return to table of content

Report Phone Spam – Shut down robocallers and text spammers

aimor
45 replies
18h7m

I've been reporting spam calls and texts to the FCC for a few years now. Does it do anything? I don't know, certainly not immediately, and the problem persists.

I tried the method spelled out here for my latest batch of "Your USPS package has arrived" texts, but the phone numbers (example: +63 936 631 6676) just give an "invalid number" response. Not unexpected.

Every official channel seems to be failing us on this one. Spam calls still exist, spam texts still exist, and even fake government websites still exist. I don't understand why a .com site like https ://usps.com-helpnk.com/ is still up.

jimmydddd
32 replies
16h29m

I disagree with the posted page that the telecoms are interested in stopping spam. If they really cared, they would have addressed it by now. I suspect they are somehow making money from the spam callers.

drdaeman
15 replies
16h12m

telecoms are interested in stopping spam. If they really cared, they would have addressed it by now

I'm not so sure about this. No one (except for, obviously, spammers) benefits from email spam, every mailhost and network admin is most certainly interested in stopping it (to some extent), and yet my mailbox can prove that spam is still very much alive.

Solving spam problems in a highly distributed large federation of networks is not simple.

However, I think there are less telecoms than LIRs and mail systems out there, and they typically have better control over who their clients are (less hacking, though I could be wrong), and there's not enough pressure on them (spammy mailhost's gonna get banned by every RDNSBL real quick, telcos - I don't know, but I guess not so much?), so I can certainly agree that telecoms have issues with their incentives. I could be wrong about this, though - I don't really know much about the telephone industry.

calamari4065
6 replies
14h10m

The analogy doesn't hold because anyone can send an email to anyone else on any service at any time.

You can't exactly just climb up a telephone pole and tap off a few phone numbers for yourself. You have to explicitly enter into a contract with a service provider to use their infrastructure.

Spammers and scammers are wasting infrastructure resources that the telcos could be allocating to users. The telco can just cut your access off if you abuse it.

If I spin up an email server, no one entity can stop me sending email to anyone else. Gmail or Outlook or other services can block me individually, but there is no centralized network and no central authority that can refuse my connection. [0]

I suspect that telcos don't want to do anything about abuse because it's a very large fraction of their total traffic. The artificially higher utilization of the network gives them more justification for their prices or gives them some sort of good boy points for having x number of users. I don't really know how any of that works, just a wild guess.

[0] There are centralized blacklists and other ways to communicate that a sender should be widely blocked, but that's not the same as a telco refusing to physically connect you

TedDoesntTalk
3 replies
11h34m

You have to explicitly enter into a contract with a service provider to use their infrastructure

Sounds like you’ve never used Twilio before - or any other API-based SMS system

selcuka
0 replies
10h52m

Isn't Twilio your service provider in that case?

callalex
0 replies
10h27m

Have you tried recently? There’s a ton of regulation mandated paperwork and registration required these days.

axelthegerman
0 replies
5h3m

Ehm you need to create an account, accept their TOS, enter billing information and then some.

They can easily disable your account should you break the TOS (or for any reason really)

Not quite the same as hosting an email server somewhere

kmoser
0 replies
11h7m

there is no centralized network and no central authority that can refuse my connection

Your ISP/host can refuse service (assuming somebody convinces them to take that step). That doesn't mean you can't find another, but they are your connection to the Internet.

axelthegerman
0 replies
5h5m

You have to explicitly enter into a contract with a service provider to use their infrastructure.

Exactly. And proper providers make legitimate users jump through so many hoops. E.g. with Twilio I can't even send text messages to US long codes (regular numbers) anymore without assigning "campaigns" and giving sample text messages... All I wanted is that my users can pick a phone number and use SMS as an interface to send commands and queries. They (US government and Twilio) don't even let me do that in order to "fight spam".

I suspect that telcos don't want to do anything about abuse because it's a very large fraction of their total traffic.

Same here. They keep adding process and restrictions on legitimate users to prove that they're working on it, but I don't think they really want to.

Sure, there are probably fishy international service providers that house legitimate AND spam traffic and are hard to block. But phone networks are much more centralized than email and should have better abilities to fight spam if they really wanted to (but instead keep profiting from it)

lelanthran
3 replies
9h22m

Solving spam problems in a highly distributed large federation of networks is not simple.

I agree and disagree with this statement:

1. The distributed system can't solve the spam problem, because it's not a technical problem.

2. The population can immediately solve the spam problem by responding in the affirmative to every single request they get.

What makes spam profitable is the quality of the responses - right now only the marks respond, so every response is valuable to the spammer as it is a lead that will almost certainly result in money.

If the spammer sends out 3m SMS/robocall messages, and gets 5 responses, those responses are worth actual money!

OTOH, if the spammer sent out 3m SMS/robocall messages, and got 3m responses (of which only 5 are worth money), then the spam would quickly stop.

IOW, by self-selecting into one of two groups (will give you money/won't give you money) we are making spam profitable.

This is the only way to stop spam of any kind - poison the database.

pogue
1 replies
7h50m

When you say 'poison the database' in the case if sms/robocalls what exactly would that involve?

lelanthran
0 replies
1h28m

When you say 'poison the database' in the case if sms/robocalls what exactly would that involve?

It involves never blocking any SMS/robocall: for SMS always reply in the affirmative (i.e. you want an agent to phone you), for robocalls, keep the call active for as long as you can, and reply in the affirmative for future contact.

You do that, knowing full-well that you aren't going to be buying anything.

If even half the population did that, spam SMS and robocalls would become too expensive to do anymore.

rwmj
0 replies
5h45m

I usually answer the spam calls and then try to keep a human on the line as long as possible. I get almost no spam calls on my phone now (although I'm not necessarily claiming this is a direct result).

dylan604
3 replies
14h53m

When you consider that most of this stuff originates from places outside of jurisdictions of any place that would ever consider doing something about it, you realize that legislation is worth much less than the paper it's never printed on.

viraptor
2 replies
12h59m

It's that time I get to repeat: The US is a big enough destination that threatening to drop incoming calls would work. Much like the EU online privacy regulations has international effects, the US can play the game too. It's extremely unlikely that a legit telco anywhere in the world would choose to continue spam and lose the ability to call the US. (Telcos peer to other telcos/interconnects explicitly and can force custom agreements)

koolba
1 replies
12h33m

The US is a big enough destination that threatening to drop incoming calls would work.

They should threaten to drop outgoing calls too. That’d eliminate all the useless offshore call centers.

freeone3000
0 replies
11h39m

Some sort of quite tall wall, perhaps made of fire…

callalex
2 replies
15h55m

Carriers could solve the spam problem overnight by disconnecting about 3 or 4 countries from the rest of the world. However popular that action may be, it would not be legal.

pennybanks
0 replies
13h22m

ya but now they are the racist carrier. racism hunts. witch hunts. in the far future these 2 events will look no different

grecy
0 replies
13h53m

The world has already decided to disconnect 5 countries from the global banking system, effectively keeping them locked in the dark ages....

BLKNSLVR
2 replies
16h21m

I can't see how it can be any other way than you mention.

Is it conceivable that they don't have control of who is using their network, and how they're using it?

It's not like they've just landed on the planet with this big telecoms network to manage. They created them, they set the rules, they own the gates.

It's purely profit driven, no question.

In the exact same way that Google and Meta claim to not be able to police advertising on their own fucking networks.

jcrawfordor
1 replies
16h4m

The architecture of the telephone network was designed by a complex series of historical monopolies (across multiple countries), federal regulators, and state regulators. Because of this history, the providers have a surprisingly small degree of control over the traffic that passes through their network. This is, in a regulatory sense, what it means to be a common carrier.

BLKNSLVR
0 replies
14h57m

My admittedly cynical view, then, is that the structure has outgrown it's usefulness.

Features are being added, which enable phone number spoofing and other shenanigans, at some point deep in the network, such that common carriers, at the tips of the network, have no control over.

Thus creating a scammers/spammers paradise.

gwbas1c
1 replies
13h15m

(This is a US-based response response about the US phone system.)

Because it's a political problem, not an engineering or business problem.

In order to prevent monopolies, we have very strict requirements about carrying all calls that enter the network. Otherwise, phone companies would randomly block each other as part of anti-competitive tactics to push each other out of business.

The telephone spammers take advantage of these laws, because it is very difficult to legally block a spam call. Your phone provider must carry all phone calls without any prejudice!

(So I'm about to get very close to the line about hacker news's "no politics" guideline. Please consider that spammers "hack the law" and "hack politics" before you flag me. Instead, I would appreciate it if you take a minute or two to fact check my opinion disguised as fact.)

The primary way out of this is by a legal change, not by an engineering change or culture change: We must update our laws so that it is very difficult to make and carry spam calls on the telephone network.

I personally believe that one way to do this is to require that all phone calls provide rich metadata to the phone that is ringing. I really should know who is calling me, and the phone company that originates that call should be responsible for verifying it. I would even consider a requirement that makes it trivial, or automatic, to "lift the corporate veil" on who owns the company that is calling me. Otherwise there should be strict penalties for a phone network that allows originating calls with phony or spoofed metadata.

(I also don't think anyone has a right to make a 100% anonymous phone call. I think we can figure out how to allow people who need to make anonymous phone calls to make them, without exposing the entire phone network to SPAM.)

Ultimately, every phone call that enters the phone network needs to have a strict and auditable chain of liability.

In reality, if our laws included a requirement for strict metadata, and then a requirement to make an "abusive phone call" button really obvious, we could figure this out pretty quickly: at this point it becomes a simple reputation system.

Finally, we need laws that prohibit co-opting the phone network for marketing. We may want to start with prohibiting unsolicited commercial and political calls. We need to make sure that there are no loopholes, where the company you bought something from 2 years ago is still free to call you as if you have an ongoing relationship. We need to recognize that pulling out one's phone and looking at who is calling is really a significant burden to us, and that our government should protect us from companies and politicians who think that they have the right to interrupt our day at any moment to listen to a sales pitch.

If you really care and want to put time into this, advocate politically. (And remember that hacker news is not supposed to be political.) Don't waste your time reading instructions about how to report spam.

owlbite
0 replies
11h25m

Of course, that would require the politicians to first opt their own political calls in to the existing (if largely useless) measures such as the Do Not Call registry.

batch12
1 replies
16h1m

A few questions (in good faith) for discussion:

- How do you feel about the telcoms reading/filtering your texts?

