[HN Gopher] FCC will require phone carriers to authenticate call...
___________________________________________________________________
FCC will require phone carriers to authenticate calls by June 2021
[pdf]
Author : hbcondo714
Score : 297 points
Date : 2020-03-31 20:44 UTC (2 hours ago)
(HTM) web link (docs.fcc.gov)
(TXT) w3m dump (docs.fcc.gov)
| webkike wrote:
| If you're wondering if STIR/SHAKEN was a James Bond reference,
| the answer is yes, and SHAKEN stands for "Signature-based
| Handling of Asserted information using toKENs"
| nsxwolf wrote:
| Backronym writing is a real gift.
| [deleted]
| aasasd wrote:
| I vaguely wonder sometimes as to what's the origin of the
| extreme US cheesiness with these names. Like, it's elementary-
| school level kitsch.
|
| So far my guess is 'the forties'. Or maybe the fifties, with
| all the 'atomic' ridiculousness.
| mulmen wrote:
| Does this mean I can start answering my phone again? Are there
| other vectors for spam calling which are not addressed by this
| solution?
| gjs278 wrote:
| you can start answering your phone now
| PunksATawnyFill wrote:
| Good question. I recently started getting Internet-originated
| SMS spam on AT&T, which Verizon gave consumers the means to
| block a decade ago.
|
| When confronted with it, AT&T whined that they can't block
| it... which is absolute bullshit. Not only does Verizon let you
| block it, but it isn't even shown as coming from a phone
| number, but rather a GMail address or other non-numeric source.
| So obviously this pattern could be used to filter it.
|
| AT&T also pummels customers with multiple texts for several
| days a month to tell them that there's nothing wrong with their
| accounts. No exaggeration: They badger you to tell you that
| your monthly auto-pay is going to happen, and then WHOA it DID
| happen! They wake you up for this, and insist on sending these
| idiotic notices via TEXT and not E-mail.
|
| Again, when confronted on it, AT&T whined that they can't do
| anything, and that customers should put themselves on the Do
| Not Call list... which expressly ALLOWS companies you DO
| BUSINESS WITH to communicate with you.
|
| AT&T: hating its own customers.
| 0xff00ffee wrote:
| After 15 years of cell phone spam, anything that shows up as a
| number on my personal phone, and not a contact, is reflexively
| ignored. I don't think I'll ever shake this habit: if it is
| important, they will leave a message.
| manigandham wrote:
| This is now a feature on both iOS and Android to mute
| incoming calls that are not a contact. Voicemails still work
| fine, and with automatic transcription and all the other
| digital channels still open, there's no real reason to worry
| about anonymous calls anymore.
| SketchySeaBeast wrote:
| I'm struggling with the decision of whether to automatically
| block anyone not in my contact list and leave a message in my
| voicemail explaining why. Don't want to be unfriendly, but
| it's only getting more ridiculous.
| p2t2p wrote:
| > Don't want to be unfriendly
|
| Given my experience with robocall and stuff, I _do_ want to
| be unfriendly. I hate to guts that a lot of people assume
| that they can interrupt you at any given moment. One guy
| called me when I was driving and wasn't having any of that,
| kept on complaining that I didn't pick up.
|
| My current plan right now is to have a landline number from
| my internet provider (that's SIP essentially). Whenever
| anybody requires a phone number give that.
|
| Now, there will be an voice mail device on my side with
| message: "Hello, you've reached p2t2p and his wife. We _DO_
| _NOT_ appreciate your call. If you think your message is
| important, leave a message and we maybe, just maybe call
| you back. Otherwise, use email please".
|
| And that is not even for bloody robocalls. Every single
| bloody prick think they are important enough to steal my
| time. Hey, I wrote you an email so respond to email,
| dumbass, don't call me. There were one windows installation
| company that stopped interacting with as soon as I told
| them that I won't pick up the phone and asked them to use
| email.
|
| I guess the ultimate solution is to have my iPhone in
| permanent "contacts only" mode.
| zszugyi wrote:
| I did try it for a bit, but it was annoying when Uber
| drivers and delivery people were trying to reach me.
| SketchySeaBeast wrote:
| Yeah, that's my fear as well - I'd miss signal in the
| noise filtering.
