Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Businesses Communications

Robocallers Win Even if You Don't Answer (wsj.com) 153

Sarah Krouse, reporting for WSJ: Caller ID is feeding one of the very problems it was developed to stop: junk calls. Illegitimate robocallers, or outfits that flood American landlines with marketing calls, use the decades-old identification system to make money, even when no one picks up. While scammers' biggest paydays come from tricking victims into handing over credit card or bank account information, many robocallers make incremental cash along the way, thanks to little-known databases that try to identify who is calling.

Each time a caller's name is displayed, phone companies pay small fees -- typically fractions of pennies -- to databases that store such records. Some of these fees are handed back to the caller. With millions of automated calls a day, the amounts can add up. "It's slow nickels, not fast dimes" for scammers, but it helps offset the costs of making the calls, said Aaron Woolfson, president of TelSwitch, a company that licenses out telecommunications-billing software.

Robocallers Win Even if You Don't Answer

Comments Filter:
  • by mapkinase ( 958129 ) on Wednesday June 06, 2018 @03:12AM (#56735358) Homepage Journal

    One just need to apply it. Make a poster boy from one of the robocallers. Feed him to alligators, hang him on a Time Square, do something memorable with these invasive pests.

    Humanity and dignity cannot be achieved without dehumanizing and removing any shred of dignity from the worst.

    Weed out the weaklings, clean up the city

    Put on your black shirts.

    • by dgatwood ( 11270 )

      We tried to hang one in a time cube once, but it turned out that the day really is split into four days, and the guy just ended up in one of the other three.

    • by sjames ( 1099 ) on Wednesday June 06, 2018 @04:00AM (#56735436) Homepage Journal

      Require real caller ID. It's not like the phone company doesn't know who to bill. Set up *?? to report a do-not-call violation. If a particular number racks up enough of those, launch a full investigation. If the phone company lets a spoofed caller id get through and it is reported to do-not-call, they either figure out who really called or pay the fine themselves.

      Before someone complains, allow any extension to report the main number as a caller ID. Allow 3rd parties to use a company's name and number IFF the company signs in blood that the 3rd party is a duly contracted representative and takes responsibility for any violations. Or they can use a reflector to make the calls actually originate from them.

      If a foreign phone company won't comply, reject all of it's caller id info and change the id to "caller from [country]" OR just stop accepting calls from that carrier until they change their ways.

      We're already to the point that many people don't even bother to answer their phones anymore. If this isn't brought under control soon we'll start seeing cellphones that do internet ONLY. and the telephone will be dead.

      • by tlhIngan ( 30335 ) <slashdot@@@worf...net> on Wednesday June 06, 2018 @04:14AM (#56735456)

        Require real caller ID. It's not like the phone company doesn't know who to bill.

        Except it won't work. One reason for spoofing the number is simple - many PBX systems at an office have lines that are dynamically assigned - if you call out, the PBX picks a free line and connects your call to it. Those lines will have numbers associated with them, but you can't call them because they're not valid DID or hunting line numbers. So the PBX tells the phone company to spoof either the DID number or the main phone number. (Likewise, when a DID or main line call comes in, the phone company picks a line and tells the PBX which number it's for).

        No, what you REALLY want is phone companies to do the same thing most ISPs do now - source IP verification. As in the spoofed number they get must be associated with the group of phone lines it's coming from - so an office can hand out spoofed numbers properly, but they can only hand out numbers they actually own.

        The only problem now is VoIP providers who rightfully have to spoof numbers to indicate who is really calling - again, they buy a huge clump of lines and those numbers are inappropriate for the calling party. And the problem is the database of valid phone numbers from those VoIP providers can be rather big to do a number verification. (Plus, it's just as easy for robocallers to sign up, wear out the number, abandon the account and sign up again). What may help is if the phone company could put like a "VoIP: Provider: Name" to the caller ID, so you'd get "VoIP: Vonage: John Smith"

        • by sjames ( 1099 ) on Wednesday June 06, 2018 @04:24AM (#56735462) Homepage Journal

          At least do me the courtesy of reading the whole damned post. It wasn't that long. It wasn't even as long as yours. In particular, read the second damned paragraph again and again until you see that I answered your concern before you even raised it AND proposed the solution you suggested.

