Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Communications Medicine United States

Robocalls Are Overwhelming Hospitals and Patients, Threatening a New Kind of Health Crisis (washingtonpost.com) 152

An anonymous reader shares a report: In the heart of Boston, Tufts Medical Center treats scores of health conditions, from administering measles vaccines for children to pioneering next-generation tools that can eradicate the rarest of cancers. But doctors, administrators and other hospital staff struggled to contain a much different kind of epidemic one April morning last year: a wave of thousands of robocalls that spread, like a virus, from one phone line to the next, disrupting communications for hours to come.

For most Americans, such robocalls represent an unavoidable digital-age nuisance, resulting in constant interruptions targeting their phones each month. For hospitals, though, the spam calls amount to a literal life-or-death challenge, one that increasingly is threatening doctors and patients in a setting where every second can count. At Tufts Medical Center, administrators registered more than 4,500 calls between about 9:30 and 11:30 a.m. on April 30, 2018, said Taylor Lehmann, the center's chief information security officer. Many of the messages seemed to be the same: Speaking in Mandarin, an unknown voice threatened deportation unless the person who picked up the phone provided their personal information.

Such calls are common, widely documented scams that seek to swindle vulnerable foreigners, who may surrender their private data out of fear their families and homes are at risk. But it proved especially troubling at Tufts, which is situated amid Boston's Chinatown neighborhood, Lehmann said. Officials there couldn't block the calls through their telecom carrier, Windstream, which provides phone and web services to consumers and businesses. "There's nothing we could do," Lehmann said Windstream told them.

This discussion has been archived. No new comments can be posted.

Robocalls Are Overwhelming Hospitals and Patients, Threatening a New Kind of Health Crisis

Comments Filter:
  • by PolygamousRanchKid ( 1290638 ) on Monday June 17, 2019 @03:12PM (#58777648)

    I get zero robocalls . . . because they are illegal in the country where I live, Germany.

    If robocalls are such a nuisance or life threatening problem . . . why not just make them illegal . . . ?

    I really don't understand the problem here.

    • by Merk42 ( 1906718 ) on Monday June 17, 2019 @03:17PM (#58777694)
      It doesn't affect those in charge, and in fact, may benefit them in the form of kickbacks from telecoms. So why should they make it illegal?
      • Re: (Score:3, Interesting)

        by Anonymous Coward

        It doesn't affect those in charge, and in fact, may benefit them in the form of kickbacks from telecoms. So why should they make it illegal?

        Others here have demanded a more severe form of punishment for this kind of tolerance. Just how far do you think people will be pushed before they retaliate? This is a hospital we're talking about here, not a fucking Facebook helpdesk. When people start dying as a result of "kickbacks", don't expect citizens to remain calm.

    • by Anonymous Coward

      I get zero robocalls because I don't give my number out to anybody who asks. Unless you have a reason to be calling me - usually that means we're friends - then you don't have a reason to have my number.

      I got a few a long time ago but I blacklisted the number ranges and get no more.

      • by sjames ( 1099 )

        Don't worry, you will. You don't have to give your number out for it to be found by a war dialer.

        • by Anonymous Coward

          Yeah no kidding. A person like that is a prime target for getting a rude awakening.

          I have a phone number that has never been given out to anyone. I used it for a brief period of time for security and authorization purposes and never actually talked to anyone while using it.

          I get at least a call a month on that line. I expect it to go up sometime in the future. Someone just randomly/not so randomly called it up one day. I never answered then nor do I ever intend to. Went to voicemail and heard the caller, ti

      • by Anonymous Coward

        I get zero robocalls because I don't give my number out to anybody who asks. Unless you have a reason to be calling me - usually that means we're friends - then you don't have a reason to have my number.

        I got a few a long time ago but I blacklisted the number ranges and get no more.

        Neither have I but my number has been sold by businesses that I did business with, robot callers dial numbers sequentially so they'll call even if your number is top secret, and others give your number out.
        I KNOW you're getting robo-calls and you're just bullshitting.