- Where do you feel these controls would be most appropriately applied? Sender or recipient or both?

- How would you define SMS spam for filtering? Should the messages be manually reviewed or automatically filtered based on volume/content?

- Should recipient telcoms filter potentially malicious or spammy voice calls?

mynameisvlad
0 replies
14h38m

Texts are not encrypted anyway, your telecom can already read and filter your texts, and there’s been several instances of it happening.

Eg: https://www.reddit.com/r/tmobile/comments/17aqv1z/tmobile_li...

pbj1968
0 replies
13h8m

All the responses to this post have been an amusing read. Apparently this forum is too young to remember all the Guyana phone sex scam numbers from the 80s and 90s…

naravara
0 replies
13h52m

I think you underestimate how ineptly run a lot of these highly-regulated, legacy industries actually are.

They care, but in the way most people care about not being fat. They still can’t make the necessary lifestyle changes to do anything about it even if it is their most ardent wish.

mock-possum
0 replies
12h4m

Less that spam makes them money, more than doing nothing about spam doesn’t cost them money.

lostlogin
0 replies
14h26m

With booking systems that use texts for appointment confirmation, several companies end up using the same group of phone numbers due to the service that sends the text having limited phone numbers.

Some of the companies are quite spammy. It’s frustrating as blocking the number risks blocking real ‘you have an appointment at xxx’ type messages.

cortesoft
0 replies
12h45m

If they really cared, they would have addressed it by now.

They care, but not enough to spend what is required to address it.

Reason077
0 replies
9h33m

In some cases it definitely seems to be the carriers making money.

I’ve never really had any issues at all with SMS spam in the UK and Europe - but I’m currently in Thailand where it’s awful! When you buy a new SIM card at the airport, the spamming starts within an hour or so. I count 18 sent yesterday alone, once every hour or so during the day.

I believe it is actually the carrier (true.th) sending them as they all follow a similar format and seem to arrive with a somewhat predictable regularity.

They even have an automated number (*137) you can call and supposedly turn off spam, but it doesn’t work: “System will cancel spam SMS within 24 hour. Thank you for using!”. Yeah right.

Only solution on iOS seems to be to disable notifications for SMS from unknown senders in System Settings. Then, at least, they only annoy you when you actually look at the messages app.

furyg3
3 replies
9h5m

Like others, I'm confused about how there's so much variation between countries on this one.

In the US, the calls and texts are a plague. If you've had a phone number for a few years you're probably getting multiple texts and calls a day, even if you are on the Do Not Call registry, from advertisers of every type and scammers alike. Lots of people have apps for blocking spam and they still get through.

In the Netherlands I'm also on a do not call registry, and I get nearly zero spam calls or texts. There is the occasional scammer SMS, and I get a spam call maybe once every 2-3 months, usually for nonprofit fundraising.

In developing countries you're spammed by both the telco and third party advertisers within minutes of activating a prepaid SIM card. The telco is almost certainly delivering the advertisements.

My guess is that the penalties and enforcement behind violating do-not-call registry in the Netherlands (EU?) are just much stronger than in the US. It still does not explain the lack of low-quality spam / scam messages from people who are unlikely to be dissuaded by regulation.

The only thing I can think of is that there is better authentication for accessing the Dutch telephone network (and better incentives for the telcos) which allow the providers to prevent or shut down spam numbers quickly.

abirch
1 replies
6h58m

Could the percentage of occupied Dutch phone codes be lower than the USA? There may be a smaller pay off.

furyg3
0 replies
6h24m

You mean area codes (all Dutch mobiles are on one area code - 06) or do you mean the proportion of available phone numbers to phone users?

The latter would imply that spammers are 'wardialing' phone numbers but that seems really unlikely to me as it would be incredibly easy for telcos to detect and prevent.

nebula8804
0 replies
14m

This was many years ago but I was trying to set up a Twilio number in the Netherlands to do a crank call on a friend there. I thought it would be as straightforward as the US(ie. Just sign up, add some money and pick a number from their available pool). No....from what I recall you need to submit an actual physical address and there was some mechanism for verifying I think as it failed the first time I tried. Now I think I managed to eventually get some random shop registered but for spamming, I don't think that would last as it would get flagged eventually. I don't know if they still do this sort of verification but if anything it is probably more strict now.

troydavis
1 replies
12h30m

example: +63 936 631 6676

It’s unlikely to work for phone numbers outside the US. Sorry :( For typical 10-digit US numbers, the carrier search sites work well, as does Twilio’s carrier lookup API.

aimor
0 replies
4h28m

Thank you for putting together this resource!

I read the rest of the FAQ, signed up for Twilio, and their API worked to identify the number.

mcpackieh
1 replies
15h20m

USPS package texts

Try reporting it directly to the US Postal Inspector. From: https://www.uspis.gov/news/scam-article/smishing-package-tra...

Have you received unsolicited mobile text messages with an unfamiliar or strange web link that indicates a USPS delivery requires a response from you? If you never signed up for a USPS tracking request for a specific package, then don’t click the link! This type of text message is a scam called smishing.

To report USPS related smishing, send an email to spam@uspis.gov.

Without clicking on the web link, copy the body of the suspicious text message and paste into a new email.*

Provide your name in the email, and also attach a screenshot of the text message showing the phone number of the sender and the date sent.*

Include any relevant details in your email, for example: if you clicked the link, if you lost money, if you provided any personal information, or if you experienced any impacts to your credit or person.

The Postal Inspection Service will contact you if more information is needed.

Forward the smishing/text message to 7726 (this will assist with reporting the scam phone number).
pbj1968
0 replies
13h6m

lol. They will do absolutely nothing.

stainablesteel
0 replies
16h43m

yeah i don't understand whether the government even does anything or if they treat it like an off and on switch due to attention or negligence

there's some impressive anti-scammer youtube content, and it seems to be a growing trend, maybe this is just capitalism doing what it does best? advertisers putting money in front of combative interventions.

https://www.youtube.com/watch?v=dWzz3NeDz3E

https://www.youtube.com/watch?v=jUHFpfVPUYc

dogman1050
0 replies
2h41m

I used to report spam calls, but quit when I received one from my own number, the number of the phone on which I received the call.

demosthanos
0 replies
14h45m

I've had some luck with reporting phishing domains to their registrars. It doesn't always work, but I have gotten a few taken down that way.

Scoundreller
0 replies
16h58m

My own experience is that reporting to Google's Safe Browsing whatever is a waste of time. A lot of scam sites geo-block or redirect to a random news site when visiting from $OutsideTargetArea, so that seems to break a lot of/most automated screening.

mullingitover
43 replies
20h21m

I wish we could euthanize this garbage, antiquated phone system. It shouldn't be expected/required that every adult has a phone number when the system is so irredeemably broken and dangerous.

If the web didn't have HTTPS, it would be illegal to conduct sensitive business over it. Yet we're stuck with this entrenched telephone system, the best we can do is STIR/SHAKEN, and that's not real security.

AgentOrange1234
28 replies
18h52m

100%. My son got sick at school last week and I ignored the call from the school nurse because I have been so thoroughly conditioned by daily scam calls to ignore any unrecognized number. It’s insane that this is still a problem.

megablast
8 replies
16h40m

If you have a kid and are ignoring calls, that is crazy.

steelframe
2 replies
15h53m

You're right. How about we all try this? The next time anyone's in a meeting together talking about a production incident or quarterly planning or whatever, they're going to tell everyone else to STFU and wait while they take every random call they get on the off chance it's their kid's school trying to get through to them. Does that seem reasonable to you?

Forbo
1 replies
13h30m

No, because it isn't reasonable. What would be reasonable is for the individual receiving the call to excuse themself leaving the rest of the meeting to carry on. Isn't this already the standard?

usea
0 replies
12h47m

When over 95% of the calls you receive are spam, it's not reasonable to excuse yourself from meetings whenever you get a phone call.

I mean, unless you just don't want to be in meetings. Which is okay.

Bluestrike2
2 replies
14h11m

Maybe, but that's the world we live in now. If it's crazy, it's an inevitable sort of crazy. Get enough spam calls, and even if you know you might get a valid call from an unknown number, you'll find yourself treating them all as spam just the same. We really, really don't do well with repeated false alarms.

It's how our brains operate, and the fact that the spam keeps on coming just reinforces it. If the call is legitimate and time sensitive, you hope they'll leave a voicemail or, better yet, follow up with a text message.

jaktet
1 replies
1h33m

Is there a word for describing becoming desensitized from false alarms? A similar situation is instead of a shared calendar for OOF status (at work) we are asked to send a calendar invite to our team and immediate team. My calendar is filled with “doctor appointment” invitations from people I don’t often interact with or need to know their in-office status. I started missing meetings and appointments because I was so desensitized from appointment reminders that were meaningless, I’d just ignore the notification because they were rarely valid. Since then I’ve tried automatically deleting out of office invites but they don’t always follow the same format. I’m apparently alone here because I brought this up as an issue and no one else felt like it was a practice that needed to change.

ghaff
0 replies
2m

I've heard alarm fatigue used. I think it originated in a healthcare context.

AgentOrange1234
1 replies
16h3m

Well he’s 12, in the care of competent adults at a public school less than a mile away. But sure, I guess I should have been perfect.

organsnyder
0 replies
2h12m

I also have a 12yo (and three younger kids), and I have missed calls from school as well.

ebcase
8 replies
14h39m

Did the school at least leave a legit voicemail? (Curious)

jader201
7 replies
12h25m

Yeah, I don’t get people complaining about important missed calls.

Yeah, I may miss these occasionally, but I see them almost immediately if they leave a voicemail — and they should, if it’s important — and then call them back, and apologize for the missed call, which they always empathize with.

I lose at most a minute or two, which is totally acceptable.

matsemann
5 replies
9h52m

I think this is cultural. I've never ever left a voice message, and never will. I've also never received one, the few I get are robocallers not understanding no one picked up.

If you want me to pick up, send an sms explaining what it's about.

efitz
2 replies
1h27m

Many of us here grew up in the answering machine era where leaving a message was normal, expected behavior- when phones were not carried on your person.

letitbeirie
1 replies
30m

Ironically back in the answering machine era you could screen your calls as they were coming in, short-circuiting this entire loop.

sentientslug
0 replies
11m

And what's old is new again, both Android and (newly) iPhone have live voicemail screening features!

organsnyder
1 replies
2h15m

A school nurse probably doesn't have SMS capabilities on their school phone, and might not be willing to share their private number (I certainly wouldn't in that position).

