But that's not even the biggest problem, the biggest problem is that it is trivial to spoof caller IDs in the US, and many of those operators do just that.
So tracking down who actually called can be tricky, then even if you could you still need to either get them extradited for robocalls (which isn't happening) or get them prosecuted abroad for breaking US law (which, again, isn't happening).
I personally feel like it can be solved however it has to be solved like this:
- Eliminated caller ID spoofing through technical means.
- Once caller ID is accurate, you can both have apps/databases with known bad callers or callers from VoIP providers, and or you could fine the VoIP providers facilitating this type of activity in the US (i.e. give them a motivation to stop abusive behaviour on their services).
I mean heck, if a VoIP limited each account to just ten calls per minute, it would massively decrease the volume of robocalls overnight. But none do because they have a financial motivation to keep allowing these companies to operate on their services and zero motivation to stop them (since it is almost untraceable anyway).
It would be interesting if they could implement a system where you could dial (555-555-5555) or something after receiving a robocall, which would log your last received call as being fraudulent and flag it for providers to shadow ban it. Would that work for spoofing caller ID?
The FTC had a competition called "Robocalls, Humanity Strikes Back" and two guys implemented a very similar idea.
Hopefully the FTC will follow through and make this widely available.
Bloody hell, for some reason this sentence just fills me with glee. I'm not even American, but it's so good to see government agencies get involved like this.
As you say, it would have to happen at the FCC level as individual telephone networks don't actually know for real where a call originated from.
I'd definitely like to use an app like this, and couldn't find any info via searching as to why it's not available on all devices.
2) Caller ID accuracy is a database federation problem and is not likely to be fixed without regulatory reform of data disbursement practices. Lockheed Martin Information Systems (Now called Neustar) is the central repository for all Caller ID records but many providers keep their own Caller ID databases to avoid paying the Neustar "dip" fees.
The way robocalling works is with outbound voice detection. You light up X circuits and only route the call to your harassment agent when a human voice is detected. It's trivially simple to detect these guys, and the way many voip providers deal with this is to charge a lot for the first minute of a call.
But can only hope, though I'd call it a no-brainer for the NSA and nobody is going to argue about it falling under there remit.
Maybe we should call spammers financial-terrorists or time-terrorists or communication-terrorists, then maybe, just maybe things would get done.
I truly believe eventually cell phones will just be a data communications tool and "voice" will be done through these kinds of standards rather than phone numbers and ridiculous bureaucracy surrounding them, not to mention the quality of such communications will be fantastic comparatively.
(I just solve this problem by never answering my phone unless it's a contact. Phone calls are rude anyways IMO, use async communication.)
Many times they are boiler rooms and are after CC #'s. Sometimes, though, they are for real, local businesses. A carpet cleaning business in my area used a robot call service and I played along to get the name of the business. I then hung up and called them, and asked to speak to the owner. After a while I got him. I gave him a piece of my mind, politely, and told him I would never, ever hire him and I would tell everyone I know the same.
You know what? He didn't give a shit, and was pretty surprised at my call. That means that people don't do what I did and there's little downside for what he did (hiring scumbags).
The level 2 people appear very, very bored and are unfazed by you yelling or swearing. They just immediately hang up when they feel you are not a mark.
The boiler room guys are slick as fuck. I once kept one of them on the phone for 10-15 minutes, playing dumb (I told him I was looking for my CC statement). When I hung up, my phone rang immediately. I told him to fuck off and take me off his list. He said "you'll regret this" and hung up. My phone rang immediately and the person at the other end was just yelling. It was someone like me that was redirected to my phone #. I unplugged my phone for 30 minutes.
I googled for the phrases they used ("credit card services") and found a law suit in Texas from the early 2000's. The company was shutdown and fined. There was a lawyer's name on the press release. I called information, found him, dialed the number. He answered. I introduced myself and told him briefly what had happened and he was pretty interested. He lectured me, though, to not get involved. He said they were pretty nasty people. He recommended I call AT&T (my provider at the time) and file a complaint. I started the process, but AT&T made the process so fucking horrible that I abandoned it after putting in an hour or two over a few days. Useless.
I've also had some luck opening with, "Does your family know that you lie to people for money?" That can be a good lead-in to suggesting they do something actually worthwhile.
Very gradually I learned that it was run by scoundrels, and that only about 15% of the money raised actually made it to the charity in question. The work was awful, but I stuck with it because that's what you do with jobs. It was the realization that I was basically helping scam artists take money from big-hearted, too-trusting people that got me to quit.
Conscience isn't some fixed thing; it's a skill you learn, a habit of ongoing evaluation. If I can wake just one of these people up so that they, like me, go and get a job that isn't net harmful to society, I'll consider my time well spent.
They'll just hang up as soon as they know you aren't a mark. I've tried everything, with these folks.
I think all the countermeasure and spam prevent techniques for phone spam can be taken from everything we learned regarding email spam.
Sure, scammers would move to hacking pbxes to place calls. But with strong liability, resellers would find ways to limit the damage a single account could do, like you suggest.
Also there isn't any real good way to limit caller ID "spoofing". The level of interconnects makes it as hard or worse than IP spoofing. And it's already an offense to spoof ID for scamming, at $10k a pop. But no one follows up and pushes the issue.
I really wished we had something like that here. One of the only times I'm jealous of my mom's phone.
I've thought of making an app to automate the process. It would remember all form's entries for you (name, address, etc) and fill in the current time and date. You'd just have to copy the phone number.
Think there's any demand for this?
I swear 90% of my phone & snail mail spam comes from the fact that I used my real name & address (PO Box) for domain names I've registered (as required by ICANN). I mean I doubt ICANN can enforce that but it'd be a dumb way to lose my domains so I used real info.
WHOIS Privacy FTW
If he returns to spamming again and again, doesn't it mean that the punishment is lesser than the gains to be had? And too bad.
It's funny how 2001 bad spyware practices used only on porn sites have been utilized by mainstream media sites via iOS/Android browser redirects in 2015.
Credit card farmers don't really care about repeat business, same goes for the brain pill trial guys that people for some reason give their CC info willingly. If someone catches on, you just bring up another llc, rinse, and repeat.
(Currenltly struggling with the fact that Plume for Android is nice to use - except when ads bounce you out of the app without being clicked on, sometimes over and over again)
> As of October 2003, Wallace was working as a DJ in New Hampshire, making weekly appearances at area nightclubs. Wallace performs under the name DJ MasterWeb.
Spam King by day, club DJ by night. With a cringey name, to boot.
I'm confused how this turned into a criminal case.
Yes, as stated in the article.
"Spamford" Wallace has a slight history, including multiple instances of recidivism after former spamming episodes dating to 1991.
In the late 1990s, his company, Cyber Promotions, aka Cyberpromo, was widely blacklisted as a source of unsolicited email. Wallace's high-profile pro-spam stance and unrepentant persistence earned him the derisive nickname 'Spamford'.
Prior to his email spam ventures, Wallace had gained notoriety in other questionable marketing circles, as a heavy utilizer of junk fax marketing, a practice outlawed in the United States since 1991.
In 1995, Wallace formed Cyber Promotions, entering the spam market. Thanks to a self-marketing campaign, Cyberpromo rapidly became the most successful seller of email marketing—as well as the number one source of unsolicited email. After Cyberpromo failed to become a legitimate business, Wallace returned to junk faxing in late 1997.
I still remember the hundreds of cyberout.com emails I'd get from his company back when I used AOL around 1995.
At least he filed bankruptcy.