| grahamburger wrote:
| Recent versions of Android have an option to automatically
| screen callers who are not in your contact list. The caller
| gets a robot asking them why they're calling, and you can
| view the transcript of their response in real time and
| decide whether or not to answer.
| SketchySeaBeast wrote:
| I thought that was Pixel only option - I'll have to dig
| in and see if it's available on a Samsung.
| ChuckMcM wrote:
| As I recall this was a Google Voice feature as well.
|
| My mobile carrier puts "scam likely" on calls that its
| algorithms have determined are likely spam, I wish there
| was an android option to just not ring the phone if that
| was the caller ID name.
| bonestamp2 wrote:
| My carrier was doing that but I haven't seen it on any
| spam calls lately.
| alistairSH wrote:
| I did this as soon as the iPhone offered it.
|
| It only bit me once in several years - I was expecting a
| call-back from a doctor and they weren't in my contacts.
| Missed their call, which caused a several hour delay and
| some annoyance (thankfully not for something critical).
| jrimbault wrote:
| I've pushed that reflex further : if it's important, the
| information will find its way to me.
| grawprog wrote:
| Yup, my voicemail box is constantly full of spam messages
| to the point where, my voicemail's regularly full, I
| couldn't be bothered to listen to any of them any more and
| it's too much effort to clean it out. My last carrier used
| to send a text if I got a voicemail. If I got a text saying
| I got a voicemail from someone I knew, I'd call back, if it
| was a random number, I'd just delete the text.
| alharith wrote:
| "Hi jimmy, this is your mother. My phone died so I am
| calling you from the hospital phone. Your dad is in the
| hospital. Come quick."
|
| In the above scenario that happened to me, sometimes you
| just don't have time to let the information find you.
| catalogia wrote:
| That would suck, but fear of that scenario isn't enough
| to make me answer my phone for spammers 5 times a day.
| MaxBarraclough wrote:
| Also, I'd hope they'd have the initiative to leave both a
| voicemail and an SMS.
| jfengel wrote:
| Especially with a service like Google Voice that will
| transcribe your voicemails. I will look at those; it
| takes a fraction of a second to dismiss the spam.
|
| Fortunately, I only get a few of those a week, so far.
| [deleted]
| paulie_a wrote:
| Was your presence at the hospital going to aide in his
| treatment?
| ChrisClark wrote:
| Wow...
| penagwin wrote:
| While this is a possible scenario- in my experience most
| people know to call multiple times - especially if they
| know that the recipient won't recognize the number.
|
| I don't usually answer my phone from unknown numbers, but
| when I get three calls from the same number within 3
| minutes I'll pick it up.
| gruez wrote:
| >While this is a possible scenario- in my experience most
| people know to call multiple times - especially if they
| know that the recipient won't recognize the number.
|
| I'm surprised robocallers don't do this too
| jon_richards wrote:
| Calling once selects for people more likely to fall for
| the actual scam.
| munk-a wrote:
| I just wish various Doctors and Dentists could jump on the
| text/email bandwagon. Those two groups are responsible for
| nearly all of my phone usage - with a slim minority (that
| is itself mostly spam) being calls from my bank.
| dbg31415 wrote:
| If it's important, they can text me. I ain't listening to
| voice mail. Eww, what is this, the Middle Ages?
| sinak wrote:
| About a year ago I changed my voicemail to say "Sorry I
| missed your call. I don't listen to voicemails, please send
| me a message by SMS instead."
|
| I couldn't recommend doing so more. Text is so much easier,
| even if you have voicemail transcription.
| annoyingnoob wrote:
| Seems like the scammers may already be using smaller service
| providers which means you have at least two more years of not
| answering your phone. I like voicemail, if its important
| they'll leave a message.
| hkiely wrote:
| Is this now just a problem on mobile phones in the USA now that
| we have the no call list legislation?
| reaperducer wrote:
| _Is this now just a problem on mobile phones in the USA now
| that we have the no call list legislation?_
|
| The Do Not Call list has been around for almost 30 years.
|
| https://en.wikipedia.org/wiki/Do_not_call_list
| cryptonector wrote:
| About time. How will SS7 get fixed though?