I rarely leave voicemails, but I will when it's urgent.

ImPostingOnHN
0 replies
26m

A school nurse is certainly expected to leave a message with a callback number. There are hundreds of millions of ways to leave a callback number that isn't 1 specific number you want. But "leave nothing" obviously isn't an acceptable solution, and leaving a personal cell number as a callback is a more acceptable one.

tl;dr: leave message+number, how you do so is up to you

Double_a_92
0 replies
1h30m

I have literally never in my life received or left a voicemail, or even know someone who ever did... and I also wouldn't expect anyone to listen to the one I leave on their phone.

hackernewds
2 replies
18h40m

get an android and use "screen my call"

Terr_
1 replies
17h24m

Useful for an individual tactic, not really a solution to the large scale problem.

viraptor
0 replies
12h52m

The solution (well, one at least) to the large scale problem is for everyone to call their representative as long as it takes to implement necessary penalty regulation. All the US based people complaining here can start doing it today.

Brajeshwar
2 replies
15h40m

I have defaulted to No Phone/Voice Calls for over 5+ years. By default, everyone is blocked, and I maintain a whitelist (a group named "!DND") of numbers who can go through — school numbers, including quite a lot of teachers, the bus driver, and the bus assistant can get through. This is working so far.

gosub100
1 replies
3h16m

I could see this failing because the nurse's phone number is different than the school. Any large institution usually has multiple lines.

organsnyder
0 replies
2h14m

Depends on how their PBX is set up, but often those lines—even if they have separate incoming numbers—will all have the same outgoing number.

steelframe
1 replies
16h59m

The exact same thing happened to me last week. My son got sick at school, enough so that they ended up calling the paramedics. But I had been spammed so much the week before with spoofed phone numbers from my area code that I had my phone on "Do Not Disturb" allowing only people in my contact list through. I thought it would be fine since the school's phone number is in my contact list.

Unfortunately the school's systems were down and so they weren't able to call me from the school's regular phone system. They called from random personal cell phones, so that went straight to voicemail. It wasn't until someone was literally sent to my house to bang on my door that I got notification of my child's medical emergency. They were about to administer medication that would NOT have been okay to give him, and I was lucky to be able to contact them and tell them to hold off before they did it.

Never mind reporting them to a phone provider. If something had happened to my son I swear to God I would have gone full Liam Neeson "what I do have are a very particular set of skills" on the jackass who's running that specific phone spam operation.

idontwantthis
0 replies
13h34m

One slightly better solution is to get a Voip number from a distant area code in a place you’ve never been and know no one. Only give that number to people you want to actually call you. Then you can safely ignore all calls from that area code.

mock-possum
0 replies
8h45m

Your school should offer alternate forms of contact, including texting and email

XCSme
0 replies
3h40m

I guess this is the problem: you have to answer before you know what it is about. With email, you can immediately at least read the title of the email, or even the contents, before deciding if you want to respond or not.

tinus_hn
6 replies
18h23m

You can rest assured that the phone company 100% securely knows who to bill for the call. They just aren’t telling you.

lakpan
3 replies
14h30m

In America’s “receiver pays their part” system I wouldn’t be too sure. In the rest of the world, the caller/texter pays 100% of the charge, but in the US you’re charged per text and minutes received.

Once you add a “free call” entity on the other side (like Google Voice) then no one is charged to make the call.

Additionally, plenty of people “sell” their real number and there are android apps routing internet call through the victim’s real number. In this case, even if the person is charged, it’s not necessarily the spammer.

lotsofpulp
2 replies
14h20m

, but in the US you’re charged per text and minutes received

I doubt 99%+ of end users in the US have been charged for non international minutes or non international text in the last decade or even 15 years.

29083011397778
1 replies
13h56m

The bill the end user receives being zero doesn't change how telecom billing is set up. The fact that it's "Free" and costs are hidden from the user in America isn't exactly uncommon.

lotsofpulp
0 replies
13h45m

If the phone companies are billing each other, they don’t they have to know who to bill, per tinus_hn’s comment?

scoot
1 replies
17h6m

Lol, no. "[call|charging] [data|detail] records" (CDRs) are batch transferred over FTP, followed by a pseudo ETL into a billing system. It (mostly) works, but it's an archaic mess.

rglullis
0 replies
17h0m

To be fair, T-Mobile and AT&T are on sFTP nowadays.

gruez
5 replies
17h21m

If the web didn't have HTTPS, it would be illegal to conduct sensitive business over it.

Source? According to this timeline[1], e-commerence with credit cards predate SSL. Therefore I'm not really convinced that there's some law against it, except for laws that were introduced after SSL was a thing.

[1] https://en.wikipedia.org/wiki/E-commerce#Timeline

bediger4000
2 replies
16h30m

E-commerce predates opening The Internet for commercial entities. In 1988 or 89 I ordered some Unix book, maybe the 4.3BSD daemon book, via email that I got from Nyx, which was a dialup Usenet server at University of Denver. Sent a credit card number over SMTP email.

squeaky-clean
1 replies
15h56m

I remember "buying" something online and having to physically mail a check with the order # on the info line.

pbj1968
0 replies
13h3m

Been there, done that. Also sent a credit card number split across two emails “for security.”

red_admiral
0 replies
1h29m

It's not so much law, as far as I'm aware, as the PCI/DSS requirements made by the credit card companies. Since they'll stop doing business with you if you don't follow their requirements, for all practical purposes, they have the force of law.

You could probably get sued for negligence if you process card details over an unencrypted connection, but that's nothing compared to the damage your business will take if the card companies decide that you're on the naughty list.

CWuestefeld
0 replies
13h57m

...and why would there be? People are free to be stupid if they want.

I really hate this attitude that every little danger has to be regulated.

mattficke
0 replies
2h40m

I wouldn’t exactly say STIR/SHAKEN isn’t real security. The protocol works fine (like HTTPS), the issue right now is that the Certificate Authority network is still being built out and attestation isn’t enforced by carriers yet. Things should steadily improve now that the protocol itself is deployed.

dboreham
35 replies
20h24m

My solution since 2002: don't answer the phone.

bhpm
23 replies
20h17m

Same here but every time I post that on this site I get replies about how they have to answer the phone because their kid could have fallen down a well and their wife could be in a coma and the police would be trying to contact them and if they don’t jump to answer the phone every time it rings their entire family could be murdered.

So IDK. It seems to be a problem, I just don’t have enough of a life for it to be for me.

zamadatix
12 replies
20h3m

You can cut through a surprising amount of spam by just reading the voicemail after letting an unknown number ring. If they didn't bother to leave one it was either not at all important or the vast majority of spam calls. If they did leave a voicemail you can generally tell whether it seems even remotely legitimate and, if it does, call back at the number. E.g. if you have a kid and the school calls they will leave something generic like "It's so and so elementary calling for <your name>..." you call the school's main number back and say "so and so called looking for me" and get directed to them.

OTOH it seems if you ever answer these even once you're no longer a random number to try you're immediately marked as a real person who can be tricked into answering at least some calls and will never hear the end of the endless ringing.

AussieWog93
11 replies
19h34m

This might be a cultural thing, but at least in Australia nobody under the age of 60 would ever leave a voicemail.

If you're deliberately making yourself hard to contact this way, a lot of people will just stop calling you.

zamadatix
3 replies
19h22m

This is genuinely pretty shocking to me. Would e.g. the person calling from the school about your kid getting hurt during recess just hang up and assume you'll call back immediately during the workday on the basis you had a missed call?

If you mean for people you have relations with (friends/family/coworkers) most here gave up memorizing numbers a long time ago and none of those would show as an unknown number. This is common enough here in the US that the iPhone has a built in feature to only ring for known contacts and for unknowns only notify voicemails.

TeMPOraL
2 replies
19h12m

Does anyone still has voicemail enabled in the first place? Can't remember the last time I was connected to one. Can't remember last time I had one attached to my number either.

(Geo context: Poland, EU)

wlll
0 replies
19h4m

UK here, called my phone company many many years ago and had them disable voicemail. It's now impossible to leave me a voicemail. It's fantastic. In all those years I've never (that I know of) missed an important call, people call back if they need to.

mastazi
0 replies
4h46m

If you don't have voicemail, they will send you an SMS. Parent's main point IMO was that if the call was really something important, the person on the other end will leave a message of some sort.

mastazi
3 replies
18h43m

Wait a second, do you pick up any call you receive? IME Australia is one of the worst places with regards to spam calls (by far the worst out of all countries I lived in), if I allow calls from numbers not already in my contacts, I get an average of around 10 spam calls per week. If it's something important like my daughter's school or strata or the lawyer, they do leave voicemails.

sk0g
2 replies
17h19m

Honestly pre-COVID I got spam calls maybe once a quarter. After giving out my number every second time I left the house, that number is more like a few times a week.

I would say I am pretty privacy conscious (when possible), so this may not be the average person's experience.

razakel
1 replies
5h1m

I run two numbers: one for trusted people like work, family and friends, and one that I assume is going to be spam.

mastazi
0 replies
4h49m

The problem with this strategy is that sooner or later, the spammers will find your "trusted" number. After all, phone numbers are easily enumerable...

sk0g
0 replies
17h16m

That's surprising to me, almost everyone I know will leave voicemail. Recruiters especially, which tends to be myst of my legitimate phone calls TBH!

Though with people of my age "cold calling" isn't all that common, typically you text the person first to make sure they are available and keen on a call. Unless it's an emergency of some sort, of course.

doublepg23
0 replies
19h25m

My friends wouldn't leave a voicemail but a nurse at my doctors office absolutely would.

chucksmash
0 replies
17h35m

The person on the other end doesn't know if you are making yourself deliberately hard to contact, or if you are genuinely unable to answer the phone call.

This strategy works fine in my experience. Most important calls I get are from people already in my address book. If I'm in a job hunting phase, I'll answer calls from numbers I don't recognize during time frames when I am expecting them (e.g. the policy is relaxed for the duration of a job hunt). But, outside of that, it's hard to imagine a call from someone I don't know that is so important I can't let it go to voicemail, but so unimportant that the caller will deign not to leave a voicemail to let me know this is really important.

otteromkram
4 replies
20h8m

Every time you post...with a brand new account?

