Weird, I have a number on Google Voice and it is also the number I give out to businesses and post publicly (any people I don't personally know). The robocalls on that number have become so bad in the past year that I gave up and just turned it off so it won't ever ring through to my phone anymore. Which actually is fine, for how I'm using it, as I just go in and check it every now and then (and have email notifications turned on).
It seems like this is a problem that needs to be cut down at the source of the calls, not necessarily at the filtering stage on the receiving end. Aren't most of these robo-callers likely using the same providers/APIs?
I know Twilio doesn't explicitly allow robocallers on their platform, but it's hard to believe that a lot of them are not using Twilio or companies like it to automate their spam anyway. It seems this problem arose when automated / APIs connected to the telephone system were made, like Twilio, not way back when Bell was split up.
Is it possible you don't have "Global Spam Filtering" enabled? (I can't find the setting in the new web UI, but it's available in the legacy web UI under Settings -> Calls.)
I used Google voice for years while Google let it languish in relative obscurity.
Eventually after I realized it was silently dropping group messages because they were MMS and Google never worked on supporting MMS (images were dropped too back then) I left it for iOS and iMessage. Getting dropped from group chats meant people thought you were ignoring them and you'd miss invitations.
Google had a huge lead with voice that they wasted instead on Buzz, Allo, Talk, Hangouts which all were killed or are being killed - I wouldn't go back.
Oh man you missed the giant shitshow in the past few weeks. Google finally rolled out data calling support on their Android and iOS clients.
Google being Google completely fucked up the UX on inbound call routing. Lets say you enabled data calling to try it out because why not, they actually put something in the changelog other than 'bugs and fixes'. This will immediately break inbound calling and de-select routing calls to your phone numbers over carrier. Then if you reverted the setting to carrier, it just make it so calls went nowhere.
I've had a Google Voice number as my primary for over a decade, it took me a few days to notice none of my calls were ringing inbound. It took me over a day to figure out how to re-enable it, because you couldn't just have the line paired, you had to enable inbound calling in the app to both the phone and the app.
Google still maintains two different panels for Google Voice. This has been the case for a couple years now. Both have different features, anything important like porting and setting up voicemail manually will have to happen through 'legacy Google Voice'. It's insane.
I only recently noticed that Voice was dropping certain text messages from being forwarded so I had missed whole conversations with friends. It made me feel inconsiderate. In the meantime, I'm checking the Voice app often, but I've now started to push everyone away from my gVoice number to my actual number.
GV supports group chats/MMS now, however, you can't mute or leave a group chat, at least not with the iOS client. (Given my family's penchant for starting a group MMS for the most minor of occurrences, I'm not sure the group chat support is a blessing or a curse.)
I think that from a pure technical standpoint, you can't leave a MMS group any more than you can leave a reply-all email chain. "Leaving" a group usually just involves your phone dropping any texts it gets directed to that group.
(Obviously iMessage is different because it's not actually MMS)
The only Google service I rely on is Gmail, because it's the only Google service I can have a reasonable expectation of still being around in five years.
With the way they keep adding proprietary extensions to it, I wouldn't be so sure if it'll actually support sending email to non-gmail clients in five years.
Google Voice is actually a safer bet as there's no doubt all sorts of legal snares they'd hit if they shut it down. Bandwidth.com runs things behind the scenes and is a competent company to do business with. They'd likely have to spin it off if they wanted to discontinue it.
I'd like to know how you don't receive spam calls to your mobile # as the robo-dialers just go through the entire list of phone numbers in that area code, so you have to receive some to that device. I do the same as you but with Skype instead of GV, but my mobile # gets hosed by robo-dialers.
Because while it's a common assumption that the spam callers do this, they don't actually do this, because while robocalling is sometimes illegal, actually dialing every single number removes any/all plausible deniability if they're ever caught, and provides little/no additional benefit.
> Because while it's a common assumption that the spam callers do this, they don't actually do this
It sure looks like they do. Spammers have been calling our office lines daily (including numbers that aren't assigned to anyone and aren't given out). The spam calls come in numerical sequence. They're clearly just working through every possible phone number, in sequence.
I also have carrier-based (free) spam prevention which may prevent the POTS equivalent of a port-scan. But that wasn't enough - with GV based call screening, it's now down to near-zero.
> It's past time for Apple to integrate spam call filtering into iOS
Yes! I have 2 dozen numbers "blocked" on my iPhone but the robocalls keep coming. I wish there was a "Report Spam" (Gmail) equivalent on iOS that employed smarter rules so I didn't have to manually blocking one number at a time (that's likely a throwaway account anyway).
Yes, it’s that insecure. I used to freak out friends in the late 90s doing it, but sadly it’s not changed much and is just as easy as ever.
Twilio will even let you spoof “your own number” on their network for outbound calls as mentioned in the article. Yes, they at least verify the number is “yours” before doing it, but it’s not hard to get around that limitation either assuming you have access to the other person’s phone.
Networking of all times has been grossly permissive historically and a lot of it is still today. With a lax upstream bandwidth provider, I could even pretend to have your IP address quite effectively (well, I don’t know a way to get just yours, but I do know how to get yours and the adjoining few hundred next to you).
Sign up for any random SMS API service. You'll note that you can send SMS using anything you like as the 'from' field. There's no checks or restrictions. Same goes for voice calls in most cases.
