FTC sues VoIP provider over 'billions of illegal robocalls' A VoIP provider was at the heart of billions of robocalls made over the past five years that broke a slew of US regulations, from enabling telemarketing scams to calling numbers on the National Do Not Call Registry, it is claimed. Los-Angeles-based XCast Labs allowed robocalls from telemarketers to flow through its voice-over- …
I wish callers could be identified by single-use number sequences on a sort of an official authentication apps. You tell the caller the number, and he must push it back into the authentication app with corresponding organization ID. This can be automated, so your phone app first requests the caller to push a newly generated number, cross-checks, and only then your phone rings while showing verified organization ID.
To make it more secure, additional check could be possible by you visiting a known web-site (of your bank, for example), where similar verification will be made.
No need. There is standards-based technology that is already dealing with this problem and it's completely transparent to both caller and recipient. Look up STIR/SHAKEN. It's all based around cryptography with regular EC keys and X.509 certificates. The US have made it mandatory for all telcos to use it, but I don't believe many, if any, are actively blocking based on the results yet. Instead, they are using it to feed a reputation database for now. I think some teething issues need to be resolved before it could be used to block, such as the inconsistent formatting of numbers (e.g. include country code or not). It seems the reputation database alone has made it easier to spot who the real abusers are though, so it's still being effective.
They'll do the same as in the UK: they let the company fail, and fire up the next one which they have already set up.
Instead, these charges should be to the personal fortune of the people owning it, or it should be made a criminal offense with mandatory jail sentence.
Until you make it as personal as a wirebrush where the sun don't shine these people will not stop scamming.
* For non US readers robocalls "we've been trying to reach you about your car's extended warranty" were frequent enough they became a meme
And now that I think about it, it has been at least a year since I remember one of these, maybe these were the guys responsible and the FTC shutting them down spared us all!
I recently bought a "new" (2021) car and I haven't got any calls regarding that but I've got nearly a dozen direct mail spam telling me I need to "activate the warranty on my car". Obviously some lowlifes are getting data on people registering new cars with the state and trying to scam them.
What's weird is none of these use the make/model/year in their communications, they only talk about my "vehicle". Maybe they can only get data that I've registered a car, not what it is?
They don't know you have a car. They're just calling around with the assumption that anyone who doesn't have a car will just hang up. They're probably right. My guess is that, if you indicate that you want to talk to a human, they'll have no clue what your name is, let alone anything about the car you may or may not have.
They don't know you have a car
The robocalls sure, that's true. But for the direct mailings I'm receiving that is MOST DEFINITELY not the case. I hadn't received anything like that until I bought the new car, now pretty much every week I see something - most of them stamped with something like "official" or "to be opened only by addressee under penalty of law" etc. to fool people into thinking they are really important and require immediate action.
In the case of newly purchased cars, these companies are getting records from your state's records offices. Like much data that has been "commoditized", the sellers don't really care how the data is being used, because it's filling state coffers.
The spam mail probably has more access to records and targets new cars, whereas the extended warranty people don't, since what they call an extended warranty is actually just their own damage insurance contract. Then again, that doesn't indicate that the mail spam knows that much more than you do. I had a period where I was getting frequent mail for car insurance, and they knew enough to know my name and address. They did not appear to know that I don't own a car now and in fact I never have, so they don't even have the excuse of tracking an old one.
I had a well-spoken 'lady from Amazon' call my land-line the other day to say 'suspicious activity' had been noted on my Amazon account and it had been blocked.
'Dial 1 to speak to a customer representative.'
I hung up and logged in on my desktop to my Amazon account and, to no surprise, there had been no suspicious activity reported.
Then I recalled I had NEVER given my land-line number to Amazon at all:
Draw your own conclusions ...
I don't know if there is a new level of scam, but I received one of those 'Amazon' calls last week.
Rather than a completely random CLI though, it had my father's landline number in the CLI.
The only time both my father's and my telephone number have been on the same document was "Lasting Power of Attorney" i.e. a UK government site!
If it's a random CLI, I don't answer it. All the agencies I have to deal with Doctors, Schools, Councils, Police, etc. all withhold their number.
Some scammers like to fake a number that's similar to yours, with a similar geographic code but a different number at the end. They appear to think that people are more likely to answer local unknown numbers rather than random ones. If your number starts with the same digits as your father's, or if there is some link between your number and the location of that landline, they might have hit your father's number because of the reduced option set.