You don't even have any submissions, yet.

zamadatix
3 replies
19h58m

Some folks cycle throwaways over time instead of allowing a consistent identity to be built. The guidelines request nicely against doing so but some always do anyways of course.

nvy
1 replies
19h46m

That's because HN prioritizes aesthetics over privacy and won't allow you to delete your account and all its comments.

zamadatix
0 replies
19h28m

Being able to delete an account allows you to decide to remove your information from the site after a certain point. Cycling accounts is about not letting someone who looks at a single account at any time find enough information to piece together your identity at any point. Both are privacy related but the former is not a lead-in to the latter.

As one who'd also like to see the ability to fully delete your HN account for privacy reasons I still think summarizing the alternative reasons as only aesthetics sells the counterarguments a bit short...

... but overall I'm getting myself and the whole conversation extremely off topic here. Probably best to discuss this in a thread about privacy on HN instead of one on robocallers.

sumtechguy
0 replies
3h20m

doesnt matter anyway there is a 'ai' that can troll thru the posts and figure you back out. unless you change the way you type and the words you use every time too.

pixl97
1 replies
20h8m

That said, who doesn't send SMS texts also, at least in the US?

baby
0 replies
9h21m

Just use whatsapp -.-

powersnail
0 replies
14h3m

I'd assume police/hospital would leave a voice mail?

nvy
0 replies
19h47m

I simply have a whitelist of numbers I'll answer.

doctor_radium
0 replies
19h56m

Lol. T-Mobile has gotten good at flagging spam calls as "Scam Likely", but for the landline I do the same thing. (I don't believe landline carriers...at least in the US...were forced to implement Stir/Shaken, so it gets the full brunt.) My logic is always that if it's important, they'll leave a message. The landline message also includes the three escalating (line disconnected) SIT tones, which I would like to think helps. But if the spammer uses speech-to-text technology, I'm screwed.

Instead, report the phone number that the call instructs you to contact.

Under the above scenario most callers aren't dumb enough to leave a message, and I'd be concerned that actually engaging with anybody would increase the number of calls, at least in the short term.

If you're a staffer running the honeypot lines at the FCC, it would be fine because you can go home at the end of the day, but for a personal number I would need convincing. Would love to hear testimonials from anyone who tried this technique and their interpretation of the results.

lotsofpulp
1 replies
20h7m

My ATT mobile stopped getting spam calls in mid 2022. It was quite a sudden drop off between the couple years before that.

Loughla
0 replies
19h1m

US cellular did too, but it's picked back up in the last month or so. So I'm guessing scammers figured out the system again.

TuringNYC
1 replies
13h54m

> My solution since 2002: don't answer the phone.

I have two children. Doesnt happen often, but I've received calls from my kids' school. Twice the kids got hurt on the playground and needed to be picked up. The call can from a random number from someone at the school, not the main number.

I have also received calls from pharmacies about order verification for much needed prescriptions. And received calls from doctors' offices about last minute re-scheduling.

Not answering voice calls seems like a solution that works 99% of the time and drastically fails 1%

baby
0 replies
9h19m

I’ve disabled calls on iOS and it failed like twice in two years. Once it was a doctor appointment, and I’ve now learned to use their system to do online calls instead. The second time it was some insurance claim, which forced them to give up and send me an email after calling me a number of times.

I’d say at this point let the system fail if they don’t have email or whatsapp or something else they can use to reach you.

TrueGeek
1 replies
17h35m

I had someone call Friday night. I sent it to voice mail and they immediately hung up and called back. It happed again and I sent it to voice mail again. On the third call in under a minute I thought something must be wrong and maybe this was a friend of a friend in trouble. I answered and they said “Are you interested in selling your house at 1234….”

I hung up, mad at myself for falling for it, and at them for being so ballsy. Then they texted (it came through as an iMessage so I’m assuming it’s their real number) and they said “not sure what happened but we got cut off!”

usui
0 replies
14h33m

Apple might be more incentivized to deal with spam using their communication rails more than a typical SMS provider. It might be worth at least marking this as spam in Messages.

xyst
0 replies
18h43m

If I did this, I wouldn’t have a job

megablast
0 replies
16h33m

And call the number back.

kulshan
0 replies
14h28m

Send all unknown numbers (not in contact list) direct to voicemail...easy peasy. 99% spam calls don't leave voicemail and visual voicemail lets me delete and block quick. Very minimal intrusion into my device and time.

Couldn't imagine taking the steps in this post to try and block a number that's probably already been replaced with a new one by the time it takes for anything to be done.

chucksmash
0 replies
17h23m

One thing I've noticed is that the majority of the spam calls I have received historically have had the same originating area code as my phone number. Perhaps this was number spoofing, or perhaps it was using local VoIP numbers to make spam calls. In either case, it was a great flag for "this call goes to voicemail" because I hadn't lived there in over ten years, I didn't grow up there, and anybody who needs to contact me without a "Hey this is _____" text/voicemail is already in my address book.

It also means that if I pick up calls from numbers originating in <current locale area codes>, it usually IS somebody I need to speak with. No hassle filter to help answer the right calls and ignore the spam.

baby
0 replies
9h22m

^ this. In iOS you can disable them entirely which is what I’ve done for years now.

habosa
20 replies
18h54m

I got a spam call seemingly “from Verizon” (their main number) on my Verizon phone.

I called them and told them and they said “oh yeah that happens all the time don’t pick up when we call”

That’s when I realized we’ll never win. The spammers have won.

7373737373
5 replies
18h22m

What an utter technological failure. How and why is this even (still) possible?

TeMPOraL
4 replies
18h16m

Why are ads a thing on cable? On the web? It's literally the same problem, and since this site's audience is likely more familiar with the latter, it should be clear it's not a technological failure, but a social/legal one.

stetrain
2 replies
3h5m

Ads are not the same thing as impersonation, lying about who you are and where you are calling from.

Cable is not full of ads that say they are from AT&T and you need to contact them about your bill at <number> but the ad isn't from AT&T and the number goes to a scam call center.

TeMPOraL
1 replies
2h15m

Yes, but most scam calls aren't impersonations either.

I bet if you tallied it up, there's many more people being tricked into taking on bullshit contracts with legitimate companies[0] and losing much more money in total, than there are victims of actual impersonation scams. I firmly believe both schemes are morally equivalent, and that one of them is still considered legal only means we should push firmly for a change in laws.

Even the impersonation angle isn't clear-cut. When a telco calls me with their newest scam, it's always via a third-party call centre they outsource this job to. Where I live, it's also historically has been a major source of contact and personal information for scammers - always a "disgruntled employee" leaving and "covertly" taking the customer database with them.

--

[0] - Telcos are my go-to examples here, they're notorious for borderline fraud. For example, just under a year ago, a billion-dollar telecommunications corporation named after a color, one of three major telcos in my country, tried to scam my own grandmother hard, after my grandfather passed away, and almost succeeded. More generally, after many years of near-misses and one or two mistakes, most people in my family learned to never talk to phone companies cold-calling with offers.

InitialLastName
0 replies
1h16m

Yes, but most scam calls aren't impersonations either.

Most of the spam texts I get lately are from non-US numbers claiming to be USPS trying to resolve a delivery exception.

sk0g
0 replies
17h22m

YouTube ads have no ability to interrupt my day-to-day life out of the blue, and also don't poison a legitimately useful communication medium for personal relationships.

Phone spam is much more harmful than ads you kinda-sorta opt into, IMO.

baby
4 replies
9h24m

Just disable all calls. That’s what I do. Real people call you on whatsapp or other similar apps.

sumtechguy
1 replies
3h27m

my parents would probably say something along the lines of 'what is whatsapp'. My sister would say 'i dont use that' my wife would say 'yet another freeking app?!' my tech friends would say 'no i am not signing up for yet another account'

stetrain
0 replies
3h4m

On iOS at least you can block calls from outside your contact list. Which is what I do.

Anyone outside my contact list can leave a voicemail.

s1mon
0 replies
6h39m

Not in my experience. I’ve used WhatsApp while in China on one business trip because other things were blocked/less reliable, but so many people I know or interact with don’t even know what WhatsApp is. Voice call, text, email, Facebook messenger, Slack, Teams, LinkedIn, sure, but not WhatsApp. I can’t trade WhatsApp messages with most of my friends, family, bank, mechanic, doctor, or hairdresser. The more traditional of those are going to call or email, the younger ones will text or facebook messenger, and work stuff is currently mostly Slack.

habosa
0 replies
1h55m

Not sure where you are in the world but in the US having a phone number and receiving voice calls is pretty much required to participate in society. And using WhatsApp or other similar solutions is not very common.

TeMPOraL
3 replies
18h27m

That’s when I realized we’ll never win. The spammers have won.

It's tough, but it's not helpful that people don't know the face of the enemy. The fight isn't with just some stereotypical "spammers". Advertisers and marketing departments are spammers, and they've destroyed phone as a medium, much like they did it to physical mail, radio, broadcast TV, cable TV, and now streaming and the Web in general. We won't make progress until we realize that most spammers are operating 100% legally, and phone networks both participate in it and make money from it.

flerchin
2 replies
15h40m

Nah. We're talking about spam texts and phone calls. That stuff isn't legal.

Yeah what everyone else does is creepy af, and _should be illegal_, but that's not the facts on the ground today.

goodlinks
0 replies
6h33m

Imho the normalisation of agressive advertising and inhuman communication with customers is what make spamming profitable.. they are not that different from legit orgs.

BLKNSLVR
0 replies
14h53m

The creepy af stuff being legal is one of the cracks that the illegal stuff uses to leak through.

Those cracks need to be sealed, but there's enough creepy af industry lobbying that it won't happen because money.

There's money in them thar retirement villages.

johnbatch
2 replies
17h12m

That’s bad. I do know T-Mobile blocks calls to their phones spoofing the 1-800-TMOBILE number as of a few years ago.

Scoundreller
1 replies
16h57m

damn, sometimes tricks like that let you receive free calls from your tech-savvy friends while roaming ;)

joshmanders
0 replies
13h48m

Again, spammers are the reason we can't have nice things.

MiddleEndian
1 replies
12h35m

The spammers have won only because the phone system (in which the phone companies are complicit) is designed to let them win.