From what I've tested, T-Mobile and Verizon will both fail to deliver SMSes that aren't originated by the carrier listed in the SMS routing for a phone # (which is wholly separate from the PSTN routing of a number, and can be a source of problems when changing cell carriers).
> Google does an amazing, world class, mind blowing, job of filtering out robo calls. I get maybe one a week at most.
Wait, really? I tried forwarding calls to my Google Voice and it seemed like almost every (though not every) spam call went through without getting flagged as spam.
Spot on, I have a cell phone that uses a different area code from the city I live in (it's actually Vegas, a city I've never lived in). Between Google Voice, and knowing that any local number is a wrong number, I don't ever have to deal with spam calls.
* How To Duck Cell Phone Taxes || https://www.forbes.com/2005/06/06/cz_sw_0606cellphone.html#2... (Not sure if this is still relevant, haven't looked at my cell phone bill in years... but never switched to a local area code since I liked the filtration side effect.)
No, it's past time for this kind of service to be regulated and taken control. It affects the whole US society, makes people less productive, less happy and less satisfied for the gain of a few.
Why is this a mainly American phenomena? How do you fix this without depending on the old whack-a-mole game of product companies adding features to fight the spam war?
I know that e-mail spam is difficult to regulate and control but other kinds of telecommunications are easier, phone calls being one just by being centralised in a few companies routing them.
If Google Voice was free for Android users sure. Its interesting I heard at a telecoms conference from Google Employees they may be focusing on making Google Voice have newer business features.
I used to use Google Voice when Sprint had a deal with them so I didnt have to pay but now that I am on T-Mobile I cant use it... But I noticed the same as soon as I lost Google Voice I started seeing many more robocalls. They might even notice patterns in same call to 500 people with no human interaction when they respond lol
I would LOVE to use my Google Voice number for just this reason. I find the sound quality to be bad no matter what mic I use. If there's a higher tier with better voice quality I can pay for that's fine. My net connection is at least 25Mbps to 65Mbps and I'm in the Seattle area. Do you have any tips on what I can do to get better quality?
I use Google Voice extensively too. The problem I often run into is a bunch of services (like Uber, and one of my credit card companies Synchrony Bank) don't accept Google Voice numbers. What do folks usually do in those cases? Are there services like google voice but don't have the non-acceptance problem?
> Are there services like google voice but don't have the non-acceptance problem?
T-Mobile DIGITS. I got a free line like a year ago, I use it when companies want to be dickbags about not accepting voip number use (because it is still one but shows up as a mobile carrier)
Oh, you mean the one that costs $10/month extra? :\ And doesn't solve the problem of already receiving spam calls...? It seems like basically just buying a new line?
You probably got it for free because you were a T-Mobile ONE Plus customer (likely already paying a lot) [1]... otherwise it's an extra $10/month. And either way it wouldn't even solve the problem of getting too much spam at your current number...
Getting STIR & SHAKEN implemented so we have proper trust of the caller ID is going to be a massive undertaking for the industry as a whole. T-Mobile and Verizon have implemented it in limited forms internally, but they have no interest in making their implementations interoperate, let alone work with the other RBOCs, CLECs and their resellers (Twilio in this case).
STIR/SHAKEN also can break call forwarding, as a forwarded call may get stripped of the forwarded from header by an intermediary carrier, resulting in an unvalidated caller ID getting passed, causing the call to not ring the destination.
Overall, the telcom industry is stuck in the past, with security being a joke. TLS Registration & SRTP are rarely used, most carriers sling calls bare over the internet hoping for the best.
The FCC has a page tracking the response by the major carriers[0].
Also, from what the FCC chair is saying, while nothing is forcing the carriers to play nicely, he is basically warning them if they don't work together to create/implement a spec to help with the problem, the FCC will force something (that probably won't be as easy to deal with). WSJ had a podcast interviewing him recently about it[1].
> the FCC will force something (that probably won't be as easy to deal with)
After the net neutrality debacle, including the FBI investigation into public comment fraud [0], I'm writing off whatever "corporate difficulty" Ajit Pai is threatening as a snowball's chance in hell. As long as he's chair, that agency is squarely in the "regulatory capture" box.
For me, it's very very rare for an incoming voice call to be a friend - 99.9% of them are from businesses, and I prioritise them accordingly. I sometimes realise my phone is on silent, and think "Oh yeah, I was out to dinner or at the movies 3 or 4 days ago, and didn't remember to turn the ringer back on..."
Does my phone know if the caller ID is STIR/SHAKEN certified? I can already send numbers that are not in my caller ID to my voicemail directly. I would love to be able to do this for the unverified callerId numbers. Maybe if enough people did it, the phone companies would have to add it to prevent their calls from hitting the trash bin.
> T-Mobile and Verizon have implemented it in limited forms internally, but they have no interest in making their implementations interoperate, let alone work with the other RBOCs, CLECs and their resellers (Twilio in this case).
Why would that be? I know nothing of STIR & SHAKEN, but if it's meant to reduce spam, I would think all legitimate operators would want it to work in an interoperable way.
This is almost certainly true, but they might make more money if (for example) one carrier's half-assed spam mitigation technology is shown to work better than a competing carrier's quarter-assed spam mitigation technology.
