[HN Gopher] FCC will require phone carriers to authenticate call... ___________________________________________________________________ FCC will require phone carriers to authenticate calls by June 2021 [pdf] Author : hbcondo714 Score : 297 points Date : 2020-03-31 20:44 UTC (2 hours ago) (HTM) web link (docs.fcc.gov) (TXT) w3m dump (docs.fcc.gov) | webkike wrote: | If you're wondering if STIR/SHAKEN was a James Bond reference, | the answer is yes, and SHAKEN stands for "Signature-based | Handling of Asserted information using toKENs" | nsxwolf wrote: | Backronym writing is a real gift. | [deleted] | aasasd wrote: | I vaguely wonder sometimes as to what's the origin of the | extreme US cheesiness with these names. Like, it's elementary- | school level kitsch. | | So far my guess is 'the forties'. Or maybe the fifties, with | all the 'atomic' ridiculousness. | mulmen wrote: | Does this mean I can start answering my phone again? Are there | other vectors for spam calling which are not addressed by this | solution? | gjs278 wrote: | you can start answering your phone now | PunksATawnyFill wrote: | Good question. I recently started getting Internet-originated | SMS spam on AT&T, which Verizon gave consumers the means to | block a decade ago. | | When confronted with it, AT&T whined that they can't block | it... which is absolute bullshit. Not only does Verizon let you | block it, but it isn't even shown as coming from a phone | number, but rather a GMail address or other non-numeric source. | So obviously this pattern could be used to filter it. | | AT&T also pummels customers with multiple texts for several | days a month to tell them that there's nothing wrong with their | accounts. No exaggeration: They badger you to tell you that | your monthly auto-pay is going to happen, and then WHOA it DID | happen! They wake you up for this, and insist on sending these | idiotic notices via TEXT and not E-mail. | | Again, when confronted on it, AT&T whined that they can't do | anything, and that customers should put themselves on the Do | Not Call list... which expressly ALLOWS companies you DO | BUSINESS WITH to communicate with you. | | AT&T: hating its own customers. | 0xff00ffee wrote: | After 15 years of cell phone spam, anything that shows up as a | number on my personal phone, and not a contact, is reflexively | ignored. I don't think I'll ever shake this habit: if it is | important, they will leave a message. | manigandham wrote: | This is now a feature on both iOS and Android to mute | incoming calls that are not a contact. Voicemails still work | fine, and with automatic transcription and all the other | digital channels still open, there's no real reason to worry | about anonymous calls anymore. | SketchySeaBeast wrote: | I'm struggling with the decision of whether to automatically | block anyone not in my contact list and leave a message in my | voicemail explaining why. Don't want to be unfriendly, but | it's only getting more ridiculous. | p2t2p wrote: | > Don't want to be unfriendly | | Given my experience with robocall and stuff, I _do_ want to | be unfriendly. I hate to guts that a lot of people assume | that they can interrupt you at any given moment. One guy | called me when I was driving and wasn't having any of that, | kept on complaining that I didn't pick up. | | My current plan right now is to have a landline number from | my internet provider (that's SIP essentially). Whenever | anybody requires a phone number give that. | | Now, there will be an voice mail device on my side with | message: "Hello, you've reached p2t2p and his wife. We _DO_ | _NOT_ appreciate your call. If you think your message is | important, leave a message and we maybe, just maybe call | you back. Otherwise, use email please". | | And that is not even for bloody robocalls. Every single | bloody prick think they are important enough to steal my | time. Hey, I wrote you an email so respond to email, | dumbass, don't call me. There were one windows installation | company that stopped interacting with as soon as I told | them that I won't pick up the phone and asked them to use | email. | | I guess the ultimate solution is to have my iPhone in | permanent "contacts only" mode. | zszugyi wrote: | I did try it for a bit, but it was annoying when Uber | drivers and delivery people were trying to reach me. | SketchySeaBeast wrote: | Yeah, that's my fear as well - I'd miss signal in the | noise filtering. | grahamburger wrote: | Recent versions of Android have an option to automatically | screen callers who are not in your contact list. The caller | gets a robot asking them why they're calling, and you can | view the