When you get a call from Verizon's number, they know the actual originator of the call (or perhaps they know it up to some known-to-be-not-so-trustworthy-source). They know that the number is not Verizon's phone number.

But the phone company chooses to blindly display the spoofed caller ID. Note that T-Mobile will block their equivalent of these calls (not that T-Mobile isn't to be blamed for other things, such as sending their own spam texts).

So it is Verizon's choice to lie to you on behalf of these scammers, and the FCC allows them to do it.

tiborsaas
0 replies
8h0m

What systems rely on spoofed called ID-s? I would assume carriers don't like this too much, but so much legacy crap is built on this that they are just rolling with it and just accepting the bad rep for spam.

jupp0r
11 replies
19h29m

It already takes me 45 minutes of my time to get a hold of a support person of my own carrier and I'm a paying customer.

I commend the effort, but getting a human to answer a support hotline call in order to report a spammer number is so comically difficult and ineffective that I can't see a significant amount of people participating. Why doesn't my carrier have an automated system allowing them to communicate with the originating carrier, triggered by the "report spam" button in my telephone OS?

adhesive_wombat
5 replies
16h7m

In the UK, you just forward the text to "7726" which is SPAM on a keypad. It's a requirement from the regulator.

https://www.ofcom.org.uk/phones-telecoms-and-internet/advice...

screamingninja
1 replies
14h23m

Does a forwarded text retain the envelope?

o11c
0 replies
11h53m

Presumably they can compare the message body against recent text messages they've given you.

(also, this works in the US too)

kwhitefoot
1 replies
47m

In Norway it is an offence with penalties per infringing call to cold call anyone who has registered their number with the Brønnøysund registry more than 30 days ago (the equivalent of the Telephone Preference Service).

sentientslug
0 replies
7m

The US has the same thing for a very long time with the National Do Not Call registry: https://www.donotcall.gov/

The problem is that it's nearly impossible to enforce this. Would be curious to know if Norway has had any better luck.

troydavis
0 replies
4h52m

In the US, 7726 just goes to the receiving carrier (that is, your wireless provider), not the sending carrier. It can help your carrier filter the messages (eventually, sometimes…), but it doesn’t actually stop them.

viraptor
4 replies
18h23m

Because contrary to the page, they don't really care about the spam that much. Now, if more people started calling the support for every spam they get... that would translate to some real cost.

sk0g
2 replies
17h24m

Who would bear that cost though? My prediction would be the customers again, because they would make the phone support harder to reach than it already is as a "solution" to the increased demand for phone support.

viraptor
0 replies
13h7m

Partially yes, longer support waits. But there's a threshold where the agents either need to be available or the reviews / opinions about a telco go too low, so it can't be just ignored.

I just don't have sympathy though - ideally people would DoS all the telco and local government lines until the issue is fixed. It's just stupid how many years this exists without obvious solutions.

imacomputertoo
0 replies
12h56m

Now if someone were to make one of those pizza ordering LLM agents do the calling for them...

I suppose that would be like spamming the carriers. Not sure that's better, but it might make them act.

zx8080
0 replies
16h41m

All costs by customers: support increase from 45 mins to 4.5 hours would be one one those.

Also, the more spammers reported the less to bill for the calls. As less spam calls.

jwie
8 replies
21h12m

The first order problem with spam calls/sms is you probably opted in to something. Most spam, like it or not, you asked for, and they can almost certainly prove it.

The TCPA lawsuit business was so lucrative for years that a lot of effort goes into producing proof that the contact is legal. Rather than stopping spam calls these laws basically guarantee spam, but legal spam.

Also carriers have pretty well cracked illegal spam through their own analytics. Some still happens, but it’s cleaned up extremely fast.

iAMkenough
1 replies
20h52m

In my case, the old dead guy that had my number before gave his number to some booth at the state fair (or so one spammer claimed). And then that number got sold to all sorts of medical scammers and political campaigns.

I always ask what my name is when an unknown caller calls, and 90% of the time it’s the old dead guy.

I did not opt in, yet here I am getting a few dozen calls per week at all hours of the day.

simfree
0 replies
20h0m

For TCPA compliance purposes, they should be pulling the deactivated numbers list (which Twilio offers for free), checking the do not call list, and querying the reassigned numbers database to establish safe harbor against TCPA lawsuits.

This is really expensive to do (the RND and Do Not Call lists are very expensive to query, the FCC needs to make these cheaply available) and automation for doing these queries is not offered by most phone providers.

fortran77
1 replies
21h9m

This is easily proved wrong. If I get a brand new cell phone number, I still get calls for complete scams even though that number, as far as I've owned it, never opted in to anything.

billpg
0 replies
6h48m

Are numbers ever really brand new, as in you are the first to ever have that number?

troydavis
0 replies
21h6m

The first order problem with spam calls/sms is you probably opted in to something. Most spam, like it or not, you asked for, and they can almost certainly prove it.

At least in my case, this isn't true. When reporting SMS spam, I've often told the carrier to ask their customer for proof that I opted in (because I didn't). None have - again, because I didn't opt in to it or anything else.

I don't know how true your assertion is among the general population, but my experience may at least be representative of other HN readers. Many of us don't randomly give out our mobile numbers.

ipython
0 replies
14h15m

I can assure you I have never opted in to being called by random Indians claiming to be social security employees.

It’s open enrollment for Medicare, and I can also assure you that not only do I not qualify for Medicare but I have also not opted in to incessant Medicare spam.

I also never opted in for political messaging.

I also never opted in for calls regarding Camp Lejune injuries.

I also never opted in for calls about automobile accident injuries.

I also never opted in to be contacted for final expense insurance.

Shall I go on? Carriers most certainly have not “cracked” illegal spam through analytics. My carrier stops about 20-50% of the spam I receive.

The TCPA is great to cut down on the onshore businesses using illegal telemarketing to promote their business, but does nothing for the offshore scams. I’ve used TCPA in the past and helped carriers identify and sue telemarketers so I am very familiar with it.

balderdash
0 replies
20h26m

This is comically false - unless you mean that by providing my phone number to someone I’ve opted in (and I’m not talking about buried in some TOS (which is still BS), but say my local dry cleaner who spams me because I provided my phone number when they asked for my name and phone number when I dropped my clothes off.

Retr0id
0 replies
21h11m

I can assure you, I did not ask for the SMSes telling me to go pay outstanding postage fees at a fake website.

paultopia
7 replies
21h24m

Is there any reason to think that this would work for political party donation spam? Do the telecom carriers that provide services for all those horrific text messages about how the other party is going to install a dictator unless you donate to them right now actually care enough to punish those?

solardev
2 replies
20h51m

In the US you can report them to the FCC: https://www.fcc.gov/rules-political-campaign-calls-and-texts

Keep in mind that sometimes they can skirt the rules by not using automation per se. Instead, they have a bunch of volunteers sit in a room (or online) with special apps that distribute a phone number list (often from NGPVan or the Republican equivalent, forget what it's called) between the individual devices. Then each human has to click "send" or "call". It still gets routed through their VOIP systems, but because there's a human in the loop, it's no longer fully automated... just like 90%, enough to get around the FCC rules.

It's pretty sketch. I went to one of those volunteer parties before I realized that's what they're doing.

Thankfully Google Fi does a really good job at blocking this kind of spam, texts or calls.

troydavis
1 replies
20h39m

Just to clarify for anyone reading, this meets the FCC's requirements (ie, it's legal and the FCC won't do anything about it), but it generally is not allowed by the terms of use of the underlying wholesale carrier.

So, you should still report it to the sending carrier.

Background: Most larger, reputable US-based wholesale carriers have policies that are similar to the CTIA's guidelines for political campaigns: https://www.ctia.org/news/political-text-messaging-engaging-... . CTIA sets a much higher threshold, including opt-in permission.

This is a bit like the FCC's definition of email spam (a very low bar - what's legal) vs. a mainstream email service provider's terms of use (a much higher bar - what they permit you to send through them).

solardev
0 replies
20h30m

Thanks for this clarification/differentiation!

troydavis
1 replies
21h12m

From firsthand experience, yes, it works for unsolicited political party donation messages. Not 100% of the time, but way more than 0%.

These wholesale carriers know that recipients will flag unsolicited political messages as spam (to the recipient's wireless provider), and they don't want consumer wireless providers to block or heavily rate-limit messages from their phone numbers. The political campaigns cycle through phone numbers, so their unsolicited messages can "taint" many phone numbers - which will affect other customers' campaigns. The wholesale carrier's incentives aren't perfectly aligned with your incentives, but they're not totally different.

simfree
0 replies
20h14m

It's also common practice to hard drop abusive campaigns that do not respond to STOP, HELP and similar keywords at the provider's SMSC, and just collect the revenue from them texting your clients.

The 10DLC cartel wants to fine instances of unsolicited text messaging up to $20,000 per instance, hence why there is a big pushback against registering with this unsanctioned, not FCC mandated organization called The Carrier Registry (TCR).

TCR has been a nightmare to work with for those that do participate in their bureaucracy. You fill out pages of forms with everything from EINs/SSNs to the owners and co-owners of the firm and exact examples of what they plan to text, then 6 months or so later the TCR says "Oh, sucks to be you, we're invalidating all current registered companies, pay $50 to register again and fill out entirely different forms!

Also, T-Mobile is tacking on a new inactivity fee of $xx a month per business if your client doesn't message a T-Mobile number every few days :D"

aendruk
1 replies
2h8m

I started receiving these in August and so far have filed 311 complaints with the FCC to no apparent effect.

troydavis
0 replies
1h47m

I think reporting to the FCC is a waste of time (https://news.ycombinator.com/item?id=34570065#34570669). Following the steps on this site - reporting to the responsible carrier - is nowhere near perfect, but sure beats pretending like the FCC might do something.

jdanyow
6 replies
20h22m

Would it be possible to build an app to automate all this?

troydavis
5 replies
20h13m

Great question. I think the biggest challenge would be maintaining high-quality reports/complaints. Basically, preventing people from reporting things that they opted in to but are frustrated with (just because it's really easy to do). There's a chance that the reports would actually become worse (less actionable) if it was too easy or too automated.

A small challenge is that the high-quality carrier lookup APIs charge a fee for each query. The fee is tiny (like 1/10th of a cent per number), but enough to add up.

