Spam calls to be reduced starting June 30, 2022

[Owen Lucas]

Long story short, small phone carriers (100,000 customers or less) were exempt until 2023 from implementing anti-robocalling measures to allow more time for them to update their systems. The FCC decided to move the compliance date to today, June 30th.

A system known as STIR/SKAKEN is used to assign a token for each phone call that only an FCC approved carriers have access to. The receiving carrier then verifies the token and allows the call to go through, otherwise without a token, a non verified phone call wont make it across the network. This system prevents spoofed numbers and ID's that abuse the caller ID protocol and stops spammers because they use fly by night small carriers that cater to overseas spamming operations.

With the FCC moving the compliance date to today, these carriers will have to close shop or update their systems, which would defeat their purpose. Hopefully this stops the majority of spammers because it removes their anonymity and requires traceable numbers / companies to comply with the do not call registry (linked below, sign up).

So if you receive a call from a company, and you are on the do not call registry then you can literally sue them in court. if you are determined enough. Most of the time these companies do not show up and you win a default judgement of $500 the first time and I think up to $10k if they keep calling you.

Hopefully these calls stop completely soon.

National Do Not Call Registry

www.donotcall.gov

FCC says it closed a loophole that many robocallers used to evade blocking

Starting today, small carriers must use STIR/SHAKEN Caller ID authentication tech.

arstechnica.com

 

[wwillson]

No, it's not that simple.

STIR/SHAKEN works only when the entire end to end call is SIP and only when the originating and terminating end are on the same carrier. So if you place a call from you home POTS line, you are not on SIP and you get no attestation from STIR/SHAKEN. When you call from your LTE cell (SIP) to a land line or PRI, you get no attestation from STIR/SHAKEN. When you call from your LTE cell (SIP) to a LTE cell (SIP) on another carrier, you get no attestation from STIR/SHAKEN. Most tier 1 carriers don't have plans to signal STIR/SHAKEN off network for a couple years. Since TDM calls (POTS, PRI, CAS T1) are all on TDM switches that know nothing about PKI, don't plan on ever seeing attestation on a call made to/from them.

So let's say you are at work and have SIP and are calling an end station that is on the same carrier and is SIP. Your company SBC is substituting your phone number for the company vanity toll free number. Guess what, you just broke the signature in STIR/SHAKEN and your call looks like spam.

Should we rub a bit more salt in the wound? The originating end creates the attestation level (vouches for the right of the user to use the "from" number) and the far end system has to look at the attestation and decide what to do with it. There is no yes/no or black and white that signifies "is this call spam?"

STIR/SHAKEN is mostly broken now and will not get much better soon, if ever.

 

[Owen Lucas]

So let's say you are at work and have SIP and are calling an end station that is on the same carrier and is SIP. Your company SBC is substituting your phone number for the company vanity toll free number. Guess what, you just broke the signature in STIR/SHAKEN and your call looks like spam.

STIR/SHAKEN is mostly broken now and will not get much better soon, if ever.

In my experience calls did reduce significantly after the large phone companies were required to implement these standards, but did not completely go away because spammers were apparently using exempt carriers.

So do you think this recent legislation will reduce calls or will these carriers / spammer find another loophole? What can they do to skirt these rules? If these fly by night carriers were the cause then closing them down due to non compliance should fix the problem, even if the protocol is broken, don't you think?

 

[dishdude]

A lot of these probably come from overseas servers that won't comply with US law.

 

[wwillson]

In my experience calls did reduce significantly after the large phone companies were required to implement these standards, but did not completely go away because spammers were apparently using exempt carriers.

It wasn't because of STIR/SHAKEN.

There are several other solutions, like running the Hiya client, which is pretty good. My solution of enabling "block unknown callers" works 100% of the time. Spam calls never ring my phone, they are sent directly to voice mail. I uninstalled the Hiya client, because it's simply not needed.

So do you think this recent legislation will reduce calls

No, as I stated STIR/SHAKEN is broken.

If these fly by night carriers were the cause then closing them down due to non compliance should fix the problem, even if the protocol is broken, don't you think?

No. The new law says the have to comply with STIR/SHAKEN, which is broken. Let's say they do send attestation, the far end still has to decide what to do with it and the attestation isn't "this is a spam call". The lowest attestation level is "C", which means "gateway". Should the far end block every "C" call? Or, should the far end block every call that doesn't have an attestation? It's not simple and it's mostly broken.

 

[Owen Lucas]

A lot of these probably come from overseas servers that won't comply with US law.

I could be wrong but I don't think just any outside network can connect to the US phone system. This is what the FCC is for and this whole spam calling mess is most likely due to red tape and bureaucracy resulting in lack of enforcement.

Ok I found this from Consumer Reports:

"The problem is that Shaken/Stir can’t block all calls, particularly those from overseas, where the majority of robocalls originate. As a result, the FCC recently adopted new rules to target problematic overseas calls.

These rules will require that the U.S.-based phone service providers who manage international calls, known as “gateway providers,” ensure that their networks comply with Shaken/Stir and that they take additional measures to validate the identity of the traffic they are routing to the U.S.

“Gateway providers serve as a critical choke point for reducing the number of illegal robocalls received by American consumers,” the agency said in a press release announcing the new regulations. “The new rules require gateway providers to participate in robocall mitigation, including blocking efforts; take responsibility for illegal robocall campaigns on their networks; cooperate with FCC enforcement efforts; and quickly respond to efforts to trace illegal robocalls to their source.” "

The lowest attestation level is "C", which means "gateway". Should the far end block every "C" call? Or, should the far end block every call that doesn't have an attestation? It's not simple and it's mostly broken.

