Re: Are any of you starting to get AI robocalls?

[Mark Milhollan]

One can analyze the calling frequency, but even that's problematic as it 
can penalize a successful customer that isn't scamming.  Besides as HAL 
wrote many of these calls are not originating in NA.  If digital 
residential lines hadn't died they might make the original source 
visible making it easier to decide if the call seems legit, but for now 
an auto-attendant seems the easiest solution.


/mark

Re: Are any of you starting to get AI robocalls?

[HAL]

 I've worked at a telco for 15 years and I can say this problem is not
going away anytime soon. The issue is the SS7 network that carriers use
inherently trusts calls from long distance trunks without verification...
I've analyzed incoming spoofed calls from our STP and they all come from
foreign point codes on the SS7 network somewhere else in the world.  One
potential solution was to block incoming calls from an LD trunk with a
local NXX, but since number portability came into play this would also
block legitimate calls and couldn't be implemented without also having a
whitelist of ported numbers to let through. While you could in theory
customize your SS7 STP to do this, the manufactures of that equipment are
not very interested in that development work without being paid to do it,
and since the FCC/CRTC and other regulatory bodies haven't forced it yet...
nobody is voluntarily going to cough up the $$$.

This is very similar, in a way, to how email used to be in the 90s.. with
open SMTP relays all over the place and anyone could spoof email.. all you
need to do to access it is have some sort of digital interface (like a PRI
for example) to be able to connect directly and specify (ie spoof) your ANI
when placing a call).

*--*


On Thu, Apr 5, 2018 at 1:44 PM, Dovid Bender  wrote:

> On Thu, Apr 5, 2018 at 11:12 AM, Brian  wrote:
>
> > On Thu, 2018-04-05 at 07:55 -0700, Brian Kantor wrote:
> >
> > > So the logical conclusion is that caller ID is useless as an
> > > anti-vspam measure and the situation is hopeless, so the only
> > > solution is to not personally answer the phone at all -- let voice
> > > mail take a message.
> >
> > Pretty much. We've received calls here with the CID displaying as our
> > own info, and others coming up as a neighbor's number. Some even appear
> > as law enforcement when they're scammers looking for donations to
> > charities that don't exist. I suppose if you're going to commit one
> > crime, go for broke.
> >
> > > This is what I have adopted on my personal landline.  With the
> > > ringers disconnected.  Although I get probably a half-dozen incoming
> > > calls a day, perhaps one a week will leave a message.  Most of those
> > > messages are recorded announcements that started playing even before
> > > the voicemail greeting finished.
> >
> > I've been enjoying quiet on a VoIP line with asterisk. Those who I
> > know/expect/desire calls from I can route them directly to my extension,
> > those others get the IVR. It works parallel to IP routing. I can go a
> > few days without hearing my phone ring yet my logs are filled with
> > spammers/telemarketing calls. Robo-dialers have no clue which extension
> > a human may be at, and I've been doing this for over 15 years with great
> > success. With a digium wildcard, this can work for POTS lines as well.
> >
> >
> >
>
> A simple "Thank you for calling the line of $NAME. To prove you are not a
> robot press 1". That seems to weed out most of them.
>

-- 


This email and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they are 
addressed. If you have received this email in error please notify the 
system manager. This message contains confidential information and is 
intended only for the individual named. If you are not the named addressee 
you should not disseminate, distribute or copy this email. Please notify 
the sender immediately by e-mail if you have received this email by mistake 
and delete this e-mail from your system. If you are not the intended 
recipient you are notified that disclosing, copying, distributing or taking 
any action in reliance on the contents of this information is strictly 
prohibited.

Re: Are any of you starting to get AI robocalls?

[Dovid Bender]

On Thu, Apr 5, 2018 at 11:12 AM, Brian  wrote:

> On Thu, 2018-04-05 at 07:55 -0700, Brian Kantor wrote:
>
> > So the logical conclusion is that caller ID is useless as an
> > anti-vspam measure and the situation is hopeless, so the only
> > solution is to not personally answer the phone at all -- let voice
> > mail take a message.
>
> Pretty much. We've received calls here with the CID displaying as our
> own info, and others coming up as a neighbor's number. Some even appear
> as law enforcement when they're scammers looking for donations to
> charities that don't exist. I suppose if you're going to commit one
> crime, go for broke.
>
> > This is what I have adopted on my personal landline.  With the
> > ringers disconnected.  Although I get probably a half-dozen incoming
> > calls a day, perhaps one a week will leave a message.  Most of those
> > messages are recorded announcements that started playing even before
> > the voicemail greeting finished.
>
> I've been enjoying quiet on a VoIP line with asterisk. Those who I
> know/expect/desire calls from I can route them directly to my extension,
> those others get the IVR. It works parallel to IP routing. I can go a
> few days without hearing my phone ring yet my logs are filled with
> spammers/telemarketing calls. Robo-dialers have no clue which extension
> a human may be at, and I've been doing this for over 15 years with great
> success. With a digium wildcard, this can work for POTS lines as well.
>
>
>

A simple "Thank you for calling the line of $NAME. To prove you are not a
robot press 1". That seems to weed out most of them.

