Jun 17

Got Robocalled? Don’t Get Mad; Get Busy.

Several times a week my cell phone receives the telephonic equivalent of spam: A robocall. On each occasion the call seems to come from a local number, but when I answer there is that telltale pause followed by an automated voice pitching some product or service. So when I heard from a reader who chose to hang on the line and see where one of these robocalls led him, I decided to dig deeper. This is the story of that investigation. Hopefully, it will inspire readers to do their own digging and help bury this annoying and intrusive practice.

robocallThe reader — Cedric (he asked to keep his last name out of this story) had grown increasingly aggravated with the calls as well, until one day he opted to play along by telling a white lie to the automated voice response system that called him: Yes, he said, yes he definitely was interested in credit repair services.

“I lied about my name and played like I needed credit repair to buy a home,” Cedric said. “I eventually wound up speaking with a representative at creditfix.com.”

The number that called Cedric — 314-754-0123 — was not in service when Cedric tried it back, suggesting it had been spoofed to make it look like it was coming from his local area. However, pivoting off of creditfix.com opened up some useful avenues of investigation.

Creditfix is hosted on a server at the Internet address According to records maintained by Farsight Security — a company that tracks which Internet addresses correspond to which domain names — that server hosts or recently hosted dozens of other Web sites (the full list is here).

Most of these domains appear tied to various credit repair services owned or run by a guy named Michael LaSala and registered to a mail drop in Las Vegas. Looking closer at who owns the address, we find it is registered to System Admin, LLC, a Florida company that lists LaSala as a manager, according to a lookup at the Florida Secretary of State’s office.

An Internet search for the company’s address turns up a filing by System Admin LLC with the U.S. Federal Communications Commission (FCC). That filing shows that the CEO of System Admin is Martin Toha, an entrepreneur probably best known for founding voip.com, a voice-over-IP (VOIP) service that allows customers to make telephone calls over the Internet.

Emails to the contact address at Creditfix.com elicited a response from a Sean in Creditfix’s compliance department. Sean told KrebsOnSecurity that mine was the second complaint his company had received about robocalls. Sean said he was convinced that his employer was scammed by a lead generation company that is using robocalls to quickly and illegally gin up referrals, which generate commissions for the lead generation firm.

Creditfix said the robocall leads it received appear to have been referred by Little Brook Media, a marketing firm in New York City. Little Brook Media did not respond to multiple requests for comment.

Robocalls are permitted for political candidates, but beyond that if the recording is a sales message and you haven’t given your written permission to get calls from the company on the other end, the call is illegal. According to the Federal Trade Commission (FTC), companies are using auto-dialers to send out thousands of phone calls every minute for an incredibly low cost.

“The companies that use this technology don’t bother to screen for numbers on the national Do Not Call Registry,” the FTC notes in an advisory on its site. “If a company doesn’t care about obeying the law, you can be sure they’re trying to scam you.”

Mr. Toha confirmed that Creditfix was one of his clients, but said none of his clients want leads from robocalls for that very reason. Toha said the problem is that many companies buy marketing leads but don’t always know where those leads come from or how they are procured.

“A lot of times clients don’t know the companies that the ad agency or marketing agency works with,” Toha said. “You submit yourself as a publisher to a network of publishers, and what they do is provide calls to marketers.”

Robby Birnbaum is a debt relief attorney in Florida and president of the National Association of Credit Services Organizations. Birnbaum said no company wants to buy leads from robocalls, and that marketers who fabricate leads this way are not in business for long.

But he said those that end up buying leads from robocall marketers are often smaller mom-and-pop debt relief shops, and that these companies soon find themselves being sued by what Birnbaum called “frequent filers,” lawyers who make a living suing companies for violating laws against robocalls.

“It’s been a problem in this industry for a while, but robocalls affect every single business that wants to reach consumers,” Birnbaum said. He noted that the best practice is for companies to require lead generators to append to each customer file information about how and from where the lead was generated.

“A lot of these lead companies will not provide that, and when my clients insist on it, those companies have plenty of other customers who will buy those leads,” Birnbaum said. “The phone companies can block many of these robocalls, but they don’t.”

