To put it bluntly and perhaps a bit cynically, on the tree of bad things that people do to other people, this is pretty high-hanging fruit. Right up there next to scam phone calls that prey on the elderly while claiming to be from Microsoft support.
It's basically impossible to catch suspects because they are either smart enough to cover their tracks very well, or (more often) live in countries whose governments don't care about their citizens (even pay them for) scamming westerners.
Hard disagree on the scam phone calls. It would be trivial to eradicate them almost completely if the phone operators did the bare minimum to fight against it. At any point in time, any given US phone number is handled by exactly one phone carrier. There is nothing stopping that carrier from requiring name and address to issue that phone number. They already do for 99.99% of their legitimate customers. It would be very easy to make it so that every single phone call originating from the US, including all VOIP calls made with US phone numbers, can be traced back to a specific business or person that can later be sued or prosecuted.
And no, number spoofing isn't an excuse either. We literally solved the much harder problem of email spoofing already. There are, what, 3 carrier networks in all of US? And they cannot do with each other what DMARC did for the hundreds of thousands disjoint organizations that comprise the internet? Please.
Number spoofing is not a solved problem because some carriers, which appear legitimate in all other respects, make a business out of routing your traffic over TDM trunks that don't support caller ID verification, and will claim it's extremely expensive to upgrade these to VOIP.
Fuck 'em? That's not a insurmountable problem in the slightest. Google or Apple could probably solve this problem themselves by simply not ringing the phone for any call that doesn't meet ID verification.
The behavior of the phone network is set by government regulation. If you refuse to service allowable calls, you are heavily fined or kicked off the network. The government has to update the rules.
I tried to find these rules yesterday (for another comment chain) but couldn't. As far as I could tell, nothing stops the carrier from silently dropping a likely scam call without receiver's knowledge or consent. Do you know which specific regulations would prohibit that?
I'd be 100% happy to block those carriers from calling me. Their users should just get a message that calling my number is not supported and they should try calling me from another device.
Not allowed. The same government rules that stop Google from refusing calls from Apple devices also stop them from refusing calls from whoever is doing this. The government would have to update the rules. They could mandate number verification for all calls, even those passing over TDM trunks, and make it the network's problem to figure out how to do that. The rules currently say that all calls which don't pass through legacy equipment must have verified numbers, so there's a market for making calls take stupid legacy routes on purpose.
>It would be trivial to eradicate them almost completely
Absolutely true, but droning their data centers might have some policy repercussions.
A majority of people would enthusiastically support drone strikes on scam callers and their infrastructure.
Wasn’t that sort of the premise of The Beekeeper?
You are not wrong. They don't do this because they make money from the scammers.
I have posted about this before. See here: https://news.ycombinator.com/item?id=35191971
Yeah 100%. It's criminal that this is not already done.
KYC just for a phone number opens the door for societal ostracization and essentially blacklisting of people from infrastructure. This is on par with being unable to open a bank account if the capability is matured. I'd advise that you think long and hard about the consequences of this system being applied against you maliciously before signing on the dotted line.
There already are laws that would prevent the exact thing you're talking about. A requirement to provide name and address would change absolutely nothing. And if legal protections are not enough for you then what are we even talking about? Your phone carrier could disable all your lines this instant with a few clicks if they wanted to; the technical capability is already there. They also have your name and address from listening to phone calls and triangulating cell towers - though realistically they didn't need to do it because you already gave them your details knowingly and willingly as part of starting the service, didn't you?
I'd advise that you think long and hard about the consequences of the current system before saying the alternative is worse.
> KYC just for a phone number opens the door for societal ostracization and essentially blacklisting of people from infrastructure.
We have that in Europe and the world has not fallen apart. On top of that, we don't have even close to the scale of problems with scammers that the US has. I won't deny we don't have scammers because we absolutely have them, but they are far from the scourge they are in the US.
> This is on par with being unable to open a bank account if the capability is matured.
The secret is... we have constitutionally protected rights. Unless you do not pay your bills, your phone line will not get disconnected. And same for bank accounts - every European has the right to a basic banking account, even if you are a target of foreign sanctions [1].
[1] https://www.tagesschau.de/ausland/europa/konto-eugh-usa-sank...
I'm in the US, I have two 20-year old phone numbers and 1 cell number, none ring through with span or scams.
I wonder why that is? I dont give the numbers out. That's why. Whenever a store says "do you gave a number with us" I say I don't have a cell phone. If they can plainly see I do have a cellphone, I add, "for that."
The second part is shopping at stores that dont tie prices to your having given them a number.
I always wondered why US cannot pressure India to crack down on those scammers? They use phone network, it should not be difficult to find them. Some youtubers even hack into their computers and extract all the info. US probably has a leverage here, they could simply ban Indian companies from working with US if they don't cooperate.
US was so angry about "unfair" tariffs why are they not angry about criminals stealing from Americans?
Saw Microsoft has a dedicated scam reporting page - guess it was damaging their brand https://reportfraud.microsoft.com/en-us
Wonder if they’re effective in going after reports. I’d still report to IC3/FBI/powers that be, too. Just in case someone somewhere has the resources to do something… perhaps a high hope
I get more calls from Google Security than any other thing. Oddly the Pixel's built in scam detection and call screening lets them through without fail. I normally don't have my phone even ring unless it's in my contacts, but saying you are calling from Google is like a magic code.
They must have whitelisted the word Google. Very useful to scammers.