
Why Phone Fraud Starts with a Silent Call - joe5150
http://www.npr.org/sections/alltechconsidered/2015/08/24/434313813/why-phone-fraud-starts-with-a-silent-call
======
bediger4000
Everyone should let the robocalls play from start to finish, then press 1 (or
whatever) to talk to a live operator. Lie to the operator. Take up as much
time as possible, say "ummmm" a lot, ask for the operator's name, insist that
you be called "Ed" or something. Take some time to "fumble" for your "credit
card". I keep an expired gift card in my wallet to give out to fraudsters.
Express "disbelief" when your account doesn't show up at "CitiBank" or
whatever. If you have some knowledge of credit card number formats, give out a
scrambled card number. I usually end up the call with a few anglo-saxon
synonyms for the masculine organ of primogeniture, I reccommend you develop
your own abuse technique.

If enough people do this to fraudsters, and the occasional real credit card or
bank person, then things will change.

~~~
Terr_
I do a milder version of this: I press the buttons, mute my mic, and leave the
phone on the desk. Less work for me, but still costs them a little bit in
terms of connecting to the phone of a real person who goes through their
intro-spiel.

------
tempestn
Man do I hate robocalls. Every few days now I get these, "Since you are a
valuable customer of [insert large consumer company here], we would like to
reward you with [cash/vacation/whatever]. Please press 1 to accept." So many
calls. Wishing for them to get shut down seems overly optimistic, so I hope
they just get better at recognizing people who will never fall for their scam
and stop wasting resources on those numbers...

(Seriously though, I feel for the real victims, and obviously having your
savings disappear is infinitely worse than being annoyed by scam calls every
few days. Still annoying though.)

------
manishsharan
This article did not mention spoofed caller id, which is really scary and
annoying. Normally I do not pick calls from numbers I do not recognize. With
calller id spoofing, the fraudsters are able to show a phone number that is
very similar to mine : the first 6 digits are identical to my landline ; this
fools me into believing it is a neighbor or my kid' friends that is calling
and I end up picking up the phone.

~~~
eitally
It's not just fraudsters. Until recently, I was a reasonably high-up IT leader
at a big corporation and I probably received 3-5 cold calls per day from
vendors and other service providers. By the past 12 months, almost all of them
spoofed my local area code -- this is what finally put me over the top. I no
longer answer calls from numbers I don't recognize unless I am expecting one.

~~~
jsmeaton
In Australia that's flat out illegal. You _must_ present a number, and that
number has to be connected to your business so that the person receiving the
call can call back.

~~~
MichaelGG
Spoofing caller ID for financial gain is illegal in the US, too, with a $10K
per violation fine. But having worked in wholesale telecom a bit, no one
actually cares, because no one follows up.

When you complain to your service provider, what happens is the vendor will
say to the carrier sending traffic "hey calls from this number are getting us
complaints, please shut it off". The call traffic just moves around or changes
number. There will be several layers of resellers involved, so it's not like
the resellers are being intentionally malicious and generating bad traffic,
they're just relaying the calls for their customer and so on.

No one actually wants to investigate, so getting calls from a certain number
to stop is usually enough to please everyone. If the FCC wanted to, they could
kill this stuff in a week just by adding stronger liability rules and making
carriers vet their traffic. If resellers had even a $5000 fine liability for
sending bad traffic, they'd pretty quickly figure out a way to limit their
exposure. But without real pressure, the FCC is happy to let things stay as
they are.

~~~
bediger4000
That's very interesting. Why is the FTC happy to let people get scammed and
annoyed, and let scammers reduce the utility of the phone system in general?

Is the FTC in on this rubbish? Are they getting payoffs? WTF?

~~~
MichaelGG
My guess is the FCC asked carriers how to stop it and carriers said it was too
hard. It's unlikely that the people the FCC talks to would say that fining
them was a good idea.