transcript of their response in real time and | decide whether or not to answer. | SketchySeaBeast wrote: | I thought that was Pixel only option - I'll have to dig | in and see if it's available on a Samsung. | ChuckMcM wrote: | As I recall this was a Google Voice feature as well. | | My mobile carrier puts "scam likely" on calls that its | algorithms have determined are likely spam, I wish there | was an android option to just not ring the phone if that | was the caller ID name. | bonestamp2 wrote: | My carrier was doing that but I haven't seen it on any | spam calls lately. | alistairSH wrote: | I did this as soon as the iPhone offered it. | | It only bit me once in several years - I was expecting a | call-back from a doctor and they weren't in my contacts. | Missed their call, which caused a several hour delay and | some annoyance (thankfully not for something critical). | jrimbault wrote: | I've pushed that reflex further : if it's important, the | information will find its way to me. | grawprog wrote: | Yup, my voicemail box is constantly full of spam messages | to the point where, my voicemail's regularly full, I | couldn't be bothered to listen to any of them any more and | it's too much effort to clean it out. My last carrier used | to send a text if I got a voicemail. If I got a text saying | I got a voicemail from someone I knew, I'd call back, if it | was a random number, I'd just delete the text. | alharith wrote: | "Hi jimmy, this is your mother. My phone died so I am | calling you from the hospital phone. Your dad is in the | hospital. Come quick." | | In the above scenario that happened to me, sometimes you | just don't have time to let the information find you. | catalogia wrote: | That would suck, but fear of that scenario isn't enough | to make me answer my phone for spammers 5 times a day. | MaxBarraclough wrote: | Also, I'd hope they'd have the initiative to leave both a | voicemail and an SMS. | jfengel wrote: | Especially with a service like Google Voice that will | transcribe your voicemails. I will look at those; it | takes a fraction of a second to dismiss the spam. | | Fortunately, I only get a few of those a week, so far. | [deleted] | paulie_a wrote: | Was your presence at the hospital going to aide in his | treatment? | ChrisClark wrote: | Wow... | penagwin wrote: | While this is a possible scenario- in my experience most | people know to call multiple times - especially if they | know that the recipient won't recognize the number. | | I don't usually answer my phone from unknown numbers, but | when I get three calls from the same number within 3 | minutes I'll pick it up. | gruez wrote: | >While this is a possible scenario- in my experience most | people know to call multiple times - especially if they | know that the recipient won't recognize the number. | | I'm surprised robocallers don't do this too | jon_richards wrote: | Calling once selects for people more likely to fall for | the actual scam. | munk-a wrote: | I just wish various Doctors and Dentists could jump on the | text/email bandwagon. Those two groups are responsible for | nearly all of my phone usage - with a slim minority (that | is itself mostly spam) being calls from my bank. | dbg31415 wrote: | If it's important, they can text me. I ain't listening to | voice mail. Eww, what is this, the Middle Ages? | sinak wrote: | About a year ago I changed my voicemail to say "Sorry I | missed your call. I don't listen to voicemails, please send | me a message by SMS instead." | | I couldn't recommend doing so more. Text is so much easier, | even if you have voicemail transcription. | annoyingnoob wrote: | Seems like the scammers may already be using smaller service | providers which means you have at least two more years of not | answering your phone. I like voicemail, if its important | they'll leave a message. | hkiely wrote: | Is this now just a problem on mobile phones in the USA now that | we have the no call list legislation? | reaperducer wrote: | _Is this now just a problem on mobile phones in the USA now | that we have the no call list legislation?