From the perspective of some analysts, collaborating with competitors over a technology that might otherwise be used as a competitive advantage is leaving money on the table, even if the end result is a worse situation for everyone. And from an analyst's perspective, shareholders are the company's customers, not the people who use their services. Which has a certain logic to it, but we'll see if these companies care more about their customers or their shareholders.
So let's say that I've got a network that can carry calls. I rent access by the month. The fewer calls, the less infrastructure I need to be able to handle them, but the rent doesn't change.
Why would I want spam calls on my network? Unless they're paying me by the call or something, that's the last thing I want.
SIP calls are generally billed by the minute by the carrier. Mobile calls also often have a per-minute charge by the network. That those are often sold as “all you can talk” packages is a consumer marketing bundling action, not necessarily perfectly reflective of the underlying economics.
Probably not. Most charges are done per minute of talk time. An unanswered phone call would not generate a charge. If people are unwilling to answer the phone due to a high spam volume (such as myself), they're likely losing money from the spam. I only answer the phone from known numbers or if I'm immediately expecting a call. Everything else goes to voicemail.
Carriera have an incentive to increase call acceptance, and that means cut down on the bullshit robocalls that are already illegal to cellphones, but rarely enforced.
So why aren't carriers deprioritizing/throttling/delaying inputs to their networks that are originating calls with anomalously low pickup rates? (And maybe that have implausibly diverse caller ID'S.)
Sort of how email servers blacklist servers sending them spam except they dont have to cut them off, just eg add a second or two before they pass the call on..
Depends if they're thinking short term or long term. I think I've seen numbers showing phone calls are dropping already. Increasing spam will exacerbate that.
I'm waaay past trusting that network. I tell companies to text or email me. And texting is also starting to get spammed out.
Right now, I can't even use apps like Hiya that implement prefix blocking. My method right now is to forward ALL calls to a google voice number, and those are transcribed or what-have-you. If you don't leave a message, I don't care about you.
We need a signal, at the highest of levels to basically make the decision on what's going to happen to the phone network, because honestly, a brand new system is what I expect at this point, not a patch.
Yes - a contact whitelist is all I want from iOS with two features: a button to temporarily allow all calls for 30min (for Uber/door dash) and the option to allow a second call to come through from an unknown number if it’s within 2min of the first.
All other calls should go to voicemail by default.
The way Apple allows you to interact with CallKit makes this hard to implement because a blacklist of numbers is required and a blacklist of all numbers is huge.
Isn't this exact feature available via Do Not Disturb? I have DND on 24/7, and you can quickly turn it off for Lyft/etc if needed. If you make groups within your contacts you can even hone the whitelist and can fairly quickly mod it.
DND does not direct calls to voicemail, it just keeps your phone silent and doesn't ring/vibrate while the incoming call screen is showing. I've still accidentally answered calls while in DND mode. Sometimes I just want to turn phone calls off entirely and use my phone like it's an iPod touch with a data SIM card.
Not just convenient. I’ve been in DND mode all day every day for months now, and I’ve witnessed a drastically improved overall quality of life. Mostly from the lack of texts and notifications, not just from the lack of phone calls. It has also resulted in my not being glued to my phone responding to everything. I can feel my mental health improving, and I don’t think I could go back to non-DND.
I assume dnd is no notification or signal? I have had this since high school (15 years I guess)? At the time phones weren't allowed so every day my phone had to be on silent and I never turned it off. I started working and phones weren't allowed. Then college and phones weren't allowed. I don't even know what my ring tone is and I only assume my alert messages work because my phone can play music...
That's what the retry feature is. If it's truly urgent they'll call again within a short timeframe (+3 to +300 seconds; not milliseconds like the 'try to go direct to voicemail' spam calls).
I tell this to everyone I care for as well, if I don't pick up by the third ring, hang up and dial again. (This is to skip it going to voicemail and also differentiate the behavior).
I don't expect scammers to pick up this tactic because it would double their OpEx and also make it more likely that they are targeted for actually trying to call your number with intent, rather than in error.
> I don't expect scammers to pick up this tactic because it would double their OpEx
Except my missed call log is full of back-to-back calls from random phone numbers in my prefix. Either half the folks in Metro NYC (where I haven't lived in over a decade) are calling me to report the other half got hit by a car, or this adaption has already been made.
That's neighborhood spoofing - the prefix may match, but if you're only allowing the exact same number to come through then the call would still be blocked.
>like the 'try to go direct to voicemail' spam calls
The practice of leaving messages directly on voicemail bypassing the ability for the recipient to answer is commonly referred to as "voicedrops". I know this because a client asked for my compamy to implememt this ability, using carriers API first and successive calls as a fallback. Current regulations in the US don't explictly define this the same as a call, IIRC Canada does.
Except they do this and intentionally. They call, hang up as soon as it rings, and call right back. You are deceiving yourself if you think they are going to change their habits to avoid getting caught. They don't worry about getting caught, because no one catches them. One carrier shuts them down, they pick another. There are plenty to choose from, and plenty of greedy CLECs look the other way or join in.
I think most people have learned. But every now and then, I'll get a call or text from a clueless individual. They are usually blown away to learn how my number (or a random unknown number) ended up in their call log.
> and the option to allow a second call to come through from an unknown number if it’s within 2min of the first.
They have (had? still on 10.3 which it claims is up to date) that option under the "Repeated Calls" clicky box -- allow calls if they call back within 3 minutes.
