Spam phone call loophole closed. But there are still loopholes

If you weren’t alerted recently that your auto warranty had expired, your Social Security account had a serious problem, or you’re in big trouble with the Internal Revenue Service, you shouldn’t be have a phone.

Those are just a few of the most common messages sent by robots, who often hide behind fake numbers to trick you into replying. RoboKiller, a company that makes the technology to identify bogus calls, estimates that Americans have encountered more than 72 billion spam calls by 2021 – a 32% increase from 2020. Spammers have called Californians’ phones more than 7 billion times, RoboKiller estimates.

On Thursday, the Federal Communications Commission took another step toward identifying and potentially blocking spam calls, closing one of the major holes in the agency’s enforcement efforts. The committee voted unanimously to expand its crackdown on caller ID spoofing – that is, callers disguised as phone numbers they are using – to gateways that handle calls to the US from other countries. .

That’s good news for those who are tired of receiving calls from “Possibly Spam”. But that doesn’t mean it’s safe to pick up the phone every time it rings – at least not yet.

The rule-targeted international gateways on Thursday have seen an increasing number of spam calls since the FCC began spoofing in 2019 through so-called technical standards STIR / SHAKEN. The standards required by the major phone companies, verify the caller ID information as it is transferred from one service provider to another along the route of a call.

STIR / SHAKEN does not block spam calls by itself. Instead, it helps service providers identify calls with fake IDs, which they can use other technology to block. And in some cases, it can help identify calls that an international gateway must block or face when all its traffic is denied by the US carriers it connects to, a committee spokesman said in an email.

Adding international ports to STIR/SHAKEN is “the step in the right direction,” said Jim Dalton, CEO of TransNexus, a company that helps carriers implement standards. “Unless you have STIR and SHAKEN everywhere,” explains Dalton, “it’s worthless. It’s like a broken bucket.”

And so far, there have been a lot of holes. Unlike the days of Ma Bell’s monopoly, when there were relatively few companies involved in transmitting a call, the current system is like a brigade of carrier-to-carrier calls, Giulia Porter, vice president of RoboKiller, said. . And not every company in that chain is required to pass on verified caller ID information.

So far, Dalton said, only about 25% of all calls have reached their destination with the correct caller ID information. Another vulnerability in the STIR/SHAKEN chain that will close at the end of June, when smaller service providers have seen a large amount of fake calls will be required to implement the standards. But that would still leave a wide lane for spoofing calls, Dalton said, because STIR/SHKEN only applies to networks that transmit calls over internet protocols, such as those carried by carriers cable and wireless operation. “Legacy” networks transmit calls the way they did before internet-revolutionary telephony had no coverage.

The FCC asked the industry to figure out how to prevent spoofing on older networks, Dalton said, and it did. “The technology is here and it works,” he said. “But nobody’s going to deploy it until there’s a mission.”

By the way, the vulnerability in STIR/SHKEN and frequent use of spoofing by spammers explains why it doesn’t seem to do anything when you ask your phone to block the spammer’s number, Porter speak. The number you are blocking may not be the number being used to call you.

Terminating the fake call is only part of the solution. According to the commission’s estimates, more than half of spam calls come from numbers that haven’t been spoofed.

One way around that, Porter says, is to assign reputation ratings to numbers that reflect how often they’re used for spam. That rating can then be used by service providers to identify and block potential sources of unsolicited calls.

That type of analysis is used by internet service providers to move unsolicited emails in bulk to spam folders. Phone companies also use it to mark calls as “Possibly Spam,” a more confusing notation for consumers to decide whether or not to place a call. The more calls with verified caller ID information, the more effective the analysis.

Remember that not all unsolicited calls are scams, nor are all of them illegal. Last year, the Supreme Court ruled that robot calls only violate federal law if the numbers are dialed randomly or sequentially. If a caller intentionally dials your number because it’s on a list that’s being targeted, you’re fair game.

There are a few ways to try to defend yourself, such as signing up for the Federal Trade Commission’s Do Not Call Registry to block unsolicited sales calls, or using an app to block sales calls. Potentially spoofed calls. However, spammers and scammers have been so good at getting around those barriers that some have resorted to only answering calls from people they know. When the caller doesn’t leave a voicemail, that’s a pretty good sign it’s spam.

But those protections won’t stop spam messages, which is a growing scourge. RoboKiller estimates that Americans received nearly 88 billion spam messages last year, up 58% year-over-year. Many of them are phishing scams that try to lure you into clicking a link that will install malware or extract sensitive personal information from you. STIR / SHAKEN does not have any effect on them. And the FCC has yet to act on President Jessica Rosenworcel’s proposal to block them. Spam phone call loophole closed. But there are still loopholes

Edmund DeMarche is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – The content will be deleted within 24 hours.

Related Articles

Back to top button