_ | | The Do Not Call list has been around for almost 30 years. | | https://en.wikipedia.org/wiki/Do_not_call_list | cryptonector wrote: | About time. How will SS7 get fixed though? | ilamont wrote: | Kind of curious why it took so long. Spoofed calls for fraud, | swatting, etc. have been around for at least ten years. | nsxwolf wrote: | Longer than that. As long as ISDN/T1 PRI lines have been | around. A completely unhindered spoofing playground. | gnopgnip wrote: | There are three big issues. Robocalls and spam were not as | severe an issue until relatively recently. Political robocalls | in the US are an important part of how some politicians get | elected and raise funds. And these solutions cost a non trivial | amount of money, without increasing revenue directly. | bmm6o wrote: | This is about requiring authentication, not blocking | robocalls in general. Right? | closeparen wrote: | Why it took so long to get all the participants in a federated | network to adopt a new protocol? | | If that were easy we would have solved email spam too, 20 years | ago. | deadmutex wrote: | The problem had gotten worse due to easily available tools used | to automate the calls. | tommoor wrote: | Only in recent years has the FCC been inundated with complaints | about it. Seems like there was a tipping point in volume the | last couple of years | hirundo wrote: | 90% of my phone calls are from the same outfit informing me that | this is my last chance to renew the extended warranty on my car. | Based on my call history that recording is officially my best | friend. And a very forgiving one given that it has been my last | chance hundreds of times over the past several years. I hope this | regulation won't interfere with our relationship. | reaperducer wrote: | 100% of the spam calls on my work phone in the last six months | have been trying to sell me Marriott time shares. | | I don't know if it's actually Marriott or not. I suspect it's | just one of those "affiliate marketing" scumbags, but it still | makes the brand look bad. | tjr225 wrote: | I get these on a semi weekly basis! | fortran77 wrote: | It's not Marriott. I feel a little bad for the big hotel | chains whose names are used by telemarketing scammers because | their reputations get tarnished. | jandrese wrote: | I let the call go through once just to see what kind of | extended warranty they were willing to give me on a '93 Ranger | with 250,000 miles. | | I even hit them with "But YOU called ME with this extremely | urgent notification! It's my last chance, you gotta help me!", | but sadly I couldn't get her to give me a quote. | macjohnmcc wrote: | Well we really wouldn't want you to miss out on this | opportunity to get that warranty. Were here when we call you. | MFLoon wrote: | Mine are mostly offers for a pre-approved $250,000 loan, | available in less than 48 hours, for my non-existent small | business. Curious what stolen mailing list I'm on that makes | scammers think I'm a small business owner. Flattering really, | that they'd think I have the potential to become one. | amyjess wrote: | I don't even own a car, and I get them all the time. I make | sure to very loudly laugh whenever I get one of those calls, | even when I'm completely alone (which has been a little over | two weeks solid now...). | JumpCrisscross wrote: | > _the same outfit informing me that this is my last chance to | renew the extended warranty on my car_ | | I get this too. Which is great, my being a New Yorker who | hasn't had a driver's license for close to a decade. | pathseeker wrote: | What do you use for an ID? Passport card? State issued ID? | JumpCrisscross wrote: | > _State issued ID?_ | | This. | mumblemumble wrote: | A non-driver's state ID works for everything you'd use a | driver's license for except operating a motor vehicle. Even | though people typically say, "Driver's license" when they | really mean either kind of state-issued ID card. | koheripbal wrote: | Isn't a driver's license nearly as easy to renew as a | non-driving state ID? I don't see the point, even if you | only need to rent a car on rare instances. | entropicdrifter wrote: | It's generally a bad idea to carry your passport around | just because it has your SSN printed on it | zymhan wrote: | No, it's generally a bad idea to carry it around in a | foreign country when you don't need it that day, as | having it pickpocketed would suck. | | Having it pickpocketed in the US would be far less of a | headache, minus lacking an ID for a few weeks. | njarboe wrote: | This is bad advice. You will need it in almost any | country when getting stopped by the police. That can | happen any time. This will be more of a problem in some | countries than others. If you really can't find a way to | carry it without getting pick pocketed then a least carry | a xeroxed copy with you. | mmhsieh wrote: | this is not true. but if you need to carry around proof | of passport there is a passport card you can get for | North American travel only. | laurencerowe wrote: | The passport card is no longer valid for international | flights, only entry by land or sea. | JumpCrisscross wrote: | > _passport...has your SSN printed on it_ | | My U.S. passport certainly