Had to turn even that off since the spammers got smart and were getting through.
I've been using GV since it was Grand Central... love it. I really hope it doesn't get killed, I'd happily pay $25-30/year just for what google voice adds over regular phone service. If they do kill it, I'll probably do a virtual PBX to get at least similar services I can control.
As an aside, I showed the email thing to a coworker pretty early on, it was pretty wild in the old days.
Related, Hangouts has started to be spammed. The spammers create a group hangout with a few dozen people, draw you into it, and then you see the welcome message. There's no blocking contacts from unknown people: rather, it seems like that was the business model of G+.
Granted, hangouts is almost gone now, but it demonstrates there's a way to spam almost anything and ruin it.
It happened a lot with AOL/AIM as well as Yahoo messenger, and even MSN messenger back in the day. To a large extent, I really miss those days... would love to see something like Yahoo messenger come back with voice chat rooms, maybe over WebRTC or similar.
Facebook Messenger is about all I use, and even then rarely... I use hangouts for mostly the occasional screen share or for SMS with my google voice acct (I don't even have my actual cell phone number memorized).
I'm actually hoping that robocalls are the downfall of the PSTN and big telcos. They are immovable monsters and have outlived their reign in this world.
Except when we provide you 4g and 5g coverage, ensure societies have working critical infrastructure to communicate peer to peer and in addition gives you a nice fiber pipe to your house and handle all the carrier dealings of broadband interconnectivity. Oh yeah and tie this all together with advanced roaming deals and functionality which connects countries around the world. It's also us who pioneer and really implement GDPR and stand in the trenches for privacy governance.
Telecoms are far from all that bad. But I understand why everyone hates their phone bill and of course agree that we need to act against predatory pricing, and such.
I am not advocating for US mobile operators. The world is vastly broader and greater - US cell phone carriers are just that, US carriers.
My argument was the economic utility which the infrastructure a telco provides to society. Both with pipes, technology and know-how of how to operate critical infrastructure 24/7.
I cannot wait for SpaceX' Starlink to become operational and we will see some disruption happening in (this) space.
Speaking of US telecoms, they are simply awful and abusive companies. Yes, they provide a critical service, but they sure do take their pound of flesh for it and constantly engage in activities that are harmful to society.
Why would you trust email? I have a few service providers who refuse to send a paper bill. I have nearly perfect credit because I always pay everything off on time, for literally decades. I have missed 2 or 3 email bills in the past year because they didn't get to me. While it's certainly possible for regular mail to go missing, my experience is that it happens orders of magnitude less frequently than losing emails. I now have to set up my own reminders to pay the companies that refuse to send me a paper bill because it's too risky to rely on them actually getting the bill to me electronically. (And I'm not giving anyone permission to withdraw money directly from my account.)
I don't get that many robocalls anymore after I signed up for https://www.donotcall.gov/ . I also make a point of reporting unwanted calls there too (I got two pretending to be from the IRS saying that I was about to be sued).
I know that people find it annoying to go through the process of reporting the call, but I consider it to be one of those things that fall under the "All that is necessary for the triumph of evil is that good men do nothing" bucket.
It'd be nice if there were donotcall.gov apps for Android and iOS though.
It's great that the DNC has worked for you, unfortunately it's not much help for me since all my robocallers are criminals trying to steal from me. Naturally, people unafraid of being arrested for fraud are unafraid of DNC fines.
I've been on the DNC for years, and a couple years ago I decided to change my number, since my old one was getting 4-5 robocalls per day, always from different numbers.
That sounds horrible. I wonder if there is a way to surrender that number to the FBI, so that they could investigate further. Even one call every other day would be too much to report manually for me in terms of effort.
I'm not really convinced this is true, because there are numbers that are categorized as robocallers, and there are others that aren't. You'd think that if they were fake then they'd be random/uniform.
Yeah but I'm not sure they're genuinely random. If you try Googling them you see that they're generally listed as robocallers. Whereas if you Google people you know, I don't think you'll see them being listed as robocallers (at least it hasn't been the case when I've tried). That suggests they don't just randomly pick numbers.
> If you try Googling them you see that they're generally listed as robocallers.
I just did a quick check of the last 10 or so I received. None of them were listed as robocallers. They were all legit phone numbers of innocent people who live in my area.
> I wonder if there is a way to surrender that number to the FBI
The number reported by caller ID is entirely meaningless and not useful in terms of investigation. They just spoof random ones from your area arbitrarily.
Sorry, I should have quantified how much (and I can no longer edit my post): two in a month has been the most in a given month, and most months are just zero. Someone else used to have my phone number as well, so I had to politely say that that person no longer has this number, but that was over six months ago now.
If you have encountered any robo callers who have please let me know.
My idea was that if the robo callers get past the simple arithmetic questions I would give them harder ones like "which of these items doesn't belong? 1) ball 2) blue 3) red 4) green?" or other SAT / standardized test questions.
Very neat! Given that an average user doesn't receive many calls a day, it would be cheaper to operate if this could be implemented completely serverless using Cloud Firestore & Cloud Functions.
I read a lot about the plague that robocalls are on international forums, especially from the U.S.
But I live in central Europe, Austria, and received only two SPAM calls in my whole life, both by what seemed to be actual human agents on the other side and hear from similar amounts from friends I've asked about the phenomena.
