03
Aug 20

Robocall Legal Advocate Leaks Customer Data

A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers.

The Blacklist Alliance provides technologies and services to marketing firms concerned about lawsuits under the Telephone Consumer Protection Act (TCPA), a 1991 law that restricts the making of telemarketing calls through the use of automatic telephone dialing systems and artificial or prerecorded voice messages. The TCPA prohibits contact with consumers — even via text messages — unless the company has “prior express consent” to contact the consumer.

With statutory damages of $500 to $1,500 per call, the TCPA has prompted a flood of lawsuits over the years. From the telemarketer’s perspective, the TCPA can present something of a legal minefield in certain situations, such as when a phone number belonging to someone who’d previously given consent gets reassigned to another subscriber.

Enter The Blacklist Alliance, which promises to help marketers avoid TCPA legal snares set by “professional plaintiffs and class action attorneys seeking to cash in on the TCPA.” According to the Blacklist, one of the “dirty tricks” used by TCPA “frequent filers” includes “phone flipping,” or registering multiple prepaid cell phone numbers to receive calls intended for the person to whom a number was previously registered.

Lawyers representing TCPA claimants typically redact their clients’ personal information from legal filings to protect them from retaliation and to keep their contact information private. The Blacklist Alliance researches TCPA cases to uncover the phone numbers of plaintiffs and sells this data in the form of list-scrubbing services to telemarketers.

“TCPA predators operate like malware,” The Blacklist explains on its website. “Our Litigation Firewall isolates the infection and protects you from harm. Scrub against active plaintiffs, pre litigation complainers, active attorneys, attorney associates, and more. Use our robust API to seamlessly scrub these high-risk numbers from your outbound campaigns and inbound calls, or adjust your suppression settings to fit your individual requirements and appetite for risk.”

Unfortunately for the Blacklist paying customers and for people represented by attorneys filing TCPA lawsuits, the Blacklist’s own Web site until late last week leaked reams of data to anyone with a Web browser. Thousands of documents, emails, spreadsheets, images and the names tied to countless mobile phone numbers all could be viewed or downloaded without authentication from the domain theblacklist.click.

The directory also included all 388 Blacklist customer API keys, as well as each customer’s phone number, employer, username and password (scrambled with the relatively weak MD5 password hashing algorithm).

The leaked Blacklist customer database points to various companies you might expect to see using automated calling systems to generate business, including real estate and life insurance providers, credit repair companies and a long list of online advertising firms and individual digital marketing specialists.

The very first account in the leaked Blacklist user database corresponds to its CEO Seth Heyman, an attorney in southern California. Mr. Heyman did not respond to multiple requests for comment, although The Blacklist stopped leaking its database not long after that contact request.

Two other accounts marked as administrators were among the third and sixth registered users in the database; those correspond to two individuals at Riip Digital, a California-based email marketing concern that serves a diverse range of clients in the lead generation business, from debt relief and timeshare companies, to real estate firms and CBD vendors.

Riip Digital did not respond to requests for comment. But According to Spamhaus, an anti-spam group relied upon by many Internet service providers (ISPs) to block unsolicited junk email, the company has a storied history of so-called “snowshoe spamming,” which involves junk email purveyors who try to avoid spam filters and blacklists by spreading their spam-sending systems across a broad swath of domains and Internet addresses.

The irony of this data leak is that marketers who constantly scrape the Web for consumer contact data may not realize the source of the information, and end up feeding it into automated systems that peddle dubious wares and services via automated phone calls and text messages. To the extent this data is used to generate sales leads that are then sold to others, such a leak could end up causing more legal problems for The Blacklist’s customers.

The Blacklist and their clients talk a lot about technologies that they say separate automated telephonic communications from dime-a-dozen robocalls, such as software that delivers recorded statements that are manually selected by a live agent. But for your average person, this is likely a distinction without a difference.

Robocalls are permitted for political candidates, but beyond that if the recording is a sales message and you haven’t given your written permission to get calls from the company on the other end, the call is illegal. According to the Federal Trade Commission (FTC), companies are using auto-dialers to send out thousands of phone calls every minute for an incredibly low cost.