RE: Are any of you starting to get AI robocalls?

[Naslund, Steve]

There are plenty of ways to handle that.

There are P-asserted identities that can be passed with the call in addition to 
the CLID.  In SIP, there is also call history data that can give you all of the 
PBX hops identified.

If a customer with a PBX wants to forward calls back into the PSTN then the 
carrier can have an option to allow them to do that but they better also have a 
way of tracking those calls since they are open to abuse and they are obscuring 
the routing of the call.  I am OK with that as long as the carrier is 
responsible for tracking back any abuse complaints.

I do think every PBX in the call path should be identified.  We have had 
instances where some stupid PBX is forwarding calls to the wrong number 
generating abuse complaints that track back to the wrong place because the PBX 
forwarded the original caller-id.  So you call that person back and they 
correctly claim that they never called you.

Steven Naslund
Chicago IL

>-Original Message-
>From: Dovid Bender [mailto:do...@telecurve.com] 
>Sent: Thursday, April 05, 2018 9:07 AM
>To: Naslund, Steve; NANOG list
>Subject: Re: Are any of you starting to get AI robocalls?
>
>Steve,
>
>Any customer with a PBX has a valid reason to pass CLI that isn't theirs if 
>they are passing through a call.  
>
>
>Regards,
>
>Dovid

Re: Are any of you starting to get AI robocalls?

[Brian]

On Thu, 2018-04-05 at 07:55 -0700, Brian Kantor wrote:

> So the logical conclusion is that caller ID is useless as an
> anti-vspam measure and the situation is hopeless, so the only
> solution is to not personally answer the phone at all -- let voice
> mail take a message.

Pretty much. We've received calls here with the CID displaying as our
own info, and others coming up as a neighbor's number. Some even appear
as law enforcement when they're scammers looking for donations to
charities that don't exist. I suppose if you're going to commit one
crime, go for broke.

> This is what I have adopted on my personal landline.  With the
> ringers disconnected.  Although I get probably a half-dozen incoming
> calls a day, perhaps one a week will leave a message.  Most of those
> messages are recorded announcements that started playing even before
> the voicemail greeting finished.

I've been enjoying quiet on a VoIP line with asterisk. Those who I
know/expect/desire calls from I can route them directly to my extension,
those others get the IVR. It works parallel to IP routing. I can go a
few days without hearing my phone ring yet my logs are filled with
spammers/telemarketing calls. Robo-dialers have no clue which extension
a human may be at, and I've been doing this for over 15 years with great
success. With a digium wildcard, this can work for POTS lines as well.

Re: Are any of you starting to get AI robocalls?

[Brian Kantor]

On Thu, Apr 05, 2018 at 10:20:29AM -0400, William Herrin wrote:
> For example, Vonage implementing Simultaneous Ring, you want to see
> the original caller id on your cell phone, not your vonage number even
> though Vonage is bridging the call to your cell phone.
> 
> More, the PBX may have trunks from multiple vendors and may use a
> different outbound vendor than the call arrives on, so you can't even
> reliably implement a rule that the outbound caller ID is rejected
> unless there's an active inbound call with the same caller id.
> 
> Regards,
> Bill Herrin

So the logical conclusion is that caller ID is useless as an
anti-vspam measure and the situation is hopeless, so the only
solution is to not personally answer the phone at all -- let voice
mail take a message.

This is what I have adopted on my personal landline.  With the
ringers disconnected.  Although I get probably a half-dozen incoming
calls a day, perhaps one a week will leave a message.  Most of those
messages are recorded announcements that started playing even before
the voicemail greeting finished.
- Brian

Re: Are any of you starting to get AI robocalls?

[William Herrin]

On Thu, Apr 5, 2018 at 10:06 AM, Dovid Bender  wrote:
> Any customer with a PBX has a valid reason to pass CLI that isn't theirs if 
> they are passing through a call.

Hi Dovid,

For example, Vonage implementing Simultaneous Ring, you want to see
the original caller id on your cell phone, not your vonage number even
though Vonage is bridging the call to your cell phone.

More, the PBX may have trunks from multiple vendors and may use a
different outbound vendor than the call arrives on, so you can't even
reliably implement a rule that the outbound caller ID is rejected
unless there's an active inbound call with the same caller id.

