Robocallers Win Even if You Don't Answer

Sarah Krouse, reporting for WSJ: Caller ID is feeding one of the very problems it was developed to stop: junk calls. Illegitimate robocallers, or outfits that flood American landlines with marketing calls, use the decades-old identification system to make money, even when no one picks up. While scammers' biggest paydays come from tricking victims into handing over credit card or bank account information, many robocallers make incremental cash along the way, thanks to little-known databases that try to identify who is calling.

Each time a caller's name is displayed, phone companies pay small fees -- typically fractions of pennies -- to databases that store such records. Some of these fees are handed back to the caller. With millions of automated calls a day, the amounts can add up. "It's slow nickels, not fast dimes" for scammers, but it helps offset the costs of making the calls, said Aaron Woolfson, president of TelSwitch, a company that licenses out telecommunications-billing software.

for every crime there is a law

[mapkinase]

One just need to apply it. Make a poster boy from one of the robocallers. Feed him to alligators, hang him on a Time Square, do something memorable with these invasive pests.

Humanity and dignity cannot be achieved without dehumanizing and removing any shred of dignity from the worst.

Weed out the weaklings, clean up the city

Put on your black shirts.

Re:for every crime there is a law

[dgatwood]

We tried to hang one in a time cube once, but it turned out that the day really is split into four days, and the guy just ended up in one of the other three.

Re:for every crime there is a law

[sjames]

Require real caller ID. It's not like the phone company doesn't know who to bill. Set up *?? to report a do-not-call violation. If a particular number racks up enough of those, launch a full investigation. If the phone company lets a spoofed caller id get through and it is reported to do-not-call, they either figure out who really called or pay the fine themselves.

Before someone complains, allow any extension to report the main number as a caller ID. Allow 3rd parties to use a company's name and number IFF the company signs in blood that the 3rd party is a duly contracted representative and takes responsibility for any violations. Or they can use a reflector to make the calls actually originate from them.

If a foreign phone company won't comply, reject all of it's caller id info and change the id to "caller from [country]" OR just stop accepting calls from that carrier until they change their ways.

We're already to the point that many people don't even bother to answer their phones anymore. If this isn't brought under control soon we'll start seeing cellphones that do internet ONLY. and the telephone will be dead.

Re:for every crime there is a law

[tlhIngan]

Require real caller ID. It's not like the phone company doesn't know who to bill.

Except it won't work. One reason for spoofing the number is simple - many PBX systems at an office have lines that are dynamically assigned - if you call out, the PBX picks a free line and connects your call to it. Those lines will have numbers associated with them, but you can't call them because they're not valid DID or hunting line numbers. So the PBX tells the phone company to spoof either the DID number or the main phone number. (Likewise, when a DID or main line call comes in, the phone company picks a line and tells the PBX which number it's for).

No, what you REALLY want is phone companies to do the same thing most ISPs do now - source IP verification. As in the spoofed number they get must be associated with the group of phone lines it's coming from - so an office can hand out spoofed numbers properly, but they can only hand out numbers they actually own.

The only problem now is VoIP providers who rightfully have to spoof numbers to indicate who is really calling - again, they buy a huge clump of lines and those numbers are inappropriate for the calling party. And the problem is the database of valid phone numbers from those VoIP providers can be rather big to do a number verification. (Plus, it's just as easy for robocallers to sign up, wear out the number, abandon the account and sign up again). What may help is if the phone company could put like a "VoIP: Provider: Name" to the caller ID, so you'd get "VoIP: Vonage: John Smith"

Re:for every crime there is a law

[sjames]

At least do me the courtesy of reading the whole damned post. It wasn't that long. It wasn't even as long as yours. In particular, read the second damned paragraph again and again until you see that I answered your concern before you even raised it AND proposed the solution you suggested.

As for voip, it's on them to either provide proper caller ID or pay the fines themselves (see 1st paragraph) or if they are not in FTC jurisdiction, see 3rd paragraph.

Re:for every crime there is a law

[sjames]

Actually, there is. The PSTN isn't magic, it has switches, and ports just like the internet. While a call could be routed through another country or telco, those can be handled by the same rules. Do not route telco A to us OR ELSE.