In fiscal year 2019, the FTC received 3.78 million complaints about robocalls. Readers may be able to avoid some marketing calls by registering their mobile number with the Do Not Call registry, but the list appears to do little to deter all automated calls — particularly scam calls that spoof their real number. If and when you do receive robocalls, consider reporting them to the FTC.

Some wireless providers now offer additional services and features to help block automated calls. For example, AT&T offers wireless customers its free Call Protect app, which screens incoming calls and flags those that are likely spam calls. See the FCC’s robocall resource page for links to resources at your mobile provider. In addition, there are a number of third-party mobile apps designed to block spammy calls, such as Nomorobo and TrueCaller.

Obviously, not all telemarketing is spammy or scammy. I have friends and relatives who’ve worked at non-profits that rely a great deal on fundraising over the phone. Nevertheless, readers who are fed up with telemarketing calls may find some catharsis in the Jolly Roger Telephone Company, which offers subscribers a choice of automated bots that keep telemarketers engaged for several minutes. The service lets subscribers choose which callers should get the bot treatment, and then records the result.

For my part, the volume of automated calls hitting my mobile number got so bad that I recently enabled a setting on my smart phone to simply send to voicemail all calls from numbers that aren’t already in my contacts list. This may not be a solution for everyone, but since then I haven’t received a single spammy jingle.

Tags: , , , , , , , , , ,

66 comments

  1. Wow, Brian, please share how did you find that “send all straight to voicemail” setting? I guess you’re on Android and iOS probably doesn’t support it. I literally get tens of calls throughout the day and night that are all crap. And text messages too.

    • After they call you – always block the number. Always!

      • What good does that do? They are all spoofed numbers anyway!

        • Now spoofing is gone. T-Mobile charge $4 a month and for it I’ll show the REAL phone # of the Spoofer and it’ll block it.

          • So… T-Mobile is charging for something they SHOULD deliver for free, and if they can do it the others can too… to bad Congress or the FCC won’t get involved.

          • Spoofing is far from gone. It might be harder to spoof phone numbers that are live on the destination carrier’s network – and only sometimes – but the underlying SS7 issues that enabled NOBUS spying on phones as well as general ANI spoofing is alive and well in the hand’s of very nontechnical people.

      • Have a Samsung, it won’t accept any more numbers to be blocked!!!

    • Always block those numbers after phone call. Always

      • In these pandemic times, I have been unable to get a straight answer about whether there is a limit to the amount of numbers that can be blocked, and whether such a limit is administered by the wireless company or the handset maker. I do, however, report all spam texts and spam voicemails to my wireless provider along with the originating phone number.

        • If only the phone OS had baked-in a way to subscribe to auto-updated blocklists, which you can contribute to via the method we already use, blocking numbers after the fact

          But that sort of functionality goes against Google’s primary core of monetizing all marketing advantages, both now & in the future

        • It would seem a lot of things are breaking down.
          https://climate.law.columbia.edu/Silencing-Science-Tracker
          E.g., Tainter and Tainter/Patzek would point out the broad spectrum of costs for complex technologies – and the failures of complexity under pressures for which they were not designed (like pandemics, Holocene/Anthropocene handover, etc.).

      • None of this stuff works with POTS line phones, and none of the other types of phones work (for long) in the event of natural disaster or even a long-term power outage. What can those of us who actually want a phone that _always works_ do?

    • On iPhone:
      Go to Settings > Do Not Disturb > Allow Calls From then
      Select Everyone, No One, or Favorites; alternatively, select a group

    • No, it’s iPhones that have that setting. I don’t think Androids do. On an iPhone it’s Settings/Phone/Silence Unknown Callers.

      • Of course Android phones have that feature.

        Tap the phone icon on your Android, which is usually at the bottom of the home screen.

        Tap the three dots at the top of the Phone app screen.

        Tap “Settings” in the dropdown menu.

        Tap “Block numbers” and then toggle the button beside “Block unknown callers” to green.