      • They're phoning every number now. You don't have to give it out. The prefixes are already well known, and then there are only 10,000 numbers inside each prefix (in the US). Much of the rise in malicious robocalls comes from being able to do this digitally, you're not limited to dialing each number sequentially and waiting.

        And a major problem right now is that if the call comes from the internet then they can put up any phone number they want as the originating number. More than half the calls I receive cl

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      I get lots of robocalls. Where I live, the US, they're illegal if you're on the no call list, which I am on. Oddly enough, people committing fraud seem to not respect the law.

      • by Anonymous Coward

        No call lists are notorious for being targetted by spammers.

        You want a new phone number, never before been used by anyone, that isn't listed anywhere. Otherwise because it is listed on the no call list, it is known to be functioning and therefore targettable.

        And phone companiew won't stop them because they want to sell call screening services...for a small monthly fee. There's a good chance at least some of the scammers are being funded by major telcos, off the books and under the table...

        • When the telcos go for paid screening services we need to class action sue them. Use discovery to show they have been profiting and complicit on transport and are now profiting from crime... Dirty money, and have the assets seized.
    • Re: (Score:2, Interesting)

      by PCM2 ( 4486 )

      I get zero robocalls . . . because they are illegal in the country where I live, Germany.

      That's like saying you can't be murdered in Germany because it's illegal there. Most of the robocalls will be coming from VoIP banks in countries outside your own, such as China, India, Russia, etc. They use rotating rolls of spoofed numbers, so they're impossible to block on a per-number basis. They probably use VPN-like techniques to evade network traces, too.

      • Re: (Score:3, Insightful)

        by Merk42 ( 1906718 )

        ...They use rotating rolls of spoofed numbers...

        Why is this a thing? More importantly, why is it you can spoof a number you don't actually 'own'?

        • by Anonymous Coward

          Same reason you can spoof an IP or MAC address you don't: Security is an afterthought in our communications systems.

        • by Anonymous Coward on Monday June 17, 2019 @04:28PM (#58778214)

          Why is this a thing? More importantly, why is it you can spoof a number you don't actually 'own'?

          A completely broken caller ID system which was further weakened by lobbyists for the call center industry trying to be sure a call from a call center in India looked as if it came from the published number of the company.

          At the time everyone said it would cause problems, but nobody listened.

          Literally the people who made money by running call centers wanted this.

        • by Anonymous Coward

          Why is this a thing? More importantly, why is it you can spoof a number you don't actually 'own'?

          The same reason you can spoof an email address you don't own.

          In an email, the "From:" line is the very first thing within the content of the email, and it is set by you the sender.
          Caller ID is what your local carrier is requesting from the call originator to be displayed.

          ASN is what your local carrier has that shows the route the call came from, including the originators carrier.
          This is akin to the "Received-by:" chain of headers in an email that each mail server appends to as it travels through them.

          The qu

        • by Sique ( 173459 ) on Monday June 17, 2019 @05:18PM (#58778550) Homepage
          Because a phone number is essentially a route and not an endpoint. A phone number tells the phone switch where to route the call to, not where the route ends.

          Only for the simplest of situations, there is only a single route to a single endpoint. In many cases, one route can lead to multiple endpoints (e.g. a call center with dozens or hundreds of agents), or an endpoint can reached via multiple routes (e.g. at a multi-homed phone switch with several PSTNs with several providers and/or at several locations). This makes testing the validity of origin phone numbers quite cumbersome. Basicly, the phone switch at the called party site would have to call back the caller id and check if the "connected number" after the establishment of a connection is the same than the called number provided in the call data, which essentially adds the cost of a second call to the connection.

          Yes, it can be done. And yes, it will be much hassle to get everything correct and for instance avoid a ping-pong if the checking connection attempt gets checked by a third connection back into the first direction, which then attempts to check the validity with a counter connection etc.pp.