Regards,
Bill Herrin


-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 

Re: Are any of you starting to get AI robocalls?

[Dovid Bender]

Steve,

Any customer with a PBX has a valid reason to pass CLI that isn't theirs if 
they are passing through a call.  


Regards,

Dovid


  Original Message  
From: snasl...@medline.com
Sent: April 5, 2018 10:03
To: nanog@nanog.org
Subject: RE: Are any of you starting to get AI robocalls?

If the scam caller is spoofing the numbers then I am not quite sure how 
T-Mobile can implement the block without blocking the legit owner of the 
number.  The way to correct this as an industry is for them to inspect the 
caller-id coming in from their customer and if that customer does not own the 
number or toll free DN they are presenting, the call gets blocked.  I know they 
can do this because our SIP carrier AT will not accept outbound calls from us 
unless we present a number assigned to our account so they can bill back for 
the call.  Truthfully, the carriers do not have a real incentive to stop this 
because someone is paying to make all of those calls.  I don't believe for a 
minute that they could not stop this immediately.  A simple rule that you 
cannot make a commercial call without presenting a valid callback number would 
fix this.  There is also the FTC problem.  They do almost nothing to stop the 
violations of the Do Not Call list and you get nothing out of reporting the 
violations.  If the enforcement was anywhere near the requirements of the DCMA 
regulations, this would be reduced drastically.  First step would be to make 
the carriers liable for providing service to these scammers, then they might 
actually care.


Steven Naslund
Chicago IL





-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Ca By
Sent: Thursday, April 05, 2018 7:43 AM
To: Shawn L
Cc: nanog@nanog.org
Subject: Re: Are any of you starting to get AI robocalls?

On Wed, Apr 4, 2018 at 4:19 PM Shawn L via NANOG  wrote:

>
> Honestly, most carriers I've talked to are fed up as well, and just 
> want to find a way to make it stop.  As some one said, it's exactly 
> like BCP38
> ---  the carriers that care keep their clients from spoofing caller 
> id, etc.  The ones that don't make everyone else look bad.
>

Some carriers have a free scam call block feature

https://newsroom.t-mobile.com/news-and-blogs/scam-block.htm

RE: Are any of you starting to get AI robocalls?

[Naslund, Steve]

If the scam caller is spoofing the numbers then I am not quite sure how 
T-Mobile can implement the block without blocking the legit owner of the 
number.  The way to correct this as an industry is for them to inspect the 
caller-id coming in from their customer and if that customer does not own the 
number or toll free DN they are presenting, the call gets blocked.  I know they 
can do this because our SIP carrier AT will not accept outbound calls from us 
unless we present a number assigned to our account so they can bill back for 
the call.  Truthfully, the carriers do not have a real incentive to stop this 
because someone is paying to make all of those calls.  I don't believe for a 
minute that they could not stop this immediately.  A simple rule that you 
cannot make a commercial call without presenting a valid callback number would 
fix this.  There is also the FTC problem.  They do almost nothing to stop the 
violations of the Do Not Call list and you get nothing out of reporting the 
violations.  If the enforcement was anywhere near the requirements of the DCMA 
regulations, this would be reduced drastically.  First step would be to make 
the carriers liable for providing service to these scammers, then they might 
actually care.


Steven Naslund
Chicago IL





-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Ca By
Sent: Thursday, April 05, 2018 7:43 AM
To: Shawn L
Cc: nanog@nanog.org
Subject: Re: Are any of you starting to get AI robocalls?

On Wed, Apr 4, 2018 at 4:19 PM Shawn L via NANOG  wrote:

>
> Honestly, most carriers I've talked to are fed up as well, and just 
> want to find a way to make it stop.  As some one said, it's exactly 
> like BCP38
> ---  the carriers that care keep their clients from spoofing caller 
> id, etc.  The ones that don't make everyone else look bad.
>

Some carriers have a free scam call block feature

https://newsroom.t-mobile.com/news-and-blogs/scam-block.htm

Re: Are any of you starting to get AI robocalls?