        • Android 7, I have a setting called ‘Filter spam calls’, but I suspect it only works by sending Google the data so they can gain a marketing advantage over their competitors. Same for the other setting on the same screen ‘See caller and spam ID’

          There’s some boiler-plate below that which gives it away: ‘Google will attempt to show you useful information when you make or receive a call, such as a name for a number not in your contacts or a warning when an incoming call is suspected to be spam.’

          So if I enable either or both of these settings, the meta-data on every call I receive or make is sent to Google. I would assume my own device ID & phone number will also be tagged into that gold mine of data!

          I would prefer something more self-contained that does not require sending data out off of my device in order to function. Something simple like just sending all calls to voicemail if they are not on my contact list

    • On iOS: Settings>Phone>Silence Unknown Callers

    • Your assumption about iPhone call-blocking is incorrect. It is available to ALL iPhones running the latest version of IOS! iPhones as old as the 2015 iPhone 6/6S can run the newest version of IOS.

      My understanding is that it isn’t true for a lot of Android phones. Quite a few will never be able to run a version that has the call-blocking option because the vendor or service provider has chosen not to provide the update, or in some cases, they cannot offer it because the particular version of the OS does not and will not provide it.

    • IOS does support the setting to send all calls from numbers not in your contact list to voicemail. I have it set on mine. Go to Settings, Phone then select the Silence Unknown Callers options.

    • I used a similar but different trick. I made a silent ringtone. That ringtone is my default. If you are in my address book, I set a non-default ringtone. Now my phone doesn’t ring at all unless you are in my address book.

      It’s not perfect, because sometimes I do get a legit call not in my address book, but it is better than what I had.

    • iPhone has had this capability for at least a year.

      Settings/Phone/Call Silencing and Blocked Contacts: Silence Unknown Callers

  2. There was a recent thread on the Tmobile subreddit where ordinary end users were getting their texts dropped if they sent too many texts with the word “belly.” This is suspected to be an attempt by Tmobile to stop spam via texting.

  3. The robocallers just spoof another number and recall you if no answer. Blocking feels good but really accomplishes virtually nothing. Unless you block 000-000-0000 through 999-999-9999. Except for your actual contact numbers and there’s probably an app for that. 🙂

    • Indeed mad dog, I get around 4 call from “Sandra” every day trying to help me cancel my time share (and I have no time share).

      So wish I could cash in on the $500 – $1500 per call, but every call comes from a random number. The call back number is always the same though, maybe Brian can track em down?

      (209)887-6520… Just ask for “Sandra” (although she never seems to be there)

      • DelilahtheSober

        Thank you. I added this phone number to an existing blocked contact in my iPhone that I named Zspam.

  4. So where might this bounty be, Good Sir?

    • You might use donotpay.com as a resource to get a bounty from robocalls:

      Here’s a write up of the service:
      https://www.theverge.com/2020/2/13/21135940/donotpay-sue-robocallers-do-not-call-registry-telephone-consumer-protection-act

      Here’s the service:
      https://donotpay.com/learn/report-robocall/

      • It looks like donotpay doesn’t sue the robocallers themselves… but rather donotpay is a subscription based (3 bucks a month) automated legal help system that will show you how to file a lawsuit yourself.

        But this Krebs article shows that giving your personal information to threaten legal action, can backfire since that was the data that leaked.

        So congrats, you paid 3 dollars, gave dnp your personal information such as phone number and bank account information, thinking that it would only be used to receive money… and now you personal info is breached, you keep getting charged a subscription fee, and there is little to no chance of getting a settlement.

        • And regarding other sketchy legal “get paid by robocaller” schemes…

          It’s interesting though. This scheme may have worked for a few people in the past… but considering the “affiliate program”, where people make money selling this to others (MLM down line, pyramid scheme style)… you cannot trust anyone who say this is still working. This approach to robocalls may have dried up a while ago, but people will still claim it works even if it doesn’t.

          So this guy created a “kit” which is just a template for a “demand letter” (a pre-litigation document that anyone can write), and a set of beginner level instructions on social engineering… that basically blackmails the scammer into sending a settlement check.
          All for $47? Not bad profit for something you can produce for free.

