified, the way to convince your boss is to show them that their domains are being blocked and that leads to less money. That's the language they understand. They don't understand metrics (that's how we got here in the first place. So don't get technical!)
For example if you sell things on the web people will come to your site, add items to your cart, go to your checkout page, enter their email, pay, and then when they receive an emailed receipt mark it spam.
Heck, I've seen people who ask for help by sending email to a support email address, and then mark the automatic reply from the ticketing system that lets them know their request has been received and tells them how long it will take before someone gets back to them as spam.
I've also seen people complain that a company wasn't responding to their emails to support, when in fact the company is responding but the person had marked earlier receipt emails or emails letting them no that their subscription that they had opted into auto-renew for was going to renew soon as spam.
Note: in all the examples above I'm talking about companies that do not send marketing emails except to people who go to a separate page that is explicitly for signing up for newsletters. The only emails sent to the person where receipts, re-bill notices, and responses to mails the person had sent.
There's probably better ways to do things but I don't think we should just give up before we begin. Clearly spammers are abusing the systems at play and they're hard to track. So if a bunch of hay comes with your shipment of needles, it is better than getting no needles.
Though that isn't to say we shouldn't try to reduce the hay and that there aren't a lot of avenues that this can be done.
You can play wack-a-mole with uBlock, but it's wack-a-mole, and poor bandaid over our government agencies not doing the job they're supposed to be doing. You'll never get them all; AFAICT recently, my own state government sold my information to private corporations.
Probably should add some context. Some bad SCOTUS rulings basically handed nearly all text message regulation to the telecom companies themselves (through the CTIA). They don't really care too much about spam if you pay them enough to do it and don't get extremely high reporting rates (especially with short codes, they will filter/blacklist toll free numbers and local numbers if you hammer carriers enough).
There are short codes that are dedicated to OTP. Replying STOP to this number should not affect the ability for you to receive OTP for a different company login.
Any regular phone number, you are probably just telling the spammer you are a real person with a working number and you will receive 10x more spam
I receive, however, a fair measure of suspicious SMS, real-estate scams, political campaigns both legit and sus, and some pretty slick "USPS shipping" RCS phishing messages.
Now my Pixel Pro has a lot of spam protections and I need to leave them all completely disabled, because I routinely need to answer inbound voice calls from sketchy numbers, time-sensitive, because they could be a delivery driver or a taxi service. I just never know. The app does tag known spammer numbers, which sometimes turn out legit after all?
I consider SMS the worst mode of communication bar-none. It's locked to a single device with a single SIM. They can't be categorized, organized, tagged, forwarded, managed en masse, exported, or anything. To me it's a single-stream jumble of electronic jerks demanding my immediate attention and reactions over a most impersonal medium. I likewise disdain voice calls in many cases, so don't get me started.
The undeniable way to stop spam texts is to litigate. You’re put onto special lists at “number reputation” “data brokers” and the texts magically stop.
At up to $1500/violation, there are a lot of lawyers out there willing to help out with this.
People here are saying that doesn't work on political orgs, does it?
Whitelist does.
Perhaps reputation-based / fee-based systems as well, where an origin number (or network) has a given reputation, puts forth a bond against abuse claims, and pays a sizeable penalty for each message after the first (or perhaps some n number of claims) on which an abuse claims is placed.
This is effectively the Metafilter mechanism, in which participants pay $5 for an account. Payment mechanisms are flexible, third parties may sponsor accounts, etc. On abuse that fee is forfeit. Casual activity is unlikely to trigger this. Malicious abuse gets expensive fast.
The reason for permitting a few freebies is to allow for services such as mailing lists or other mass distributions which might find themselves specifically targeted. What's being tested is the capacity to rapidly address any claim of unwanted contact and not repeat it, not to simply penalise each instance of abuse.
Again, the really bad spammers are generating millions or billions of messages per month. Not a few dozens or hundreds. Those are the key targets of countermeasures.
E.g., "FCC slaps $300M fine on “largest illegal robocall operation” it’s ever seen" (2023)
The fined party made "more than five billion robocalls to more than 500 million phone numbers during a three-month span in 2021".
<https://arstechnica.com/tech-policy/2023/08/fcc-slaps-300m-f...>
https://news.ycombinator.com/item?id=41704119
In the US you can report the spam texts by forwarding the message to 7726 (“SPAM” on your keypad) at which point your carrier will text you back and ask for the source number. This doesn’t report the message to the government agencies but just your carrier, so they can hopefully punish the platforms sending spam.
Use a site like https://www.freecarrierlookup.com/ to see which carrier or platform sent it, which is useful for the next step of reporting offenders.