        • by sjames ( 1099 )

          That's the crazy thing. Caller ID says whatever the caller wants it to say. There *IS* an id that isn't spoofable that the phone companies use to make sure they know who to bill, but they don't share that with the called party. When the U.S. phone companies say they can't do anything about it, what they really mean is that they just love those sweet sweet pennies they get for terminating those junk calls too much to ever want it to stop.

        • Because telecoms allow it.

        • There's valid reasons to spoof the outgoing number; like the PABX showing as the switchboard number instead of your extension.

          You might also want to spoof your switchboard number when making a Skype call... and MS don't 'own' your number, so there'd need to be a mechanism to add them to a whitelist of endpoints that are allowed to spoof your number....

          All of that is kind of expensive to implement and requires opt in to work, so no one is going to do it.

          I just don't answer the phone unless it's a someone I k

      • by Anonymous Coward

        It is very easy actually. I make the caller id where the robot call originated responsible. Fine them and the problem goes away. If a telecommunication company doesn't want to play by the rules to ensure that the (network) caller id can't be spoofed, make them responsible for the fines too. It works in most parts of the world.

        • by PCM2 ( 4486 )

          How can you make a company located in a foreign country, completely outside the jurisdiction of your country's laws, "responsible'? In the U.S., telecoms companies have "common carrier" status -- meaning that as long as they allow equal access to anyone who wishes to use their services, they can't be held responsible for the content of the communication. You can only go after the party that placed the calls (which you can't do, because they don't care about your laws).

          • by sjames ( 1099 )

            You can't jail them, but you can block them from calling anyone in the U.S. ever again. If the foreign phone company won't play along, you can block the entire phone company from completing calls to the U.S.

          • by pjt33 ( 739471 )

            As described, there seem to be at least two ways forward. Either make it clear that metadata is not "content" or rewrite the common carrier rules.

        • You can charge based on number of calls coming in. Two million calls from the same small exchange shouldn't be free. The problem is the same as email spam, as long as the cost per message is essentially free then it encourages unlimited usage by unscrupulous persons.

    • Re: (Score:1, Troll)

      by Type44Q ( 1233630 )

      why not just make them illegal

      Ten percent of our population are illegal.

      We're open to suggestions.

      • by Anonymous Coward

        Open borders. Free health for all. Universal basic income for all.

      • by Ichijo ( 607641 )

        ...our population are...

        Found the Brit!

        I was wondering why you wrote that 10% are illegal instead of 3% [politifact.com], but now it makes perfect sense.

        • He probably included the government?

          https://danieljmitchell.files.... [wordpress.com]

        • by Mashiki ( 184564 )

          I'll give you bonus points if you explain how politifact's own methodology is wrong based on crime data(including under the table employment), incarceration, and catch and release programs operated by various states running 'sanctuary' programs. Bonus points if you use this years data putting the track at nearly 1.4m illegals entering by crossing the US-Mexico border.

          Double points if you explain why Quebec just refused 18k(from the last 1.2 years) immigration applications from illegals trying to become lan

    • telemarketing to do-not-call list and also fraud/con by phone illegal here too. Does not deter operations in third world shitholes (mostly India) from setting up operations to hit the USA with those.

    • by Solandri ( 704621 ) on Monday June 17, 2019 @03:29PM (#58777788)
      They're illegal in the U.S. too if you added your number to the Do Not Call registry. But some people break the law and ignore the registry. And it's virtually impossible to track down who has robocalled you. Merely passing a law to make an activity illegal is worthless. You have to enforce it too.

      That brings us to the real problem - the phone companies allow the caller to spoof their ID. Obviously the phone company knows the real identity of who is making the call - that is how they know who to bill and whether they're authorized to use the phone system to place a call. If they would just make this information available to the call recipient, then it would be trivial to block unwanted calls and to report violations of the Do Not Call registry. The sleazebag telemarketers and robocallers would be shut down in short order. But the phone companies don't want to do this because the robocallers and telemarketers account for a significant portion of their business. Giving everyone a way to screen out those calls would result in a significant drop in the phone companies' revenue. And because they enjoy a government-granted monopoly, there is no competition so they know there is no way for you to leave them no matter how badly they treat you.
      • by sjames ( 1099 ) on Monday June 17, 2019 @03:56PM (#58778020) Homepage Journal

        This is much closer to the truth. Even if they don't want to give the information out, they could just set something up like dial *666 to report the previous call as a scam or robocall and correlate that with the actual caller rather than the useless caller id.