          There seems to be a lot of problems with this approach.

          1) Only robocalls to cell phones, as landlines don’t apply with the same set of laws that this exploits.

          2) Only robocalls that allow you to speak to a real person (wait, or press number), as any robot that simply tells you to go to a website or call a number, basically invalidates any claim of being “unsolicited”.

          3) Robocalls must originate in the US, and have a US based mailing address. The ever popular neighbor spoofing (where the number appears with your own area code and prefix) are NOT actually from the US. Most likely from other countries.

          4) Robocallers don’t often fall for the beginner level social engineering tactics to get their real names, phone numbers and physical address. Not after the first few times. Even if based in the US, these callers have been coached to provide ONLY the basic information to get money FROM YOU, which is NOT the same information you need to get money FROM THEM.

          5) These shady companies may have paid out thousands to these clever people in the beginning. But this very article shows they are getting wise to “professional plaintiffs”. They will adjust their caller training to make sure they don’t even know the real mailing address. And pretty soon (if not already) they will simple ignore all “demand letters”, especially ones that are based on a common template. They will figure out that these are coming from “professional plaintiffs” who simply had $47 to spend, but not actually willing to pay for a real lawyer and sue them. Demand letters are ignored all the time. You can only bluff for so long.

          • JamminJ, I’m not saying “Robo Revenge” is a great service because I just don’t know anything about it. But you’re wrong about a lot of basic robo-revenge tactics here. For example, you said in quotes below:

            “1) Only robocalls to cell phones, as landlines don’t apply with the same set of laws that this exploits.”

            It’s illegal to call a landline that’s on the national Do-Not-Call registry, per Title 47 U.S.C. §227(c)(3) and Title 47 C.F.R. §64.1200 (c)(2). You can easily get a judge to give you a minimum $500 per call for violations of that. Every call is a separate violation, and you’re under no obligation to answer any call and tell them to quit calling you before you sue them. It’s also illegal per Title 47 U.S.C. §227(b) “initiate any telephone call to any residential telephone line using an artificial or prerecorded voice to deliver a message without the prior express consent of the called party…” That means those prerecorded messages to your landline are also worth $500 per call to you — and you have the perfect proof they did it in the prerecorded message they left on your answering machine! Play it for the judge and he or she will give you a judgment for $500 per call – or up to $3,000 per call, depending on how many sections of the TCPA they broke.

            “2) Only robocalls that allow you to speak to a real person (wait, or press number), as any robot that simply tells you to go to a website or call a number, basically invalidates any claim of being “unsolicited”.”

            What you’ve just said here is what regularly spews noisily and noisomely out of the north end of a southbound bull. Because the only way to find out who called you is to “go to that website or call that number,” after they called you, it’s not a “solicited” call under the law. That call to you broke the law, and just because you took some action after they broke the law doesn’t build a time machine that lets them go back to before the call and unbreak the law by not calling you. Judges understand this quite well and will always rule in your favor about this issue. They know that you have to “Press 1” to find out who called you, and they will always will rule that your “Press 1” didn’t give the caller prior express consent to call you.

            “3) Robocalls must originate in the US, and have a US based mailing address. The ever popular neighbor spoofing (where the number appears with your own area code and prefix) are NOT actually from the US. Most likely from other countries.”

            At least 80% of spoofed calls that originate outside the U.S. are from third-world call centers that are trying to get you to buy something from a scammy company in the U.S. You sue the company in the U.S., of course, not the foreign call center because the the U.S. company has money and the foreign call center doesn’t. You have to prove liability by the U.S. company. That’s not hard to do when you can show they’re paying some call center in the third world to make tens or hundreds of thousands of illegal calls every week.

            “4) Robocallers don’t often fall for the beginner level social engineering tactics to get their real names, phone numbers and physical address. Not after the first few times. Even if based in the US, these callers have been coached to provide ONLY the basic information to get money FROM YOU, which is NOT the same information you need to get money FROM THEM.”