A few years ago, I was expecting this would eventually happen to me because scammers were copying a ridiculously long prefix from my number and changing only the last three digits. By chance, I happen to know two people who have numbers in that set, although I'm only in contact with one of them, so I figured it was only a matter of time before they chose one of those. It didn't happen, and now my infrequent robocallers copy fewer digits of my number before randomizing.
> Robocalls should be made illegal, period.
I am on the DNC registry for my country. I regularly renew my registration to the DNC registry. There are no companies that have a legitimate authorization to call me. I regularly report every marketing call I receive to myh country's relevant authority. And yet, I'm at five illegal calls today, and the day is still long.
Most calls I receive have a human at the other end, and it takes all my willpower not to snap at them. I just hang up, sometimes I try to gather information first, to add to my report, but they are very cagey on who they actually work for.
Frankly, at this point I believe that all marketing calls should be illegal, period. No permissions, no "sign here", nothing. All marketing call centers are now illegal. Telephone as a marketing platform just needs to be killed with extreme prejudice.
I do what I can by telling anyone who'll listen to never, ever, accept any offer made via an unexpected phone call, no matter how good or urgent it sounds. No exceptions - in fact, ideally, don't even listen to what the other person has to say, just hang up as soon as you understand it's an unsolicited call. If it's legit and really important, they'll send a registered letter, and if it's legit but they won't send a registered letter, then it's not really important. Sometimes, when I'm feeling unreasonably optimistic, I dream that one day everyone will get it, and the concept will just die.
... to unsolicited telephone calls. Then the size of my repertoire that gets repeated, depends on how fast they terminate the call.
If they have a vaguely UK accent and I am in a good mood then I might interrogate them a little to give substance to the TPS report.
TPS - vaguely useless
Royal Mail unaddressed - fill the the opt-out every 6 months, but still receive the rubbish. Any company that uses this service goes on my "do not buy from" list
Free 'local' magazines - contacted them all to ask not to be delivered to. One deliverer caught me getting into my car and was extremely abusive because he gets paid per delivery. I have it on video, but the Police will not do anything as the magazine company refuse to name the deliveryman.
All these things are a waste of resources: time (all), electricity (TPS), and paper (Mail). The world has little enough without wasting it on this junk!
Don't hang up immediately. Tell them you're very interested and ask them if they can hold on a minute. Then put the phone down until they hang up.
If we can waste enough of their time they become unprofitable. Some Youtubers (Scammer Payback, Kitboga) are doing the Lord's work baiting scammers and wasting hours of their time until they flip out.
I did that for some time, but eventually I decided that the best thing for my blood pressure is to just make the entire experience as short and limited as possible, and forget about it.
Here's an idea. An app where you can push an "it's spam" button during a call. If you do, the phone GUI gets cleared of the call, the mic and speakers go silent, but the call is kept up in the background until the other side hangs up, or until you receive another call. When it's over, a report gets automatically sent to whatever privacy authority is appropriate for your country. Include whatever can be legally included, I'm not sure you can record it without telling them; maybe it can auto-transcribed.
I'd actually pay some money for that.
If we can waste enough of their time they become unprofitable.
Unfortunately I don't think that's practical. Few people will do it, and thanks to the low overhead of VoIP, bots, and minimally-compensated people working from home, these scams are profitable even with a very low hit rate. It might make some recipients feel better to waste the callers' time – and if so, go right ahead – but I doubt it has any noticeable effect on the bottom line.
Spoofing phone numbers of government agencies and health-care providers should be a felony -- just as much as impersonating a policeman is. And civil damages should be at least $25,000 per violating call.
The present civil penalties scheme under the US Do Not Call Act is grossly inadequate (the civil penalty is $500 if no aggregating factors are present, $1500 if any or all aggravating factors are present): the whole scheme needs to be adjusted for inflation since 1990, and then additional penalties for multiple aggravating factors for a call should be additive. Use of any spoofed number should be a severe aggravation -- say $5,000 -- with $25,000 for government/health-provider spoofing.
This is all well and good, but VoIP providers can't call my phone. It takes a telco with a PSTN connection to make that "last mile" connection to my number. The FTC can make a big bluster over shutting down an unknown VoIP provider, but where's the announcement of the fines on their telco accomplices?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