doesn't. | | (Agree that it's a poor form of primary identification. | It is bulky. It is difficult to replace. And it contains | more information than you need for identification.) | ComputerGuru wrote: | Does it really? I can't find anything to agree with that. | kube-system wrote: | US passports do not have SSNs printed on them. | tomcam wrote: | Try registering a domain name without privacy. | nsxwolf wrote: | Is this going to impact PBX systems that use ANI Information | Elements to route calls and provide caller information to | customer service applications, etc? Spoofing is kind of at the | heart of those things. | annoyingnoob wrote: | I guess you are not spoofing when you are using your assigned | DIDs and not just making up any old number. | skrtskrt wrote: | ANIs will still get "spoofed" as there are many legitimate use | cases, but you have to "have permission" to use the number | you're spoofing, meaning either you own the number or your | underlying service provider owns it on your behalf. | | The legitimate use case is basically: I am placing this | outbound call over VOIP or a different phone line, but I want | this ANI to show up on the callee's phone, so when they call | back they go to the correct line (dentist's desk, software | sales line, whatever) | phs2501 wrote: | The issue is when I have a automated answering system | (asterisk, for a museum). It rattles off some prerecorded | info, possibly with prompting. To talk to a human, I need to | forward the caller (I.e. call and set up a voice bridge since | the caller is already connected to me) to one of our | volunteers, which will be to their cell phone (we are a | railway museum and we don't have a staffed office on | weekdays). I want to forward the call with the original | caller's phone as the caller ID so that if they miss the call | our volunteer can call back easily rather than trying some | awful game of tag via calling back the PBX. | skrtskrt wrote: | This should still be available, though it will likely take | some work from the underlying software provider to be | compliant. | | The goal of the regulation is to cut down spam/scam | calling, not legitimate uses, and the telecom providers | know these uses and lobby heavily to make sure they'll | still be allowed to work. | | The telecom providers don't like scam calls either, or more | specifically they don't like short calls. All the work and | compute power in telecom is used to set up the call, then | the cost of keeping it going is minimal so the longer the | call goes on, the more economical it is for the provider | rob-olmos wrote: | How will it still be available and what underlying | software work in Asterisk is being referred to? | | Based on the given situation, the museum won't own the | caller's cell phone number that they're trying to | legitimately spoof for their staff's cell phone. | skrtskrt wrote: | You've reached the limit of my knowledge here regarding | implementation details :) | | Asterisk is an open-source PBX system. | | I _think_ the original call will come in with the correct | STIR /SHAKEN-validated SIP headers and the PBX can | forward them as is, see some discussion here: | https://community.freepbx.org/t/stop-robocalls- | act/60921/5 | | I previously worked at a telecom software company, and I | know everyone with their shit together has been preparing | for this for a long time, which is why I'm not concerned | that these common cases should continue working. These | softwares are often built on top of or on a branch of | Freeswitch/Asterisk. | [deleted] | throwaway55554 wrote: | Not soon enough. | wbsun wrote: | Finally, although there are still more than a year to wait. Hope | there won't be any extension to this deadline. | | Before that, I'll keep allowing calls from my contacts only, and | bear the miserable inconvenience that sometime my packages may | take a month to arrive because of denials of calls from the | delivery guy. | devindotcom wrote: | There is in fact an extension for small providers who say they | need more time. | megavolcano wrote: | I swear to god the number of times I've hung up on people | threatening visits from the FBI because I'm behind on my taxes | (spoiler: i'm not) has been driving me literally insane. Maybe I | can actually turn my ringer on my phone off of silent mode one | day. | 0xff00ffee wrote: | Google Voice impact? | kirykl wrote: | Maybe a registry of parties trusted to spoof | markovbot wrote: | are you asking if this will impact Google Voice? If so, I would | imagine the answer is almost certainly that it will not at all | impact Google Voice. | | Google Voice works by acting as a proxy