        There might be mistakes or calls reported out of malice, so allow for a small number and let the reports expire. The problem callers will rack up hundreds or thousands of reports in short order. If they're in the U.S. refer them for prosecution. If foreign, report them to the originating telecomm and bill the telecomm a metric assload to make them WANT to dump the bad actors. If they don't pay, disconnect the whole damned telecomm. Let's see how long they can stay in business if their customers can't actually call anyone.

        This may seem extreme, but it is REALLY degrading communications in the country. Many people now don't answer their landline at all unless they recognize a caller's voice when/if they leave a message. It's no wonder, the damned thing rings several times an hour with junk calls. People have to turn the ringer off at night if they plan to sleep in the morning. The telephone system worked just fine for over half a century, but these jackasses are breaking it.

        As for the legislature's incentive? Because of this, when they call asking for my vote, I won't be answering until there's a better than 75% chance it's not "the Apple Support" telling me there is a security problem or 'Julie' from the 'awards center'.

      • They're illegal in the U.S. too if you added your number to the Do Not Call registry. But some people break the law and ignore the registry.

        Worse, a sizable fraction of the people on the Do Not Call List put themselves there because they know they're unusually vulnerable to telephone sales pitches, charity solicitations, and so on. Whether the offer is genuine or fraudulent, they just can't say "No" to a nice sounding person who calls them up on the phone. So they put themselves on the DNCL in an attempt

    • by martyros ( 588782 ) on Monday June 17, 2019 @03:34PM (#58777844)

      I get zero robocalls . . . because they are illegal in the country where I live, Germany.

      There's probably a much better reason -- it costs the caller extra money to call your mobile. I live in the UK and I've only ever gotten one robocall on my mobile phone, and I only *very* occasionally get spam texts. Not cost-effective.

      In the US, the person receiving the call pays for the mobile phone connection; calling a mobile is as cheap as calling a normal phone, which with modern VoIP is very very cheap.

      Switch to a caller-pays-the-whole-way model and the whole thing changes dramatically.

      • I get zero robocalls . . . because they are illegal in the country where I live, Germany.

        There's probably a much better reason -- it costs the caller extra money to call your mobile. I live in the UK and I've only ever gotten one robocall on my mobile phone, and I only *very* occasionally get spam texts. Not cost-effective.

        In the US, the person receiving the call pays for the mobile phone connection; calling a mobile is as cheap as calling a normal phone, which with modern VoIP is very very cheap.

        Switch to a caller-pays-the-whole-way model and the whole thing changes dramatically.

        Given most phones now have some form of unlimited calling the pay per call model doesn’t really work since there is no call charge now like there used to be in the days of fixed minute allotments. VIOP could start charging, such as SKYPE does with higher rates to mobiles in Europe and elsewhere, but it would take a bit of work to identify and bill the actual caller.

        • Given most phones now have some form of unlimited calling the pay per call model doesn’t really work since there is no call charge now like there used to be in the days of fixed minute allotments.

          We have "unlimited" consumer mobile plans over here too, but I guarantee if someone started using those to do millions of robocalls, they'd run into the fine print pretty quick.

          When someone from the US calls someone from Europe, the caller pays for the mobile connection; so the ability to track and charge is

          • We have "unlimited" consumer mobile plans over here too, but I guarantee if someone started using those to do millions of robocalls, they'd run into the fine print pretty quick.

            Exactly. We have "unlimited calls and texting" because people don't make many calls and do a lot of texting anymore, they use WhatsApp, Facebook and so on. So the phone company can look generous, save the money that it costs to count your call time, and it doesn't cost them much.

        • Even a penny a call would kill off most robocallers I think.

