Ask HN: What can we do about spam calls with spoofed numbers?

I had the same problem. What helped me was I simply stopped answering any calls from numbers I didn&#x27;t recognize. After a while, I stopped getting spam calls. My guess is after a while, these spammers eventually mark a number as defunct or unresponsive and stop calling. If someone I know is calling me and I don&#x27;t answer, they can always text, email, etc me.<p>Interestingly, a while back, I got a call from a number that looked so familiar but I didn&#x27;t recognize. I didn&#x27;t answer but I couldn&#x27;t get that number out of my mind. So I started looking through my contacts to see if it was someone I knew. Turns out, it was my own number. I couldn&#x27;t believe it. These spammers were somehow spoofing my own number to call me.

I set up Tasker[1] with a profile to reject incoming calls if the caller is not in my contacts. As an individual, that or DND settings are most effective.<p>Consumers as a group can contact regulators or legislators to urge this be fixed. The technological fix is not that difficult: telcos should whitelist numbers for specific customers so a customer can only use a number as outbound caller id if they are assigned or have otherwise validated the number. Reputable providers like Twilio already do this. This solves the oft-repeated claim that there are legitimate reasons to &quot;spoof&quot; caller id. You can&#x27;t say it&#x27;s spoofing if it&#x27;s your number and you&#x27;re the one calling...<p>But telcos don&#x27;t do this. They don&#x27;t care if caller ID is accurate, because their customers don&#x27;t care if caller ID is accurate; most pay for it anyway.<p>[1]: <a href="http:&#x2F;&#x2F;tasker.joaoapps.com&#x2F;" rel="nofollow">http:&#x2F;&#x2F;tasker.joaoapps.com&#x2F;</a>

Move to another part of the country.<p>I got my current phone number when I first moved to the US. Now I live on the other side of the country. The spam callers always use the same area code as my phone number in an attempt to appear like local numbers. Anytime I get a call from a California number that isn&#x27;t in my phone I can safely ignore it.

There&#x27;s not much you as an individual can do to stop it. I have the same issue with Comcast filling my PO Box with shitloads of junkmail.<p>The phone system is designed to accept anyone calling on it, and there&#x27;s no authentication mechanisms in place for securing it since it all has to interoperate and is built on dated standards.<p>There are basically two solutions to stopping the problem (instead of treating the symptom). The first is to increase costs to make phone calls (voip made this basically free and it gets abused). This was the old deterrant.<p>The other is to have providers work on an authentication method for their network, they are starting to do this with STIR&#x2F;SHAKEN: <a href="https:&#x2F;&#x2F;transnexus.com&#x2F;whitepapers&#x2F;stir-and-shaken-overview&#x2F;" rel="nofollow">https:&#x2F;&#x2F;transnexus.com&#x2F;whitepapers&#x2F;stir-and-shaken-overview&#x2F;</a><p>Legislation won&#x27;t help unless it is on the providers to require authentication.

Individual solutions: &quot;Do not disturb&quot; mode that only rings for contacts, using one of the robocall-blocking apps (eg Nomorobo).<p>Industry solutions are supposedly forthcoming - see STIR&#x2F;SHAKEN standards for caller verification. T-Mobile says they&#x27;re doing something with this: <a href="https:&#x2F;&#x2F;www.t-mobile.com&#x2F;news&#x2F;caller-verified-note9" rel="nofollow">https:&#x2F;&#x2F;www.t-mobile.com&#x2F;news&#x2F;caller-verified-note9</a>

