VoIP to Fuel Plague of 'Dialing for Dollars'/Spam

Ant writes "Broadband Reports says Internet News is exploring how telemarketers world-wide are realizing they can dodge long-distance costs (and U.S. "Do Not Call" restraints) by voice spamming VoIP users. Different from SPIT (spam over internet telephony) because it's not automated, an analyst in the article predicts homes and businesses could see some 150 calls a day from overseas call centers."

The ring that keeps on ringing

[erick99]

I am surprised that this hasn't happened sooner but I believe it will happen. I wonder what sort of culture shock we will have when our home telephones are rendered useless because they ring non-stop? I am getting just over 400 email spam a day so 100 to 150 phone calls a day (especially at a cost of only a penny or so each according to the article) seems believable. While spam filtering rids me of all but two or three email spam a day in my inbox, is there a technology that will do the same for my home phone. God, this sure will be interesting (and yes, I understand I have employed a bit of hyperbole).

Re:The ring that keeps on ringing

[dsginter]

Here's what I don't get:

There exist many methods for anti-spam authentication. Why hasn't someone implemented one of them in an "Email 2.0" style service with the single feature being "not compatible with existing email, including spam"? After the first service opened up for business, there would be more. And more. Until Spam was gone for good.

We can see that people are getting to the point of ditching it entirely so why not move to something that fixes the problem at the expense of backward compatibility? This befuddles me to no end. I'd sign up in a heartbeat and so would everyone email user that I know.

Can we just FUCK backward compatibility for once? Why is it so damn important?

Re:The ring that keeps on ringing

[porcupine8]

Why hasn't someone implemented one of them in an "Email 2.0" style service with the single feature being "not compatible with existing email, including spam"?

Why on earth would I (or anyone) use this? The entire point of email is communicating with people. If I got an "email 2.0" address, but nobody who needs to email me has one, what would be the point in me having it? And if it got popular enough that the people I want to communicate with all had it, wouldn't the spammers just get it, too?

Now, I could maybe understanding coming up with something like this for intra-company communications or something, where a specific list of people would get the new format of email and they could all talk to each other but nobody from the outside could email in. But they'd still need traditional email for any communications outside the company. And what company could do any business these days without emailing (or receiving email from) anyone outside?

I just can't see any way at all that something like that would work.

Silly Idea

[fembots]

What happens if the cost of each almost-continuous call is incremental?

Say the first 10 VOIP calls are free, and if you make the 11th call within 5 minutes of the 10th call, you pay 1 cent, and if you make your 12th call within 5 minutes of your 11th call, you pay 2 cents, then 4 cents, 8 cents and so on.

Private callers shouldn't have to pay anything due to the engaging nature of personal calls.

Businesses will have to register to get exemption from the charges, thus easily identifiable.

Like spam filters, this won't stop spammers from spamming, but hopefully it's enough to make it less profitable.

We didn't see email spams coming, but we should definitely do something on VOIP when we have the opportunity.

Re:Silly Idea

[blanks]

Yes this would make it more expensive for the spammers to make the calls, and maybe it will keep some of the companies from following through, but with telemarketing if I remember correctly, the costs could be up to .25 per call (connected call) so anything less this this would be doable.

Also keep in mind that a way around this would be to have a dozens (hundreds?) of VOIP services, meaning you would just need a system to switch between "lines". And that technology all ready exists.

Better fix this

[BWJones]

"The average enterprise or household could see as much as 150 calls a day from these telemarketers. It has to happen, because it is a market force that takes the market feedback and makes it into a profitable approach."

Ah, so this is how they are going to use all that dark fiber. :-P

Seriously though, it would be in the phone companies best interest to figure out how to block this. After the legislation for the do not call list, calls to our home plummeted. And rightly so. If I have to deal with telemarketers calling my home again, I will simply have the phone company disconnect my land line, especially with the prospect of 100-150 calls/day. Most people that really need to get ahold of me immediately can use the cell phone or email/IM me anyway. As for calling people at work, I cannot figure out how businesses will tolerate this. Businesses will be more likely to pressure phone companies to limit this kind of activity as it impacts productivity.

So, I don't really care how they do it, but from an end users perspective......They can either fix the loopholes and prevent phone spam or they will lose business.