            Again, what you’ve said there is what regularly plops out of the south end of a northbound horse. First, you don’t often need to get the name and location of the people who call you. Most of time, you got called by a foreign call center that’s generating leads for a scammy U.S. company. You don’t want to sue the call center because they don’t have money. You want to sue the U.S. company they represent, who are easy to identify by social engineering. It’s easy to get those companies to fall for “beginner level social engineering” because 1) they so rarely get sued, and 2) they’re very stupid or they wouldn’t be calling you illegally, and 3) they desperately want to sell you something you don’t want and need, so they’ll get careless to do it. You buy something from them with a credit card that has a low dollar limit and then you reverse the charge. You’re only out $50, and your credit card receipt tells you who they are, or the worthless back brace / alarm system / whatever crap they sold you tells you that in great detail. You’re “playing customer,” and it works at least 90% of the time. It’s beginner-level detective work, and it’s TONS of fun!

            • I know I didn’t specifically mention it… but I was talking only about robocalls dot cash, as some “affiliate” dropped a link here in the comments (now deleted).
              From their FAQ: “What’s better than stopping your own robocalls, and making robocallers pay you? Helping other people do the same, and getting paid for THAT! Visit our AFFILIATE AREA to create your affiliate account, and start making commissions for referring your friends, family, and others to this site to purchase the “Turning Robocalls Into Cash” kit…”

              1) They explicitly mention that they don’t support landlines. Probably because the law isn’t as favorable to quick litigation or blackmail.
              From their FAQ: “Does the kit work for landlines?
              No. While there is some overlap in the federal laws that govern robocalls, the kit is designed specifically to deal with robocalls to your CELL PHONE, and not your landline.”

              2) You’re probably right in theory. But remember… this scheme is NOT about actually suing the company in court or getting a reasonable judge or jury to understand. This is about getting a quick settlement with a threatening demand letter. The victim is not convincing a judge here, the victim is convincing the perpetrator that they have them by the balls and there is no way out other than sending a check. That is MUCH harder to do, if the robocaller knows they are just leaving voicemail.
              “What about robocalls that are recordings, not actual people? [Doc] Compton says generally those calls want you to call or visit a website. That website or phone number is your first step toward knowing who to go after with the demand letter.”
              So yeah, you can try. However, there is no indication if anyone has had success with those robocallers. From the testimonials they like to publish, they tend to have success when robocallers call them.

              3) Again, that may work for a fully litigated lawsuit with a lawyer. A lawsuit will cut through the layers of obscurity… but a demand letter won’t. They won’t even respond to it. That is why these Robocall Revenge people say don’t bother if the robocaller is overseas. Just drop it and wait for another fish because it will waste your time and effort.

              4) Funny phrase, but no need to repeat it. “Generating Leads for” may be a good argument in court. But a demand letter isn’t gonna get a response, and really unlikely to get a settlement check.
              “You buy something from them with a credit card that has a low dollar limit and then you reverse the charge.”
              Yeah, that’s a cool approach I’ve seen before. It works. Be careful not to do it too often, or your bank fraud team may have something to say. It might not be legal or within your bank’s policy to intentionally do this again and again just for revenge or to get a payday from a robocaller.

              Whether these tactics worked in 2018 and 2019, is not really disputed. It’s whether they still work in 2020 and will continue to work.
              This very Krebs article talks about the robocallers working with companies whose business model is solely to identify and avoid these “professional plaintiffs”. For this to work consistently, the recipient of a demand letter needs to believe the bluff that it is likely to lead to a lawsuit. Over time, they are getting wise to this bluff. They understand that most of the demand letters are from people who cannot afford to litigate. The more people who try this, the less effective it becomes. Which explains why this idea surged in 2019. When did The Blacklist Alliance start providing services to robocallers?
              When’s the last time you got a response from a demand letter, and more importantly, when’s the last time a check was received?
              The are already fighting back. They aren’t going to just settle every demand letter. So do not expect these tactics to work anymore.