[Ca By]

On Wed, Apr 4, 2018 at 4:19 PM Shawn L via NANOG  wrote:

>
> Honestly, most carriers I've talked to are fed up as well, and just want
> to find a way to make it stop.  As some one said, it's exactly like BCP38
> ---  the carriers that care keep their clients from spoofing caller id,
> etc.  The ones that don't make everyone else look bad.
>

Some carriers have a free scam call block feature

https://newsroom.t-mobile.com/news-and-blogs/scam-block.htm




> -Original Message-
> From: "Keith Medcalf" 
> Sent: Wednesday, April 4, 2018 7:04pm
> To: "nanog@nanog.org" 
> Subject: RE: Are any of you starting to get AI robocalls?
>
>
>
> Why would the carriers want to do anything? They are making money from
> call termination fees.
>
>
> ---
> The fact that there's a Highway to Hell but only a Stairway to Heaven says
> a lot about anticipated traffic volume.
>
> >-Original Message-
> >From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Sean
> >Pedersen
> >Sent: Wednesday, 4 April, 2018 08:45
> >To: nanog@nanog.org
> >Subject: RE: Are any of you starting to get AI robocalls?
> >
> >Yep. Add it to the list of IRS scams, fake arrest warrants, credit
> >repair, free vacations, etc. The rate of calls has increased
> >dramatically in the past year, especially with the "neighborhood
> >scam" where they spoof their CLID to a local area code and prefix +
> > through  and blast you with calls, trying to trick you into
> >thinking it's someone local and thus important or legitimate.
> >
> >I have a second phone I use for work and on-call, so that goes on DND
> >from 6PM to 6AM with a VIP list of people/numbers that can ring
> >through. No problems there, and somehow that number isn't (yet) on
> >anyone's list, so I don't get many calls.
> >
> >On my personal cell, I started to use an app called Hiya that has
> >been pretty successful. It's available for both iPhone and Android.
> >It powers a lot of the carrier-specific apps like AT Call Protect,
> >but unlike them, it doesn't suck. It's a giant database of reports
> >that rate calling numbers and classify them as fraud, scam,
> >neighborhood spoofing, etc. and you can flag them or route them right
> >to voicemail. The only time it doesn’t work is when it hasn't updated
> >its list in a little while and a few sneak through. They just
> >realized a premium version that added some features. I haven't
> >explored it yet.
> >
> >Went from about 20 calls a week to almost nothing.
> >
> >Carriers seem to be either uncapable or unwilling to address the
> >issue other than the occasional lip-service reply about "taking
> >customer's $variable seriously."
> >
> >-Original Message-
> >From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William
> >Herrin
> >Sent: Tuesday, April 3, 2018 3:32 PM
> >To: nanog@nanog.org
> >Subject: Are any of you starting to get AI robocalls?
> >
> >Howdy.
> >
> >Have any of you started to get AI robocalls? I've had a couple of
> >calls recently where I get the connect silence of a predictive dialer
> >followed by a woman speaking with call center background noise. She
> >gives her name and asks how I'm doing. The first time it happened it
> >seemed off for reasons I can't quite articulate, so I asked: "Are you
> >a robot or a person?" She responded "yes" and then launched in to a
> >sales pitch. The next time I asked, "where can I direct your call?"
> >She responded "that's good" and launched in to her pitch.
> >
> >Regards,
> >Bill Herrin
> >
> >
> >--
> >William Herrin  her...@dirtside.com b...@herrin.us
> >Dirtside Systems . Web: 
>
>
>
>
>
>

Re: Are any of you starting to get AI robocalls?

[Merve Sahin]

There is also Lenny :
https://www.youtube.com/playlist?list=PLduL71_GKzHHk4hLga0nOGWrXlhl-i_3g

And here is our paper on using chatbots against voice spam:
https://www.usenix.org/conference/soups2017/technical-sessions/presentation/sahin

It seems the future of voice spam will be the chatbots talking to each
other!

Merve

On 04/04/2018 17:08, Jim Shankland wrote:
> On 4/4/18 7:44 AM, Sean Pedersen wrote:
>> Yep. Add it to the list of IRS scams, fake arrest warrants, credit
>> repair, free vacations, etc. The rate of calls has increased
>> dramatically in the past year, especially with the "neighborhood scam"
>> where they spoof their CLID to a local area code and prefix + 
>> through  and blast you with calls, trying to trick you into
>> thinking it's someone local and thus important or legitimate.
>>
> Let me also put in a good word for the Jolly Roger Telephone Co.
> (http://www.jollyrogertelco.com). Don't just defend, fight back.
> 
> Jim
> 

Re: Are any of you starting to get AI robocalls?

[Dovid Bender]

As carriers who get these calls for our clients we hate them. Short
duration calls have the same cost as far as channels, keeping cdr's etc yet
since they are so short there isn't much to be made. This is worse then
BCP38 since with the internet there is no reason for anyone at home or a
small office to be sending out a packet that is not with their IP. When it
comes to telephony say I have a PBX, I get a call and then want to send it
out to my on call tech. I want him to see the real callers number. I need
to now "spoof" that number so my tech see's the real caller. There is a lot
more room for abuse. Now the carriers terminating the calls (the ones
getting them from the spammers) they love them. Since it's dialer/short
termination they can charge and arm and a leg.