      • Originally, with cell phones, it "cost" on both ends. You used up minutes as a caller, and minutes as a receiver. As more competition entered the market, companies start adding "call lists" (ie, "AT&T's Friends and Family"), that didn't use minutes; then made inter-carrier calls free, and now many plans are unlimited. The scourge is CID is easily spoofable; I've done it with FreePBX, $15 second-hand Cisco voip phone, a free "test" SIP trunk...I could have easily found some out-of-the-country stupidly
      • by pjt33 ( 739471 )

        Switch to a caller-pays-the-whole-way model and the whole thing changes dramatically.

        Indeed, although you might end up with something similar to the situation in Spain, where 90%+ of spam phone calls are from telecoms companies.

    • Re: (Score:2, Insightful)

      by Anonymous Coward

      I get zero robocalls . . . because they are illegal in the country where I live, Germany.

      Oh nonsense. I too live in Germany and get cold calls and lately the stereotypical tech support scams. Criminals don't give a shit about legality.

    • How does Germany keep someone in India from robocalling you?
      • How does Germany keep someone in India from robocalling you?

        I honestly don't know . . . ask my provider, Deutsche Telekom. But like I already stated, I have never gotten a robocall, only a call from that annoying "Windows Support" guy. But if they are able to do it in Germany, they should be able to do it with T-Mobile in the US. Unless it is very lucrative for providers in the US to cater to robocallers.

        The last time I visited my mother in the US, the phone kept ringing at dinner time. My mother told me not to get up to answer, because it was probably a politic

        • only a call from that annoying "Windows Support" guy.
          That is actually a scammer.

          "He" called my fathers wife and she gave him "root access" to her computer. Obviously he installed *malware*.

          As she is not "completely stupid" she realized it very soon.

      • How does Germany keep someone in India from robocalling you?

        Panzers

      • No idea.
        But I never got a robo call, nor did anyone of the people I know tell me.
        Probably there is a law that says: make robo call, you die!

    • Oh, there is no problem.

      It is gods own country. They do everything opposite the rest of the world does!

      Why? Because!

      No one will ever fix it, unless they blow themselves up and for some absurd reasons there are survivours that take a different route. (They can not even pronounce "route" correctly because the "correct pronunciation" has a sexual implication, rofl)

    • Your statement is like saying you don't have home robberies because they are illegal. It has nothing to do with the calls being illegal. A war dialer will call your phone it doesn't care if it is legal or not. The telecom is doing something else to block them most likely to enforce the law.
    • Most start with "hallo ! hallo !" trying to make you think they are from human, some are with music and tells you you won. The things is complaint lead to nowhere. They might be forbidden but they do exists. And I get one or two per month (OK maybe the quanity is not comparable to the US...).
    • by Agripa ( 139780 )

      I get zero robocalls . . . because they are illegal in the country where I live, Germany.

      If robocalls are such a nuisance or life threatening problem . . . why not just make them illegal . . . ?

      I really don't understand the problem here.

      But then how does the phone company make money from the robocalls if they are illegal?

  • Maybe if Trump threatens to tariff countries who don't control their scammers & spammers, something will be done.

    Part of me tells me it will cause more problems than it solves, but it sure would feel good in the short term to hear that guy chew them out.

    • by gtall ( 79522 )

      Wrong. Countries will just allow new Trump hotels and golf courses, and the threat of tariffs will be quietly left off the Orange Bozo's Twitter account.

  • Thousands? (Score:4, Interesting)

    by PCM2 ( 4486 ) on Monday June 17, 2019 @03:26PM (#58777772) Homepage

    Really? Thousands of calls all at once? That's quite a coincidence. TFA is paywalled -- are they calling this a DDoS attack? Because that might be a first.

    Along a similar line, some hospitals have experienced serious problems with ransomware. It locks up electronic patient records, making it impossible to deliver care. One hospital had to shut down and redirect all patients to another, nearby facility.

    DDoS attacks against hospitals are creepy. It's bad enough when it's just Ukrainian scammers trying to get ransom in Bitcoin. But in an actual war (with an unscrupulous enemy) presumably hospitals would be an important target.