| ilamont wrote:
| Kind of curious why it took so long. Spoofed calls for fraud,
| swatting, etc. have been around for at least ten years.
| nsxwolf wrote:
| Longer than that. As long as ISDN/T1 PRI lines have been
| around. A completely unhindered spoofing playground.
| gnopgnip wrote:
| There are three big issues. Robocalls and spam were not as
| severe an issue until relatively recently. Political robocalls
| in the US are an important part of how some politicians get
| elected and raise funds. And these solutions cost a non trivial
| amount of money, without increasing revenue directly.
| bmm6o wrote:
| This is about requiring authentication, not blocking
| robocalls in general. Right?
| closeparen wrote:
| Why it took so long to get all the participants in a federated
| network to adopt a new protocol?
|
| If that were easy we would have solved email spam too, 20 years
| ago.
| deadmutex wrote:
| The problem had gotten worse due to easily available tools used
| to automate the calls.
| tommoor wrote:
| Only in recent years has the FCC been inundated with complaints
| about it. Seems like there was a tipping point in volume the
| last couple of years
| hirundo wrote:
| 90% of my phone calls are from the same outfit informing me that
| this is my last chance to renew the extended warranty on my car.
| Based on my call history that recording is officially my best
| friend. And a very forgiving one given that it has been my last
| chance hundreds of times over the past several years. I hope this
| regulation won't interfere with our relationship.
| reaperducer wrote:
| 100% of the spam calls on my work phone in the last six months
| have been trying to sell me Marriott time shares.
|
| I don't know if it's actually Marriott or not. I suspect it's
| just one of those "affiliate marketing" scumbags, but it still
| makes the brand look bad.
| tjr225 wrote:
| I get these on a semi weekly basis!
| fortran77 wrote:
| It's not Marriott. I feel a little bad for the big hotel
| chains whose names are used by telemarketing scammers because
| their reputations get tarnished.
| jandrese wrote:
| I let the call go through once just to see what kind of
| extended warranty they were willing to give me on a '93 Ranger
| with 250,000 miles.
|
| I even hit them with "But YOU called ME with this extremely
| urgent notification! It's my last chance, you gotta help me!",
| but sadly I couldn't get her to give me a quote.
| macjohnmcc wrote:
| Well we really wouldn't want you to miss out on this
| opportunity to get that warranty. Were here when we call you.
| MFLoon wrote:
| Mine are mostly offers for a pre-approved $250,000 loan,
| available in less than 48 hours, for my non-existent small
| business. Curious what stolen mailing list I'm on that makes
| scammers think I'm a small business owner. Flattering really,
| that they'd think I have the potential to become one.
| amyjess wrote:
| I don't even own a car, and I get them all the time. I make
| sure to very loudly laugh whenever I get one of those calls,
| even when I'm completely alone (which has been a little over
| two weeks solid now...).
| JumpCrisscross wrote:
| > _the same outfit informing me that this is my last chance to
| renew the extended warranty on my car_
|
| I get this too. Which is great, my being a New Yorker who
| hasn't had a driver's license for close to a decade.
| pathseeker wrote:
| What do you use for an ID? Passport card? State issued ID?
| JumpCrisscross wrote:
| > _State issued ID?_
|
| This.
| mumblemumble wrote:
| A non-driver's state ID works for everything you'd use a
| driver's license for except operating a motor vehicle. Even
| though people typically say, "Driver's license" when they
| really mean either kind of state-issued ID card.
| koheripbal wrote:
| Isn't a driver's license nearly as easy to renew as a
| non-driving state ID? I don't see the point, even if you
| only need to rent a car on rare instances.
| entropicdrifter wrote:
| It's generally a bad idea to carry your passport around
| just because it has your SSN printed on it
| zymhan wrote:
| No, it's generally a bad idea to carry it around in a
| foreign country when you don't need it that day, as
| having it pickpocketed would suck.
|
| Having it pickpocketed in the US would be far less of a
| headache, minus lacking an ID for a few weeks.
| njarboe wrote:
| This is bad advice. You will need it in almost any
| country when getting stopped by the police. That can
| happen any time. This will be more of a problem in some
| countries than others. If you really can't find a way to
| carry it without getting pick pocketed then a least carry
| a xeroxed copy with you.