On Wed, Apr 4, 2018 at 7:17 PM, Shawn L via NANOG  wrote:

>
> Honestly, most carriers I've talked to are fed up as well, and just want
> to find a way to make it stop.  As some one said, it's exactly like BCP38
> ---  the carriers that care keep their clients from spoofing caller id,
> etc.  The ones that don't make everyone else look bad.
>
> -Original Message-
> From: "Keith Medcalf" 
> Sent: Wednesday, April 4, 2018 7:04pm
> To: "nanog@nanog.org" 
> Subject: RE: Are any of you starting to get AI robocalls?
>
>
>
> Why would the carriers want to do anything? They are making money from
> call termination fees.
>
>
> ---
> The fact that there's a Highway to Hell but only a Stairway to Heaven says
> a lot about anticipated traffic volume.
>
> >-Original Message-
> >From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Sean
> >Pedersen
> >Sent: Wednesday, 4 April, 2018 08:45
> >To: nanog@nanog.org
> >Subject: RE: Are any of you starting to get AI robocalls?
> >
> >Yep. Add it to the list of IRS scams, fake arrest warrants, credit
> >repair, free vacations, etc. The rate of calls has increased
> >dramatically in the past year, especially with the "neighborhood
> >scam" where they spoof their CLID to a local area code and prefix +
> > through  and blast you with calls, trying to trick you into
> >thinking it's someone local and thus important or legitimate.
> >
> >I have a second phone I use for work and on-call, so that goes on DND
> >from 6PM to 6AM with a VIP list of people/numbers that can ring
> >through. No problems there, and somehow that number isn't (yet) on
> >anyone's list, so I don't get many calls.
> >
> >On my personal cell, I started to use an app called Hiya that has
> >been pretty successful. It's available for both iPhone and Android.
> >It powers a lot of the carrier-specific apps like AT Call Protect,
> >but unlike them, it doesn't suck. It's a giant database of reports
> >that rate calling numbers and classify them as fraud, scam,
> >neighborhood spoofing, etc. and you can flag them or route them right
> >to voicemail. The only time it doesn’t work is when it hasn't updated
> >its list in a little while and a few sneak through. They just
> >realized a premium version that added some features. I haven't
> >explored it yet.
> >
> >Went from about 20 calls a week to almost nothing.
> >
> >Carriers seem to be either uncapable or unwilling to address the
> >issue other than the occasional lip-service reply about "taking
> >customer's $variable seriously."
> >
> >-Original Message-
> >From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William
> >Herrin
> >Sent: Tuesday, April 3, 2018 3:32 PM
> >To: nanog@nanog.org
> >Subject: Are any of you starting to get AI robocalls?
> >
> >Howdy.
> >
> >Have any of you started to get AI robocalls? I've had a couple of
> >calls recently where I get the connect silence of a predictive dialer
> >followed by a woman speaking with call center background noise. She
> >gives her name and asks how I'm doing. The first time it happened it
> >seemed off for reasons I can't quite articulate, so I asked: "Are you
> >a robot or a person?" She responded "yes" and then launched in to a
> >sales pitch. The next time I asked, "where can I direct your call?"
> >She responded "that's good" and launched in to her pitch.
> >
> >Regards,
> >Bill Herrin
> >
> >
> >--
> >William Herrin  her...@dirtside.com b...@herrin.us
> >Dirtside Systems . Web: 
>
>
>
>
>
>

RE: Are any of you starting to get AI robocalls?

[Shawn L via NANOG]

Honestly, most carriers I've talked to are fed up as well, and just want to 
find a way to make it stop.  As some one said, it's exactly like BCP38 ---  the 
carriers that care keep their clients from spoofing caller id, etc.  The ones 
that don't make everyone else look bad.

-Original Message-
From: "Keith Medcalf" 
Sent: Wednesday, April 4, 2018 7:04pm
To: "nanog@nanog.org" 
Subject: RE: Are any of you starting to get AI robocalls?



Why would the carriers want to do anything? They are making money from call 
termination fees.


---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a 
lot about anticipated traffic volume.