Can someone explain why it seems such hard to resolve problem elsewhere while it seems hardly a problem at all here? Is there a difference in infrastructure, a difference in legislature, ...?
Robocallers in the EU get meaningful fines. European telecoms providers proactively identify and block robocallers. VOIP companies that do business with robocallers lose the right to connect to the telephone network.
It's not an insurmountable problem, you just need regulators that give a damn.
The US is firmly gripped by the belief that "regulation doesn't work", and keeps electing people who try to prove that true via incompetence, cronyism and ideological malice.
Nope, turns out there is virtually no downside to making spam calls in the US, and so companies continue to do it. The spoofed numbers are just a way they implement that to get around consumer efforts to prevent it.
I'll take your word for that. But the problem is that bad regulation has created a downside for providers to block spam calls so they continue not to.
I would easily switch providers tomorrow if one of the features was "no spoofed numbers". This would be a giant market advantage if not prevented by this regulatory issue (whatever it is).
I am on T-Mobile. There was a point when most of the spam to my phone was from Scam Likely. Then the robocallers learned that this is the truth, and I get spam about my credit card and something in Chinese that isn't so flagged.
We have plenty of regulation and government attention on the issue, and I somehow doubt Congressional pockets are being lined by the campaign contributions from Big Spam.
Politicians are not being supported by the spammers themselves, but by the telecoms that do not want to make costly changes to their network to stop or enforce this problem.
This couldn’t be more obvious in our fcc chair who is basically against any kind of government regulation.
The problem is that a lot of spam callers are not based in the US, and it is incredibly time consuming and expensive to prosecute spam callers outside the US.
Carriers make money terminating the calls both in terms of using people’s cell minutes but all reciprocal compensation for terminating the call on their network. Carriers can get rid of it any time they want. Some even offer services to block the calls for a price like Att call protect.
> On a side note, it feels conspiratorial to explain failure as, "there's double agents on the inside sabotaging the effort"
There are people currently heading government agencies that lobbied or fought against those agencies. See the CFPB and EPA. It's not a conspiracy–it's reality.
Politicians underfunding programs, then suggesting we should cut or privatize them because they performed poorly, all intentionally, is a well known and mostly open fact, not a closely guarded secret conspiracy.
Maybe just the market fragmentation. For example, a lot of the robocalls in the US are trying to sell extended warranties for vehicles, student loan debt services, health/life insurance, scammy tech support, etc.
If you target the US, your sales pitch can be in one language, with roughly one set of commission paying providers, and super cheap VoIP calls. I assume that would be harder in Europe due to language, state provided services for health+education, more strict laws on loans and warranties, differing costs for local VoIP numbers, etc. You would likely have to tailor for each country.
Agreed. I experienced a bit of a culture shock moving from Northern Europe to USA. Robocalls are a real pain here in the USA and I don’t know why. I’ve learned that I should never answer a call from a number I don’t know (not that easy), but it doesn’t have to be this way.
I also get a number of text messages trying to phish me into buying drugs or sex. It’s totally nuts.
> I've learned that I should never answer a call from a number I don’t know (not that easy), but it doesn’t have to be this way.
Not only that, but you basically need to program in all the random numbers you do business with to make sure you don't miss something important. Dentist, doctor, real estate agent, mortgage officer, the random office you're only going to visit once who did your MRI.
And still, someone can just as easily spoof one of those numbers (even purely by coincidence) and you'll pick up.
Apparently in Europe you're the customer. However on this side of the Atlantic we're the product. Big difference.
It's like sitting down at a poker game and looking around the table. If you can't spot the mark, well you're the s/mark/product/g.
When I was young I would hear the saying: "The value of a business is directly related to the goodwill associated with it." I haven't heard that in a long time. But I have heard: "We don't care, we don't have to."
Proof's in the pudding: just as with universal healthcare we can't seem to get it together. All(most?) of Europe and Canada and Russia and Israel manage to pull it off. Too bad for US.
It could have something to do with data sharing, which people in the US (myself included) seem to do more of compared to e.g. those in europe (in my experience).
I get 10+ robo/spam calls a day (to the point where I just gave up on answering all unknown numbers over a year ago) but when I do answer the occasional one they seem surprisingly targeted. I was searching for health insurance a few months ago and that spawned 4-5 robocalls/day all about health insurance. I run a small business that gets ~5 calls/day about financing and a smattering of other cold robocalls about services people could provide. When I had a death in the family, I started getting robocalls about funeral services and life insurance.
I don't know why it's so hard to resolve (why isn't cold calling someone illegal?) but on a personal level it's relatively easy to mostly-resolve by screening calls and limiting your number's exposure (both online and to businesses that resell that information). Lack of regulation, enforcement on what regulations do exist, availability of numbers to buy (aided by metadata on who is on the other side of that number), and a heavier reliance on phones/calls in general (compared to my 1.5 years living in europe) seems to be the biggest driving factors.
> It could have something to do with data sharing.
Hardly. I got my first robo call (ever) within an hour of getting my first US phone number. They have been a constant annoyance for me ever since. I have never gotten a robocall outside of the US.
The overwhelming majority of the US also speaks English, which makes it really easy to hire telephone operators. And there's also large immigrant communities that do not speak well enough and are unfamiliar with and afraid of the government.
There are 38M Spanish speakers in the US compared to 8M people in all of Austria.