| mmhsieh wrote:
| this is not true. but if you need to carry around proof
| of passport there is a passport card you can get for
| North American travel only.
| laurencerowe wrote:
| The passport card is no longer valid for international
| flights, only entry by land or sea.
| JumpCrisscross wrote:
| > _passport...has your SSN printed on it_
|
| My U.S. passport certainly doesn't.
|
| (Agree that it's a poor form of primary identification.
| It is bulky. It is difficult to replace. And it contains
| more information than you need for identification.)
| ComputerGuru wrote:
| Does it really? I can't find anything to agree with that.
| kube-system wrote:
| US passports do not have SSNs printed on them.
| tomcam wrote:
| Try registering a domain name without privacy.
| nsxwolf wrote:
| Is this going to impact PBX systems that use ANI Information
| Elements to route calls and provide caller information to
| customer service applications, etc? Spoofing is kind of at the
| heart of those things.
| annoyingnoob wrote:
| I guess you are not spoofing when you are using your assigned
| DIDs and not just making up any old number.
| skrtskrt wrote:
| ANIs will still get "spoofed" as there are many legitimate use
| cases, but you have to "have permission" to use the number
| you're spoofing, meaning either you own the number or your
| underlying service provider owns it on your behalf.
|
| The legitimate use case is basically: I am placing this
| outbound call over VOIP or a different phone line, but I want
| this ANI to show up on the callee's phone, so when they call
| back they go to the correct line (dentist's desk, software
| sales line, whatever)
| phs2501 wrote:
| The issue is when I have a automated answering system
| (asterisk, for a museum). It rattles off some prerecorded
| info, possibly with prompting. To talk to a human, I need to
| forward the caller (I.e. call and set up a voice bridge since
| the caller is already connected to me) to one of our
| volunteers, which will be to their cell phone (we are a
| railway museum and we don't have a staffed office on
| weekdays). I want to forward the call with the original
| caller's phone as the caller ID so that if they miss the call
| our volunteer can call back easily rather than trying some
| awful game of tag via calling back the PBX.
| skrtskrt wrote:
| This should still be available, though it will likely take
| some work from the underlying software provider to be
| compliant.
|
| The goal of the regulation is to cut down spam/scam
| calling, not legitimate uses, and the telecom providers
| know these uses and lobby heavily to make sure they'll
| still be allowed to work.
|
| The telecom providers don't like scam calls either, or more
| specifically they don't like short calls. All the work and
| compute power in telecom is used to set up the call, then
| the cost of keeping it going is minimal so the longer the
| call goes on, the more economical it is for the provider
| rob-olmos wrote:
| How will it still be available and what underlying
| software work in Asterisk is being referred to?
|
| Based on the given situation, the museum won't own the
| caller's cell phone number that they're trying to
| legitimately spoof for their staff's cell phone.
| skrtskrt wrote:
| You've reached the limit of my knowledge here regarding
| implementation details :)
|
| Asterisk is an open-source PBX system.
|
| I _think_ the original call will come in with the correct
| STIR /SHAKEN-validated SIP headers and the PBX can
| forward them as is, see some discussion here:
| https://community.freepbx.org/t/stop-robocalls-
| act/60921/5
|
| I previously worked at a telecom software company, and I
| know everyone with their shit together has been preparing
| for this for a long time, which is why I'm not concerned
| that these common cases should continue working. These
| softwares are often built on top of or on a branch of
| Freeswitch/Asterisk.
| [deleted]
| throwaway55554 wrote:
| Not soon enough.
| wbsun wrote:
| Finally, although there are still more than a year to wait. Hope
| there won't be any extension to this deadline.
|
| Before that, I'll keep allowing calls from my contacts only, and
| bear the miserable inconvenience that sometime my packages may
| take a month to arrive because of denials of calls from the
| delivery guy.
| devindotcom wrote:
| There is in fact an extension for small providers who say they
| need more time.
| megavolcano wrote:
| I swear to god the number of times I've hung up on people
| threatening visits from the FBI because I'm behind on my taxes
| (spoiler: i'm not) has been driving me literally insane. Maybe I
| can actually turn my ringer on my phone off of silent mode one
| day.
| 0xff00ffee wrote:
| Google Voice impact?