On another note. Serious question to all the Slashdotters: Has anyone here actually bought ANYTHING from a telemarketer who called you? I have never purchased any good or service solicited over the phone, and I am wondering who it is that actually keeps these knuckleheads in business.

Re:Better fix this

[blanks]

To answer your question, most telemarketing is either collections or credit cards, or charities. I have had many friends that have worked in collections and charities and you wouldnt belive the amount of positive sales they would get.

Re:Better fix this

[networkBoy]

get a 1-900 number. Simple.

All your friends have an unlisted number that is held private, or have a code to bypass the billing on the 1-900 line. Everyone else pays a buck a min. (15 min. minimum). I'll let them telemarketers pay me ~$180/Hour (figuring an average 5 min. call).
-nB

Vroom!

[greg_barton]

Gentlemen, start up your whitelists!

What?

[bigtallmofo]

You mean U.S. laws don't apply everywhere? We should get that law changed!

They will throw themselves upon the firewalls...

[FyRE666]

Russia, China, India... Who'd have thought these would be new sources of spam?! I routinely block these domains/net blocks from sending email into our networks (along with a few of the other well known spam sludge pits), so would it really be that difficult to firewall out all VOIP traffic from these places too? Maybe if enough people just cut them off they'd change their attitudes to providing havens for (mostly) American spam "companies".

In fact, I'd imagine these call centres would be easier to firewall off the 'net than spammers, as it would be harder to switch net blocks once a blackhole service was set up to list the offending address ranges.

Call Blocking?

[Ironsides]

So how long until someone hunts down those IPs and offers up a list for call blocking of them? Also, how long until someone writes a program that will DDoS of some form or another those same call centers or something similar that will harass the call centers?

Not automated. Hmm

[wowbagger]

So, when one of these turkeys calls me, I can keep them on the line until I traceroute where his call is coming from, then go after him and his ISP with any number of legal charges as well as possible DDoSs.

Yes, that sounds like a GREAT way to make money.

Re:Not automated. Hmm

Yeah, I got a spam that I went through the same spiel with. Checked the headers, did some dns lookups, etc. etc. Finally I found the responsible ISP.

Problem was, when I sent my subpoena to Novosibirsk all I got back was a legal notice saying, and I quote...

"In Soviet Russia, jurisdiction limits YOU."

Culture shock

[Tackhead]

> I wonder what sort of culture shock we will have when our home telephones are rendered useless because they ring non-stop?

It's already starting.

Ignoring people who have abandoned land-line phones for wireless, most of my friends are in the "phone by appointment only" mode.

If you want to talk to me on a land line, email (or IM) me first and tell me when you'll call. Otherwise, the damn thing stays unplugged, and/or with the ringer off. If I ain't expecting someone's call, it ain't getting answered.

Re:Culture shock

[panaceaa]

Maybe this works for you, but in my life things don't always go as planned. If my girlfriend is in an emergency situation (and it has happened), she contacts me by phone. Because it is an emergency, it may be from a phone number I do not recognize. She will likely not have access to email or IM before calling me. So a random call comes in from a random number... and guess what? I have to answer it because I care about her and it might be her. Until other less-obtrusive technologies like IM are ubiquitous and can be used in emergencies, this cannot change for me.

VOIP spam is a really scary and almost unavoidable future. To combat it, I only give out my cell phone to people I know. I always give businesses my home or work number. But if it starts to be a problem, I bet a lot of the profiling techniques already used for filtering email will start happening on phone networks. And thankfully, I have never heard of a VOIP open relay, so we'll have a better chance at stopping the problem at its source.

Herm wait . . .

[OverlordQ]

so the DNCL only covers POTS Spam? IMO my number is in there, so no matter where they're coming from or through, be it POTS or VoiP they can't call me, further more theres'a nice tidbit on that DNCL site:

33. Are telemarketing calls from overseas covered?

Yes. Any telemarketers calling U.S. consumers are covered, regardless of where they are calling from. If a company within the U.S. solicits sales through an overseas professional telemarketer, that U.S. company may be liable for any violations by the telemarketer. The FTC can initiate enforcement actions against such companies.

re-routing

[COMON$]

until I start re-routing their calls to each other. Think of it, a simple firewall that sits on your network that re-routs overseas calls to each other. Just keep a list of numbers and add new ones as they come in, completely automated...get a couple thousand Voice over IP users to do this and viola, problem solved. Old fashioned ping of death, DOS attacks. Perfectly legitimate because I am just returning their calls right???