for outbound calls. You | dial your friend's number, your phone dials Google, who in turn | dials your friend with your Google Voice number displayed. | Since Google is the legitimate carrier for your Google Voice | number, I can think of no reason why they wouldn't be able to | correctly sign the call. | | Additionally, Google is listed as one of the companies that the | 14 companies that the FCC appears to be working with (see the | table towards the bottom of https://www.fcc.gov/call- | authentication), so I assume they are planning to use it for Fi | and hopefully Voice as well. | imajoo wrote: | You can see various carriers responses here: | https://www.fcc.gov/call-authentication | | Some have provided timelines (such as AT&T), others skirt around | it basically saying that they offer call SPAM protection already | but that they will go along. | annoyingnoob wrote: | There is something else that recently reduced the spam calls I | get, enforcement: https://arstechnica.com/tech- | policy/2020/02/fcc-accuses-carr... | | Knowing a number is legitimate is great, going after scammers and | those that support them is better. | davidajackson wrote: | I don't think SHAKEN/STIR will stop robocalls, because the | economics won't change. It's too easy for foreign robocalls to | cycle numbers once one gets blocked. It will help with | impersonation, but I don't believe it will significantly decrease | robocall volume. | | I think the telecommunications world will need to adopt | whitelisting instead of blacklisting. I run a whitelist-based | robocall blocking service called CallStop and a lot of customers | have straight up given up using their landline, or their personal | number with unknown numbers. | | People who claim that whitelisting is a bad solution because it | could block an emergency call don't realize that many people | don't answer unknown calls anymore--and I don't think SHAKEN/STIR | will change that. | ehsankia wrote: | Can you extend a bit on that, maybe I'm not understanding the | problem right. Isn't having calls being authenticated the first | step before you have whitelist/blacklist? Once every call can | be definitively attached to a given source, then you can ban | any foreign provider that let's these proliferate completely, | no? | davidajackson wrote: | SHAKEN/STIR + Whitelisting is the best solution. SHAKEN/STIR | by itself isn't going to change things too much I think. But | it is a step in the right direction. | | Whitelisting without SHAKEN/STIR is still extremely | functional. | | There are billions of unique American numbers possible, and | with 250-500 average contacts per random dial, contact | spoofing is not statistically significant. | fortran77 wrote: | Not when you can contact spoof banks, major drug store | chains, AppleCare, etc. | davidajackson wrote: | Good point, if they're calling from a specific number. I | see of lot of complaints about companies like FedEx | though, where the calls come from random numbers. | Wowfunhappy wrote: | How do you get a new US phone number? (I'll likely block | anything from outside the US if authentication happens.) | davidajackson wrote: | You don't, you just forward your current number to protect | it. | hammock wrote: | What are the privacy implications of this requirement? | ronack wrote: | Will this also prevent spoofed text messages? | DaniloDias wrote: | It will not. | | These concepts could be applied towards that purpose if the | MNOs wanted to rejigger messaging within their networks & for | inter-carrier connectivity- but pursuing that solution would | likely be more challenging to implement than this solution. | RKearney wrote: | I have never received a spoofed SMS message so I already | thought this was impossible. | ronack wrote: | It's definitely a thing and prevent some SMS use cases due to | this security hole. This new FCC doc only references tracing | the original sender. | | "The FCC has also called on the industry to "trace back" | illegal spoofed calls and text messages to their original | sources." | Cymen wrote: | Any ideas on how this will be implemented? I use voip.ms and I | can put in my cell phone number as my caller ID so I don't need | to pay for a DID (basically, rent a phone number) and calls come | back to my cell. | | I've thought about some potential SaaS products that would | leverage a similar approach. But I would authenticate the number | back to the customer before allowing it to be used to avoid | spam/malicious use. | | Based on this: | | https://www.zdnet.com/article/at-t-comcast-successfully-test... | | I'm guessing this is down a layer at the provider level. So in my | case, voip.ms