If anyone is interesting in discussing this, my email address is in my HN profile.

aio2
1 replies
2h31m

Off topic but your HN profile doesn't have your email

troydavis
0 replies
2h26m

Thanks. I removed it this morning because I got an email from an HN user who is experiencing mental illness/delusions. My email address is pretty easy to find online, though, or I'm on Mastodon here: https://mas.to/@troyd

whoopsie
0 replies
19h59m

I see no downside to frustration also blocking a business. Dark pattern sub/unsub? Messaging hourly because marketing thinks you’re that important? Either pay to design an experience respectful to customers or pay after the fact for losing access.

tiffanyg
0 replies
17h19m

You'd undoubtedly have to design, at least at some point, for such a system to be explicitly attacked. I'm not assuming you haven't considered that, just pointing out that this might factor into how one might approach building something from the start.

I'd suggest it will depend on goals / scale - if not many are using, probably would be ignored even if bad actors were aware of it. If it started to have real effects, there'd undoubtedly be very intentional efforts to attack it. Beyond just the sporadic script kiddiez / for the lulz set ...

Edit: sorry, "app" - to potentially use the app in some malicious way ... Not sure my comment is so useful, but, I'll leave it since it's unfortunately all too easy to end up with unintended consequences. Though, I favor fighting this garbage wholesale and support any efforts to interfere with the deluge of BS / noise with modern communications tech.

dredmorbius
0 replies
26m

Much of this is already established knowledge and practice in the world of email. People report spam for communications that they don't wish to receive, and often reporting spam is vastly simpler than any other option.

I'd propose that absent specific legal processes contact occurs at the consent and discretion of the contacted. That's one of a number of principles I've been kicking around under the notion of "Communications Autonomy"[1]. There is no fundamental right to attention. As such, any communications system which doesn't provide the ability to manage contact attempts and communications is in violation of those principles, and more concretely, as the annoyance and/or risk factors outweigh advantages and benefits, people and organisations will defect from those systems in droves.

The telecoms industry has been openly expressing concern that trust in the phone network will be lost. And by "phone network" I'm speaking broadly: POTS (plain old telephone service) and PSTN (public switched telephone networks), or any universal direct-access communications system.[2] I think we're seeing that breakdown. A key problem is that there isn't any single successor system that appears ready to step in, and most of the more likely proposed systems entail substantial concerns themselves over monopoly power and abuse, surveillance (state, capitalist, or other-actor varieties), etc.

I've got a few specific suggestions which I'm planning to make in a top-level comment to this thread.

________________________________

Notes:

1. See: <https://toot.cat/@dredmorbius/108579251632091173>, <https://toot.cat/@dredmorbius/107742445268072257>, and <https://diaspora.glasswings.com/posts/622677903778013902fd00...>

2. Phone, email, SMS, social networking, postal mail, etc.

giancarlostoro
6 replies
21h1m

The amount of spam I get since I left Googles old number service is insane. Whats worse is some will say reply stop to stop and just send you more bullshit.

davchana
5 replies
20h50m

most of the time, STOP, UNSUBSCRIBE (or clicking any link) marks the phone number or email as hot, and gets sold for more money in the market.

conception
3 replies
20h14m

I wanted to note that for email this generally isn’t the case. Really spammy spam generally is easy to catch, I don’t think I’ve seen any in over a year. Any legitimate business generally adheres to unsubscribe requests. So if you unsubscribe from stuff hitting your mailbox generally you’ll stop getting it. My mailbox pretty much only gets signal to it, almost zero noise.

otteromkram
0 replies
20h4m

Sir, this is Wendy's.

No need to note; the topic is telephone and SMS. Everyone is probably familiar with spam mail and unsubscribing from it.

Email is still manageable and less personally invasive than someone calling you or sending a message at random.

delfinom
0 replies
5h39m

Yes, but there are also "fake legitimate business" spam and phishing emails. If you hit unsubscribe on that, you will absolutely be marked as a hot email to target.

davchana
0 replies
19h25m

just wanted to add an exception, the non-generally part example.

https://docs.google.com/spreadsheets/d/e/2PACX-1vSdZyRvDd0ES...

this is the log of email spam I am getting since about few years now. The sheet doesn't list any email link, but each one of that link is unique, the soam machine sends me 10x spam if I accidentally click it.

giancarlostoro
0 replies
16h31m

I only do unsubscribe for email for things I'm sure I subscribed to, the actual spammy stuff, that ends up being reported by me as spam.

nilamo
5 replies
18h6m

It's so funny(?) that we passed the TCPA in order to stop robocalls, but then never decided to actually enforce it.

ipython
2 replies
14h24m

The TCPA deputizes you as a private citizen to enforce it. It’s empowering, so much so I would be amazed if anything like it would be passed these days.

davidmurdoch
1 replies
13h31m

Uh, it gives us zero power to enforce anything whatsoever.

ipython
0 replies
12h52m

It provides a private right of action for you to sue the culprit in civil court. I have personally received thousands of dollars in compensation for every case I’ve brought under the statute.

Unfortunately most of the culprits nowadays are overseas scammers, in which case it’s no help. I would agree in that case- the only way to stop these folks is through the carriers themselves and they don’t seem too keen on doing anything.

xkekjrktllss
1 replies
17h49m

Who is we? The US government is controlled by multinational corporations.

JumpCrisscross
0 replies
16h51m

US government is controlled by multinational corporations

As far as oversimplifying political hypotheses go, this is a stupid one. Multinational corporations have fragmented power structures. They're broadly owned, publicly audited and subject to coups through market-based means.

If you want a secret cabal, America's emerging aristocracy is at least concentrated, opaque and difficult to dislodge.

naveen99
5 replies
19h59m

Use iPhone focus feature, whitelisting contacts phone calls. Just need to manually add notifications from frequent contacts. Works pretty well.

steelframe
2 replies
16h42m

I did something similar to this last week after getting recently inundated with phone spam/scam calls and ended up missing a very important phone call about a medical emergency with my child at school because the school's system was down and they weren't able to call me from their number that I have in my contacts list.

We need to stop trying to get end users to deploy ad-hoc solutions to the problem and update our phone systems to be resilient to these attacks.

naveen99
0 replies
15h43m

Yes, I worry about this also.

baby
0 replies
9h15m

Your school needs to use whatsapp

zamadatix
1 replies
19h54m

The iPhone calling app has a more direct native setting for this "Silence Unknown Callers". Anyone in your contacts or recent outbound calls will still ring, everyone else is silenced (without having to change your global focus).

baby
0 replies
9h15m

I used to have that but it still was too annoying

kornhole
5 replies
20h5m

I mainly stopped using phone calls years ago, and I hope more people also do. I ported my main number to voip.ms and created a couple others to use for pseudonymous accounts. The service is cheap at about $1/month per number, but it is a little technical to configure and is sometimes spotty. My phone number has sometimes been unregistered/out of service for long periods which has been a bonus. Nobody who really knows me calls me on the phone. Instead they know to go to my web page that has many ways to call me including a URL to a Nextcloud Talk conversation, Simplex, Session, XMPP, and Matrix.

If you want a slightly more expensive but simple and reliable number on Android, I highly recommend jump.chat.

nick__m
2 replies
19h41m

I also use voip.ms and the only time they where unreliable was when they were under a DDOS attack. What equipment do you use to bridge the voip to your physical telephone? I suspect that it would be your principal source of unreliability.

razakel
0 replies
1h15m

It's possible, but not cheap, to have a SIM card that can roam on any cell network on Earth, and present as a SIP client.

kornhole
0 replies
57m

I have tried various clients on my Graphene phone and am currently using Sipnetic. I have it excluded from VPN through split tunneling, but I still have periods when number just doesn't register. I know there are various settings that can be tried which I have done, but this configuration is a constant source of frustration for many. This is why I recommend jmp.chat with Cheogram client for those looking for a solution that just works. What client or configuration have you found to give you consistent connection with voip.ms?

KomoD
1 replies
18h44m

If you want a slightly more expensive but simple and reliable number on Android, I highly recommend jump.chat.

What? This is just a video chatting service like zoom...?

ossguy
0 replies
18h38m

I think they meant https://jmp.chat/

a_wild_dandan
5 replies
14h29m

"People still use phones?"

For my social circle, phones have become fax machines -- archaic tech that you forget exists until required for some abnormal situation. My pocket computer's "phone" reference feels quaint, like those floppy disk icons on save buttons; except disk drives aren't so persistently, actively detrimental to my day that I must disable them.

So now, all unknown callers are automatically ignored. If it's important, they'll submit a proof-of-work voicemail. Otherwise, modern apps work perfectly for everyone, and the vestigial phone system can remain in the graveyard where it belongs, thank you very much.

katzgrau
2 replies
14h13m

This is the way I wish it could be (for me, personally), but some standardization among my friends is required. Which app do we tie our interdependence to? A very real question.

baby
1 replies
9h17m

Literally everybody I know uses whatsapp

MissTake
0 replies
5h19m

Personal anecdotal knowledge does not a standard make.

I’d not be shocked if many in my circle use WhatsApp but since I’ve never used it myself - ever - I’d not know for certain.

Neither statement makes the case for usage of WhatsApp a “standard” or not.

sgbeal
0 replies
8h0m

If it's important, they'll submit a proof-of-work voicemail.

If you don't use voice-over-phone, why keep voicemail enabled?

i disabled mine in 1999 when i discovered that certain colleagues would use it to pass work tasks off to me when they knew i wouldn't be able to pick up the phone. They could then use that as an excuse to say, "well I passed it off to him, so it's his job now."

The call history itself is enough info that someone tried to call me. A message saying, "it's me! Call me back!" is just noise at that point. (Obviously, only people i knew get called back.)

callalex
0 replies
9h56m

Are you young enough that most of your friends don’t have children yet?

stetrain
3 replies
3h7m

The best part of all of the number spoofing is now I get real calls from real people who are "calling back" the spam call they received from my number.

So I'm getting double-hit by the fact that somehow you're just allowed to place calls from a number you don't own and that's considered a valid part of the phone system still in 2023.