Maybe if each caller be required to pay a few cents per call, mass robocalling will be too expensive. Same for email spam: charge an e-stamp of a cent or two. I'd be willing to pay a bit to keep out riff raff.
Frequent callers/emailers who you register with your account can be given a discount.
Reply All had an episode that explored it: https://www.gimletmedia.com/reply-all/135-the-robocall-conun...
One reason is that a law that had existed was overturned as too broad. Another is the lax laws in the USA regarding what businesses can do with information about customers. In the episode they talk about how an app on your phone that is allowed location access may sell that information to a spam caller so that the spam caller can fake the phone number to make it appear to be coming from near you.
Counterpoint: the moment you do receive spam calls in Austria, our regulatory office is so incompetent, they'll not do anything about it. Last time their reply was "this is a VOIP number and it's already disconnected, so we cannot figure out who the caller was" ... after waiting a month before contacting the involved carriers.
Last time I went to the US, I got a phone number from MetroPCS (e.g. T-Mobile reseller). I didn't give it to anybody and started receiving 3-4 spam calls a day. They are obviously reselling the phone numbers directly, which is illegal in most countries.
You probably were assigned a phone number that had been used by someone else prior, so the number was already on all the lists.
Every time I get a new number, I end up spending a few weeks getting calls from real people to the person who had the number before it was assigned to me.
People in the US are more likely to fall for these pitches.
Maybe due to the lower average intelligence of the common dude. Just a hypothesis. This phenomenon deserves a deeper inquiry.
This is why I leave my phone on silent 24/7 (no vibrate either).
If someone from my Contacts calls me, then I see the missed call and know to call them back when I have time. However I live my life on my time, nothing is ever so important I have to drop whatever I am doing to pick up someone else's call right away. You might say, what if there was an emergency? Well how many times has someone called you about an emergency where you could actually do something about it?
Maybe some have, but I bet most haven't.
I do the same but I use DND 24/7 but with calls from contacts as the only exception - those ring as normal. I get phone calls from people I know so rarely that it's not a significant hindrance.
You send a text, receive a text or vice versa. Then you can actually arrange a call if you want to catch up. I have some friends call me, and I call them back. If they don't call me back they at least send me a message telling me when they can be free. I guess this is becoming a norm among most people.
It’s 2019. Why has Apple/Android not added the ability to reject (or at least send directly to voice mail) all calls outside of contacts, and make this the default setting?
Seems like this would solve almost all of these problems.
Have you checked lately? I can't speak for Apple but my Android (S7) and my wife's (unsure of the make) both have these types of options. My wife has all numbers not in her contacts go to voicemail. My phone just hangs up on any unknown number.
I have an app that does this but then they just leave voicemail and it's basically the same problem wasting time listening to them and deleting them again.
Interestingly, Robocall algorithms use phone numbers closer to my phone number (either real of fake) and since I live in different Area code, it is much easier to block the numbers.
Though it is not recommended to pick up the phone, I have had some success by picking up the phone, wasting the agent's time and letting them know that my car is real old and would not need extended warranty.
Same here, but unfortunately Apple provides no mechanism to do so. Even RoboKiller, a third party app, has limited success with neighborhood spoofing, as it’s called.
I’m perfectly fine with blocking the entire NNN beginning prefix of my number but there appears to be no way to do it (they can only do NNN-NNNN). RoboKiller says it’s a limitation in the iOS API they have access to.
That is interesting. I looked at my missed calls and they are all either my local area code or 866. It makes me want to swap my mobile number for one from, say, Hawaii, which I doubt I ever get a legitimate call from, then filter out that area code. Looks like it might work.
I wonder why I'm not getting this barrage of robocalls. I live in Netherland, not the US, so presumably that's why, but are robocalls not a thing in Europe? Do we not have these kind of predatory companies? Do we have surprisingly effective legislation to stop robocalls?
The only phone spam I'm getting are people trying to sell me new energy contracts (that's something that happens when you have a company for some reason), and tons of British recruiters trying to get me to work in Belgium or Germany for some reason. Very rarely, I get a tech support call from Microsoft India. But always it's real people, not a robocall.
In The Netherlands there's strict regulation for unsolicited calls [1]. I used to work in a company active in the field of call management and in my experience this is strictly adhered to, the fines are pretty big and will be handed out, so any (well, maybe most) Dutch company involved in this manages this carefully. The maximum fine is €450,000, which seems big enough to work as a deterrent.
Yes, they are a thing in Europe too. It's not just to do with entering numbers in "sketchy" websites. It's who resold or leaked your details, what apps you have installed on your phone, or if you were just unlucky.
They are trying to get vaguely smart too - whereas before a number would call from quite far away, so you could assume it was a robocaller. Now, they can be close to your location, which is a bit spooky.
It's apparently easy to get my phone number from the Chamber of Commerce, which is where those energy peddlers get it. Seems like an easy source of phone numbers for robocallers too. And it's not like I'm very careful with my phone number; I've entered it on tons of websites.
Still no robocallers for me. Maybe European data protection measures do work.
You can only call someone if they (indirectly) got the number from you. They are _not_ allowed to dial every number and it has to be done by a human, which works the same as an e-mail costing €0,05: it isn't worth it anymore.
But it being illegal doesn't guarantee a thing if it can be done cheaply and difficult to trace, possibly from abroad. That it doesn't happen means it's not just illegal, but enforced in an effective way.