              The Blacklist Alliance Mission Statement:
              “Reducing the Risk: Risk reduction is delivered in two ways: (1) Through our Litigation Firewall, comprised of a dynamic database populated with the numbers of thousands of professional TCPA plaintiffs and attorneys; and (2) robust online compliance training and legal resources offered through our Blacklist Academy compliance platform. Working in symmetry, these dynamic solutions make dialing safe for a better night’s sleep.
              Minimizing the Impact: If you’re served or even threatened with a lawsuit, our solution includes Prepaid Attorney Services and representation to alleviate the financial burden of defending yourself.”

  5. I have a great solution for telemarketers, especially of the scammy kind. Since they now make one wait for a prolonged period of time, I can set up a session where they can talk to my friend Howley. Howley makes an appearance in the link below. So you get this all prepped on the computer, set the cell phone next to a good speaker, and then…

    “Music playing on hold… … (Them, in heavy Mumbai British accent) Hi, can I ask you the model and year of your car. (Me) Sure, hold up a sec, Hey Honey, the guy is on the phone!” … Then Click Play

    Meet Howley!
    https://www.youtube.com/watch?v=PYar0dkZ6v8

  6. I just saw the same article published at https://osint.geekcq.com/2020/08/03/robocall-legal-advocate-leaks-customer-data/
    Brian are you the author of both under some content sharing arrangement? Or did they steal your stuff, or what’s the deal?

    You do not need to post my comment on your blog, I just wanted to make sure you were aware of it. I’ve personally had to issue 2 takedown notices this week for content I wrote some years ago. One was to a major U.S. university.
    Best wishes, Brad

    • No, that site is not mine nor do they have permission to republish my stories.

      I’ve lost count of how many sites now are doing the same thing. People think because I have a full text RSS feed that it’s somehow okay to take my content and republish it on their site. The most frustrating part of it is when I do reach out to sites about this, it’s often well-meaning people who are fans but who nevertheless admit they never considered that I would mind.

      I guess for some people free content means they do what they like with it, including republishing it. Plenty of people say they view this behavior as somehow beneficial, that it expands the potential audience of this site. In most cases, however, it does nothing of the sort and only confuses readers.

      • There are some aggregators who only post the first few lines and then you have click the “Read more..” link to go to the original article.

        Do you object to that also?

      • I would think some enforcement of copyright law would send a good message.

        One tech giant, just prior to launching his social media platform, visited my writer’s group and asked for donations of ‘content’ for his about to be launched website. When asked what form of copyright he was offering, he responded, ‘I hadn’t thought about it.’

        Had he bothered to look around the site before barging in to beg for donations he would have noted that he had walked into a room filled with highly skilled (present company excepted) writers who were making a living from their writing. Copyright, indeed, was a big issue for everyone in the room.

        I believe it was our resident attorney-slash- mystery writer who took the time to respond by suggesting he come back when he was willing to pay.

        I believe there are more than a few of our tech giants who would rather not be bothered with such trivial issues as copyright law.

        Is it any wonder the public has little regard for copyright?

  7. My phone doesn’t have the option to send all calls to voicemail unless they are on my contacts

    Is there any advice on how to add this? It’s an android device

    I have a contact I created named ‘Spam’, who I keep adding numbers to whenever my voicemail does catch an automated calling service. I’ve set this contact to not ring & go direct to voicemail

    The service’s do not recognize the fact they are talking over my answering message, so I hear their spiels in mid-stride when my VM does finally begin recording

    ‘Spam’ has over 50 phone numbers & counting. But it’s a PITA to keep adding numbers & also to screen all my calls before answering

    • On android phones turn on “Do Not Disturb” and all calls will go to voicemail.

    • Timothy J. McGowan

      To block unknown callers on Android:

      I’m using a Samsung running Android 8.0, for what it’s worth.

      Tap to open the dialer, simply named Phone on my device. Tap the three dots at top right. Choose Settings. Choose “Block numbers.” Tap to toggle “Block unknown callers.”

  8. Obviously a problem with the phone carriers who won’t block spammers. And who won’t stop spoofing addresses.

    There must be some $$ in those worthless calls.

    Just like junk emails and junk postal mails.

  9. I received a scammer call not that long ago where the number they spoofed was a friend. So contact list checking is not 100% foolproof.