HumblyTossed
2 replies
2h48m

I get that this is for businesses (mostly) so every outward call seems to originate from a single number, but why in the hell can't there be a verification that the number originated from that specific business? Isn't everything digital now? Just do NATing with phone numbers.

mattficke
0 replies
2h30m

That’s basically what STIR/SHAKEN is designed to do, what you’re talking about is going to be handled by the certificate authorities. Carriers are ramping up the way they flag or restrict unverified calls as the system is more widely implemented. Echoes of how HTTPS slowly became universal.

Saris
0 replies
1h20m

Yeah that's what I don't understand. It should be 100% impossible to spoof some random number no matter what, and spoofing a business number should be heavily authenticated to make sure that only the business the owns that phone number can do it.

phkahler
3 replies
20h30m

Step 1 - ignore the callerID and engage with scammer to get their real number. Because us carriers can't be bothered to tell you where a call is actually coming from.

Someone1234
2 replies
20h2m

In 2023, if you're using a major commercial provider, and the caller ID is a US-originating number you're more likely to see accurate Caller ID than not. STIR/SHAKEN has been widely adopted, and networks now have permission to drop calls providing inaccurate digital signature.

Even as of last year caller ID accuracy was bad.

barkerja
1 replies
19h49m

It is still ridiculously easy to spoof a number. I'm on Verizon with the enhanced caller ID, and it happens consistently on a weekly basis.

yellow_lead
0 replies
19h35m

That's an issue with Verizon then. They should be able to see that the number is spoofed, as it will have a lower/lack of attestation from the originating carrier.

Stir shaken doesn't prevent spoofing but it lets terminating carriers validate that the number is legit before sending the call to their customer.

My old team implemented stir shaken for one of the large voip carriers.

fortran77
3 replies
21h11m

My Voip provider allows for sending receiving text messages as well, and I can certainly set the outgoing number. In our office, there are about 10 different phone numbers, but all outgoing texts are set to come from our "main" number no matter who sent it. And I've been able to change this number to my cell phone number and other numbers that aren't from the VOIP provider.

troydavis
2 replies
20h53m

This is good to know. If you're comfortable sharing, could you email me your VoIP provider or a phone number they're sending from? Address is in my profile. I'd like to learn more.

For anyone else reading, this service is called "10 Digit Long Code" AKA 10DLC. Many business-oriented VoIP providers eventually use a vendor like Syniverse or Sinch for the outbound SMSes. Those wholesale carriers usually either strongly encourage their customers to require verification of sending numbers, or outright require it in the contract. This appears in the wholesale carriers' guidance to their customers, like https://syniverse-web.s3.amazonaws.com/10DLC-Carrier-Pricing... and https://www.sinch.com/sites/default/files/file/2023-03/Intel.... From your experience, it's clear that there are exceptions.

simfree
0 replies
20h6m

SMS enabling offnet numbers has gotten stricter over the last few months, Bandwidth.com will not enable wireless numbers for SMS, and if there is an existing routing record (eSPID/NNID) most vendors require this be removed by the losing SMS provider prior to enabling a number for offnet SMS.

I used to be able to SMS enable my T-Mobile numbers offnet, but every 30 days TMobile would take this back.

10DLC is being strongly pushed by some carriers, while others are still permitting conversational traffic (for every one message that goes in, one should come back, with a 10% margin in either direction) to go over P2P rails.

With The Carrier Registry invalidating all registered organizations and campaigns every few months, triggering everyone to fill out a ton of paperwork, pay $50 or more to re-validate every business, and also the recent sudden devalidation of every sole proprietor 10DLC registration, I don't blame those who don't want to participate in this unsanctioned cartel formed by the big three wireless carriers.

fortran77
0 replies
18h42m

I’m going to confirm I can still use a number that’s not in my “block” from them, and if so I’ll tell you who it is…. I haven’t had it on my cell number in at least 6 months.

tigroferoce
2 replies
9h15m

What I usually do is keeping them on the phone as long as possible with questions and then tell them I don't want what they are selling.

I worked in a place that had call centres as part of their business and I know that they classify calls into hit or miss. Miss calls must finish as quickly as possible and they know that if they keep miss calls under a given duration they are gaining money.

I want to be the person that makes them lose money.

InCityDreams
1 replies
7h41m

Absolutely est advice! I never talk to them and keep them on the line for as long as they care to wait.

They block me.

tigroferoce
0 replies
7h26m

I also do that sometimes. Like when they put you on hold when you need them? I put them on hold when they need me. I go like "sure, I'm very interested.. can you just wait one second?" and then I put the mic on mute and go on with my life. Some of them are desperate enough to call back.

mnadkvlb
2 replies
21h10m

This is really nice.

Would be great if you can also include some examples for Europe.

Of couse, i would be up to do some digging if you need help.

troydavis
0 replies
20h31m

Thank you! I put what little I knew in https://reportphonespam.org/#not-in-the-us-or-canada , but that's not much :-) I'd welcome any other ideas or additions. My email address is in my HN profile.

One of the carrier lookup APIs that the site recommends, Twilio's "Line Type Intelligence" API, may support numbers in other countries. That might be a place to start: https://reportphonespam.org/#How-do-I-look-up-more-numbers

timthelion
0 replies
20h35m

Do you get unsollicited phone calls in Europe? In Czechia it almost never happens, maybe once every three months...

hammyhavoc
2 replies
15h50m

What about people who are spamming/scamming on WhatsApp? There's some spamming scammer claiming to be working as a recruiter for my biz, but we've never hired a recruiter, certainly aren't hiring, and this guy is running around without any credibility saying he works for us. Doesn't even have an email address at our domain, just some random UK cellphone number, but is apparently based in China after he forgot to translate one of his messages to someone from Chinese.

Asks people if they would like a "task" to complete for £10 as a test for recruitment.

throwaway2037
1 replies
15h29m

Real question: What is the end goal? Do you think if the person agrees to the test for recruitment, they will be groomed for a bigger financial scam?

hammyhavoc
0 replies
6h44m

I would imagine they're outsourcing crap time-consuming jobs they get given on Fiverr and its ilk that ChatGPT can't blag a passable end result for, i.e., multimedia or research about present stuff. They may spend money, but the contractor has simply outsourced it—they're still going to make something.

As it's a "test", the candidate is likely to put a lot of time and effort into making it as good as they can to impress.

drawkward
2 replies
1h0m

All advertising is spam.

To wit: most definitions of spam lean into the unsolicited and commercial nature of the content, as well as its large reach. (Many also refer specifically to the internet being the medium of distribution, but imo that is arbitrarily narrowing the definition.) For example: "unsolicited usually commercial messages (such as emails, text messages, or Internet postings) sent to a large number of recipients or posted in a large number of places" [1]

[1] https://www.merriam-webster.com/dictionary/spam

tzs
1 replies
15m

That's clearly wrong. For many technical and hobbyist publications the ads are one of the reasons people buy the publication. E.g., probably 80% of the time I bought an issue of "Computer Shopper" [1] it was to see the ads.

[1] https://news.ycombinator.com/item?id=36206526

drawkward
0 replies
13m

If that is the reason someone is buying the publication, it's not an ad; it's the content.

WillAdams
2 replies
20h3m

This is enabled by essentially free communication --- while it's probably not feasible to go back to the rates Ma Bell used to charge so as to fund their infrastructure (and generous pensions, and stock dividends)....

Why not have a system where a small amount of money is put in escrow when a call is placed? If the person who answered the call is displeased by it, they can punch in a command at the keypad after the call to claim the money.

xyst
0 replies
18h42m

This is equivalent to having a “premium number” (like the pay by minute or per txt)

TeMPOraL
0 replies
18h17m

Why not have a system where ...

Because phone operators make money on all those robocalls, and have so far decided they'll make more money allowing it, than trying to obstruct it.

And, I mean, what are you going to do? Change your phone operator? They're all the same. Switch to using WhatsApp/Signal/etc. for calls? Sure, but you're still paying some telco for the mobile data plan.

That's the problem: all the actors with leverage here are happily making money on the scheme; regular customers... have no leverage.

yonatan8070
1 replies
11h19m

Who's actually benefitting from these spam/scam/advertising phone calls? Whenever I get one I pick up, realize I'm listening to a recording, and hang up immideately, I don't know what it was trying to shove in my face. Who's listening to these calls and doing something that benefits the spammers?

InCityDreams
0 replies
7h36m

At the end of the recorded speech is a human. Let the speech play, then don't talk to the human. Let them listen to ... silence. They'll soon stop calling.

xyst
1 replies
18h44m

A case where LLMs or ChatGPT would be very handy.

Setup honey pot number. Route all phone numbers to be answered by ChatGPT. Use ChatGPT to extract phone number. Use twilio api to lookup phone number. Route report to appropriate carrier(s)

hackernewds
0 replies
18h40m

route report to appropriate carrier

hilarious to assume that would exist, it is very manual. if any carrier attempted to automate it, it would be used offensively for fraud as well

vegardx
1 replies
5h42m

We had a quite interesting case around text spam in Norway recently. A foreign student was arrested by the Norwegian Police Security Service (PST) for allegedly spying and doing signal intelligence. What he was actually doing was driving around Oslo with an IMSI catcher, which he used to send SMS messages that tried to scam the recipient to devices that was intercepted.

He had his dorm raided by the security services, was put in custody with no visitation or communication for quite some time. According to his lawyer it was quite a traumatic experience, which I can believe. The guy was likely just recruited by some foreign scammers to deliver the messages for them.

In that case the carriers network wasn't even involved. Not sure how you'd stop something like that from happening.

razakel
0 replies
5h11m

According to his lawyer it was quite a traumatic experience

Play stupid games, win stupid prizes.

underseacables
1 replies
18h29m

Why can't we reverse the flow? A phone number that is spam, what if we throw it right back at them? Especially text spam. A lot of times it's not even a phone number, and that's just wrong. But if it is a phone number, it would be nice to put that into a website and have that phone number up voted by other people who have gotten spam. If it reaches a certain vote total, then it can be confirmed as a spam number, and the software starts overwhelming it with messages and calls.

green-salt
0 replies
14h54m

Unfortunately most of the source numbers are spoofed, and this would cause collateral damage to any legit users of those numbers.

thrownaway561
1 replies
2h56m

This whole system needs to be automated. It should be as easy as clicking a "Report" button on my phone or in my SMS application.

troydavis
0 replies
2h44m

I actually emailed the FCC[1] last month and asked about/offered to try to make this available to more consumers. A realistic MVP would be an FCC-operated wrapper for Twilio's Line Type Intelligence API, so that any consumer could find the carrier responsible for any US phone number. That's not perfect, but it's a great start.