>-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Sean
>Pedersen
>Sent: Wednesday, 4 April, 2018 08:45
>To: nanog@nanog.org
>Subject: RE: Are any of you starting to get AI robocalls?
>
>Yep. Add it to the list of IRS scams, fake arrest warrants, credit
>repair, free vacations, etc. The rate of calls has increased
>dramatically in the past year, especially with the "neighborhood
>scam" where they spoof their CLID to a local area code and prefix +
> through  and blast you with calls, trying to trick you into
>thinking it's someone local and thus important or legitimate.
>
>I have a second phone I use for work and on-call, so that goes on DND
>from 6PM to 6AM with a VIP list of people/numbers that can ring
>through. No problems there, and somehow that number isn't (yet) on
>anyone's list, so I don't get many calls.
>
>On my personal cell, I started to use an app called Hiya that has
>been pretty successful. It's available for both iPhone and Android.
>It powers a lot of the carrier-specific apps like AT Call Protect,
>but unlike them, it doesn't suck. It's a giant database of reports
>that rate calling numbers and classify them as fraud, scam,
>neighborhood spoofing, etc. and you can flag them or route them right
>to voicemail. The only time it doesn’t work is when it hasn't updated
>its list in a little while and a few sneak through. They just
>realized a premium version that added some features. I haven't
>explored it yet.
>
>Went from about 20 calls a week to almost nothing.
>
>Carriers seem to be either uncapable or unwilling to address the
>issue other than the occasional lip-service reply about "taking
>customer's $variable seriously."
>
>-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William
>Herrin
>Sent: Tuesday, April 3, 2018 3:32 PM
>To: nanog@nanog.org
>Subject: Are any of you starting to get AI robocalls?
>
>Howdy.
>
>Have any of you started to get AI robocalls? I've had a couple of
>calls recently where I get the connect silence of a predictive dialer
>followed by a woman speaking with call center background noise. She
>gives her name and asks how I'm doing. The first time it happened it
>seemed off for reasons I can't quite articulate, so I asked: "Are you
>a robot or a person?" She responded "yes" and then launched in to a
>sales pitch. The next time I asked, "where can I direct your call?"
>She responded "that's good" and launched in to her pitch.
>
>Regards,
>Bill Herrin
>
>
>--
>William Herrin  her...@dirtside.com b...@herrin.us
>Dirtside Systems . Web: 

RE: Are any of you starting to get AI robocalls?

[Keith Medcalf]

Why would the carriers want to do anything?  They are making money from call 
termination fees.


---
The fact that there's a Highway to Hell but only a Stairway to Heaven says a 
lot about anticipated traffic volume.

>-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of Sean
>Pedersen
>Sent: Wednesday, 4 April, 2018 08:45
>To: nanog@nanog.org
>Subject: RE: Are any of you starting to get AI robocalls?
>
>Yep. Add it to the list of IRS scams, fake arrest warrants, credit
>repair, free vacations, etc. The rate of calls has increased
>dramatically in the past year, especially with the "neighborhood
>scam" where they spoof their CLID to a local area code and prefix +
> through  and blast you with calls, trying to trick you into
>thinking it's someone local and thus important or legitimate.
>
>I have a second phone I use for work and on-call, so that goes on DND
>from 6PM to 6AM with a VIP list of people/numbers that can ring
>through. No problems there, and somehow that number isn't (yet) on
>anyone's list, so I don't get many calls.
>
>On my personal cell, I started to use an app called Hiya that has
>been pretty successful. It's available for both iPhone and Android.
>It powers a lot of the carrier-specific apps like AT Call Protect,
>but unlike them, it doesn't suck. It's a giant database of reports
>that rate calling numbers and classify them as fraud, scam,
>neighborhood spoofing, etc. and you can flag them or route them right
>to voicemail. The only time it doesn’t work is when it hasn't updated
>its list in a little while and a few sneak through. They just
>realized a premium version that added some features. I haven't
>explored it yet.
>
>Went from about 20 calls a week to almost nothing.
>
>Carriers seem to be either uncapable or unwilling to address the
>issue other than the occasional lip-service reply about "taking
>customer's $variable seriously."
>
>-Original Message-
>From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William
>Herrin
>Sent: Tuesday, April 3, 2018 3:32 PM
>To: nanog@nanog.org
>Subject: Are any of you starting to get AI robocalls?
>
>Howdy.
>
>Have any of you started to get AI robocalls? I've had a couple of
>calls recently where I get the connect silence of a predictive dialer
>followed by a woman speaking with call center background noise. She
>gives her name and asks how I'm doing. The first time it happened it
>seemed off for reasons I can't quite articulate, so I asked: "Are you
>a robot or a person?" She responded "yes" and then launched in to a
>sales pitch. The next time I asked, "where can I direct your call?"
>She responded "that's good" and launched in to her pitch.
>
>Regards,
>Bill Herrin
>
>
>--
>William Herrin  her...@dirtside.com  b...@herrin.us
>Dirtside Systems . Web: 

Re: Are any of you starting to get AI robocalls?