Or they proposed a fine, then the big carriers said if there was any
liability, they'd stop selling to smaller guys and the whole system would stop
working.

------
CaptainZapp
Microsoft Windows Phone 8.1 has a fantastic feature for weird numbers that
immediately hang up. Mostly those are call centers, though, and not
fraudsters, at least in my experience.

When you select the suspicious number from the call list you get a menu, on
which you can block the number.

It's very straight forward and savers me a lot of having to deal with
impertinent assholes.

~~~
andrewaylett
That really helps when it's the same number trying to call you again and again
(and for the record, all of my Android phones have had the same feature).
Unfortunately, here in the UK it's my landline that gets called (which doesn't
have that feature) and almost always from a withheld or international number,
which means I can't block just that caller anyway.

~~~
antimagic
I kind of feel like saying "don't use landlines then dummy!" I mean it's a bit
glib, but in all seriousness, why would you use landlines these days for
telephone calls? Maybe it's different in the UK, but certainly here in France
even the most basic phone plans come with pretty much unlimited domestic calls
making the low-tech problems associated with landline phones just not worth
the hassle anymore.

~~~
jeffwass
Am I the only one who prefers voice quality on a landline?

For conversations longer than 1 minute it's just much easier on the ears, in
my opinion.

~~~
ascagnel_
VoLTE (Voice over LTE) and WiFi calling both sound spectacular, but they're
still in the process of being rolled out and require both parties to opt-in
ahead of time.

Beyond voice quality, a POTS landline (at least in the US) will keep running
even when the local power grid is down. Unfortunately, phone lines and power
lines share utility poles, so if there's physical damage your phone service
will also be interrupted.

~~~
joe5150
Where I used to live, the POTS lines were on separate poles from the power
lines in a lot of areas, and the phone lines were far and away more robust
than the power lines. During the winter, snow would routinely take out the
power in huge areas, sometimes for two weeks or longer, but you could still
use the phone if you had a basic trimline model (which everybody kept one
around for these situations) into the jack.

------
trentlott
It would be interesting if there was some audio-based exploit that could be
used against the systems in question.

It would depend heavily on the nature of the software and the processing done,
I realize. But if only one overly-clever person who wants an inordinate amount
of praise and fame can manage it. . .

------
joe5150
I think as telecom-as-a-service grows and facilitates further and further
automation of this kind of thing, we may see the growth of phone call spam
filtering the same way we have with email. Of course, telemarketing is nothing
new, and so far nobody's really attempted anything like that to my knowledge.

What if any technologies exist for PSTN that are analogous to DKIM or SPF in
email?

------
Asbostos
Regarding giving out PIN numbers. Banks should make a better effort at
informing customers that no other human should ever know their PIN or internet
banking password, not even the bank's staff. As soon as you tell anybody your
PIN, that means you're being scammed.

~~~
blackoil
Unfortunately, scanners have evolved, they will tell you same and will forward
you to take automated system.

------
jimhefferon
> Company researchers estimate 1 in every 2,200 calls is a fraud attempt.

This number does not pass the smell test for me. About 2 out of 3 landline
calls that I receive are fraud attempts.

~~~
pavel_lishin
Maybe they're counting cell calls as well? I get _maybe_ one call a month that
I would classify as spam.

Also, do you get many calls on your landline, or is it more that you get six
calls a month, four of which are spammy?

~~~
greggman
I get almost no legit calls to my cell phone (no land line). So I get
percentage-wise a very high number of spam calls. My solution is too add the
number to my contact list and mark that contact as silent ring. There's 33
numbers spread across 4 "scam" contacts (a contact can only have 10 numbers).
Some of those numbers have called up to 10 times.

Where as if I check my "recent" call list there's been no more than 2 legit
calls a month

~~~
pavel_lishin
Interesting; I wonder if there's a way to check which company currently owns
those numbers.

Then again, I'm sure it's a totally legitimate (no sarcasm) company; hard to
make sure that 0% of your customers are spammers.