I added two entries to my contacts:<p>PHONE on<p>PHONE off<p>...when the calls reach a certain volume, I just forward all calls immediately to voicemail, which also says, &quot;I don&#x27;t answer this phone anymore -- leave me an email.&quot;<p>After a few days or a week, I turn phone back on and see how it goes.<p>It ebbs and flows.<p>For business calls, I direct everything to Google Voice.<p>For personal, my friends&#x2F;family know they can still FaceTime me or text me and I&#x27;ll call back.<p>I don&#x27;t actually get a lot of calls to my cellphone, and would gladly pay for data without calling.<p>From a previous thread, here or on Reddit:<p>&quot;You actually can turn off cellular network calling altogether, if you are willing to do that.<p>Dial (star)#67# (or call 611 if it doesn&#x27;t show up there) to see what number your voicemail center is. Then dial (star)21(star)1(that number)#. That will automatically forward all calls, at the network level, to your voicemail.<p>To cancel this, dial #21#.&quot;

First thing (<i>before</i> the problem you&#x27;re trying to address): There is a &quot;do not call&quot; registry. For reasons that I do not understand, (most) spammers respect it for our home phone, but not for cell phones. That thing needs to have teeth in it - like, sending-people-to-jail kinds of teeth. It&#x27;s a travesty that spammers can just run all over that registry.<p>If that were in place, then the answer would be &quot;put your number on the do not call list&quot;. But for whatever reason, that fix doesn&#x27;t currently work.<p>On, then, to the problem you&#x27;re trying to address. It needs to become illegal and&#x2F;or technologically impossible to spoof caller ID <i>to a number that you don&#x27;t own</i>. That is, if you&#x27;re Apple, and you want all your outgoing calls to present as your main number, that&#x27;s fine, because you own that number. But masquerading as a number you don&#x27;t own? No way. It needs to be either impossible or illegal, preferably both.<p>But what about someone who&#x27;s, for example, a whistleblower, and can&#x27;t give out their number without blowing their identity? They could still <i>block</i> the number, but not <i>change</i> it. The caller ID shows up as &quot;Unavailable&quot; or &quot;Blocked&quot; (I just had one of those while making this comment, in fact.) The recipient can then decide to reject that call simply because of the lack of caller ID (as I in fact did).

This isn&#x27;t a solution for most people, but I started using the &quot;screen call&quot; button on my Pixel 2 for numbers I don&#x27;t know, and it&#x27;s been great. The illegal telemarketers will just hang up, and the number of calls I get have steadily declined.

This is probably never going to happen... But, IMHO, I think the best way would be to implement a very small fee for each call placed. Even if it was a penny or a few cents, most people, if not all will never feel that but it would put most of the robo-callers out of business since they place thousands if not millions of calls per month.

It&#x27;s absurd that there aren&#x27;t more steps being taken.<p>Just this morning I had 4 calls between 5 and 8:00, and I can&#x27;t turn my phone off. (On-call for work.)<p>Our government is busy shutting itself down over nonsense, yet pathological problems that are meaningfully impacting citizens are going entirely unmanaged for years. (To the FCC&#x27;s credit, STIR&#x2F;SHAKEN is a good step but I think it&#x27;s very much a too-little-too-late situation; I haven&#x27;t been able to empty my voicemail box in years lest it get filled up again within a day by spam.)<p>To make this not just be a rant (and since I see others who are concretely affected in similar ways) Shouldn&#x27;t we be pursuing our govts&#x2F;reps to be more aggressive in everything from investigating and prosecuting violations (spammers) to ensuring proper incentives for carriers to help defend against this? Is there anyone who has been a champion for this in the past?

I get ten to twenty a day. If I&#x27;m bore and have a few minutes I&#x27;ll answer and waste the persons time by asking vague questions..&quot;oh which car warranty is expiring?&quot;. &quot;oh which student loan are you referring to?&quot;. Which credit card?, Huh do you work for United healthcare? Because that&#x27;s my insurance provider, you should know that already.<p>They either hang up or start shotgunning large company names. I try to stall them a bit.<p>Then aggressively use Google fi to block and report as spam.<p>It&#x27;s ridiculous that cell networks actively allow this. This should not be possible. And for US based spammers, they should arrest and prosecute every single person at the company. No exceptions. You are involved in a criminal conspiracy to commit fraud. Fuck throw Rico their way.<p>Many of the operations are overseas but there are plenty in the US.