That may be about to change. The FCC recently approved new rules that would let phone companies block robocallers from using numbers they aren’t supposed to be using.

“If a robocaller decides to spoof another phone number — making it appear that they’re calling from a different line to hide their identity — phone providers would be able to block them if they use a number that clearly can’t exist because it hasn’t been assigned or that an existing subscriber has asked not to have spoofed,” reads a story at The Verge.

The FCC estimates that there are more than 2.4 billion robocalls made every month, or roughly seven calls per person per month. The FTC received nearly 3.5 million robocall complaints in fiscal year 2016, an increase of 60 percent from the year prior.

The newest trend in robocalls is the “ringless voicemail,” in which the marketing pitch lands directly in your voicemail inbox without ringing the phone. The FCC also is considering new rules to prohibit ringless voicemails.

Readers may be able to avoid some marketing calls by registering their mobile number with the Do Not Call registry, but the list appears to do little to deter robocallers. If and when you do receive robocalls, consider reporting them to the FTC.

Some wireless providers now offer additional services and features to help block automated calls. For example, AT&T offers wireless customers its free Call Protect app, which screens incoming calls and flags those that are likely spam calls. See the FCC’s robocall resource page for links to resources at your mobile provider.

In addition, there are a number of third-party mobile apps designed to block spammy calls, such as Nomorobo and TrueCaller.

Update, June 27, 2017, 3:04 p.m. ET: Corrected spelling of Michael LaSala.

Tags: , , , , , , , , , , , , ,


  1. Interesting article, but no recommendation on how to stop robocalling, so in the end analysis, not a particularly helpful article.

    • Really? I guess you didn’t read to the end of the story where it says:

      Readers may be able to avoid some marketing calls by registering their mobile number with the Do Not Call registry, but the list appears to do little to deter robocallers. If and when you do receive robocalls, consider reporting them to the FTC.

      Some wireless providers now offer additional services and features to help block automated calls. For example, AT&T offers wireless customers its free Call Protect app, which screens incoming calls and flags those that are likely spam calls. See the FCC’s robocall resource page for links to resources at your mobile provider.

      In addition, there are number of third-party mobile apps designed to block spammy calls, such as Nomorobo and TrueCaller.

      • My parents seem to have a particularly bad case of robocalling. They get called roughly every ten minutes. They are on the do not call registry, but that appeared to increase the number of robocalls (I guess it’s a nice list of numbers for scraping purposes).

        They ended up just unplugging the phone. Since they can’t go with the service provider filtering, or mobile apps, aside from reporting to the FTC, are there options for them?

      • Start of article: “help end this practice”

        Mid article: “XYZ doesn’t work”

        End of article: “do XYZ”

        Duh that doesn’t work, I’ve already done all that. I was mislead into thinking this article would tell me how to help end this practice, not just sit on my butt until the lousy FCC or the phone companies that benefit from the traffic decide to do the right thing. Disappointing

        • Guess you sort of missed the point of the story. If you so choose, you can track down who’s responsible and hold them accountable. But I guess since there’s not an app for that you’re not interested.

          • Brian Flanagan

            Brian, I was struck by the credit fix companies passing the buck to marketing lead generators, whom they purport to not be able to control. Well, if you’re paying someone to develop business for you, either directly or indirectly, you should be responsible for their actions. The FTC (or Congress) should make the business receiving the benefit of the robocall responsible for the actions of their vendors. I say this, in part, because it’s been my observation that the companies benefiting our sleazy outfits – credit fix companies, timeshare companies, auto warranty outfits, etc.

            I’ve yet to get a robocall from what I would consider a legitimate company. So I don’t have any sympathy, and won’t believe there protests that they have no control over what their lead generators do. It’s very simple, if you make them responsible for what the lead generators are doing, they won’t do business with lead generators. Case closed.

            We may end up with some other related type scam (the law of unintended consequences). But we can deal with that when it happens.

          • Nomorobo may offer some relief with VoIP; no joy with POTS. At least that’s been my experience with Verizon.