| kirykl wrote:
| Maybe a registry of parties trusted to spoof
| markovbot wrote:
| are you asking if this will impact Google Voice? If so, I would
| imagine the answer is almost certainly that it will not at all
| impact Google Voice.
|
| Google Voice works by acting as a proxy for outbound calls. You
| dial your friend's number, your phone dials Google, who in turn
| dials your friend with your Google Voice number displayed.
| Since Google is the legitimate carrier for your Google Voice
| number, I can think of no reason why they wouldn't be able to
| correctly sign the call.
|
| Additionally, Google is listed as one of the companies that the
| 14 companies that the FCC appears to be working with (see the
| table towards the bottom of https://www.fcc.gov/call-
| authentication), so I assume they are planning to use it for Fi
| and hopefully Voice as well.
| imajoo wrote:
| You can see various carriers responses here:
| https://www.fcc.gov/call-authentication
|
| Some have provided timelines (such as AT&T), others skirt around
| it basically saying that they offer call SPAM protection already
| but that they will go along.
| annoyingnoob wrote:
| There is something else that recently reduced the spam calls I
| get, enforcement: https://arstechnica.com/tech-
| policy/2020/02/fcc-accuses-carr...
|
| Knowing a number is legitimate is great, going after scammers and
| those that support them is better.
| davidajackson wrote:
| I don't think SHAKEN/STIR will stop robocalls, because the
| economics won't change. It's too easy for foreign robocalls to
| cycle numbers once one gets blocked. It will help with
| impersonation, but I don't believe it will significantly decrease
| robocall volume.
|
| I think the telecommunications world will need to adopt
| whitelisting instead of blacklisting. I run a whitelist-based
| robocall blocking service called CallStop and a lot of customers
| have straight up given up using their landline, or their personal
| number with unknown numbers.
|
| People who claim that whitelisting is a bad solution because it
| could block an emergency call don't realize that many people
| don't answer unknown calls anymore--and I don't think SHAKEN/STIR
| will change that.
| ehsankia wrote:
| Can you extend a bit on that, maybe I'm not understanding the
| problem right. Isn't having calls being authenticated the first
| step before you have whitelist/blacklist? Once every call can
| be definitively attached to a given source, then you can ban
| any foreign provider that let's these proliferate completely,
| no?
| davidajackson wrote:
| SHAKEN/STIR + Whitelisting is the best solution. SHAKEN/STIR
| by itself isn't going to change things too much I think. But
| it is a step in the right direction.
|
| Whitelisting without SHAKEN/STIR is still extremely
| functional.
|
| There are billions of unique American numbers possible, and
| with 250-500 average contacts per random dial, contact
| spoofing is not statistically significant.
| fortran77 wrote:
| Not when you can contact spoof banks, major drug store
| chains, AppleCare, etc.
| davidajackson wrote:
| Good point, if they're calling from a specific number. I
| see of lot of complaints about companies like FedEx
| though, where the calls come from random numbers.
| Wowfunhappy wrote:
| How do you get a new US phone number? (I'll likely block
| anything from outside the US if authentication happens.)
| davidajackson wrote:
| You don't, you just forward your current number to protect
| it.
| hammock wrote:
| What are the privacy implications of this requirement?
| ronack wrote:
| Will this also prevent spoofed text messages?
| DaniloDias wrote:
| It will not.
|
| These concepts could be applied towards that purpose if the
| MNOs wanted to rejigger messaging within their networks & for
| inter-carrier connectivity- but pursuing that solution would
| likely be more challenging to implement than this solution.
| RKearney wrote:
| I have never received a spoofed SMS message so I already
| thought this was impossible.
| ronack wrote:
| It's definitely a thing and prevent some SMS use cases due to
| this security hole. This new FCC doc only references tracing
| the original sender.
|
| "The FCC has also called on the industry to "trace back"
| illegal spoofed calls and text messages to their original
| sources."
| Cymen wrote:
| Any ideas on how this will be implemented? I use voip.ms and I
| can put in my cell phone number as my caller ID so I don't need
| to pay for a DID (basically, rent a phone number) and calls come
| back to my cell.