[John Levine]

In article  you write:
>> do it, and the spoofing is nearly impossible to trace back to the origin, so 
>> those who do it can safely ignore other laws because they know they won't be 
>> caught.
>
>Forward to an 800, grab it from the ANI versus CID?

Won't help.  If you do the forward, the ANI is yours.

Re: Are any of you starting to get AI robocalls?

[Jim Shankland]

On 4/4/18 7:44 AM, Sean Pedersen wrote:

Yep. Add it to the list of IRS scams, fake arrest warrants, credit repair, free 
vacations, etc. The rate of calls has increased dramatically in the past year, especially 
with the "neighborhood scam" where they spoof their CLID to a local area code 
and prefix +  through  and blast you with calls, trying to trick you into 
thinking it's someone local and thus important or legitimate.

Let me also put in a good word for the Jolly Roger Telephone Co. 
(http://www.jollyrogertelco.com). Don't just defend, fight back.


Jim

RE: Are any of you starting to get AI robocalls?

[Sean Pedersen]

Yep. Add it to the list of IRS scams, fake arrest warrants, credit repair, free 
vacations, etc. The rate of calls has increased dramatically in the past year, 
especially with the "neighborhood scam" where they spoof their CLID to a local 
area code and prefix +  through  and blast you with calls, trying to 
trick you into thinking it's someone local and thus important or legitimate.

I have a second phone I use for work and on-call, so that goes on DND from 6PM 
to 6AM with a VIP list of people/numbers that can ring through. No problems 
there, and somehow that number isn't (yet) on anyone's list, so I don't get 
many calls.

On my personal cell, I started to use an app called Hiya that has been pretty 
successful. It's available for both iPhone and Android. It powers a lot of the 
carrier-specific apps like AT Call Protect, but unlike them, it doesn't suck. 
It's a giant database of reports that rate calling numbers and classify them as 
fraud, scam, neighborhood spoofing, etc. and you can flag them or route them 
right to voicemail. The only time it doesn’t work is when it hasn't updated its 
list in a little while and a few sneak through. They just realized a premium 
version that added some features. I haven't explored it yet.

Went from about 20 calls a week to almost nothing.

Carriers seem to be either uncapable or unwilling to address the issue other 
than the occasional lip-service reply about "taking customer's $variable 
seriously." 

-Original Message-
From: NANOG [mailto:nanog-boun...@nanog.org] On Behalf Of William Herrin
Sent: Tuesday, April 3, 2018 3:32 PM
To: nanog@nanog.org
Subject: Are any of you starting to get AI robocalls?

Howdy.

Have any of you started to get AI robocalls? I've had a couple of
calls recently where I get the connect silence of a predictive dialer
followed by a woman speaking with call center background noise. She
gives her name and asks how I'm doing. The first time it happened it
seemed off for reasons I can't quite articulate, so I asked: "Are you
a robot or a person?" She responded "yes" and then launched in to a
sales pitch. The next time I asked, "where can I direct your call?"
She responded "that's good" and launched in to her pitch.

Regards,
Bill Herrin


-- 
William Herrin  her...@dirtside.com  b...@herrin.us
Dirtside Systems . Web: 

Re: Are any of you starting to get AI robocalls?

[Ethan O'Toole]

do it, and the spoofing is nearly impossible to trace back to the origin, so 
those who do it can safely ignore other laws because they know they won't be 
caught.


Forward to an 800, grab it from the ANI versus CID?

- Ethan O'Toole

Re: Are any of you starting to get AI robocalls?

[Ken Chase]

And revenues wont be impacted because few have a cell for voice
anymore. With increasing data reliability we can move to voip
on phones and provider of choice who offer proper filtering and our
our own skill testing AI attendants

(Im thinking something along the lines of 'unladen swallow'.)

/kc


On Tue, Apr 03, 2018 at 07:26:36PM -0400, Jon Lewis said:
  >On Tue, 3 Apr 2018, Ken Chase wrote:
  >
  >>All this boils my blood. I am not sure why/how spoofing ph#s is legal. I get
  >>sms mass spam too.
  >
  >Whether or not its legal is irrelevant.  It's trivial to do if your link
  >to the PSTN is digital and you have a provider not filtering based on sent
  >caller-id.  It's kind of the PSTN version of the Internet's BCP-38 issue.
  >All providers should be filtering based on "valid" caller-id...but so many
  >don't do it, and the spoofing is nearly impossible to trace back to the
  >origin, so those who do it can safely ignore other laws because they know
  >they won't be caught.
  >
  >--
  > Jon Lewis, MCP :)   |  I route
  > |  therefore you are
  >_ http://www.lewis.org/~jlewis/pgp for PGP public key_

-- 
Ken Chase - m...@sizone.org Guelph Canada

Re: Are any of you starting to get AI robocalls?