One step better would be that plus a unified contact form - basically, the process I described here, but without needing to find the carrier and then map that to a contact. The FCC already operates a robocall reporting form that goes to an FCC-operated Zendesk, but reports don't go to the responsible carrier.

The FCC did not reply.

[1]: Loyaan Egal, Bureau Chief of the Enforcement Bureau: https://www.fcc.gov/about-enforcement-bureau/loyaan-egal-2 (the person most often cited in robocall enforcement actions)

knodi
1 replies
14h23m

I'm getting so much political spam its crazy and even when trying to opt-out it doesn't nothing. I get another message from a new number.

troydavis
0 replies
2h53m

Your experience is typical. The process covered on this site is the only realistic shot of getting anything done. It's far from perfect and it shouldn't be necessary, but it's much better than nothing.

(It's still worth reporting to your wireless provider as well (see https://reportphonespam.org/#Reporting-abuse-to-your-wireles...), but only because it's so quick to do, not because it's likely to help.)

farhanhubble
1 replies
8h10m

Crowdsource blocking can be quite effective at weeding out actual spam. For example Truecaller helps me block most spam calls based on how many others have flagged a particular number. It's not foolproof but usually any new numbers that telemarketers grab get quickly blacklisted. On a few occasions I've had to unblock numbers because I needed them temporarily but I can't remember missing anything important like payment reminders or OTPs.

In contrast, I've remained opted into the Indian Do Not Call registry forever but that hasn't deterred telemarketers much.

rishav_sharan
0 replies
7h37m

If you are Indian, its so much easier to report spam (but of course not easy enough! TRAI, while seems to have good intentions here, is pretty much a luddite where tech & UX are concerned).

make sure your number is register in DnD. Use the official DnD app to register a compliant https://play.google.com/store/apps/details?id=trai.gov.in.dn...

The app rating should have given you a clue that the app is quite a crapfest, but it is still better than the steps folks in US have to wade through. it takes a couple of clicks and a short few typed words to raise the complaint.

Another way is to simply send a sms to 1909 as

“<Content of UCC, including Referred Telephone Number (RTN) if any>, <header/telephone number from which UCC has originated>, <dd/mm/yy, hh:mm>”

the schema is different for all ISPs, but in general none seems to adhere strictly to the schema as long as the datetime, phone number and comma delimiters are correct.

Here is the link from airtel on the way to file such complaints; https://www.airtel.in/business/commercial-communication/asse...

ISPs are required by law to folloup on these and once you have sent the sms, you will get update smses for your complaint.

I usually just use the DnD app and when that isn't working, I send the sms. the schema i can get from my sms history and just change the caller id, phone and date. And in return I get the satisfaction of getting the update about the phone number of the violater being barred or limited to 20 calls in a month.

chriscjcj
1 replies
12h59m

Years ago, I switched my home "land line" to a VOIP service provider. This provider allows you to build a simple set of actions which will occur when a call comes in.

Mine works like this:

    Is the call from a fax machine? 
        If yes, take the fax and send the fax to my e-mail.
        If no, move to the next step.
    Is the call from a number that's on my whitelist?
        If yes, ring my phone.
        If no, move to the next step.
    Play a recording of my voice saying, "Please press 5 to be connected."
    Keep repeating this recording for 30 seconds.
        If the caller presses 5, ring my phone.
        If 30 seconds elapse and 5 is not pressed, hang up.
No more robo-calls for me. Zero. Gone. I check the logs and I'm still receiving many calls a day from random numbers, but none makes it through the test.

I know that if everyone did this, scammers would figure out a way around it, but for the last 7 years, it's completely solved my problem.

imiric
0 replies
10h17m

That's a simple phone CAPTCHA that can stop robocalls, but human spammers can easily bypass it, so you likely don't get such calls.

I think just sending all calls to voicemail and urging callers to leave a message if it's important should stop all spam. No human spammer will want you to call them back, and most of their numbers are spoofed, so you couldn't anyway.

Llamamoe
1 replies
3h12m

Does this work internationally?

troydavis
0 replies
2h58m

If you can find a Web site or API that offers carrier lookup for a given country's phone numbers, the same process should work. That's far from guaranteed, but Twilio's "Line Type Intelligence" API claims to support other countries. I'm not sure whether that includes carrier name, so you'll need to try it: https://reportphonespam.org/#not-in-the-us-or-canada , https://reportphonespam.org/#Twilio

AlexITC
1 replies
19h52m

This is very helpful, in Mexico, we have a couple of government-provided services where you register to not get advertise/financial calls, when you do, you can report them, and, in theory, the organizations could get considerable bills due to this violation.

I have been thinking that we should make an app to automate the reporting process.

A fun detail is that the government sells the lists of people that do not want to get contacted.

Also, lately, I have been getting many calls that are supposedly coming from the UK.

Namidairo
0 replies
15h18m

Australia has a similar program running called the Do Not Call Register. Does not really stop anything apart from the legally running telemarketers.

Obviously does nothing to stop the phishing calls from overseas (typically compromised) voip services that overstamp local numbers.

Additionally the register has carveouts for calls such as charities, political groups, and research calls (polling).

Also, lately, I have been getting many calls that are supposedly coming from the UK.

Anecdotally, I have been getting the ocassional spam texts from the UK, but all from numbers registered with O2. It's pretty useless to associate any origin and come to conclusions without a large amount of data. (That and the use of CLI overstamping means that it could be from anywhere)

zx8080
0 replies
16h41m

What is the percentage of spam calls from total nowadays? Does anyone know the numbers?

viknesh
0 replies
10h49m

For me, the operative part of the comment is

To keep it simple, consider starting by reporting SMSes.

For robocalls, expect that many robocall CIDs are spoofed

I pretty much only get spam calls (texts are pretty rare), and I'm 99% sure all the source numbers are spoofed and I assume it's infeasible to actually trace them. If this is wrong, please let me know.

Otherwise, I guess I'll just keep waiting for STIR (https://en.wikipedia.org/wiki/STIR/SHAKEN).

varelse
0 replies
20h9m

Or simplify a white list for all cell phones by default. But just like they make it hard to keep your snail mailbox from being clogged from garbage, this remains hard.

trollied
0 replies
6h7m

In the uk you can just forward the SMS to 7726 ('SPAM' on an old phone). You'll get a text back from your provider with details.

teknico
0 replies
8h9m

“Should I Answer?” uses a crowdsourced approach, and works quite well for me.

https://www.shouldianswer.net/

teddyh
0 replies
1h8m

This feels like “I created a free public service to report when you find you bought toys with lead paint!”. Phone spam is not an appreciable problem in many, many other countries

ssss11
0 replies
7h28m

In my country political parties can spam you. The leaders need to lead.

pogue
0 replies
7h34m

I remember in the mid/late 2000s/2010s using Spamcop.net prodigiously to report every spam email I got because there were just so many. Spamcop automated the reporting process by looking up the mailhost that the spam was sent from and sent a report to the ISP hosting it along with any URL included to the site hosting it, as well as sites like Phishtank, the APWG, the FTC & etc.

Spamcop also ran their own RBL for the emails that got reported to them.

Eventually, the vast majority of hosting companies just refused reports from Spamcop altogether and spam really didn't get 'solved' until Gmail came out and Google's spam filtering software actually worked.

I also use Google Messages for this same reason as they will just catch the majority of bogus SMS spam & I have Bitdefender which catches the majority of phishing attempts.

Other than that there are premium options like Robokiller and YouCall which admittedly have pretty funny ways to answer phone calls and waste their time or answer phone calls with the disconnect/SIT tones.

But when people ask me how to deal with this problem I typically point them to https://ftc.gov/robocalls that has handy info.

mikeytown2
0 replies
16h5m

Where can I report Google Voice and Text Mail subscribers? Those are usually the sms spam accounts

logicallee
0 replies
7h6m

Could you add an exception for law enforcement? There are 600,000 missing persons reports annually (especially concerning when a person is being prevented from calling their loved one) and it would make their job easier and could start with a very small consent question. Feel free to email me if you need any more background or information.

dmckeon
0 replies
20h1m

My spam calls are down to 1 or 2 per month after using nomorobo.com for 5 years. It is not direct action as TFA suggests, but it works well for me. Callers reach voicemail, almost never leave messages, and the phone almost never rings. Free for VOIP numbers, $20/year for mobile. Several similar alternatives exist.

coin
0 replies
17h37m

report the phone number that the call instructs you to contact

They never reveal a phone number and Caller ID is spoofed.

chronogram
0 replies
12h27m

Why has this not been such a problem in the Netherlands? Can't be any recent laws, because I haven't heard it be problematic all my life. Maybe too small scale, or too high a price, or I live in a bubble?

boffinAudio
0 replies
3h35m

Burn this statement into your brain: "Take my contact details off your list and never contact me again!"

Do whatever you can to make the scam caller hear you make this statement, loud and clear.

The moment they hear it they are supposed to comply, or they will face immense fines. This statement is anathema to the scammer.

I've had a lot of fun with this over the years.

My favorite variety of scamming the scammers involves leading them to believe that I am an old senile guy scared to death of "Windows Security" and that I will do anything to let them fix the problem, including giving them my password, which is of course, the above statement, which I often have to spell out, letter for letter, before they get it: "Take my contact details off your list and never contact me again!"

;)

baby
0 replies
9h25m

I get spam calls and texts every day, interestingly now the spam even reached my whatsapp and telegram, although most of it is text and calls. The texts and calls are always from a different number. So what I did: I disabled calls entirely. At this point people only call me on whatsapp so it hasn’t been an issue in the last few years. Text is annoying because people in the US still use it instead of whatsapp so I can’t disable it completely.

Rapzid
0 replies
20h1m

It's a sad state. We are right on the cusp but I seem to have no way to block all unverified numbers. But the verified number system is in place!

BLKNSLVR
0 replies
17h50m

If the telecoms industry wasn't making a profit from it, it would have disappeared a long time ago.

It's just a pity that we all need to pay these companies for one fairly crucial thing, but it enables these undesirable things.

It's somewhat surprising that the rules or enforcement are so lax, given that everyone, including politicians, have elderly relatives that are susceptible to this BS. (but then, maybe the politicians ARE the elderly relatives, and therefore they don't see the problem).