            BTW: this is yet another reason to avoid 2-factor authentication with text messages to cell fones. Once you’ve provide your cell fone number, you’re afforded zero protection.

          • I may have missed this so I apologize in advance, but what happens if you are for example, looking for work, obviously those companies are not in your contacts, and those would be calls that you would not wish to miss. Is there a difference in identifying or being able to identify a legit business number versus a robocall?

            • 1. I’ve recently installed a community-based blocker in attempts to identify some good callers and block known spam (though I find it useless–ShouldIAnswer app). Non-blocked numbers I manually do phone lookups to determine spaminess and if the caller leaves no voicemail I consider it likely spam, and report it as such.

              2. Weeks and months when I’m not expecting a legit call, I enable a no-ring auto-blocker, no caller but contacts or my whitelisted rings my phone:
              krebsonsecurity dot com/2017/06/got-robocalled-dont-get-mad-get-busy/comment-page-1/#comment-434535

              I haven’t had a conflict between the two apps when the spam-no-ring auto-blocker is disabled during times I expect a call, while the community-blocker is enabled.

              • Yesterday, upon comparing three months of calls, I found Truecaller better names good callers than the ShoudIAnswer app, and switched to it as the community-based gathering-blocker app. Though, both don’t seem to work well identifying-blocking callers within 3 weeks of the present date.

          • Most people don’t have the freedom of an investigative journalist to go tracking these things down as well as you have. Thus, you don’t need to insult your reader about not having an app for that. Hopefully, rather than lazy, your readers don’t have the time to do the work you do because they are doing actual work elsewhere in society.

            Supposing that Travis does make the time to track down someone and “hold them accountable,” that goes back to his complaint to which you responded–he’d have to “sit on his butt and wait” for the FCC etc to do something. Local law enforcement doesn’t take up these cases, for the most part, when reported from individual citizens. They will get involved when recruited by Feds to do some local work, though. Travis was saying that he already tried the things you suggested and they didn’t work [for him?]. Again, if he has a day job…

            Regarding Keith Lerner’s comment at the start of the comment chain, when he says “how to stop robocalling,” I believe he is talking about how to make it so that people cannot dial, legally, rather than how to block incoming unwanted calls. You immediately admitted that the NDNCR doesn’t work because it’s easily violated, and then suggest call blocking techniques, which don’t prevent the robocallers from dialing. Preventing robocallers from dialing is what he was talking about, not blocking techniques. This mismatch seems to be what set of Travis’ ire in his comment.

            Your attitude in each reply is a bit overbearing. Don’t give yourself the reputation of being a jerk to your readers just because we don’t have the time & resources to do the work you do, especially when your own article mentions weaknesses and you’ve shifted the subject that Keith initially raised from preventing others’ actions to blocking their actions.

            • And yes, I do understand that there are ways to hold accountable other than law enforcement, such as going to those who hire the lead generators. So, before you shift the subject over to that and dodge my point, there it is–I am aware of other ways to hold accountable. That doesn’t change my point about your attitude toward your readers.

      • Brian Flanagan

        The AT&T offer comes with a caveat – it has to be an iPhone 6 and above, and more importantly, you had to have gotten it from AT&T. If you bought it from Apple, too bad. I also looked at the reviews on iTunes, and it appears to be a combination of whitelisting your contacts and using a blacklist of AT&T’s. Anything in the middle comes to your phone as a suspected robo call.

        As for Nomorobo, it works perfectly for my home phone. On my cell phone, calls come through marked as robo calls, but they do come through. According to the service provider, it is a technology issue that they have not been able to work around yet. I paid $19.95 for a years worth. I’m undecided about renewing. I don’t answer cell phone numbers that I don’t recognize, and if they don’t leave a message, I just delete them from the call list. Which is exactly what I do with the nomorobo calls. So I’m not sure what I am paying for. I’m getting the home service for free, and I’d certainly be willing to pay $19.95 for that, so maybe I’ll just renew.

  2. IRS iTunes Card

    I get those calls usually about lowering your credit card interest rates. The caller , which sounds like it’s coming from a boiler room operation in India, end up asking for credit information and social security numbers to gain access to your bank account.