[Jon Lewis]

On Tue, 3 Apr 2018, Ken Chase wrote:


All this boils my blood. I am not sure why/how spoofing ph#s is legal. I get
sms mass spam too.


Whether or not its legal is irrelevant.  It's trivial to do if your link 
to the PSTN is digital and you have a provider not filtering based on sent 
caller-id.  It's kind of the PSTN version of the Internet's BCP-38 issue. 
All providers should be filtering based on "valid" caller-id...but so many 
don't do it, and the spoofing is nearly impossible to trace back to the 
origin, so those who do it can safely ignore other laws because they know 
they won't be caught.


--
 Jon Lewis, MCP :)   |  I route
 |  therefore you are
_ http://www.lewis.org/~jlewis/pgp for PGP public key_

Re: Are any of you starting to get AI robocalls?

[joel jaeggli]

On 4/3/18 3:32 PM, William Herrin wrote:
> Howdy.
>
> Have any of you started to get AI robocalls? I've had a couple of
> calls recently where I get the connect silence of a predictive dialer
> followed by a woman speaking with call center background noise. She
> gives her name and asks how I'm doing. The first time it happened it
> seemed off for reasons I can't quite articulate, so I asked: "Are you
> a robot or a person?" She responded "yes" and then launched in to a
> sales pitch. The next time I asked, "where can I direct your call?"
> She responded "that's good" and launched in to her pitch.
They're more in the domain of artificially stupid but yes.

https://www.theverge.com/2018/1/1/16837814/robocall-spam-phone-call-increase-2017-ftc-report

The anti spoofing/spam app I have that screens calls to several DIDs I
have pointed at one phone reports a dozen or so calls per day.

I would generally assume that the current rate will hasten the demise of
the remaining pots services.
> Regards,
> Bill Herrin
>
>

Re: Are any of you starting to get AI robocalls?

[Ken Chase]

Just throw a dial tree plan in front of getting ahold of you. "Press 1 to
speak to a human." this foils most dialers which wait for a human to answer
before they throw anyone (anything?) on the line. They may also have the AI 
get through the unpleasantries before they stick a human on it.

Many voip providers offer a dial tree. I have a provider with a snazzy web drag 
n
drop tree construction system, so you dont need to learn m4/asterisk/linenoise
and even directs SMS's to email for me. I've set it up for my wife and myself
(hit 1 for me, 2 for her) and I use it on all my online ordering stuff because
I know they'll be hacked sooner or later and my info leaked into the wild for
abuse.

I dont know how cell companies expect to be able to continue to offer any
voice services with the lack of enforcement against robodialing - I get calls in
the middle of the night (and have to leave my phone on for on-call from random
customers I dont know the ph# for). Even though I give my direct cel # out to
almost no one, I get 3-5 random calls a week. (I dont doubt that phone hacks are
uploading people's contact lists to the cloud for further infection/robodials,
as well as plain war-dial trawls).

I have a spam contact with > 150 ph#s in it. (I need an app to share these and
subscribe to autoblock but havent gotten a round tuit it yet.) Worse, they're
spoofing real ph#s - I call back calls I didnt answer and they all claim they
didnt call me - because a robodialer spoofed a legit ph# to avoid mass filter
lists. (Beware ph#s that use your NXX - human gut reaction is to answer ph#s
that look like your own supposedly, but its likely a robodial).

All this boils my blood. I am not sure why/how spoofing ph#s is legal. I get
sms mass spam too.

Too much control is left in the sending side, need way better filtering tools
on the receiver. Soon enough however I hope to just be able to dispense with
voice communication and point customers at something else (even SMS would be
better). Im not sure we're at the point you can enforce that without pissing
off customers but we're close.

(I dont support capital punishment for much, but this might be one thing... :)

/kc


On Tue, Apr 03, 2018 at 06:32:19PM -0400, William Herrin said:
  >Howdy.
  >
  >Have any of you started to get AI robocalls? I've had a couple of
  >calls recently where I get the connect silence of a predictive dialer
  >followed by a woman speaking with call center background noise. She
  >gives her name and asks how I'm doing. The first time it happened it
  >seemed off for reasons I can't quite articulate, so I asked: "Are you
  >a robot or a person?" She responded "yes" and then launched in to a
  >sales pitch. The next time I asked, "where can I direct your call?"
  >She responded "that's good" and launched in to her pitch.
  >
  >Regards,
  >Bill Herrin
  >
  >
  >-- 
  >William Herrin  her...@dirtside.com  b...@herrin.us
  >Dirtside Systems . Web: 

--
Ken Chase - m...@sizone.org Guelph Canada