Do you really think an American telco will accept a call without knowing who to bill?

Re: for every crime there is a law

[orlanz]

But we do this already today. Pretty much everything you and the GP posted. The main problem is:
"Plus, it's just as easy for robocallers to sign up, wear out the number, abandon the account and sign up again."

It's too costly and slows down business transactions to do a full background check and audit trail to vet out all the spammers. Imagine it takes a month to get residential telephone or cell phone.

Plus the total number of spammers is a really really small number compared to the legitimate customers signing up. This small percentage makes all those calls.

So people will still get through and spam you but the general customer pays both ways. Even if you vet all the spammers out, they just need to find one legit idiot to route through. By the time you wack a mole that one idiot, they got 2-3 others lined up.

It's not as easy of a problem as everyone thinks on these forums. Of course there is stuff the ISPs should be doing, but it's not a cure.

Re:for every crime there is a law

[squiggleslash]

He literally covered this in the second paragraph, starting with the words "Before anyone complains" clearly anticipating that this would be something Slashdot's army of Actuallys would need an answer to. The response you wrote out is not only longer than the paragraph you skipped, but the entirety of his message.

Re: for every crime there is a law

[Wycliffe]

It's too costly and slows down business transactions to do a full background check and audit trail to vet out all the spammers. Imagine it takes a month to get residential telephone or cell phone. Plus the total number of spammers is a really really small number compared to the legitimate customers signing up. This small percentage makes all those calls.

It might be a small percentage making the calls but it's approaching 85% of the calls I receive and most of my friends receive. I would be willing to pay the $25 and wait the 30 days to get a phone if it meant that it reduced the number of phone calls I received by 85%.

Another possible option if the phone company is just too archaic is to implement 2FA. If I could sign up for a service where everyone who calls me has to type a code received by text, I would sign up tomorrow. You have a spoofed number, you don't receive the text and you can't get thru. Calling from a landline or voip that can't receive texts, too bad, call me from your verified cell phone or contact me in another way. Most legitimate businesses don't actually call you anymore anyways. Most of my legitimate calls are from other cell phones.

Re:for every crime there is a law

[radarskiy]

"And the problem is the database of valid phone numbers from those VoIP providers can be rather big to do a number verification. "

The providers know who to bill... but somehow they don't know what ID to apply.

Re: for every crime there is a law

[orlanz]

I agree with the 2FA like solutions. My original point was that it's rather difficult to do it centrally without collateral damage; not to mention there is very little financial incentive for the players. But a distributed model would work.

Personally, I like white & black lists. If you are not on it, you go to VM. I will call you back/whitelist you. Message 4 seconds, no notification to user. If I blacklist you, then you get a "Subscriber not found" message. I should be able to do wildcard based white/blacklists. 212 151 ****.

Centrally, if too many people blacklist a number; an investigation starts that hunts down the owner. Most importantly, that number is considered used till the investigation ends. That should slow the number churn and incentivize the carriers to be more careful handing out numbers.

This should be for both landline and cells. I doubt the carriers will do the central bit for us.

Re: for every crime there is a law

[mark-t]

And what do you do if you had intended to accept calls from unlisted parties where no identifying information is transmitted?

All you can do is not answer the phone, forcing the caller to leave a message (which a robocaller will often do, filling up space on your voice mail and taking up just as much time to purge it as it would to answer the phone and hang up), whereas plenty of human callers may end up not leaving a message at all because of a preference for full duplex communication.

Re:for every crime there is a law

[green1]

complete BS.

Almost all of these calls come from overseas call centers, and yet every single one is spoofing my own local area code and even local exchange prefix (they hope you'll think it's someone nearby calling and actually pick up). It's pretty obvious that not only is this outside the realm of "number portability", I can also guarantee that they are spoofing numbers that are from a completely different telco than they are calling from, probably even numbers from the telco they are calling in to.

I can't even imagine how much incompetence would be required not to be able to filter out CID coming from outside your network that claims to be coming from inside it. This has absolutely nothing to do with "can't" it's entirely "won't". The sad truth of the matter is that telephone companies are paid to process phone calls. They have no financial incentive to reduce the number of calls on their network.