  3. Surprised that many people continue to pick up phone calls from number that are not in their address book. I years ago changed my phone to not ring except for those in my address book. Anyone else can leave a voice mail message which I can check every now and then. I realize this doesn’t work for everybody, but if most people don’t even pick up robocalls (whether for political candidates or otherwise), they’ll go away eventually.

    • That’s been my methodology for ages: if I don’t have them in my address book, let it go to voicemail, which they usually don’t leave. Then look up the number on 800notes.com and block it if it’s reported there.

    • I use Truecaller and an old app called Easy Filter. If you’re not in my contacts, you don’t get through. This has worked well for me. I don’t mind adding temporary numbers and then deleting them. I haven’t been able to find my version of Easy Filter again so I always make sure it’s backed up. My husband takes robocalls all day.

    • I’ve always handled the problem that way. I don’t rely on government to take care of my personal issues. If the caller doesn’t leave a voice mail the call isn’t that important. If it is someone I know their name goes into my address book and I answer the call. If the other 300 million of us did this the problem would self-destruct, but as long as we pick up the line, or don’t hang up abruptly if we accidentally pick up, the problem will persist. By the way, it is perfectly acceptable to hang up on a robocall. Quite liberating in fact.

      • Trying to induce people into being defrauded or otherwise is not a “personal problem” for victims, it’s criminal. Millions get defrauded every year. Not everyone has a phone with caller ID. Flippant generalisations help nobody.

  4. Robokiller is another option for iPhone users, but it costs $1.99 per month. It’s well reviewed though I have not used it personally.

  5. thanks! when I have the time I will have to play along! Trouble is they always seem to call when I am in the middle of doing something important!

    • Don’t be a slave to your devices. If a call really is important they will call back … repeatedly.

  6. It seems to me that phone service providers, including VOI, could easily stop this miserable phone harrassment. They could design their systems to require all commercial accounts to display the actual company name and phone number. If their software prevented commercial users from spoofing names and numbers, this problem would immediately stop.

    I get three or more calls every day that show up on my caller ID as just a city and state with a phone number. I rarely answer. But when I do, I tell the representative that I don’t do business with companies that dishonestly hide their ID when they call. Futile? Of course. But it’s so frustrating. I don’t have the time or energy to stay on the line with every call to get a company name and then file a complaint. Most are selling solar or home repair services.

    Congress could require phone providers to stop this. Maybe they’ll do it after they gut health care and kill the planet.

  7. “The FTC received nearly 3.5 million robocall complaints in fiscal year 2016, an increase of 60 from the year prior.”
    Do you mean 60%?

    • You didn’t quote (or read ) accurately. The number 60 was followed by the word “percent” written after it.

  8. For the past two years I have gotten anywhere from one to twenty calls a week from creeps selling Cancun vacations. They’re always spoofing actual live numbers in my exchange (206-673-xxxx), a different one each time. The one time I tried calling the number back, I got a guy in my neighborhood who had no idea what I was talking about.

    They always work the same way: the robocall says I’m getting this special offer because I’m a loyal American Express or Expedia customer (I have never been either), and to press one to continue. This gets me a live person who confirms that I am over thirty and have a credit card. This person then connects me to the hard sell, a guy who sounds like he might actually be in Mexico.

    I’ve tried asking what company they work for but I’ve only ever got the non-answer “Cancun vacations”.

    For a long time I got my revenge the only way I could, by connecting through the process and then laying a line of obscene filth on the poor bastard on the other end. Now they mostly recognize my number and hang up before I can tell them what I’m going to do to to their mother on my vacation, but still they keep calling and calling. I’ve gotten six calls in a single day before. I hate them, hate them, hate them so damn much.

    • Oh, yeah, and these bastards leave voice mail too. And I’m not allowed to not pick up — I’m on call, it could be an employee needing help. FML.

    • The calls you’ve received for Cancun vacations are connected to the individual who was recently fined $120 million by the FCC. I know this because I investigated these calls for almost 2 years and handed my findings over to the FCC.