  10. The Sunshine State

    The Federal Trade Commission needs to do a lot more when it comes to the problem of Robo-Calling

  11. How do we get hold of this data about the robocaller tribe?

    For one thing we need to put on the list for our robocall development labs, so they can be involved in Beta testing.

  12. Years ago I took a temp IT job at a tele-marketer, and boy, could I tell you some stories. This was before the federal Do Not Call law, so there was a patchwork of state laws. And this company, despite doing work for a lot of big banks (among others), did not give one whit about them.

    Many states charged fees to tele-marketers for the lists in hopes of recouping some of their costs. This place decided to take their chances. I was only there for about three months, but during that time one state did sue them. I’m foggy on the details, but if I recall, they simply had the guy who managed the auto-dialer filter out all numbers in that state.

    They also stole pretty much all of the software they used. I actually emailed the BSA after quitting since they were stealing from Microsoft, Oracle, and others.

    I’d love to think their behavior hurt them, but apparently not. At the time they had two call centers, but their website now shows them with call centers in 7 states and a couple of other countries.

  13. The Robokiller app I installed on my Android phone catches most spam calls.

  14. I got an Idea, give the robocall marketers all the terrorists phone numbers, they they will get sick of it and blow up the robocall centers!
    Its a win win!!

    Lets all go have a beer and nap

  15. The Blacklist Alliance = scumbags from hell!

    Great article Brian, and you have the best quality readers and comments from them in the industry! A great big thumbs up for everybody here!

  16. This is Karma of the highest order… now we can only wish that thousands of people will call them repeatedly.

  17. Jeff Strubberg

    The real solution to this is don’t allow spoofing of numbers. This is being worked on. STIR/SHAKEN was supposed to be mandated in 2020, but as we know other distractions have taken over.

  18. Every day I get telemarketing calls.
    Today I told the caller to let their boss know I am looking for him to pull his eyes out and eat them.
    Of course I was just kidding, I wouldn’t eat them.
    I cannot block unknown numbers for my job.
    I can forgive the twit hackers, but not telemarketers.

  19. This will be bloody. Aside from the companies that totally need that TCPA beating there is some TCPA misuse with some individuals who specifically look for these flaws to file a lawsuit on bigger companies. For instance, opt out not working right for fraud alerts or it charged for data use because it combined two text messages and so on. Since they just leaked litigation ready individuals…good lord.

  20. Alphonse LaRue

    Brian, you wrote, “Robocalls are permitted for political candidates…” This is mostly wrong. The Telephone Consumer Protection Act ( Title 47 U.S.C. 227), passed in 1991, makes political robocalls and automated political text messages to cellphones illegal without prior express written consent of the recipient, but political robocalls to landline phones are legal. The Supreme Court ruled on this just a few weeks ago in Barr v. American Association of Political Consultants. According to a site that writes about Supreme Court decisions, “After the court’s ruling, political robocalls are still illegal, but so are robocalls to collect government-backed debts — showing, perhaps, that dislike of robocalls spans ideological differences.”

    Here’s the guidance about this issue (https://www.fcc.gov/political-campaign-robocalls-robotexts) from the FCC, which regulates the TCPA:

    Political campaign-related autodialed or prerecorded voice calls (including autodialed live calls, prerecorded voice messages, and text messages) are:
    – Not allowed to cell phones, pagers, or other mobile devices without the called party’s prior express consent.
    – Not allowed to protected phone lines such as emergency or toll-free lines, or lines serving hospitals or similar facilities, unless made with the called party’s prior express consent.
    – Allowed when made to landline telephones, even without prior express consent.

    The Trump campaign got sued in 2016 for initiating robocalls to cellphones, as did the Obama campaign in 2015. Beto O’Rourke’s Senate campaign got sued in 2018 for sending text messages to cellphones. Many other political campaigns have been sued for robocalls and automated text messages.

    Just remember this: Political robocalls and text messages to cellphones are always illegal without the prior express written consent of the recipient. You can sue your least favorite politician for it and gain a minimum of $500 per call or text. What’s stopping you?