would verify the number I'm using as my caller ID | is actually a number that comes back to me. Right now, I just | tested by swapping my wife's cell number in, they do not validate | this. Now I understand how people are spoofing numbers so easily. | | Obvious approach is to voice call or text the number and require | the confirmation code to be entered on the website. Just curious | though if there are other requirements or if this is up to the | provider. | zubi wrote: | For those who don't live in the US, this entertaining video by | John Oliver might give some context: | | https://www.youtube.com/watch?v=FO0iG_P0P6M | 7ewis wrote: | Ironically, the video is only available in the US. | | Had to hop onto my VPN to view. | | Edit: Ok, at least not viewable in the UK! | zubi wrote: | Interesting. I was able to watch it from somewhere not in the | US before posting. | selectnull wrote: | I'm not in the US and I'm able to watch it. Maybe it's not | available in your country, but it is available in at least | one other country than US. | g_p wrote: | Sounds like a good first step to solve the problem of how the | legacy telecoms systems were designed in a world of trusted peers | federating. End result of course being spoofed caller ID spam. | | Unless I'm missing something though, these measures don't do | anything to address the gaping security hole in mobile networks | around roaming interconnects. That seems to still be a pretty | good way to do SMS and call interception, which are increasingly | valuable as phones become the de-facto 2FA channel for access to | banking, cryptocurrency services and more. | bigbird-media wrote: | Summary: | | The Federal Communications Commission adopted new rules requiring | caller ID authentication using technical standards known as | "STIR/SHAKEN." These rules will further the FCC's efforts to | protect consumers against malicious caller ID "spoofing," which | is often used during robocall scam campaigns. | dmurray wrote: | This made me check the date, but it's still March 31 in the US. | Negitivefrags wrote: | Why is this problem unique to the USA? | | I'm not saying I never get spam calls, but I certainly have to | scroll back quite a bit in my phone call history to see the last | one. | | Also, on the rare occasion I do get a spam call it's always from | some random international country like South Sudan or Oman that I | would never expect a phone call from. | | What makes this problem uniquely hard to solve for the USA as | opposed to anywhere else? | bscphil wrote: | I guess I'll be the one to go against the grain here: I might | have received 2-3 spam calls in the last year, here in the US. | This implies that most spam callers aren't simply dialing | random numbers, they're getting lists from somewhere, and by | luck or by care my number hasn't ended up on their lists. | reaperducer wrote: | _Why is this problem unique to the USA?_ | | Every time this topic comes up on HN, someone asks that same | question. | | Then there's a bunch of responses that are lots of | suppositions. | | Then several people from small European countries chime in | saying they've never had a spam call. | | Then a bunch of Europeans from large countries show up saying | they get spam calls, too, and it's not just an American thing. | | "Why is this problem unique to the USA?" is pretty much a meme | at this point. | | Also... | | You start with "Why is this problem unique to the USA?" Then | follow immediately with, "I'm not saying I never get spam | calls" which means it's not unique to the USA. So your first | sentence is invalid. | octocop wrote: | Isn't FCC unique to USA? Well there you have it. | selectnull wrote: | Hmmm... no! I guess every country has an equivalent agency | to FCC. | hadrien01 wrote: | I live in one of the largest EU countries and I receive two, | maybe three, spam calls a month. From what I understand from | the never-finishing list of articles about spam calls in the | US, some receive tens, sometimes hundreds of spam calls every | day! So yes, this problem is, from our EU perspective, unique | to the USA. | mumblemumble wrote: | I would not be surprised if turns out to be a bigger problem | in the USA (and perhaps also Canada) than elsewhere simply | because the USA is a bigger, easier-to-access pot of honey. | It's a large area where everyone speaks the same language, | lives in roughly the same regulatory and infrastructural | environment, and has a lot of money to be scammed out of. | | Europe is also a big pot of honey. But people speak all sorts | of different languages, so you'd have to redo the scam in a | bunch of different languages, which