All I really want to do is allow calls through to my phone that are stored in my contacts. If they're not in my contacts, I'd prefer not to be notified and have it sent to voicemail.
One problem is they can easily spoof the number. I've received 2 calls from Bank of America's 800 number, that weren't actually from Bank of America (they were pretending there was a problem with my account...phishing for info...). They were in my address book, and showed up as such. You can't trust caller ID. They might not have your friends phone numbers, but you probably also have other major institutions that you trust in there as well.
The fact that it is not perfect is pretty irrelevant to the need for this kind of basic functionality. I'm going to assume iPhone here because I'd be surprised if Android doesn't have this capability.
Andoird does. I think they added it in Lolipop about 5 years ago (only allowing calls/notifications from contacts). You have to set up do not disturb and then go and make exceptions for contacts.
The solution to this is never give out any PII when receiving a call. Ask what theyre calling about, then hang up and dial back. Yeah, you enter the hours long call queue, but you're not giving out your info to a potential spoofer. Also, don't call the number they give you on the phone. Look up the number for your bank (usually easy enough to find on the back of your debit/credit card). Same is true for any organization that potentially has info that could be used for identity theft. Hang up and call them back independently.
I just never answer calls or listen to voicemail anymore. I use WhatsApp etc. and give folks that ID. Maybe in a few years the phone companies will implement some of cool stuff mentioned in the article but until then phone calls from everyone are blacklisted.
Great article, but I jumped there hoping that Twilio had a solution to offer. Not yet, it seems.
I've been pestered by Robocalls for the last few years. Lately, I did the mistake of shopping online for health insurance, and signing up with a provider (I ended up not purchasing it from them). Since then (three weeks ago), I've received ~20 calls per day, half of it from robots, half from humans.
These people should f*ing go to jail. All of them.
The death penalty for robocalls coming from inside the US, and drone strikes and extraordinary rendition for robocalls originating outside the US are out of the question, right?
But seriously, why is it so difficult to eliminate these robocalls. Each operation has to have employees, a call center (to handle the marks), payment processing, etc. It seems like a very easy target.
A lot of these robocall call centers are operating illegally in foreign countries that skirt their own laws, with export partners within the US that pop up and disappear quicker than the government can than they can be hunted. If you are interested there is a really good podcast by Reply All about tracking down one in person. Episode #102 and #103, some of their best stuff to be frank.
I disagree with the solution. A simple App that send to voicemail numbers not in my contacts will be far than enough. And it won’t require to change the whole infrastructure!
You can already do this in iOS. Set your phone on Do Not Disturb and then in the iOS settings tell it to allow numbers in your contact list to get through even when DND is on.
I've never received a robocall and the whole thing seems dystopian. Is it something uniquely American? Is there EU legislation that prevents this, such as the "don't call me" register (bel me niet register)? I'm not on that, though. General anti-spam laws then? (Since it's unsolicited commercial communications directed at consumers). Genuinely curious what's different.
Canada and the USA also have national Do Not Call laws, and telemarketers are not allowed to cold call numbers that are on the list (in Canada, there are certain exceptions such as local newspapers selling subscriptions, charities soliciting donations, and companies that do telephone surveys, e.g. Ipsos-Reid). It works, too, because I never, ever receive legit telemarketing calls.
But the DNC list doesn't do anything to stop phishing/scam calls because apparently criminals don't care about DNC laws (obviously). They always spoof local numbers, but never have a caller ID name. This means I can pretty safely ignore all calls without caller ID names, unless I'm expecting a call.
The problem is, these scammers spam voicemail inboxes too, and on my phone and carrier (Android on Koodo in Canada) the only way to dismiss the "New Voicemail" notification is to call my voicemail number and listen to it. I don't care about voicemail, so I disabled it.
Seems like this is much worse in the US - I've had the same number in the UK since 2000 and not had a robocall EVER. The occasional human spam call comes in (like once every two or three months) but I tend to just hang up and usually Google offers to block them (my Pixel 2 has the spam call blocker built in)
If it is an area code outside of 4-5 I block it. If it isn't in my phonebook but in that range, I check the voicemail then 99 percent of the time I block it. Sometimes I answer and mess with the caller to waste their energy and ruin their numbers.
What irritates me is the spoofing of numbers. That should be a felony and charged in criminal court. They steal real people's numbers briefly in my experience. Either arrest and throw the person calling in prison or blacklist that Carrier.
And fine the carrier you use for allowing it to even happen.
EDIT: on a side note you are not able to block Texas and Florida. I could block those two entire states without worries and I'd receive a lot less calls.
I have resorted to using DND mode as a whitelist. If a caller does not identify with a number in my contacts list, the phone doesn't ring. I feel whitelisting is the only thing that's going to stop the calls... extreme or not.
BTW, in Russia labor is cheap so spam phone calls are usually done by people, not robots. I have to keep phone always in silent mode due to lots of such spam, sometimes 2-3 calls per day from different companies.
As usual, it's not that complicated, and it's not that simple.
The simple solution would be for the network providers to validate the caller ID numbers for its subscribers, but that requires changes to punish the ones that don't do it.
I've worked with telephony for 15 years and I know the big providers do this for most common telecom protocols, but VoIP providers tend to be more lax. But that's where they shouldn't, and the ones that break this shouldn't be allowed on the network.