|
| I've thought about some potential SaaS products that would
| leverage a similar approach. But I would authenticate the number
| back to the customer before allowing it to be used to avoid
| spam/malicious use.
|
| Based on this:
|
| https://www.zdnet.com/article/at-t-comcast-successfully-test...
|
| I'm guessing this is down a layer at the provider level. So in my
| case, voip.ms would verify the number I'm using as my caller ID
| is actually a number that comes back to me. Right now, I just
| tested by swapping my wife's cell number in, they do not validate
| this. Now I understand how people are spoofing numbers so easily.
|
| Obvious approach is to voice call or text the number and require
| the confirmation code to be entered on the website. Just curious
| though if there are other requirements or if this is up to the
| provider.
| zubi wrote:
| For those who don't live in the US, this entertaining video by
| John Oliver might give some context:
|
| https://www.youtube.com/watch?v=FO0iG_P0P6M
| 7ewis wrote:
| Ironically, the video is only available in the US.
|
| Had to hop onto my VPN to view.
|
| Edit: Ok, at least not viewable in the UK!
| zubi wrote:
| Interesting. I was able to watch it from somewhere not in the
| US before posting.
| selectnull wrote:
| I'm not in the US and I'm able to watch it. Maybe it's not
| available in your country, but it is available in at least
| one other country than US.
| g_p wrote:
| Sounds like a good first step to solve the problem of how the
| legacy telecoms systems were designed in a world of trusted peers
| federating. End result of course being spoofed caller ID spam.
|
| Unless I'm missing something though, these measures don't do
| anything to address the gaping security hole in mobile networks
| around roaming interconnects. That seems to still be a pretty
| good way to do SMS and call interception, which are increasingly
| valuable as phones become the de-facto 2FA channel for access to
| banking, cryptocurrency services and more.
| bigbird-media wrote:
| Summary:
|
| The Federal Communications Commission adopted new rules requiring
| caller ID authentication using technical standards known as
| "STIR/SHAKEN." These rules will further the FCC's efforts to
| protect consumers against malicious caller ID "spoofing," which
| is often used during robocall scam campaigns.
| dmurray wrote:
| This made me check the date, but it's still March 31 in the US.
| Negitivefrags wrote:
| Why is this problem unique to the USA?
|
| I'm not saying I never get spam calls, but I certainly have to
| scroll back quite a bit in my phone call history to see the last
| one.
|
| Also, on the rare occasion I do get a spam call it's always from
| some random international country like South Sudan or Oman that I
| would never expect a phone call from.
|
| What makes this problem uniquely hard to solve for the USA as
| opposed to anywhere else?
| bscphil wrote:
| I guess I'll be the one to go against the grain here: I might
| have received 2-3 spam calls in the last year, here in the US.
| This implies that most spam callers aren't simply dialing
| random numbers, they're getting lists from somewhere, and by
| luck or by care my number hasn't ended up on their lists.
| reaperducer wrote:
| _Why is this problem unique to the USA?_
|
| Every time this topic comes up on HN, someone asks that same
| question.
|
| Then there's a bunch of responses that are lots of
| suppositions.
|
| Then several people from small European countries chime in
| saying they've never had a spam call.
|
| Then a bunch of Europeans from large countries show up saying
| they get spam calls, too, and it's not just an American thing.
|
| "Why is this problem unique to the USA?" is pretty much a meme
| at this point.
|
| Also...
|
| You start with "Why is this problem unique to the USA?" Then
| follow immediately with, "I'm not saying I never get spam
| calls" which means it's not unique to the USA. So your first
| sentence is invalid.
| octocop wrote:
| Isn't FCC unique to USA? Well there you have it.
| selectnull wrote:
| Hmmm... no! I guess every country has an equivalent agency
| to FCC.
| hadrien01 wrote:
| I live in one of the largest EU countries and I receive two,
| maybe three, spam calls a month. From what I understand from
| the never-finishing list of articles about spam calls in the
| US, some receive tens, sometimes hundreds of spam calls every
| day! So yes, this problem is, from our EU perspective, unique
| to the USA.
| mumblemumble wrote:
| I would not be surprised if turns out to be a bigger problem
| in the USA (and perhaps also Canada) than elsewhere simply
| because the USA is a bigger, easier-to-access pot of honey.