increases the effort | needed to operate it. | | China has way more people all speaking the same language, but | relatively less wealth per person, which reduces the | potential payoff. Also, I wouldn't be surprised if China has | already closed off most the holes people exploit to operate | these scams, because they seem less inclined than the US | government to fart around about silly crap like this for | literally decades on end. | | Latin America has scads of people all speaking the same | language, too, but they're split up among a whole bunch of | different countries, which I'm guessing also makes the scam | more expensive to operate at scale than it would be in the | English-speaking bits of North America. | igammarays wrote: | I'm not sure why your comment is being downvoted. Having | THE largest rich homogenous market segment in the world | with a weak regulatory environment (aka a free market) is | probably a huge factor in scam targeting. See also Amazon | fake inventory and fake reviews, which are a much bigger | problem in Amazon US than in Amazon Canada, for example. | devonbleak wrote: | Embedded corporate interests and lobbies fighting against | solutions because it'll cost them money to implement or lower | their revenue once implemented. The usual. | throwaway894345 wrote: | What solutions does Europe, etc have that the US doesn't? | Genuine question. | michaelbuckbee wrote: | A working legislature? | thomasfortes wrote: | Don't know about Europe, in Brazil spam calls are common | but you can register your number in a consumer protection | organ to say that you do not want unwanted commercial calls | and if you keep receiving them the companies can be fined, | for me it works "ok", there still companies that don't give | a shit but at least the amount of calls I receive was | reduced a lot... | kube-system wrote: | The US did this _before_ most countries, actually. https: | //en.wikipedia.org/wiki/National_Do_Not_Call_Registry | | Most US spam calls originate outside of the US, though. | Elv13 wrote: | * Not _directly_ related to SPIT (phone SPAM), but one is | https://www.wired.com/story/sim-swap-fix-carriers-banks/ . | | * Carrier maintainer blacklists and other tools have also | been used by providers for a long time. | | * My provider, Voip.ms, enforces a provenance whitelist by | default. This block all SPIT calls coming from unspoofed | caller ids. That may not sound like a lot, but yes, many of | those calls are just random poeple picking their phone or | mobile apps using the real phone number. Having regulation | to track internal sources of SPIT (and _enforcing it_ ) | helps too. | | * In Canada, you can subscribe to a non-telemarketing list. | That doesn't help for scammer, but it helps for unsolicited | ads, political spam and private surveys. This works when | _enforced_ with actual penalties for all parties involved. | kube-system wrote: | Canada's non-telemarketing list that was implemented in | 2004 is essentially a copy of the US legislation that was | passed the year prior. It doesn't help though, as neither | the US nor Canada have jurisdiction in India, et al. | tinus_hn wrote: | It's not, but the scale... in the Netherlands if your number is | on the lists you get I'd say about 5 calls from 'Microsoft' | each month, not multiple calls a day. | igammarays wrote: | Free market problems. | amiga_500 wrote: | Because they are unable to organize themselves. See healthcare | and schools for other examples. | mrlala wrote: | If you were setting up a little scam operation.. who would you | target? | | Would you decide to set it up to call over 40 different | countries in europe? Each with their own way to show phone | numbers.. each carrier attempting to block spam calls in | different ways.. each country virtually speaking a different | language.. most countries having some different banking/credit | card systems.. | | Or would you target the united states which everyone in the | country has the same phone prefix, pretty much all speak one | language, banking/credit card system is the same, etc. | | It just makes sense for scammers to target the US. You can | target hundreds of millions of people the exact same way. | morei wrote: | That argument just suggests that the US has more scam | operations, not that it has all of them. Crowding out is | still an effect, so scam operations are incentivized to | target other countries as the US becomes fully 'supplied' | with scammers. | bdamm wrote: | As a bonus, the country has a high ratio of people desperate | for services who also have enough money to successfully | swindle. Many elderly Americans really believe