Your phone has just been better protected against unwanted calls. But it’s not sure yet

If you haven’t been notified recently that your car warranty has expired, something has gone wrong with your Social Security account, or you’re in big trouble with the Internal Revenue Service, you shouldn’t have a phone.

These are just some of the most popular messages delivered by call bots, which often hide behind spoofed numbers to trick you into answering. RoboKiller, a company that makes technology to identify fake calls, estimated that Americans were inundated with more than 72 billion spam calls in 2021, a 32% increase from 2020. Spammers rang Californians’ phones more than 7 billion times, RoboKiller estimated.

On Thursday, the Federal Communications Commission took another step to identify and potentially block spam calls, closing one of the major gaps in its enforcement efforts. The commission voted unanimously to extend its crackdown on caller ID spoofing — that is, callers who disguise the phone number they’re using — to gateways handling incoming calls to the United States from other countries.

This is good news for people tired of getting spam likely calls. But that doesn’t mean it’s safe to pick up the phone every time it rings – at least not yet.

International gateways targeted by Thursday’s rule have seen an increasing number of spam calls since the FCC began attacking spoofing in 2019 through technical standards known as STIR/SHAKEN. The standards, which major telephone companies have been required to implement, verify caller ID information as it passes from carrier to carrier along the call route .

STIR/SHAKEN does not block spam by itself. Instead, it helps carriers identify calls with spoofed IDs, which they can use other technologies to block. And in some cases, it can help identify calls an international gateway has to block or face rejection of all of its traffic by the U.S. carriers it connects to, a commission spokesperson said in an e-mail. mail.

Adding the international gateways to STIR/SHAKEN is “the right move,” said general manager Jim Dalton of TransNexus, a company that helps carriers implement the standards. “Unless you have STIR and SHAKEN all over the place,” Dalton explained, “it’s worthless. It’s like a bucket with a hole in it.

And to date, there have been many holes. Unlike the days of the Ma Bell monopoly, when there were relatively few companies involved in transmitting a telephone call, today’s system is like a brigade passing a call from one operator to another, a said Giulia Porter, Vice President of RoboKiller. . And not all companies in this chain have been required to pass verified caller ID information.

So far, Dalton said, only about 25% of all calls reach their destination with accurate caller ID information. Another gap in the STIR/SHAKEN chain is expected to close in late June, when smaller carriers that have seen a high volume of spoofed calls will be required to implement the standards. But that will still leave a wide avenue for spoofed calls, Dalton said, because STIR/SHAKEN only applies to networks that transmit calls over Internet Protocol, such as those operated by cable TV and service providers. wireless. “Legacy” networks that forward calls as they did before the Internet revolutionized telephony are not covered.

The FCC told the industry to find a way to stop spoofing on legacy networks, Dalton said, and it did. “The technology is there and it works,” he said. “But nobody’s going to deploy it until there’s a warrant.”

By the way, STIR/SHAKEN’s shortcomings and spammers’ frequent use of spoofing is why it doesn’t seem to do anything when you tell your phone to block a spammer’s number, said To carry. The number you are blocking is probably not the one used to call you.

Stopping fraudulent calls is only part of the solution. According to the commission’s estimate, more than half of spam calls come from numbers that are not spoofed.

One way to solve this problem, Porter said, is to assign a reputation score to numbers that reflects how often they are used for spam. This score could then be used by carriers to identify and block likely sources of unsolicited calls.

This type of analysis is used by internet service providers to direct unsolicited mass emails to spam folders. Phone companies also use it to mark calls “Spam Likely,” a less than foolproof designation that leaves it up to consumers to decide whether or not to take the call. The more calls that have verified caller ID information, the more effective the analysis will be.

Keep in mind that not all unsolicited calls are scams and not all are illegal. The Supreme Court ruled last year that robocalls only violate federal law if numbers are dialed randomly or sequentially. If the caller purposely dials your number because it’s on a targeted list, you’re fair game.

There are several ways to try to defend yourself, such as joining the Federal Trade Commission’s Do Not Call Registry to deter unsolicited sales calls or using an app to block potentially spurious calls. However, spammers and scammers have been so successful at circumventing these barriers that some people have decided to only answer calls from people they know. When the caller leaves no voicemail, that’s a pretty good sign that it’s spam.

But these defenses won’t stop spam, which is a growing scourge. RoboKiller estimates that Americans received nearly 88 billion spam messages last year, a 58% jump from the previous year. Many of them are phishing scams that try to trick you into clicking a link that will install malware or extract sensitive personal information from you. STIR/SHAKEN has no effect on them. And the FCC has yet to act on Chairman Jessica Rosenworcel’s proposal to block them.

This story originally appeared in the Los Angeles Times.

About Sandra A. Powell

Check Also

Why advanced email protection is more important than ever

The transition to hybrid working has been a complex journey that many organizations across the …