    • Making hospitals an important target in an "actual war" would also be a war crime that could get you executed afterwards.

      Not only that, unless it is a military hospital(which are presumably more secured), attacking hospitals isn't going to get you much in the way of reduced military effectiveness anyways.

      And at least in the USA, the DoD reserves "kinetic options" as moves in cases of cyber attacks. Yes, that means basically "drop a bomb on the hackers".

      • by PCM2 ( 4486 )

        Making hospitals an important target in an "actual war" would also be a war crime that could get you executed afterwards.

        Only if you lost. :-S

    • by sjames ( 1099 )

      That doesn't surprise me. I have received a dozen spam calls in an hour on just one line. A hospital has a lot more than one line, generally with consecutive numbers.

  • "Like a virus?" (Score:5, Interesting)

    by ClickOnThis ( 137803 ) on Monday June 17, 2019 @03:30PM (#58777802) Journal

    No, it did not spread "like a virus." I seriously doubt the phones receiving the calls forwarded them to multiple extensions. The robocaller just exhaustively called a whole tranche of numbers.

    Look, robocallers are dicks, especially if they do something like this: disrupt an essential service like a hospital. But the calls don't spread "like a virus."

    • by Anonymous Coward

      But the calls don't spread "like a virus."

      For the target audience of the article, the calls in fact DO spread like a virus.

      In a hospital extensions are often matched to the floor and room number.
      So calling the extensions sequentially would result in a pattern of phones ringing "going down the hall and back up the other side"

      Again to the target audience, a virus spreads from one thing to the next, because multiplying cells and exponential growth is difficult for that audience to grasp and visualize.

      Moving from one to the next == moving from one to t

    • Tip: Similes are frequently used when they are not literally true in order to make an article or story more descriptive.

  • ...what? In civilised countries we pay to make the call not receive it and don’t allow caller ID spoofing.
    Let me just add that to my USA list....
    Still use imperial,
    Use MmDdYYYY,
    gun homicide rate,
    NASCAR,
    No single payer healthcare,
    Extortionate drug prices,
    Ajit Pai,
    So many TLAs,
    Cardashians as a cultural icon,
    HFCS in everything,
    Gridiron,
    Tipping.... uuugh,
    Drip and flavoured coffee.. double uuugh,
    Cinnamon on steaks... now cmon...
    but I still like the warm feeling knowing the worlds largest military has our b

  • I use Nomorobo on my landline and call blocker by Vlad Lee on my mobile. The former identifies spam by call volume from the source. The latter blocks calls from numbers not on my contact list.

    Both are no cost except my privacy,

  • "There's nothing we could do,". Bullshit. Nobody did anything the 1st, 2nd 3rd.... time it happened so now this.
  • by Antique Geekmeister ( 740220 ) on Monday June 17, 2019 @04:32PM (#58778250)

    Robocalls are a profit and legislative issue. The profit problem is that they generate income, and they have nearly no consequences. They do not have to be profitable for fools to _invest_ in the services, so the market exists even without net profit.

    The major Telcos can, and do, track the actual sources of calls as a matter of course. The information is necessary to establish the connection. They refuse to provide this information to customers, allegedly for privacy of users and because it is "too difficult". But I'm afraid the underlying reason is the raw income bulk clients, and that the bulk allows them to report larger market presence for their services. Every telco I've worked with makes every effort to report them staggering amount of their overall, even if most of it is wasted. Without a mandate to to identify the robocallers, to force them to be traceable by the source of the call and to allow effective pre-filtering the abuse will continue because it provides business and income to the telcos, even if it is not profitable.

  • What are the technical, policy and other differences that mean robocalls are orders of magnitude less troublesome in European countries?

  • I believe I've seen this happen where I work as well. We call them "the Chinese calls". There were a couple of days where I heard every office phone ringing down the hall, one after another, all with the same Chinese recording.
  • Bounties?
    On a side note, we all need to learn how to say " I f'd your mother" in Mandarin.

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...