  9. As someone of retirement age, I get six or seven robocalls a day. Much as I would like to track down and punish everyone who tries to waste my time with some solar/construction/medical appliance scam, there are just too many of them. I have a Sentry robocall blocker (available on Amazon), and it works quite well. Still, there is that annoying single ring before the caller gets drawn into a wilderness of Turing tests to prove that he is not a robot. In my view, the only real solution is legislation to make robocalls illegal nationwide, with stiff fines and prison sentences for repeat offenders, and a legal requirement that phone companies shut down robocallers whenever and wherever they appear and provide automatic defenses against robocallers for all their paying customers (Nomorobo, etc.). My time is too valuable to deal with every scam artist on the block — that’s what I pay the Feds to do, and I will contribute to any candidate who makes banning robocalls a part of their platform.

    • Part of the problem is that the law protects telemarketers and other fraudsters. I was shocked to find out I could not request a list of all numbers that called me for the past year. Oh, I could request it, but the phone company wanted to charge me $1,000!

    • The problem is that most of the robocalls that seem to be out there are scams and not connected to any actual legitimate business in any way. From that standpoint, what they are doing is illegal, so why would they stop robocalling, which is also illegal in many, if not most cases? What needs to happen is to find some of these and make examples of them. Maybe even go so far as for certain types of these scams, the government labels them as financial terrorists, and goes after them accordingly. At this point, there is little to no punishment for the folks doing it, so they have nothing to lose by continuing to do so, especially as people keep falling for their scams and they keep making money through them.

    • Personally, I have better things to do that play Whack-A Mole with these guys. By the way, it is illegal to use your smartphone behind the wheel in most states, speed, roll through stop signs, or hack websites but people do it all day long without retribution. This is too big for government. You must take control of the problem yourself. A law without enforcement resources is just words on a page. Police have enough to deal with than investigate a mere nuisance.

  10. I’ve adopted the new paradigm that I use with email. If I don’t recognize the phone number, I don’t answer it. If it is a legitimate call, they’ll leave a voicemail. Nearly all the robocalls I receive do not.
    In addition, some of the 3rd party app reviews imply collection of more data from you the you may wish to provide. It seems that at least one may keep a blacklist of ‘bad’ phone numbers but also a white list of your contacts. I’d say one even borders on a social media platform as well.

    • One of the problems with blocking ‘bad numbers’ is that any number can be relatively easily spoofed due to the telecommunication standards that are in place. The technologies are based on decades old standards that were easily hackable in the 80s, and little to nothing has been done in those standards to shore up the security holes. What can be done is for the anti-spam technologies to do is to look for those signs that the number is spoofed and block accordingly, without having to maintain a whole listing of spam numbers, which in many cases are numbers assigned to legitimate people and businesses.

    • Yea, but when your phone rings off the wall. EVERY. SINGLE. DAY……………

      • You can tolerate it or do something about it. Ignore any number you don’t recognize. Turn off the ringer and check your voice mail often or just dump your land line and rely on cellular instead. You could also do what my kids do — text each other. I’m not sure if they even know how a regular phone works anymore. 😉

      • By the way, I get only two or three robocalls (unrecognized numbers) a MONTH because I screen all calls. Occasionally I lose presence of mind and pick up the phone but once I realize my error I just hang up. I don’t have time for their kind of nonsense.

  11. What do you think about services like this:


    • The owner of that site, Roger, has a Ted Talk which is how I became aware of him. If nothing else everyone should listen to recordings of Roger’s bots chatting up telemarketers and scammers. His system is pretty amazing at fooling scammers into thinking they are talking to a real person.

      An in those situations where you can actually get a callback number for a scammer, like the Windows support jerks, Roger has sometimes used a small bot army that can call and engage them until they finally disconnect their own number. THAT is one effective offensive weapon in this battle.

      Highly Recommended (I have no business or personal connection with the Jolly Roger Phone Company).