that a | stranger on the phone might be their ticket to improved | conditions. | bonestamp2 wrote: | It's not that the problem has been solved elsewhere, it's that | other countries aren't as big of a target so it's not as big of | a problem in most other countries (for a variety of reasons). | That said, some area codes in Canada are getting bad too. | skissane wrote: | > What makes this problem uniquely hard to solve for the USA as | opposed to anywhere else? | | Starting back in 2018 or so there has been a big problem in | Australia with scam robocalls claiming to be from the | Australian Tax Office. The area code on the phone number said | it came from Canberra (Australia's national capital) which made | it look more legitimate-even though in reality the call was | coming from an overseas call centre. The robocall started out | by saying that you owe a tax debt and the government was about | to commence legal action against you. I got several, most | people would hang up realising that the tax office would never | do that. (It is illegal for them to discuss your tax affairs | without confirming your identity first, so they would never | begin a call by saying you owed them money.) But, some people | (many of whom were older/vulnerable people), stayed on the call | until the live operator connected. The live operator would then | pressure them to go to a store and buy thousands of dollars of | gift cards (such as Apple iTunes gift cards) and then read the | gift card details out over the phone. | | So this definitely is not a problem unique to the US. And other | countries have been taking action, see e.g. in Australia - | https://www.zdnet.com/article/acma-proposes-three-point-acti... | | (Definitely the incidence of these fake calls appears to be | falling, in my personal experience, so I think the Australian | authorities'/industry's attempts are producing some result.) | liambates wrote: | Having lived in the UK and now the US, the problem is | definitely more pronounced over here. In the UK I was receiving | a spam call maybe once a week at most. In the US I was getting | about 2-3 a week on a pretty new number before blocking all | unknown calls. | | I assume it's simply more worthwhile to create a fraudulent | scheme aimed at a larger population with more potential marks. | Florin_Andrei wrote: | > _Why is this problem unique to the USA?_ | | It's the price we have to pay for Freedom (TM). | floatingatoll wrote: | Prior to the quarantine, I was getting 5-10 per day. | | The USA's implementation of caller ID does not require | telephone providers to verify that the caller ID provided to | them is real (prior to this order). | | It also lacks the regulatory structure to "trace" | (prosecute/fine) calls through the various interlocking copper, | cellular, and internet telephony networks, even when each | provider in the chain has data. | | It also lacks the legal experience in knowing how (and the | political will) to prosecute an individual who dials random | phone numbers with an app on a cell phone using a prepaid SIM | card and conferences whoever they're calling into a spam line | to disguise the spam line's phone number. | | Finally, our regulatory system is captive to politicians who | depend critically on spam calls for political purposes, and | continue to fight to have those calls exempt, making it vastly | more difficult to stop all robocalls because some are legal and | others aren't. | robert_foss wrote: | In Sweden telephone operators can be forbidden from let spam | categorized numbers reach you. | | That and you know.. breaking the law has actual consequences | for both spammers and telcos. | JumpCrisscross wrote: | > _telephone operators can be forbidden from let spam | categorized numbers reach you_ | | How does this help with a spoofed call from India? | StavrosK wrote: | Same in Greece, I think it's EU-wide. When you tell a spammer | you're registered in our do-not-call registry, they get | scared pretty quickly and swear they'll never call again. | They usually don't. | kube-system wrote: | The US has had a do-not-call registry for 17 years. It | still doesn't deter spammers who are not subject to US law. | | Back in the early 2000's I remember doing the same thing | you're describing: startling spammers by telling them that | I was on the list. But today, the people calling don't care | because they aren't inside of the US. | kube-system wrote: | The US just has a lot of VoIP providers, English speakers, and | is a high income country. It is just an easy target. ___________________________________________________________________ (page generated 2020-03-31 23:00 UTC)