          As for voip, it's on them to either provide proper caller ID or pay the fines themselves (see 1st paragraph) or if they are not in FTC jurisdiction, see 3rd paragraph.

        • But we do this already today. Pretty much everything you and the GP posted. The main problem is:
          "Plus, it's just as easy for robocallers to sign up, wear out the number, abandon the account and sign up again."

          It's too costly and slows down business transactions to do a full background check and audit trail to vet out all the spammers. Imagine it takes a month to get residential telephone or cell phone.

          Plus the total number of spammers is a really really small number compared to the legitimate customers sign

          • by Wycliffe ( 116160 ) on Wednesday June 06, 2018 @07:45AM (#56735904) Homepage

            It's too costly and slows down business transactions to do a full background check and audit trail to vet out all the spammers. Imagine it takes a month to get residential telephone or cell phone. Plus the total number of spammers is a really really small number compared to the legitimate customers signing up. This small percentage makes all those calls.

            It might be a small percentage making the calls but it's approaching 85% of the calls I receive and most of my friends receive. I would be willing to pay the $25 and wait the 30 days to get a phone if it meant that it reduced the number of phone calls I received by 85%.

            Another possible option if the phone company is just too archaic is to implement 2FA. If I could sign up for a service where everyone who calls me has to type a code received by text, I would sign up tomorrow. You have a spoofed number, you don't receive the text and you can't get thru. Calling from a landline or voip that can't receive texts, too bad, call me from your verified cell phone or contact me in another way. Most legitimate businesses don't actually call you anymore anyways. Most of my legitimate calls are from other cell phones.

            • I agree with the 2FA like solutions. My original point was that it's rather difficult to do it centrally without collateral damage; not to mention there is very little financial incentive for the players. But a distributed model would work.

              Personally, I like white & black lists. If you are not on it, you go to VM. I will call you back/whitelist you. Message 4 seconds, no notification to user. If I blacklist you, then you get a "Subscriber not found" message. I should be able to do wildcard based white/b

              • by mark-t ( 151149 )

                And what do you do if you had intended to accept calls from unlisted parties where no identifying information is transmitted?

                All you can do is not answer the phone, forcing the caller to leave a message (which a robocaller will often do, filling up space on your voice mail and taking up just as much time to purge it as it would to answer the phone and hang up), whereas plenty of human callers may end up not leaving a message at all because of a preference for full duplex communication.

                • All you can do is not answer the phone, forcing the caller to leave a message (which a robocaller will often do, filling up space on your voice mail and taking up just as much time to purge it as it would to answer the phone and hang up), whereas plenty of human callers may end up not leaving a message at all because of a preference for full duplex communication.

                  There is an easy solution to this. Turn off your voicemail and have a message saying to send you a text. This eliminates most spammers and prevents you from having to spend time trying to decipher a voicemail. It's faster to read a text than listen to a voicemail and it has the added advantage that texting laws are much more strict so spammers are less likely text you and there is more recourse if they do.

                  • by Anonymous Coward
                    This also eliminates any legitimate phone communication from a number you don't recognize that might be a landline or a business. The office I work at has an 800 number and a local number, but when we call out, it's the local number that shows, not the 800. I can't text people from the local number (although I can text from another number...only way our system could handle the one-on-one interactions) so your solution is easy, but only for person to person communication, not business to person or even per
                  • Turn off your voicemail and have a message saying to send you a text.

                    No good... it blocks anyone who is calling from a landline and has no ability to text.

                    This eliminates most spammers and prevents you from having to spend time trying to decipher a voicemail.

                    It also eliminates people who hang up as soon as they hear a recording because they happen to be uncomfortable talking to what they know is a machine. The fact that they wouldn't have to leave a message is irrelevant because they haven't listened that far.

            • If I could sign up for a service where everyone who calls me has to type a code received by text, I would sign up tomorrow. You have a spoofed number, you don't receive the text and you can't get thru. Calling from a landline or voip that can't receive texts, too bad, call me from your verified cell phone or contact me in another way. Most legitimate businesses don't actually call you anymore anyways. Most of my legitimate calls are from other cell phones.

