Information Security, Top News

FCC: robocalls can go get BLOCKED



US Federal Communications Commission (FCC) Commissioner Jessica Rosenworcel asks us to picture this…

You and your family are sitting down to dinner. It’s a sacred slice of your busy day: a “reprieve from the unrelenting chaos and hubbub of everyday life.” She knows it well, she says, because it’s true for her family, just like as with so many others.

But then, like clockwork, that happy time gets shattered by the ringing of a phone. Who could it be? Why, it’s “Rachel from cardmember services.” Or gosh, it’s someone claiming to be from the IRS – you owe back taxes! Or hey, how about this: you’ve been selected to receive a line of low-interest credit for small businesses. Or golly, a cruise!

Gosh, honey, don’t pass me the mashed potatoes yet. Sweetie, I’ll have to hear about your science fair project later. This call is important: it’s from an important robot!

…said no one ever.

All those shattered evenings are why the FCC on Thursday unanimously passed (PDF) a resolution that lets phone carriers block illegal robocalls.

The new rules enable voice service providers to block certain calls before they get to our phones, the FCC said in its ruling. Specifically, providers now have the go-ahead to block calls from phone numbers on a Do-Not-Originate (DNO) list and spoofed calls: those numbers that show up in Caller ID that are “invalid, unallocated, or unused numbers.”

In other words, service providers will now be able to block calls from numbers with tell-tale signs that they’re fraudulent: for example, numbers with area codes that don’t exist or that can’t make outgoing calls.

Such calls are probably up to no good, FCC Chairman Ajit Pai said in a statement (PDF):

These calls are very likely to be illegal or fraudulent; there’s no legitimate reason for anyone to spoof caller ID to make it seem as if he or she is calling from an unassigned or invalid phone number.

It’s understandable if your first thought is deja vu: hasn’t the FCC already enabled carriers to block these calls?

No, though both the FCC and the Federal Trade Commission have been fighting against robocalls for years. A few years ago, the FTC said it was going to name and shame robocallers, for one.

Hefty sanctions on robocallers have hit the headlines, while FTC competitions to find new technological solutions have uncovered some innovative thinking.



The big tech players are also trying to fight robocalls: Last year, Google added “do-not-answer-that!!” robocall warnings on its Phone app on Nexus and AndroidOne devices, so as to warn about potential spam callers and give users the ability to block and report spammy numbers.

But still, the robocalls keep coming. The FCC notes that one of the most pernicious of this ilk are robocalls placed by scammers, including IRS scams that are out to steal consumers’ cash or their identities.

A typical IRS scam is one in which robocallers pretend to be representing the IRS and claim the called party owes back taxes. IRS scams are particularly deceptive if the illegal robocaller can spoof the number so the Caller ID display makes it look like the call is really, truly coming from the IRS. Another scam involves crooks trying to trick people by claiming a young family member is in jail and needs bail money. The FCC says that since 1 August 2016, it’s received nearly 185,000 complaints about calls that consumers didn’t want.

What effect will this move have on legally spoofed calls? As RoboKiller’s Ethan Garr has noted, reasons to spoof a calling number do exist:

Many of the calls you receive are legitimately spoofed for very good reasons – when you get a call from an extension at your bank, but your caller ID shows the bank’s main number, for example, it came through a PBX, and that is a “spoofed” call.

Other legal reasons to spoof a phone number include when people have legitimate reasons to hide their information: for example, it’s legal to spoof numbers of investigators working on cases, of victims of domestic abuse, or of doctors who need to discuss private medical matters.

The newly passed proposal shouldn’t affect these legal spoofs. Under the FCC’s Truth in Caller ID Act, spoofing is only illegal when it’s done to defraud, cause harm or wrongly obtain anything of value. Breaking the law can rack up fines of up to $10,000 per violation.

The FCC’s new resolution to allow carriers to block robocalls might be a step in the right direction, but it’s got some strings attached. Specifically, our wallet strings, given that the proposal doesn’t stop carriers from charging us for the luxury of not being pestered and scammed.

Commissioner Rosenworcel, who voted to approve the proposal but says it didn’t go far enough, had this to say in a statement (PDF):

While the agency offers carriers the ability to limit calls from what are likely to be fraudulent actors, it fails to prevent them from charging consumers for this service. So this is the kicker: the FCC takes action to ostensibly reduce robocalls but then makes sure you can pay for the privilege. If you ask me, that’s ridiculous.




Source : Naked Security



Previous ArticleNext Article

Founder and Editor-in-Chief of ‘Professional Hackers India’. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.