I made <a href="https:&#x2F;&#x2F;phoneprivacy.co" rel="nofollow">https:&#x2F;&#x2F;phoneprivacy.co</a> which lets you have multiple phone numbers. I use it for separating my life (family, friends, etc)<p>Also helps with bots because it gives off number disconnected signal not just forwarding them to a voicemail or something, which I think helps kill it pretty quick.<p>You can do whitelists (no one but these people can get through) or blacklists (everyone but these people can get through).<p>Let me know your thoughts. Additionally there are others that do similar things, but I built mine out of this pain. :)

Ha. Got a spam call exactly when I started typing this response.<p>Honest to god, the new call screening feature on my Pixel is the most useful new feature from my phone in the last 5 years.

I simply changed the way I screened calls.<p>If I don&#x27;t recognize your number, I immediately send it to voicemail. If it&#x27;s something I need to worry about, I call back.<p>My hope is that eventually spam callers will catch on to the fact that they&#x27;ve had no hits on my number and drop me from the list. I assume that no amount of interaction I have with them will get me off the list, so I simply choose not to interact with them.<p>Broadly speaking, you could also probably set up Do Not Disturb settings on your device, and I&#x27;d love it if we could filter calls unless they&#x27;re from specific people during a specific time (e.g. family calls during work).<p>Long term, the best way we fight this is with our vote. The current FCC administration seems uninterested in this problem, and I think voting in a new administration may provide different results. Engage with your federal representatives as well!

I believe international telecom industries are working[1][2] on it. I don&#x27;t know an ETA. I signed up on their mailing list without knowing what to expect. The content of each email is beyond me but looking at the clout on the email signatures convinced me this was a serious and viable movement.<p>TLDR; this is a technical approach to preventing number spoofing except where authorized. Presumably to be implemented by the international telecom industry.<p>[1] <a href="https:&#x2F;&#x2F;transnexus.com&#x2F;whitepapers&#x2F;understanding-stir-shaken&#x2F;" rel="nofollow">https:&#x2F;&#x2F;transnexus.com&#x2F;whitepapers&#x2F;understanding-stir-shaken...</a> [2] <a href="https:&#x2F;&#x2F;datatracker.ietf.org&#x2F;wg&#x2F;stir&#x2F;about&#x2F;" rel="nofollow">https:&#x2F;&#x2F;datatracker.ietf.org&#x2F;wg&#x2F;stir&#x2F;about&#x2F;</a>

Why would you want to censor free speech? In the proud land where companies are free from unnecessary regulation in order to create unlimited growth, jobs and opportunity?<p>Snark aside, sometimes I‘m happy about that the bureaucracy monster EU I happen to live in simply forbids crap like this.

I started using the Hiya app on my iphone a couple months ago and it has basically stopped just about all spam calls. I was previously getting at least 1 a day. I&#x27;m using the free version.<p><a href="https:&#x2F;&#x2F;hiya.com&#x2F;" rel="nofollow">https:&#x2F;&#x2F;hiya.com&#x2F;</a>

Get a phone number in an area code far away from where you live, but where there aren&#x27;t too many overlapping prefixes so you can recognize them quickly.<p>Then any &quot;local&quot; call is likely to be spam. Filter as needed with a rule matching this areacode.

I&#x27;ve never understood how number spoofing can be so easy in the first place. Are there no security mechanisms? Are numbers not somehow tied to a physical line&#x2F;sim card? We don&#x27;t have a widespread problem with domain spoofing (when it does happen it&#x27;s because one of the mechanisms has been actively compromised, not because there simply isn&#x27;t one). I don&#x27;t see how this is different, aside from telco companies just not caring enough to do anything about it.<p>I&#x27;m seriously wondering. If anybody can enlighten me, I&#x27;d appreciate it.