    • “What’s stopping you?”
      Not knowing who “they” are.
      I will not buy the “extended warrantee” to try and find out, as it likely won’t help.

  21. Errrr...TrueCaller...

    …Weren’t they breached too?

  22. Brian,

    Wish we (end consumers) could get our hands on the names, emails, landline and cell numbers of the people behind this robo-industry.

    Then pass it all on to select (cough, cough) groups of aspiring young gentleman and ladies looking to re-gain esteem from past wayward online activities, fund them from what I imagine would be gladly contributed Kickstarter monies from us ‘end consumers’, and turn them loose as they cry havoc and let slip the robo-dogs of war.

  23. Over time the industry traceback group should make a dent in robocalls. It is now formally recognized by FCC as the central coordinator of robo traceback. For thoroughness, I think Brian should mention it in coverage of this issue.

    https://www.ustelecom.org/the-ustelecom-industry-traceback-group-itg/

  24. Does anyone have a site or information about how to actually file a TCPA lawsuit ?

    Is it difficult ?

    I get spam texts from only one entity, and I’ve been saving them up for the suit.
    It’s pretty much slam-dunk – they didn’t do much to hide their identity.

    • Alphonse LaRue

      “Does anyone have a site or information about how to actually file a TCPA lawsuit ?

      Is it difficult ?”

      It’s easy. The hard part is getting them to settle, but it’s not too hard. I know someone who made $25,000 in his first year suing telemarketers. They all settled. Once you get into the big money, say over $20K per claim, it gets a lot harder because they’ll fight it out in court.

      In some states, it’s easy to sue under the TCPA because you can do it in small claims court. But your state’s small claims court must give you “long-arm jurisdiction” if you want to sue someone outside your state. Most telemarketers are in Florida, California, New York, New Jersey, Arizona, and Nevada. Florida’s the worst. If your state lets you sue someone outside your state in small-claims court or its equivalent, it’s a piece of cake, but there’s a dollar limit on how much you can get in small-claims court: typically $5,000 to $10,000.

      If you can’t sue under the TCPA in small-claims court, you have to go to a higher court, where it gets a lot harder. To find out how to sue in federal court under the TCPA, get a PACER account (public access to court electronic records), which gives you access to all documents filed in all federal lawsuits. Then search for all suits filed in your state in category 890. Other Statutory Actions. Those are mostly TCPA suits. Or just Google “TCPA summons and complaint” and you’ll find a bunch of documents. Read those and start learning about the TCPA and you’re on your way down the rabbit hole.

      • Getting them to settle has gotten much harder…. because so many people have been bluffing, and flooding them with demand letters. The percentage of victims willing to sue, has gone way down, because the number of cheap demand letters sent went way up.

        That is why robocallers are no longer trying to handle legal threats themselves…

        The Blacklist Alliance Mission Statement:
        “Our mission is to reduce the risk and minimize the impact of abusive TCPA litigation, and provide our members with the tools they need to maintain compliance and profitability in a highly regulated environment.
        Reducing the Risk: Risk reduction is delivered in two ways: (1) Through our Litigation Firewall, comprised of a dynamic database populated with the numbers of thousands of professional TCPA plaintiffs and attorneys; and (2) robust online compliance training and legal resources offered through our Blacklist Academy compliance platform. Working in symmetry, these dynamic solutions make dialing safe for a better night’s sleep.
        Minimizing the Impact: If you’re served or even threatened with a lawsuit, our solution includes Prepaid Attorney Services and representation to alleviate the financial burden of defending yourself.”

  25. I as using Should-I-Answer app on Android, for robocalls.
    It works using a user database of know telemarketers and you would have various levels of blocking. I worked pretty well.

    On my new phone I just installed it but now it seems to require you to use their phone app as well, and I don’t really like it so put that experiment on pause.
    You might like it though.
    And there are other similar apps.

  26. If you are posting instructions for iPhones, it would be helpful if you note the iOS version too. The settings vary depending on the version and not everyone is running the latest version. . .

  27. The article is dated “Aug 20” ….