Re: for every crime there is a law

[reanjr]

I blame the shitty /. UI. You go to reply and when you get to the reply screen you can no longer see the original comment, nor can you use the back button (which takes you to the top of page). It's exceedingly frustrating, and I know at times I end up making assumptions about what I thought I read by the time I'm done writing and proofreading my response.

Re:for every crime there is a law

[swb]

Number portability means there is a database made available to telcos so they know where to route calls. "It's hard" was their principal objection to number portability, they wanted the simpler and less intensive route maps where telcos owned entire exchanges and could route calls with less effort and maintenance.

But now that we have number portability, telcos should be able to use that same database to determine if calling party identification actually matches the origin of the call. Businesses with PBXs and DID blocks should already be in this, as should the numbers associated with their trunks.

Bottom line is that they just don't want to, probably because of money changing hands someplace.

Either they don't want to annoy a service provider client with a huge set of trunks who could pretty easily find some other carrier to provide them with trunks or they're getting per-termination fees from the inbound source and don't want to disrupt them.

Re: for every crime there is a law

[mark-t]

Turn off your voicemail and have a message saying to send you a text.

No good... it blocks anyone who is calling from a landline and has no ability to text.

This eliminates most spammers and prevents you from having to spend time trying to decipher a voicemail.

It also eliminates people who hang up as soon as they hear a recording because they happen to be uncomfortable talking to what they know is a machine. The fact that they wouldn't have to leave a message is irrelevant because they haven't listened that far.

Is this a paid promotion for WSJ?

[alzoron]

The article is apparently submitted by: "Sarah Krouse, reporting for WSJ:" and there's no link to a non-paywalled source. At least have the decency to mark this as a paid promotion if that's what it is.

The people behind robocalls...

[hyades1]

It should be legal to hunt them...no season, no limit. In fact, there should be a bounty.

Re:The people behind robocalls...

[Linsaran]

Sounds like you could really use some time away from it all. Why not take a cruise!

Simple answer

[imidan]

phone companies pay small fees -- typically fractions of pennies -- to databases that store such records. Some of these fees are handed back to the caller.

Knowing nothing else about the problem, I suggest that phone companies stop contracting with databases that hand fees back to the caller, or else make it hurt. If AT&T and Verizon declare a new policy to pay their fee less an amount equivalent to whatever the database hands back to the caller, the practice will end double quick. The database suddenly gets a big incentive to stop those kickbacks, and the profit motive for the scammers dries up. This, without any loss of income on the part of the phone company. The databases can't exist without the patronage of the phone company, so the phone company has a lot of power.

Re:Simple answer

[Wycliffe]

The databases can't exist without the patronage of the phone company, so the phone company has a lot of power.

Not only this but the database is mostly obsolete. I haven't had a cell phone that used the callerid database for probably 10 years. It shows the name if they are in my contactlist but not the name of people not in my cellphone's local contactlist. I'm assuming callerid might still be used for landlines but who has landlines these days? Everybody I know uses cellphones for personal and voip/pbx for businesses.

It doesn't even work

[imidan]

I can't read the article because of the paywall. But I can say I don't even see any caller ID information for 99% of the spam calls I get. All I see is a phone number. It's usually a fake phone number (I assume because it's my area code and prefix plus a random 4), but there's no name associated with it. If my phone company is paying anyone money for the "service" of displaying a fake phone number to me when I get a call, then maybe they should rethink that.

Re:Stupid America

[ledow]

America have always had it backward.

I pay NOTHING for any unsolicited call that makes it to my phone. There's no way to make a call to me that doesn't cost some amount of money to someone somewhere. But it's certainly not me paying.

The only way to get me to pay is to try and trick me into dialling a number for whatever reason. Which ain't gonna happen unless it's a 0800 (free) or 0845 (local rate).

Why on earth would you charge someone - who's already paying monthly fees or whatever to keep the line active - for daring to use your service to receive a call, especially if anyone in the world can cause that charge to the end-user without their consent? Ridiculous.

As such, my phone stays silent of any unsolicited calls through the vast, vast majority of the year. I just received 2 texts from a credit card company to tell me their systems were down and I'm annoyed at it and looking up how to make them stop. It's really that abnormal.