Now report the incident at the FTC and FCC websites. Do this every single time so it eventually creates difficulties for the platforms enabling this. Mention the carrier or platform carrying the spam. Put in all the details correctly.
https://reportfraud.ftc.gov/
https://consumercomplaints.fcc.gov/hc/en-us/requests/new
If it is an iMessage you should use the built in “report junk” feature.
You can also go to the website of the platform that carried the message to report things through their abuse reporting pages, but not all of them are diligent. Some are happy taking money from spammers to abuse you, and will make you keep reporting each phone number that spams you because they do nothing about it except block that one number from contacting you. They won’t fix the underlying root cause of why they have all these illegal abusers as customers.
My personal experience is that the vast majority of text spam comes from a few offending text messaging platforms - for example Sinch (https://en.wikipedia.org/wiki/Sinch_AB) and Bandwidth (https://en.wikipedia.org/wiki/Bandwidth_Inc.) for example. These are potentially seemingly commercial platforms for spammers. Note that Sinch owns Mailgun and Mailjet too and has a long documented history of legal trouble due to spamming. Businesses should avoid using these platforms because their own reputation and delivery will be affected by being mixed with spammers.
The fact that I'm not replying even after your second attempt should be a strong indicator that I want you to remove me. If you send me three mails, I'll mark your email as spam and block you.
Many feel that this isn't actually effective in stopping spam.
<https://en.wikipedia.org/wiki/CAN-SPAM_Act_of_2003>
You could also do what I do: go paperless for everything and then you'll never receive legit mail again. Tip all the rest into the rubbish bin!
My new health insurance carrier has sent me no fewer than 9 letters this month, 6 of which contained new ID cards...
- stalkers and trolls live off reactions, both positive and negative ones
- spammers will use your reply to verify there's a human at the other side
- colleagues and friends will hate you because everybody thinks they're important
Replying only has negative effects. Use client-side filtering, kill files, blocking functions, or ignore the text - whichever fits best.
https://www.cullenllp.com/blog/fcc-adopts-new-tcpa-opt-out-r...
Things may have changed since, but used to work sending 8m sms messages before breakfast every day to people who subscribed to news, sports scores, etc.
> NETWORK MSG: You replied with the word "stop" which blocks all texts sent from this number. Text back "unstop" or "start" to receive messages again.
I assumed it was from my carrier (T-Mobile in the US), but now I'm wondering, as I have gotten different replies from other numbers. Maybe it came from the sender's provider? Or is just misleading.
For real spam, sure, but for semi-legitimate spam like real businesses and political fundraising, I'm not sure this is actually true. I have found replying with STOP did reduce the volume of political spam I was getting. I think it makes intuitive sense that they should try to respect opt-out signals: you don't want to piss off the people you're trying to appeal to. It hasn't entirely eliminated them, but it seems to have been more effective than Junking them.
Could just be coincidence, of course. Who knows.
I don’t distinguish anymore. There is no such thing as a legitimate spammer. If you contact me without my consent, you are at best a nuisance and at worst a threat. You get marked as spam if E-mail, and blocked+trashed otherwise. I really wish SMS and iMessage had a way to mark senders as spammers.
> I really wish SMS and iMessage had a way to mark senders as spammers.
On my iOS phone in the US, there is a "Report Junk" button in the text message app. I'm not sure what it does, to be honest. The point of my comment was that replying with "Stop" has, for me, been a better way to reduce spam from (what I am referring to as) semi-legitimate spammers than "Report Junk" has been. That goes counter to the "never respond to spammers" advice from the comment I was replying to.
This is all just going from my personal experience over the past few months, though, and could well be a coincidence.
To report people properly and actually improve the messaging experience for everyone, you have to follow the steps I mentioned in my other comment: https://news.ycombinator.com/item?id=41704119
Depending on your carrier and country or region, reporting spam you receive with SMS, MMS, or RCS shares this information with your carrier and its affiliates.
https://support.apple.com/en-sg/guide/iphone/iph203ab0be4/io...
Enable "Do Not Disturb" or its equivalent with your provider to make contacting you costlier and reduce spam. Then, manually block every number that contacts you.
"The SMS scam filter will not block unsolicited or unwanted commercial messages or ‘spam’. To unsubscribe to legitimate business spam or marketing SMS, you can reply STOP."
https://www.telstra.com.au/cyber-security-and-safety/active-...
Besides, this seems to be an US only thing so it will only work for law abiding US based spammers^H^H^Hdirect marketers. Not for spammers outside the US, US based spammers that don't care about the law or scam/phishing messages.
No, it blocks that mailchimp sender account from contacting you again. It doesn't block the sender from contacting you again through other means or through a different identity.
Would you like to buy a bridge?