              I remember (vaguely) a service where the caller had to enter a number or say their name to get through, which pretty much eliminated rob-callers. One issue with 2FA is political calls - Congress exempts themselves from laws against robocalling and will still ant to be able to robocall you to let you know their opponent is laying scumbag who beats their dog and masticates in public...

          • by sjames ( 1099 )

            It's too costly and slows down business transactions to do a full background check and audit trail to vet out all the spammers. Imagine it takes a month to get residential telephone or cell phone.

            They've been doing it from the beginning. Think about it, they know exactly where to send the bill and they already require some assurance that you can and will pay the bill. If it's a pre-paid burner, they at least know it's a pre-paid burner. If you don't pay the bill, they somehow manage to figure out what SIM to deactivate or what line to disconnect, even if it's pre-paid. If A corp is leasing 1000 lines, they know exactly which lines those are and exactly what phone numbers they might plausibly (legiti

        • He literally covered this in the second paragraph, starting with the words "Before anyone complains" clearly anticipating that this would be something Slashdot's army of Actuallys would need an answer to. The response you wrote out is not only longer than the paragraph you skipped, but the entirety of his message.
        • by Bert64 ( 520050 )

          Phone companies already can, and in most cases do restrict your outbound CLI to a group of pre approved numbers. So although you might have 50 lines and technically each of those has its own number, you might also have 100 numbers but make most calls go out displaying the main switchboard number which is on all your advertising etc.

          Actually filtering spoofed CLI is much harder due to number portability and roaming etc. Numbers aren't allocated in predictable prefixes to specific telcos, any number could be

          • Well, that's good to hear, that means the current plague of people spoofing caller ID numbers must exist only in our imaginations and the GP's suggestions are completely unnecessary. When I got a call the other day from 000 000 0000 it was clearly from someone who really owned that number, I'm guessing it must have been one of Alexander Graham Bell's descendants, am I right?

          • by green1 ( 322787 ) on Wednesday June 06, 2018 @10:10AM (#56736548)

            complete BS.

            Almost all of these calls come from overseas call centers, and yet every single one is spoofing my own local area code and even local exchange prefix (they hope you'll think it's someone nearby calling and actually pick up). It's pretty obvious that not only is this outside the realm of "number portability", I can also guarantee that they are spoofing numbers that are from a completely different telco than they are calling from, probably even numbers from the telco they are calling in to.

            I can't even imagine how much incompetence would be required not to be able to filter out CID coming from outside your network that claims to be coming from inside it. This has absolutely nothing to do with "can't" it's entirely "won't". The sad truth of the matter is that telephone companies are paid to process phone calls. They have no financial incentive to reduce the number of calls on their network.

            • by johanw ( 1001493 )

              Force telecoms to allow customers to block entire countries would help. Block India and Mexico and most of these calls are gone.

              • by green1 ( 322787 )

                They aren't even willing to honestly tell you what country it was (passing on known fraudulent CID) why would they let you block entire countries? Keep in mind that long distance is still the biggest cash cow for telecoms. They don't want to discourage any use of it.

              • by Bert64 ( 520050 )

                How would they know the originating country?
                Telcos are not all directly connected, there are often intermediate telcos - and telcos which operate in multiple countries...

            • THIS. It's kind of like IBM during WW2, selling to both the Allies and the Nazis. Most corporations will take a dollar from Satan. With this robocall spam, bet your arse the telco's are padding their profits and will be loth to do anything that costs them even this ill-gotten filthy lucre. The solution has to be legislative as well as technological. As far as the former, don't hold your breath.
            • by Bert64 ( 520050 )

              There are millions of possible phone numbers, and thanks to number portability and roaming you can't easily aggregate the numbers. You'd need to hold a huge database, and perform a lookup each time a call comes through to verify that it's coming in from a peering connection with the correct telco. You'd also need to keep track of intermediate telcos routing the calls between yourself and any other telcos to which you aren't directly connected, not to mention handling cases where an outage results in calls b

              • by green1 ( 322787 )

                I disagree with you on almost every point, except the part where you state that it would mean a reduction in revenue for the telco. That part is real.