      • Kinda gives me a warm fuzzy feeling how I’m wasting their money instead of my time. HA! 😀

      • Jolly Roger Himself

        Well Chris…..your spiel sounds exactly like 3 or 4 other comments on this thread, essentially advertising for Jolly Roger…..almost so similar as to make generally intelligent folks think you are the same person, posting under different names….

  12. Guys in the usa are you not get sick of fraud and scams?
    here in east no scams and frauds

    • Why yes, we are. Should we all come to your country…?

    • “here in east no scams and frauds”

      Hahahaha. You mean there are no scammers that target your own countrymen. Russian and similar scammers don’t go after fellow members of their own country. But the half-dozen romance scams I’ve received from Russian scammers in the last week says otherwise to your claim.

  13. Great article as always, but it doesn’t go quite far enough.

    I signed up for the FTC DNC list not long after it started. Being on the list never seemed to reduce the number of calls, but reporting illegal calls HAS always worked in the past to eventually stop certain kinds of calls. Reporting to the FTC is not hard and only takes a few minutes per report, but I estimate I have spend many hours over the years doing this. My sacrifice for the good of all.

    Then last year I signed up for WeStopTelemarketers.com (Brian, you should learn their story). After you register with WST you can file reports with them and they investigate. If it seems you have a legit claim, they send a demand letter for payment under the TCPA. If the telemarketer does not respond or refuses to pay, the case is referred to a law firm. If there is a settlement I can expect to receive 50% of the amount. To date, none of my claims have been settled, but many are still pending.

    The main thing that you need to file a claim is to be called with a solicitation that plays a prerecorded message or where an “autodialer” is being used. Then you need to be able to identify who is doing the calling OR who is benefiting from the call. My understanding is even if you cannot mail those making the calls, if you can document the call and give them unique information that only they will be given, you can then make the connection later when a company buying the lead contacts you. That company that bought your lead can be sued.

    Until we sue these companies and raise national awareness of the problem, our robo-call woes will not diminish.

    The other type of robo-calls that we may not be able to sue are the ones that appear to originate offshore using tech like MagicJack that are cheap and can be used anywhere with a Internet connection. These are the “Lower your credit card interest rate” calls and “Windows support” calls. For the former which I have been receiving several times a week for over 6 months, I finally located a site using Google that generates fake credit card numbers but pass initial validation. When they call, I act interested in feed them the information including the last 4 of my SSN & my birthdate. Then I enjoy their struggle as they can’t pull up my information and then ask me for the 800 number on the back of the card (which I also have ready) and call support to find out what the problem is. After that I can enjoy them either ask for another card, or try to hurt me with laughable insults. They often say “Why are you wasting my time?” and I say “Because you keep calling me and wasting my time”.

    And for the Windows support calls I also play along as they work hard to convinced me they are real and my computer is really sending many error messages (Average users have no chance with these jerks). So I play along to the point where they tell me to go to a support site and enter in their code so they can take control of my computer and fix the errors. Once I have the final URL and their support code I have some fun with them. Then when they finally give up, I contact the company that hosts the remote control service (Like gotomypc.com or cytrix.com) and report them. These legit companies appreciate the heads up and will close the accounts being used after they investigate.

    • I signed up for the DNC list like you in the very beginning – not much help recently though I think it was marginally effective when it started.

      For my land-line, I turn off my answering machine and let the fax pick up on ring 4 giving me enough time to see caller id on the phone and pick it up. No calls for quite awhile after. Rinse and repeat as needed.

  14. Chris Dagdigian

    Delete this if it comes off as shilling but I use a mobile phone only for work/personal use and I’m getting killed by 10+ robocalls a day pretty consistently.

    Decided to fight back by using http://www.jollyrogertelco.com/ — this dude built a company entirely to mess with robocall spammers by wasting their time and tying up their outbound connectivity. The service basically bridges a software bot onto your phone line and the bot takes over the call and tries very very hard to sound human and waste the spammer’s time for as long as possible.

    Recordings of the best telemarketer meltdowns are posted on their blog and relative to the fun I’m having “fighting back” the cost is totally reasonable. I think I pay $8 bucks for 200 minutes of spam-wasting time on my mobile.