I don't really understand much of the technical jargon you are using but, I would like the option to at least select the level of attestation approved, without completely blocking all calls that aren't contacts since I have some time sensitive calls that need to come through.

 

[ripcord]

I don't understand all of the infrastructure involved, but I do know how easy it is to standup a VOIP (Voice Over Internet Protocol) server in the cloud. In a matter of seconds, someone can spin up an Asterisk based VOIP server on a hosting provider like Amazon AWS and be sending out calls like crazy. All you need is a ITSP (Internet telephony service provider) connection point that doesn't look too hard at your traffic. Without the cooperation of the service providers, stopping the spam callers is like trying to stamp out a an ant nest. If the heat gets too be too much, they just crash their system and spin up a new server somewhere else.

 

[wwillson]

All you need is a ITSP (Internet telephony service provider) connection point that doesn't look too hard at your traffic.

Let's say they add a "gateway" attestation and pass it to a tier 1 provider. If the attestation is received by the tier 1 (which is most likely isn't for the next couple years), then all the tier 1 is going to do is pass the attestation to the end system or station (your phone) and let the end system/station decide what to do with it. Is your phone prepared to make that decision? Broken it is....

 

[ZeeOSix]

Hopefully these calls stop completely soon.

Scammer calls, texts and emails will never stop unless you can track everone of them down physically in any country on the planet and throw them all in jail. And we all know that will never happen. Maybe it will become reduced somewhat, but it will never stop, like rust never sleeps.

 

[Owen Lucas]

Scammer calls, texts and emails will never stop unless you can track everone of them down physically in any country on the planet and throw them all in jail. And we all know that will never happen. Maybe it will become reduced somewhat, but it will never stop, like rust never sleeps.

I agree, a big reduction would be great. I used to receive 20 - 30 a week, now its about 3 to 4 a week so not too bad, but some have it worse.

I think spam texts are a whole different animal. Tt will probably take another 5 years for the FCC to do anything about that or maybe never, could be just like junk email that we will have to live with now.

 

[ZeeOSix]

I agree, a big reduction would be great. I used to receive 20 - 30 a week, now its about 3 to 4 a week so not too bad, but some have it worse.
I think spam texts are a whole different animal. Tt will probably take another 5 years for the FCC to do anything about that or maybe never, could be just like junk email that we will have to live with now.

Speaking of text scammers, I got a text a couple days ago that looked like a pretty ligitamate text from my bank saying there was some suspicious activity on my debit card. There was a link in the text and I did NOT click it, not that trusting. But it looked pretty real, I could see how someone would go for it, After I scrutinized it further, determined it was a scam. I'm sure launching the link would not have been a good thing for my phone.

 

[Lubener]

I never get spam calls or scammers because I do not give my number out to any business, hospital or entity. Only a select few have my number. They all say they keep your information private but do not believe them.

 

[Pablo]

Very informative. My number is public and on a couple of my websites. I used to have two phones when I was working for obvious reasons. Stupid calls were stupid.

I would say around 2-3 months ago ATT or something changed. I get zero and I mean NO robo/fake/etc calls or texts any more. Very nice.

 

[MParr]

“I’m from the government and here to help.”
It’s all propaganda for the masses. We all know that the Do Not Call Registry doesn’t do squat to reduce calls. Heck, I think they sell the lists to spammers.

 

[atikovi]

Charge 5 or 10 cents per call and they will just about disappear.

 

[Slow Car Sport Mode]

I have the same few numbers call me every total random time, as I have stated, general "activity" I am calling the "old normal" is increasing and all someone has to do is get a hold of that spoofer program, run it on their PC (computer? Spammers use Apple?) and have it "make calls" somehow, assigning numbers that some phones assign a location to.. Minnesota, Texas, wherever.. and, boom, calls.

They been saying no or greatly reduced Robocalls for years. Years.

I don't think it is possible.

I use an MVNO not a larger.. I get everything a larger carrier does.. to each their own.

 

[Slow Car Sport Mode]

Very informative. My number is public and on a couple of my websites. I used to have two phones when I was working for obvious reasons. Stupid calls were stupid.

I would say around 2-3 months ago ATT or something changed. I get zero and I mean NO robo/fake/etc calls or texts any more. Very nice.

Did you ever get the "Serious charges pressed on your name" call from South Carolina (?) number?

I'll agree, they have been reduced but there sure were some memorable ones.

Never really understood the point or end goal, and Google has a category, "nuisance" calls. There was the "I'm sorry, I forgot my headset" *giggle* one...
Carshield..
PTA meetings..
Premium member at hotels...
Energy savings calls..
Recordings about who knows what (that started mid-recordings)..

The Boiler Room style phone banks in India and other places have been re-adapting. People still fall for this stuff. So I'll pay the taxes in $3000 of Olive Garden gift cards, just Western Union the money to Monique in Greensboro South Carolina or some other such thing.......................

 

[Pablo]

No. Just time shares, vacations, and the madarin speaking lady droning on........

 

[Slow Car Sport Mode]

Warning Regarding Recent Scams | District of South Carolina | United States Bankruptcy Court

www.scb.uscourts.gov

 

[wwillson]

somehow, assigning numbers that some phones assign a location to.. Minnesota, Texas, wherever.. and, boom, calls.

All you have to do is replace your TN (telephone number) in the from field with whatever TN you want to display on the far end, it's called spoofing. Spoofing is not illegal, unless you are doing something illegal, then it's illegal (did you follow that )