                The rest is complete hogwash. And that's coming from someone who works for a telco.

                You don't think they already have a database and perform a lookup each time a call comes through? They do manage to bill the right person despite it being SOOOOOO difficult to figure out who's calling.

                There may be millions of possible phone numbers, but telcos know which network

                • by Bert64 ( 520050 )

                  When a call comes in from a link to another telco your telco doesn't bill the end user, they bill the peering telco. Your local telco doesn't know or care which of the peering telco's customers originated the call, and the call could have come into that telco via another peering link.
                  Each telco can only bill the lines which are directly connected to it, they in turn can bill along the chain until reaching the end customer.

                  CID is left to the carrier, with most telcos end user lines won't have the ability to

                  • by green1 ( 322787 )

                    So they bill the peering telco, but they still can't figure out that the number that peering telco is claiming is from WITHIN THEIR OWN NETWORK???

                    Sorry, I don't buy that level of incompetence as a technical defence. There is zero excuse why the CID of a calling party should EVER show as my own number, or a spoofed number from my local area which is served exclusively by my own carrier.

          • by swb ( 14022 ) on Wednesday June 06, 2018 @10:57AM (#56736800)

            Number portability means there is a database made available to telcos so they know where to route calls. "It's hard" was their principal objection to number portability, they wanted the simpler and less intensive route maps where telcos owned entire exchanges and could route calls with less effort and maintenance.

            But now that we have number portability, telcos should be able to use that same database to determine if calling party identification actually matches the origin of the call. Businesses with PBXs and DID blocks should already be in this, as should the numbers associated with their trunks.

            Bottom line is that they just don't want to, probably because of money changing hands someplace.

            Either they don't want to annoy a service provider client with a huge set of trunks who could pretty easily find some other carrier to provide them with trunks or they're getting per-termination fees from the inbound source and don't want to disrupt them.

        • "And the problem is the database of valid phone numbers from those VoIP providers can be rather big to do a number verification. "

          The providers know who to bill... but somehow they don't know what ID to apply.

      • >> We're already to the point that many people don't even bother to answer their phones anymore. If this isn't brought under control soon we'll start seeing cellphones that do internet ONLY. and the telephone will be dead.

        Isn't it already? How often do you type a number to call or text (similar to typing in IP address to read a web page)?

      • by johanw ( 1001493 )

        > If this isn't brought under control soon we'll start seeing cellphones that do internet ONLY. and the telephone will be dead.

        And why would this be this is bad? Phone companies are clearly not interested in blocking this, let them become dumb datapipes. I can call someone with Signal, WhatsApp, Viber, Telegram and a bunch of others if I want. Those companies do act against spam. And the added advantage is that the NSA and FBI can't listen in. Trump might have liked the situation where overzealous FBI a

    • by gtall ( 79522 )

      Yep...though the only problem is figuring out who the bad guys are...maybe we just need to ask them before stringing them up? Yes? Why don't you develop a Guilt-O-Meter and get back to us. Since you seem to have such a complete and full understanding of the situation, it should only take you, what, an afternoon?

    • by dehumanizing people? You might be over reacting just a _tad_ bit. Ignoring that these are nowhere's near the worst humanity has to offer (they're not even in the same zip code as guys like Hitler & Stalin) you threw in some disturbing tripe about weeding out the weaklings (speaking of Hitler...). Is this the kind of stuff that gets modded +5 on /. now? I mean, I know we're not supposed to complain about the mods, but seriously?
      • > I mean, I know we're not supposed to complain about the mods, but seriously?

        Actually, you are. It's even institutionalized in the form of meta-moderation feature. You probably haven't heard about it because you are an imbecile reddit reject who never even got a chance to get to that feature.

  • by alzoron ( 210577 ) on Wednesday June 06, 2018 @03:35AM (#56735400) Journal

    The article is apparently submitted by: "Sarah Krouse, reporting for WSJ:" and there's no link to a non-paywalled source. At least have the decency to mark this as a paid promotion if that's what it is.