  15. “Some wireless providers now offer additional services and features to help block automated calls. For example, AT&T offers wireless customers its free Call Protect app, which screens incoming calls and flags those that are likely spam calls.”

    AT&T Call Protect: Available to AT&T consumer and business (except Government) postpaid wireless customers with iPhone 6 and above or Android smartphones that are eligible for AT&T HD Voice.

    A total of 21 total devices are eligible for this app and supposed protection – a drop in the bucket compared to the number of A&T subscribers. TL;DR – ABSOLUTELY USELESS.

  16. Metaswitch ( prominent Class 5 SIP switch manufacturer ) provides a service where all calls are forked and if the calling number is in a data base it answers the call without single ring bothering our customer. With 30k subscribers we only have about 20 with serious problems and each one of them have had financial troubles where they were referred to a collections company of which 3 were businesses.

  17. My mondays are usually filled with calls for either a new credit card rate (as in taking credit cards) or my google business listing blah blah.

    I’ve connected through on the google biz listing call and asked which biz they saw problems with. This shows they don’t even have that basic info in front of them.

    Ignoring, of course, only fills up the VM box, so still a problem.

  18. How about making it illegal to spoof a phone number that you don’t own or have written permission to use? It still amazes me that the phone companies and government allow this.

    • The problem isn’t from a legal perspective (if someone is doing something illegal already, why do they care if they do something else illegal, especially as very little is actually done against these scammers), it is a technology standard problem where the underlying technologies of every telecommunications network on the planet is vulnerable to spoofing due to the lack of updated standards to close that gap. It isn’t something easy that can be done quickly (trying to get an ISO updated is a very difficult process), and takes agreements by parties around the world. Plus, even if new standards would be agreed upon, they must be backward compatible in order to avoid telecommunications disruption as it will take years, if not more than a decade, for all telecommunications networks around the globe to be updated, which can involve billions in infrastructure upgrade investments.

  19. I hate robocalls and, even worse, lately they’ve begun costing me money by calling my cell phone and consuming minutes. I found two things that give me a small measure of satisfaction:
    1. Report the caller ID number on “WhoCallsMe”, a user-contributed website where people compare notes on telemarketing numbers.
    2. Connect the call to the “Jolly Roger Telephone Co”, a service that engages the telemarketer with voice robots designed to waste _their_ time. Hilarity ensues. Check it out on YouTube for some of the most egregious examples.

    • Jolly Roger Himself

      Well Barry…..your spiel sounds exactly like 3 or 4 other comments on this thread, essentially advertising for Jolly Roger…..almost so similar as to make generally intelligent folks think you are the same person, posting under different names….

  20. This is why I am thankful I have an android phone. Its easy to block these numbers. I got 80 in my block list now. The other day I got a call out of Arizona and a split second after I got spammed via text from 4 other numbers with multiple media attachments. They seem to all come in burst like its from the same source. A lot of spoofed local numbers too. But I am gonna check out that AT&T app you talk of at the end. I wasn’t aware they had an app for that. Thanks!

    • Checked out the ATT app and I think my phone can do a better job because the ATT app only blocks temporarily. My phone can do it permanently. I also had my voicemail turned off awhile back to keep them from leaving a message. I never used it anyways and none of my friends or family ever would leave a message. They just text me if I don’t answer.

  21. Simple solution: If I don’t recognize the Caller ID display, I don’t pick up the receiver. Most such callers won’t listen through the recorded instructions to leave a message. Local callers will.

  22. I noticed that the number of robocalls / spoofed calls soared around income tax filing time, to the point I considered getting a new cellphone number. (Would that have helped?) I even got a few of the notorious “call the IRS right away at this number” voicemails. But now it has settled down to one or two a day, which is manageable but annoying.

    • Unfortunately no. A new number won’t necessarily help. If the number is a reuse from a pool, it may already have spam associated with it. Worse yet, I’ve known some telco providers to sell customer lists to spammers — received spam on a landline that I had just set up with AT&T, didn’t even know the number yet, yet they had a fair amount of info on me.

