Are any of you starting to get AI robocalls?

HAL hal.lightwood at tbaytel.net
Thu Apr 5 19:34:08 UTC 2018


 I've worked at a telco for 15 years and I can say this problem is not
going away anytime soon. The issue is the SS7 network that carriers use
inherently trusts calls from long distance trunks without verification...
I've analyzed incoming spoofed calls from our STP and they all come from
foreign point codes on the SS7 network somewhere else in the world.  One
potential solution was to block incoming calls from an LD trunk with a
local NXX, but since number portability came into play this would also
block legitimate calls and couldn't be implemented without also having a
whitelist of ported numbers to let through. While you could in theory
customize your SS7 STP to do this, the manufactures of that equipment are
not very interested in that development work without being paid to do it,
and since the FCC/CRTC and other regulatory bodies haven't forced it yet...
nobody is voluntarily going to cough up the $$$.

This is very similar, in a way, to how email used to be in the 90s.. with
open SMTP relays all over the place and anyone could spoof email.. all you
need to do to access it is have some sort of digital interface (like a PRI
for example) to be able to connect directly and specify (ie spoof) your ANI
when placing a call).

*--*


On Thu, Apr 5, 2018 at 1:44 PM, Dovid Bender <dovid at telecurve.com> wrote:

> On Thu, Apr 5, 2018 at 11:12 AM, Brian <brian at nc-ct.net> wrote:
>
> > On Thu, 2018-04-05 at 07:55 -0700, Brian Kantor wrote:
> >
> > > So the logical conclusion is that caller ID is useless as an
> > > anti-vspam measure and the situation is hopeless, so the only
> > > solution is to not personally answer the phone at all -- let voice
> > > mail take a message.
> >
> > Pretty much. We've received calls here with the CID displaying as our
> > own info, and others coming up as a neighbor's number. Some even appear
> > as law enforcement when they're scammers looking for donations to
> > charities that don't exist. I suppose if you're going to commit one
> > crime, go for broke.
> >
> > > This is what I have adopted on my personal landline.  With the
> > > ringers disconnected.  Although I get probably a half-dozen incoming
> > > calls a day, perhaps one a week will leave a message.  Most of those
> > > messages are recorded announcements that started playing even before
> > > the voicemail greeting finished.
> >
> > I've been enjoying quiet on a VoIP line with asterisk. Those who I
> > know/expect/desire calls from I can route them directly to my extension,
> > those others get the IVR. It works parallel to IP routing. I can go a
> > few days without hearing my phone ring yet my logs are filled with
> > spammers/telemarketing calls. Robo-dialers have no clue which extension
> > a human may be at, and I've been doing this for over 15 years with great
> > success. With a digium wildcard, this can work for POTS lines as well.
> >
> >
> >
>
> A simple "Thank you for calling the line of $NAME. To prove you are not a
> robot press 1". That seems to weed out most of them.
>

-- 


This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they are 
addressed. If you have received this email in error please notify the 
system manager. This message contains confidential information and is 
intended only for the individual named. If you are not the named addressee 
you should not disseminate, distribute or copy this email. Please notify 
the sender immediately by e-mail if you have received this email by mistake 
and delete this e-mail from your system. If you are not the intended 
recipient you are notified that disclosing, copying, distributing or taking 
any action in reliance on the contents of this information is strictly 
prohibited.


More information about the NANOG mailing list