My phone number is unchanged for 15+ years and been transferred through several phone companies in that time (so prime opportunity for it to "leak"). It's the number for my bank, etc. so it's in a lot of databases, but I don't get spam calls or texts.

If I ever do (rare), then it's always from a withheld number or a number that - when I Google - pops up on all the anti-spam sites detailing others experience when answering those calls. "Oh, yes, this is actually British Gas, it's genuine", or whatever. Guess whether I answer that or not, or whether I then just it to a "spam" contact with silent ringtone and auto-refuse the call.

I stopped using landlines many years ago, but pretty much it's the same there. Register for the proper services, tell people to bugger off, never tick the "you may contact me by phone" box. If it annoys, literally it costs pence to change your number.

I manage the switchboard in work too... where the phone number is 20+ years old and has gone from analog, to ISDN, to SIP over the years. The number of duff calls is really, really low and usually just companies who found the phone number online and are touting for business. GDPR is going to cut that in half, at least. We don't actually have to block any numbers that come in, because it's just not big enough a problem. And it costs a pittance to run a SIP trunk capable of supporting a huge number of lines, when you're not paying for every incoming inquiry.

I have actually reported, to police, more cyber-fraud attempts - including chatting on the phone to the finance department trying to get them to authorise a phony payment sent by email - in the last year than I've received unsolicited calls.

Because, when the spammers have to pay, it's not as easy to talk people into quickly buying some junk. We don't have (or even allow) political robocalls without explicit consent, and never have. What kind of nonsense is that?

Honestly... my last unsolicited call on my mobile was... hold on... scrolling... scrolling... September? And that's because THEY have to pay for them, not me.

America really needs to wake up about the "everything is about money" thing, and the "my data needs to be respected".

Headline contradicted by summary

[gdr]

The headline says "Robocallers Win Even if You Don't Answer". Summary says "it helps offset the costs of making the calls". So if you don't answer (and therefore the scammer doesn't get any money from you) the scammer makes a loss on the call, they don't "Win".

Re:Headline contradicted by summary

[PPH]

Sounds like when you receive a call and you have caller ID, a lookup is done in some third part database. Paid for by your phone company. The payment is split between the database owner and the caller.\

My VoIP line displays the calling number, but no further identifying information. So I imagine that no db search fee is being paid. I can maintain my own whitelist of people I know and the rest just remain unknown.

Re:Stupid America

[110010001000]

You guys aren't understanding what is happening. The person who was called isn't paying anything. That hasn't been true in decades in America (landline or mobile). What they are saying is the CALLER gets money from the phone company when their number appears on a caller id. Personally I doubt this is true but I didn't read the article. The reason you don't get called as much as America is because America is highly targetted due to the high number of English speakers and the relative wealth of the residents. Scammers don't speak German or Polish or whatever. They speak English.

Re:One way to discourage them from calling

[aaarrrgggh]

This used to work, but not any more for the egregious offenders. It only hurts the "legitimate" call centers trying to renew your paper subscription or some other menial task.

The robocallers have bots on the other end, and drop most of the calls they make anyway.

agreed

[nten]

It sounds like that is exactly what is happening though. I only get numbered spam. Also, I seem to get less than my friends and family. I think it is because my number lists as a landline instead of a cell. But that is just speculation. I don't get spam texts either, or is that still a thing?

Re:One way to discourage them from calling

[110010001000]

There is a website like that (Youtube). There are entire channels devoted to that. Search for "lenny robocall" for some hilarious ones.

Re:TFA is paywalled-use firefox

[schwit1]

Firefox has add ons to get around pay walls

Making money?

[tomservo84]

So, can I just call one of my cell phones from my landline millions of times and start making money? WTF is this? Why does the caller make anything?

Re:Voice mail another acknowledgement

[green1]

Great idea, all that's missing is any incentive whatsoever for the telecommunication industry to care. They make money from phone calls. They don't exactly have any incentive to reduce the number of calls on their network, and they don't care whether or not they're legitimate.

I'm afraid I don't see any of that changing without regulatory requirements. All of the technical solutions I've seen are dead easy to implement (compared to the scope of their business). What's missing isn't the means to make a change, it's the desire to do so.