| It's a large area where everyone speaks the same language,
| lives in roughly the same regulatory and infrastructural
| environment, and has a lot of money to be scammed out of.
|
| Europe is also a big pot of honey. But people speak all sorts
| of different languages, so you'd have to redo the scam in a
| bunch of different languages, which increases the effort
| needed to operate it.
|
| China has way more people all speaking the same language, but
| relatively less wealth per person, which reduces the
| potential payoff. Also, I wouldn't be surprised if China has
| already closed off most the holes people exploit to operate
| these scams, because they seem less inclined than the US
| government to fart around about silly crap like this for
| literally decades on end.
|
| Latin America has scads of people all speaking the same
| language, too, but they're split up among a whole bunch of
| different countries, which I'm guessing also makes the scam
| more expensive to operate at scale than it would be in the
| English-speaking bits of North America.
| igammarays wrote:
| I'm not sure why your comment is being downvoted. Having
| THE largest rich homogenous market segment in the world
| with a weak regulatory environment (aka a free market) is
| probably a huge factor in scam targeting. See also Amazon
| fake inventory and fake reviews, which are a much bigger
| problem in Amazon US than in Amazon Canada, for example.
| devonbleak wrote:
| Embedded corporate interests and lobbies fighting against
| solutions because it'll cost them money to implement or lower
| their revenue once implemented. The usual.
| throwaway894345 wrote:
| What solutions does Europe, etc have that the US doesn't?
| Genuine question.
| michaelbuckbee wrote:
| A working legislature?
| thomasfortes wrote:
| Don't know about Europe, in Brazil spam calls are common
| but you can register your number in a consumer protection
| organ to say that you do not want unwanted commercial calls
| and if you keep receiving them the companies can be fined,
| for me it works "ok", there still companies that don't give
| a shit but at least the amount of calls I receive was
| reduced a lot...
| kube-system wrote:
| The US did this _before_ most countries, actually. https:
| //en.wikipedia.org/wiki/National_Do_Not_Call_Registry
|
| Most US spam calls originate outside of the US, though.
| Elv13 wrote:
| * Not _directly_ related to SPIT (phone SPAM), but one is
| https://www.wired.com/story/sim-swap-fix-carriers-banks/ .
|
| * Carrier maintainer blacklists and other tools have also
| been used by providers for a long time.
|
| * My provider, Voip.ms, enforces a provenance whitelist by
| default. This block all SPIT calls coming from unspoofed
| caller ids. That may not sound like a lot, but yes, many of
| those calls are just random poeple picking their phone or
| mobile apps using the real phone number. Having regulation
| to track internal sources of SPIT (and _enforcing it_ )
| helps too.
|
| * In Canada, you can subscribe to a non-telemarketing list.
| That doesn't help for scammer, but it helps for unsolicited
| ads, political spam and private surveys. This works when
| _enforced_ with actual penalties for all parties involved.
| kube-system wrote:
| Canada's non-telemarketing list that was implemented in
| 2004 is essentially a copy of the US legislation that was
| passed the year prior. It doesn't help though, as neither
| the US nor Canada have jurisdiction in India, et al.
| tinus_hn wrote:
| It's not, but the scale... in the Netherlands if your number is
| on the lists you get I'd say about 5 calls from 'Microsoft'
| each month, not multiple calls a day.
| igammarays wrote:
| Free market problems.
| amiga_500 wrote:
| Because they are unable to organize themselves. See healthcare
| and schools for other examples.
| mrlala wrote:
| If you were setting up a little scam operation.. who would you
| target?
|
| Would you decide to set it up to call over 40 different
| countries in europe? Each with their own way to show phone
| numbers.. each carrier attempting to block spam calls in
| different ways.. each country virtually speaking a different
| language.. most countries having some different banking/credit
| card systems..
|
| Or would you target the united states which everyone in the
| country has the same phone prefix, pretty much all speak one
| language, banking/credit card system is the same, etc.
|
| It just makes sense for scammers to target the US. You can
| target hundreds of millions of people the exact same way.
| morei wrote:
| That argument just suggests that the US has more scam
| operations, not that it has all of them. Crowding out is
| still an effect, so scam operations are incentivized to
| target other countries as the US becomes fully 'supplied'
| with scammers.