  • by hyades1 ( 1149581 ) <hyades1@hotmail.com> on Wednesday June 06, 2018 @03:46AM (#56735416)

    It should be legal to hunt them...no season, no limit. In fact, there should be a bounty.

    • by dwywit ( 1109409 )

      Legitimate charity calls get my polite attention and perhaps even the purchase of a lottery ticket - I once won a "consolation prize" from the local rural fire brigade, and that made me happy*

      Scammers get trolled (personal best was 20 minutes and ended with "Mike" from "Windows Technical Department" screaming at me), political "vote for me, opposition candidate is a scumbag" calls have exactly the opposite of the desired effect, and surveys generally are accepted.

      But yes, scammers should be hunted down, tar

  • Simple answer (Score:4, Insightful)

    by imidan ( 559239 ) on Wednesday June 06, 2018 @05:19AM (#56735558)

    phone companies pay small fees -- typically fractions of pennies -- to databases that store such records. Some of these fees are handed back to the caller.

    Knowing nothing else about the problem, I suggest that phone companies stop contracting with databases that hand fees back to the caller, or else make it hurt. If AT&T and Verizon declare a new policy to pay their fee less an amount equivalent to whatever the database hands back to the caller, the practice will end double quick. The database suddenly gets a big incentive to stop those kickbacks, and the profit motive for the scammers dries up. This, without any loss of income on the part of the phone company. The databases can't exist without the patronage of the phone company, so the phone company has a lot of power.

    • The databases can't exist without the patronage of the phone company, so the phone company has a lot of power.

      Not only this but the database is mostly obsolete. I haven't had a cell phone that used the callerid database for probably 10 years. It shows the name if they are in my contactlist but not the name of people not in my cellphone's local contactlist. I'm assuming callerid might still be used for landlines but who has landlines these days? Everybody I know uses cellphones for personal and voip/pbx for businesses.

  • It doesn't even work (Score:5, Informative)

    by imidan ( 559239 ) on Wednesday June 06, 2018 @05:25AM (#56735564)
    I can't read the article because of the paywall. But I can say I don't even see any caller ID information for 99% of the spam calls I get. All I see is a phone number. It's usually a fake phone number (I assume because it's my area code and prefix plus a random 4), but there's no name associated with it. If my phone company is paying anyone money for the "service" of displaying a fake phone number to me when I get a call, then maybe they should rethink that.
    • by nten ( 709128 )

      It sounds like that is exactly what is happening though. I only get numbered spam. Also, I seem to get less than my friends and family. I think it is because my number lists as a landline instead of a cell. But that is just speculation. I don't get spam texts either, or is that still a thing?

      • by imidan ( 559239 )
        I believe I've gotten a few spam texts over the years, but so few that I could probably count them on my fingers. I get a lot fewer spam calls these days, also. I used to get two spam calls every day. One of them was reliably at 7:30 in the morning. A loud ship's horn and then "This is your captain speaking..." which went on to suggest I'd won a cruise. The other was notifying me that the warranty on my car had or was about to expire (my car was around 15 years old at the time, and had never had any warrant
    • by antdude ( 79039 )

      Interesting. I see Caller IDs on landlines most of the times from robocallers.

  • This is a very similar business model to online display advertising click fraud. They are causing hits on a service that then pays themselves per-hit from someone else's money.

    The remedies are similar too: look for outlier usage patterns and terminate the contracts of those people.

    • As long as the losses are small enough, spammers will persist. They don't have to make a profit, and in the long term usually do not. Their clients have to _believe_ they can help make a profit, enough for the spammer to invest in the work of spamming. This caller-id cost recovery is, I'm afraid, merely a reduction in operating costs for the spammer: it's not a profit center. As such, reducing its abuse seems unlikely to make any significant change in spam.

  • Robocalls make tons of calls, one after another or many in parallel. Once a phone company identifies the caller, why not cache that information, even just for 24hrs? One fee per phone company per day isn't going to make any robocallers rich.