We need laws, but tools too

[Frater+219]

We're going to need some basic trespassing legislation here: in brief, a recognition that my phone is my property and that your freedom of commercial speech does not extend to the use of my property to carry your speech at my costs.

However, we're also going to need some software tools. A lot of sites, my own workplace included, are rolling out VoIP systems. Some of these are COTS systems of various levels of quality. Others (like us) are using open systems like Asterisk PBX and SIP Express Router (SER). Currently, as far as I have seen neither the proprietary nor the open tools have what it takes regarding abuse rejection:

• Dictionary attack rejection. Any caller who makes a vast number of wrong numbers in a day is just trying to guess numbers, and should be rejected.
• Call rate limiting. A single caller IP address should not be able to make a vast number of simultaneous or near-simultaneous inbound calls.
• Site-local blocklisting. One good way of telling if an IP address is going to spam me is if it has spammed the guy the next office over. The VoIP PBX is a good place to aggregate abuse information. Asterisk has the beginnings of a blocklist system, but it's not quite there yet.
• Distributed blocklisting. DNSBLs have worked very well in the email world, where a single highly reliable list such as Spamhaus SBL-XBL can deflect over 50% of spam. We will need this ability in VoIP.
• Abuse reporting. If I'm getting VoIP abuse from your site, I need a way to report it to you or your ISP. Likewise, VoIP sites that want to be reputable should offer call recipients a way of reporting harassment, spamming, and other sorts of abuse.

Re:Silly Idea - We saw it coming

[Nom+du+Keyboard]

We didn't see email spams coming,

Actually we did. The infamous Green Card Lawyers carpet-bombing Usenet told everybody paying attention that we stop it now, or it will only get worse.

Problem with politicians is that they don't react to a problem until after it has grown out of control. And they don't listen to the people who do see it coming.

That's why to this day, CB radio skips clear around the world. They didn't listen to the experts about assigning frequencies. Even now, with spam a problem for everyone, there is little in the way of effective law against it.

Voicemail voicemail voicemail

[hoggoth]

"Hi this is John. I am screening my calls. Please leave a voicemail and I will call you back."
"Hi John, this is Pete. You just tried to call me, and left me voicemail about my attempted call a few minutes ago. Please call me back."

Re:They will throw themselves upon the firewalls..

[Hoi+Polloi]

"Russia, China, India... Who'd have thought these would be new sources of spam?!"

Make sure you add to your list America's own 2nd/3rd world state, Florida.

Sad, But True.

[Threatis]

As someone who worked as a Telemarketer for about a year, i can tell you that this will happen. the company that I recently worked for was putting together a "voIP team" to tackle all the new tech popping up around it. Sad that this is the world we live in now, where people feel the only way to sell a product is to market it directy to someone over something as personal as a Telephone.

new acronym proposal...

[Lord+Prox]

PHLEGM PHoning Longdstance by Eurasian Gangs / Marketers

Sue them!!!

[www.sorehands.com]

Use the laws to file a lawsuit against the spammers that spam or the people who hire the spammers. Spamming is motivated by profit, lawsuits against spamers will remove that motivation.

I got spammed by Avtech Direct. I sent a demand letter, they were nasty in their response. I filed a lawsuit against them, and arranged for 15 other people to file lawsuits. When they appeared in court against me, I served them with the 20 other lawsuits. So far, only 5 of 21 cases were heard, they have over $11,000 in judgments against them. I have not seen any spam from them since.

Re:Sue them!!!

[Profane+MuthaFucka]

Go to the Sheriff with the judgement and hire him to go in and start confiscating property. Show up with the Sheriff to helpfully point out particular items that they should take. The Sheriff with sell the items at auction, take his cut, give you the rest. At that time you will have the opportunity to purchase (along with the rest of the public) some of the choice items that you suggested the Sheriff should take, cheap. If it weren't for mechanisms such as this, nobody would pay any judgements. Make the system work for you.