Just be glad your number is not being used as the spoofed number. Had this happen to a coworker. He was getting hundreds of calls, voicemails and texts from people wondering why he was calling&#x2F;pranking them. I assume some people just saw a missed call and were curious or have a business reason for returning missed call. But its amazing how many people don&#x27;t understand what was really happening, including people angry with him. it&#x27;s gradually died down over a few weeks. Carrier support line implied there is nothing they can do.

1. I never pick up numbers I don&#x27;t recognize.<p>2. If a number I don&#x27;t recognize calls but doesn&#x27;t leave a voicemail or follow up with a text, I ignore it so long as it doesn&#x27;t call back. If it does but the same pattern repeats where they don&#x27;t leave any messages, I blacklist.<p>3. If they do leave a voicemail and it&#x27;s obvious this is spam, I blacklist.<p>Eventually with enough blacklists and repeatedly not picking up, I get maybe 3-4 spoof calls a month now. Not completely all gone but it sure has diminished greatly.

Do you get a lot of phone calls from numbers you don&#x27;t recognise that you do want to answer? I can&#x27;t remember the last time I answered the phone when it was an unrecognised number.

I set my voicemail to something along the following lines:<p>&quot;If I don&#x27;t recognize your number or was not expecting your call, I am not picking up the phone. If you need to reach me, leave a voicemail now or send me a text. Otherwise, keep calling and I&#x27;ll catch on eventually.&quot;<p>If I&#x27;m expecting a phone call, I tend to be more willing to picking up unrecognized numbers. Otherwise, I don&#x27;t pick up. If it&#x27;s actually important, the person can leave me a voicemail.

Maybe I&#x27;m not aware or not done my homework. But I wonder if there&#x27;s a service that allows our phone number to be wrapped by another number. That way we can give our original number to only trusted parties&#x2F;family and the wrapper number to outside world. In which case if we receive too many spam calls, we can simply change the wrapper number.

I&#x27;d like a way to prompt callers to confirm it&#x27;s a human before ringing my phone. &quot;Please press one to continue your call or wait to be directed to voicemail&quot;. I do not want to give google control of my phone number though, so google voice is out. A native android app would be better.<p>Hell, tmobile should offer this as a free service.

I only answer phone calls from people in my contact list. So if I get a phone call and it shows a number on the screen instead of name (Mom, Hassan, Seb etc), that means it’s somebody not in my contacts list, so I ignore it. The only exception is when I am expecting a scheduled call (interview or something).

It&#x27;s called spoofing. I think there&#x27;s nothing we can do about this except ignoring those calls and keep spreading the word to everyone about these spam calls. Almost everyday I find reports about such calls at sites like <a href="http:&#x2F;&#x2F;whycall.me" rel="nofollow">http:&#x2F;&#x2F;whycall.me</a>.

2600 says to forward them to voicemail and have your greeting start with the three-toned telecom information sound (bee baaaugh eeeeeep... at least in the US). Then they will likely take you out of their system as they identify that the number is not in service.

We need to fight back and create AI to carry on a dialogue with the spam caller as long as possible.

I have a free google voice number that I give out like candy in lieu of the main number I&#x27;ve had for years and all calls to it are automatically sent to voicemail. I also use the default answering message. This has cut down on 90% of spam calls for me.

This is especially frustrating using an iOS device, as Apple still hasn&#x27;t fixed incoming call notifications (if you get a call while using your device it takes up the whole screen, rather than a banner)

Last year I built an automated call screener using Google’s cloud speech APIs.<p>Extremely effective, runs headless on a $5 VPS box by proxying calls through VoIP, but the added latency is a bit of a no-go.

If you have AT&amp;T they have an app called AT&amp;T Call Protect which is pretty good at blocking fraud&#x2F;spam calls. Free version is fine, haven&#x27;t used the paid version.

Wait until millenials are the oldest generation and these calls preying on older and unknowing people aren&#x27;t profitable to make anymore.

One solution would be to make an automated filter for all my calls with the ability to manage a whitelist.<p>Is there an app for this?

Every number not in my contact lists gets sent to Voicemail initially. My vm is full btw. lulz....

Just use Truecaller app.