  • by gdr ( 107158 ) on Wednesday June 06, 2018 @07:18AM (#56735820)
    The headline says "Robocallers Win Even if You Don't Answer". Summary says "it helps offset the costs of making the calls". So if you don't answer (and therefore the scammer doesn't get any money from you) the scammer makes a loss on the call, they don't "Win".
    • by PPH ( 736903 )

      Sounds like when you receive a call and you have caller ID, a lookup is done in some third part database. Paid for by your phone company. The payment is split between the database owner and the caller.\

      My VoIP line displays the calling number, but no further identifying information. So I imagine that no db search fee is being paid. I can maintain my own whitelist of people I know and the rest just remain unknown.

    • So if you don't answer (and therefore the scammer doesn't get any money from you) the scammer makes a loss on the call, they don't "Win".

      What about answering machines?

  • 'Hello? 911? I'm betrayed by the boyfriend, he is a fraud and deceives people for money, block his number.' So it will be, or what?
  • Next time you get a scam caller, pick it up. Talk to them. Play along. See how long you can keep them on the line before letting them know you are just wasting their time ("Feel free to call back whenever you want me to waste more of your time!").

    The biggest expense for telemarketing scams is having a live person talk to you. And if they get no money from you, that time spent talking to you is completely wasted. If enough people do this, the scam becomes unprofitable, and the scammers give up. Their o

    • This used to work, but not any more for the egregious offenders. It only hurts the "legitimate" call centers trying to renew your paper subscription or some other menial task.

      The robocallers have bots on the other end, and drop most of the calls they make anyway.

      • It should be easy enough to tell within 5 seconds if a telemarketer is legitimate or not. If they are trying to renew your paper subscription, just tell them no thanks and ask them to take you off their list. If they are "Calling from Microsoft because we noticed a virus on your computer", then go nuts.

        Any legitimate cold calls should be honoring the national do not call registry anyways.

        • Nobody honors the do not call list anymore. This on my cell phone as well.

        • by green1 ( 322787 )

          Any legitimate cold calls should be honoring the national do not call registry anyways.

          You're funny.

          To start with, half the world is exempt from that, specifically the worst offenders (political parties and charities), and in my country for some inexplicable reason, newspapers are also exempt.

          But beyond that, even "legitimate" businesses still call me all the time (assuming you can call furnace and duct cleaning companies legitimate, as those seem to be the bulk of the non-exempt callers that get through to me,) I do however report all of them to our national regulator, and surprisingly, I ev

    • There is a website like that (Youtube). There are entire channels devoted to that. Search for "lenny robocall" for some hilarious ones.
  • In a world where we need toys that bench real fire, we also need robocallers. Everyone has a right to profit after all.
  • This is as ugly as the toll-free COCOT scams of the 90s. Is there no escape?

  • Making money? (Score:4, Insightful)

    by tomservo84 ( 990233 ) on Wednesday June 06, 2018 @10:03AM (#56736508)
    So, can I just call one of my cell phones from my landline millions of times and start making money? WTF is this? Why does the caller make anything?
  • If it cost 10 cents (or some small amount) to place a call, robocalls would greatly be reduced. Provide an option for the receiver of the call to press a key to cancel the charge so legitimate person to person calls don't have to cost the caller. Use the money to support universal service, E911, charity, or whatever.
  • 1) Set aside an entire IPv6/32 prefix for North American VoIP (and other prefixes, for other regions). Instead of today's 10-digit phone numbers, you'd get a /64 prefix to subdelegate to yourself as you like... give everyone who calls you a unique 128-bit number, via some API that simultaneously whitelists incoming calls to that number and identifies them to you going forward. Start getting spammed by calls to a number you gave out to some business whose customer database got harvested? Block it, and let th

  • I am so sick and tired of spam calls. Especially on my business cell phone that I cannot afford not to answer. I have been through numerous scanning services and they all fail, I have made noise with the cell company and I get a song and a dance. Seems to me the solution is rather simple. Ping back the number listed in the caller ID, if you do not get a busy signal, then drop the call before it rings through. Sooner or later I will start working on that.

Research is what I'm doing when I don't know what I'm doing. -- Wernher von Braun

Working...