| bdamm wrote:
| As a bonus, the country has a high ratio of people desperate
| for services who also have enough money to successfully
| swindle. Many elderly Americans really believe that a
| stranger on the phone might be their ticket to improved
| conditions.
| bonestamp2 wrote:
| It's not that the problem has been solved elsewhere, it's that
| other countries aren't as big of a target so it's not as big of
| a problem in most other countries (for a variety of reasons).
| That said, some area codes in Canada are getting bad too.
| skissane wrote:
| > What makes this problem uniquely hard to solve for the USA as
| opposed to anywhere else?
|
| Starting back in 2018 or so there has been a big problem in
| Australia with scam robocalls claiming to be from the
| Australian Tax Office. The area code on the phone number said
| it came from Canberra (Australia's national capital) which made
| it look more legitimate-even though in reality the call was
| coming from an overseas call centre. The robocall started out
| by saying that you owe a tax debt and the government was about
| to commence legal action against you. I got several, most
| people would hang up realising that the tax office would never
| do that. (It is illegal for them to discuss your tax affairs
| without confirming your identity first, so they would never
| begin a call by saying you owed them money.) But, some people
| (many of whom were older/vulnerable people), stayed on the call
| until the live operator connected. The live operator would then
| pressure them to go to a store and buy thousands of dollars of
| gift cards (such as Apple iTunes gift cards) and then read the
| gift card details out over the phone.
|
| So this definitely is not a problem unique to the US. And other
| countries have been taking action, see e.g. in Australia -
| https://www.zdnet.com/article/acma-proposes-three-point-acti...
|
| (Definitely the incidence of these fake calls appears to be
| falling, in my personal experience, so I think the Australian
| authorities'/industry's attempts are producing some result.)
| liambates wrote:
| Having lived in the UK and now the US, the problem is
| definitely more pronounced over here. In the UK I was receiving
| a spam call maybe once a week at most. In the US I was getting
| about 2-3 a week on a pretty new number before blocking all
| unknown calls.
|
| I assume it's simply more worthwhile to create a fraudulent
| scheme aimed at a larger population with more potential marks.
| Florin_Andrei wrote:
| > _Why is this problem unique to the USA?_
|
| It's the price we have to pay for Freedom (TM).
| floatingatoll wrote:
| Prior to the quarantine, I was getting 5-10 per day.
|
| The USA's implementation of caller ID does not require
| telephone providers to verify that the caller ID provided to
| them is real (prior to this order).
|
| It also lacks the regulatory structure to "trace"
| (prosecute/fine) calls through the various interlocking copper,
| cellular, and internet telephony networks, even when each
| provider in the chain has data.
|
| It also lacks the legal experience in knowing how (and the
| political will) to prosecute an individual who dials random
| phone numbers with an app on a cell phone using a prepaid SIM
| card and conferences whoever they're calling into a spam line
| to disguise the spam line's phone number.
|
| Finally, our regulatory system is captive to politicians who
| depend critically on spam calls for political purposes, and
| continue to fight to have those calls exempt, making it vastly
| more difficult to stop all robocalls because some are legal and
| others aren't.
| robert_foss wrote:
| In Sweden telephone operators can be forbidden from let spam
| categorized numbers reach you.
|
| That and you know.. breaking the law has actual consequences
| for both spammers and telcos.
| JumpCrisscross wrote:
| > _telephone operators can be forbidden from let spam
| categorized numbers reach you_
|
| How does this help with a spoofed call from India?
| StavrosK wrote:
| Same in Greece, I think it's EU-wide. When you tell a spammer
| you're registered in our do-not-call registry, they get
| scared pretty quickly and swear they'll never call again.
| They usually don't.
| kube-system wrote:
| The US has had a do-not-call registry for 17 years. It
| still doesn't deter spammers who are not subject to US law.
|
| Back in the early 2000's I remember doing the same thing
| you're describing: startling spammers by telling them that
| I was on the list. But today, the people calling don't care
| because they aren't inside of the US.
| kube-system wrote:
| The US just has a lot of VoIP providers, English speakers, and
| is a high income country. It is just an easy target.
___________________________________________________________________
(page generated 2020-03-31 23:00 UTC)