  23. I’ve had the most success with the iOS app RoboKiller after trying 4 others apps. The most recent release notes for one that I didn’t have success with, Hiya, says it “support for NPA-NXX scam where scammers spoof first 6 digits of your number.”

  24. Whenever I have the time I always take the robocall. My intent is to turn the call into a frustrating experience for THEM, not me! I listen to the spiel and answer any robo questions to reach a live person. Once connected to a real person I let them know that my number is on the Do Not Call list and I ask them to remove me from their call list with threat of filing a complaint with FTC if I receive any more calls from them.

    I’ve been getting a lot less calls these days as I think they have either purged me from lists and/or flagged me as a time waster!

  25. So – SPF for phone calls, like we have for SMTP servers. Doubt that will work outside the US/Canada, but if it is law, we can try.

    As everyone here knows, SPF doesn’t work well-enough for most people to bother and it breaks some normal email capabilities. For example, an airline with incorrect SPF records that also outsourced their “here’s your boarding pass” emails completely screwed up if my email provider honored SPF.

  26. I don’t get too many robocalls anymore although I used to. They drove me up the wall. I use netTALK which is a Florida based voip. They recently installed call blocking software which has helped a lot.

    In addition I have a CPR Call Blocker that works really well. If the number is on your phone, you hit the big red button and the number is blocked. Ironically, I bought the call blocker right before netTALK installed theirs. Now I get very few annoying phones calls. When I do, I hit that red button. I have a call blocker on my Blackberry as well so not many calls on that anymore either.

  27. I recently saw a Youtube video where a programmer created a script that flooded a scammer’s line with an endless series of robocalls that tied up their lines. Not the best solution in this case, given the number was spoofed, but fun when they do take down the actual perpetrators.

  28. I use mr number app for android phones. I did not register with the no call list this time I got a new number/phone. I seem to get less spam calls.

    I setup mr number to block any call not in contacts and it also automatically blocks any call in their database. Its free and cost nothing.

    Seems to work ok. I find though the more you “give” your number to banks/credit cards etc, the more calls you get.

    • Similar Android apps I’ve used, and with no-ringing from spam callers, or any other caller not in my contacts or whitelist:
      • “Call Blocker” by embware, my preferred blocker.
      • “Call Blocker Free – Blacklist” by NQ Mobile Security — used till I discovered embware’s app which I prefer now.

    • Similar Android apps I’ve used, with no-ringing from spam callers or any other caller not in contacts or whitelist:
      – “Call Blocker” by embware, my preferred blocker.
      – “Call Blocker Free – Blacklist” by NQ Mobile Security — used till I discovered embware’s app which I prefer now.

  29. Well the problem is with the network itself. It is a security problem. The engineering community has been working for some time on a long term solution called STIR/SHAKEN. I’ve been directly involved in the protocol work for some time. The FCC now is proposing it in a new Notice of Inquiry.


    Look for the Call Validation document. I’m extensively quoted.


    • Thank you for your comment bringing attention to the useful technology perspective you provided.

  30. I have another type of robocalls that bother me. I will receive random calls from places all over US (at least that’s what my app says). But when I pick up, it is totally silence on the other side. And after a couple seconds, it just hanged up.

    I am wondering is this also a variant of robocalls and what is it aiming for?

    • A machine is just checking for active numbers. You may soon find yourself on several “call early, call often” lists very soon now that the system knows your line is active.

    • When land lines were more in use, I used to give my friends a machine called a “Telebouncer” that used several automatic technologies that worked on POTs service to ZAP the robot. One of them, for example, sent a signal to the auto dialer of the robot, that indicated it was a dead number or no longer in service; if they blew past that they had to jump through a few more hoops before running into a serious sounding voice saying that this number does not take calls from telemarketers, and then if you were an approved caller you could punch in a number that let you through. They usually went to voice machine, and you could ckeck the caller ID to make sure it wasn’t a known associate. Not one of my friends said the robocallers ever got through. Too bad this doesn’t work on cell phones. I have noticed that in the VOIP world, some exchanges do have a similar message and code dial requirement to reach the desired number. At least that is something.