Yeah, but they can at least do the following things:
- Don't connect calls coming from numbers they own that they have not assigned
- Don't connect calls from a number to itself (my wife recently received a phone call from "herself". Then she received 20 more phone calls from irate people sure that she spammed them)
- Don't connect calls where the calling number is coming from an invalid area code or LATA
- Don't connect calls where the calling number is a string of only digits. There are no people or businesses with this type of name, most likely.
This would solve between 10-50% of the spam calls I get, I'm pretty sure.
I use Robokiller on iOS -- it screens the calls and answers spam with prerecorded scripts paced to match response times and then sends me the recording of the interaction.
What strikes me with robocalls that leave messages - they cut off by "talking" too early so I cannot identify who they are, yet if I answer, I get nothing but silence if I answer with "Hello? Hello?" Calm and slowly paced. That's my personal rule. I say hello slowly twice, and if theres silence, I hang up. Dont care if I start to hear a connection as I'm going to hang up. You called me, have someone on the line. My time is worth money to me. I am not amswering the phone to be put on hold for the next representative. Fuck off and call me when you have someone ready to talk to me.
I generally don't answer any number that's not in my contacts. If I don't know who it is they can leave a message or I'll look up the number and block it proactively.
I've solved the robocall problem personally, by simply not answering my phone.
I'll answer the call if I'm expecting one, if it's from someone who has texted me that they're going to call (this covers 99% of the legit calls I get), or if it's from one of a very tiny number of people who might call me due to an emergency.
Otherwise, it goes straight to voicemail and (thanks to Tasker) doesn't even make my phone ring.
> FCC Chairman Ajit Pai explains the importance of the FCC's proposed new rules banning illegal spoofed text messages and international calls. The proposed rules would enable the agency to address consumer concerns about unwanted text messages and scam calls from overseas.
I am guessing that the direction this is heading in is twilio somehow coming up with a solution that they can implement and sell to someone. Maybe the multi part blog post is part of the way to gather thoughts in order to learn more and incorporate ideas and reactions from people.
Maybe there ought to be a robocall service for ~anonymously targeting the callback numbers provided in robocalls. Many years ago, I setup an autodialer to hit an 800 number provided by a persistent robocaller. And pretty soon, they stopped calling me.
I get none, our house has an asterisk box that does voicemail and provides individual VM for everyone at home - it means that anyone calling in has to dial a single digit extension, I haven't had a robocall in years
I'd love to take the robo-callers on a long winding road to nowhere. Is there a conversational AI robo-answering app based on something like Google Duplex? If not, should I build one?
I consider articles like this, which don't answer the point in the title, and then say you have to wait for Part 2 to presumably get the answer, no better than Robocalls and spam.
Also, I've had success running Calls Blacklist (app) on my android phone - it's set up so that it will block any call that's not from one of my contacts. I haven't had a spam call since I started using it.
The point of the article is that the phone numbers that robocalls come from are trivially spoofed. So, it's plausible that these are real people's phones being spoofed, and it would be quite rude to them to publish their phone numbers in a way that could be read as indicating the number is a robot.
No. When you get a spam call, the caller ID is often not random. It's usually the number of some other person on the spam caller's list of people to call, often someone from your same area code. That way, you see a call from your area code and are more likely to answer it. If you get upset and call it back, you won't be calling the spammer. You'll be calling some other innocent victim of the spammer.
Most of the time the caller id shares the same area code and first 3 digits of the recipient's phone number. Many times the last 4 digits are the same just in a different order.
Because spammers populate the caller ID with other people's phone numbers. For example, a spammer might make the caller ID show your (or my) phone number. The caller ID that shows up when a spammer calls you is usually useless.
Over the past year or so I've received two or three irate phonecalls from people telling at me to stop robocalling them, unaware that my number had been spoofed.
In theory, since the numbers are essentially made up for each outbound call, the combination of spoof source numbers and call times would be enough for some robocaller/s to correlate with their outbound call logs and discover which number it was that they dialled that reached the CEO of Twilio. That seems like useful info?
In fact the timestamps and partial numbers are probably good enough for that.
Sounds like a technical solution for a problem that just needs regulation and laws. I'm in Germany. I never had a ad/scam call on my cellphone number in basically 20 years. I get some kind of poll call every two months on my landline number. That's all.
We do have laws, but they cannot be easily enforced because many of the scams originate in foreign countries who proxy to VOIP providers in the US to make the calls. Some of them, like the Microsoft scam, even conscript unwitting people into the job and/or threaten them to do it, while telling them that it's not a scam because everyone in the US is rich and don't need all that money. Maybe Germany just isn't a desirable target for them.
Don't quote me on this, but I do believe there are regulations and laws preventing this - but just as the article states they are impossible to enforce given our current infrastructure. Fines are meaningless to a blackhat organization doing spoof calls over VoIP somewhere in India.
Last Week with John Oliver & Reply All both went into details with there most recent episodes, but something changed in federal policy with the Do Not Call list.
It has gone on all of my business cards. It's at the bottom of every email. I put it on my website.
Google does an amazing, world class, mind blowing, job of filtering out robo calls. I get maybe one a week at most.
I get more calls direct to my cell number from random call bots that hit every number with mobile carriers than I do through my Google Voice number.
It's past time for Apple to integrate spam call filtering into iOS and Android users have no excuse for not using Google Voice.