Thousands of Brits bombarded in caller spoofing riddle

Re: Incoming CLI from abroad should be tagged as such?

CLI is a presentation service, where the final exchange can optionally present the caller's number to the person being called. It wouldn't have mattered even if there was no CLI active, anyone with a phone can still be woken up in the small hours by a malicious caller dialling at random.

The problem here seems to be that the info in the SS7 signalling packets was invalid, and that's the responsibility of the originating telco. An ordinary customer should not be able to change the values in those packets, since that would break the whole charging model. The customer may be able to add additional packets, but whoever the originating telco was here should be in deep shit for not validating the signalling info before passing it on. Since Ofcom was able to trace the calls it seems likely that the full signalling info was present, so they should be able to take action againt the perpetrator.

Then again, it's Ofcom we're talking about.

Re: Broken... ?

So how come I only get a call from some sort of 'claims company' about once a month?

The number is registered with TPS and I only get calls from abroad.

Also even more rare are the apparently random machine-generated phone calls .

TPS seems to work for me.

Re: whitelists

You can do anything you want with asterisk.

I whitelist outside "business hours" taking information from my phonebook for "allowed calls" and send calls without callerid or with 08*/09* callerid straight to voicemail 24x7.

I wrote the rulesets (and scripts to read mozilla obscene phonebook format) around the time when I still had a BT line. They got really heavy use despite me registering for TPS and going through all the motions as prescribed by "the book".

I found a new solution after that - I moved to sipgate. Ever since I did that I get a couple of hits per year (tops) which are still filtered by the old scriipts.

I can comment on the reasons for the difference, but I rather not.

Re: whitelists

it is called skype, oddly enough

Re: whitelists

There are free apps for that. Since i applied for a loan about two years ago i have been getting about 10 spam texts a day and several cold calls from scammers and marketing companies.

The TPS does not work. Thing settle down for three months and then it flares up again. You see, registering on the TPS confirms that your number is a good one that works.

Also, replying STOP to the spam sms's just confirms that your number is real and is resold again and again.

I was forced to install a spam filter and blacklist app and it's been great.

Re: Dragons Den

You may not want to advertise the device (which retails for about three times the cost of manufacture, watch the original Den extract) but others already did.

Callers code

You can give people a 4 digit code which they enter after the phone number and it will bypass all the international/CLID/night mode stuff. Alternatively there's a "breakthrough" key that can be used.

In my experience virtually no sales droids ever say anything at the whisper, they just hang up so you never even hear the call.

Re: YES you CAN buy a phone like that!!!

Yep - it is quite good but you have to add each number to the book in order to assign it to the category that gets dropped so you get a phonebook full of numbers you never want to call.

Re: and yup, in uk at least it's f******..

The presentation numbers you list aren't valid for UK origination - so those calls either originated elsewhere or on a UK IP-PBX with a service provider who doesn't check that what's being sent is valid.

Some telcos police this stuff, some don't.

@Veti

1: Someone who didn't allow for the time difference

2: A thief checking to see if anyone is awake or can be disturbed by a sudden noise prior to jimmying your door to pinch your car keys.

There you go :)

"...obliged to take her call"??

The examples you give, with all the ducking and diving around truth and good manners they entail, are why I am, without exception, as impolite as possible to any and every unsolicited caller whose purpose ,when all's said and done, is selling something or getting something for nothing. They are making a choice to call me, and as I am on the TPS list they know for sure I don't want the call, so one act of bloody rudeness deserves the same in return. The fewer people who find working in the industry acceptable and they less they manage to sell, the quicker the industry will become untenable.

The tactics used are invariably deceitful, manipulative, and uncaring of whether they take from the vulnerable or those who have a problem with saying no. The sooner the whole business becomes as widely unacceptable as sending 8 year olds up chimneys or indentured servitude the better.

Re: TPS is useless these days

"... try to be polite..." don't bother.

I asked one Indian gentleman caller asking to speak to me by name "who's calling", to which he replied "I want to speak to Mr Xxx Yyyy" after the third of these fruitless exchanges he changed his response to "F*** off you c***". I assume he'd rapidly found that phrase to be in widespread us in the course of his working day.

If I hear an Indian accent when I pick the phone up I now respond "I don't speak to Indians" and put it straight down. No point wasting my time trying to waste theirs. My time is worth a dollar a minute, they're probably earning a dollar an hour.

BTW the reason I say "I don't speak to Indians" is because unfortunately my UK Bank seems to have relocated to Mumbai I guess if they really do need to speak to me they'll take appropriate action.

Re: TPS is useless these days

I've been dealing with 'surveys' for a while, I just tell them that yes, I'll answer their questions, if they'll answer mine.

My first question? What colour underwear do you have on?

Their answer? Usually *click* *buzzzz* as they hang up. Although I did have one 'lady' who seemed quite happy to tell me that she was wearing red lace, that her thong and bra matched, and she was shaven..

I'd rather that they removed me from their lists for being offensive, it stops them calling me again, and seems far more effective than the TPS

... Obliged to take her call ...

Well, obviously you're not obliged to take her call. You are paying for that telephone line, not her.

According to the Telecom's Code 1984 (don't think it's been revised, and I am working from memory here), it is an offense to call someone who has not invited you to call. So, telesales, marketing and all that stuff is actually illegal.

Why? Well, the telephone is there for you (the person paying for the line) to be able to contact or be contacted by people of your choice. It is there, also, to allow you to call the emergency services in the event of an accident/incident. It is certainly not there for some company to use to harass you with vexatious calls.

Unfortunately there are a lot of businesses out there that don't care about the law. They flaunt it quite happily and then deny it was them. Last example I had of this was yesterday with that great favorite: Auto-dial call with recorded message. It tied up my line for 5 minutes even though I'd hung up due to what I consider a major design flaw: There's no way for the exchange to know I've hung up so it can break the connection for me (had to call BT via another phone to get my line freed).

Re: Why can't the telcos "spam filter" these calls?

It's a little more complicated than that. People are allowed to buy presentation numbers - this is where the number that appears is the inbound number for the caller, rather than the number they're calling from. If a UK bank has a call centre in India, there's no point showing an Indian CLI, it's more useful to everyone to show the UK number that the person receiving the call can ring back if need be.

That's well policed by the larger telcos - normally it's all part of a package - voice VPN and call centre traffic management out to India, outbound calling plan, presentation DNs. The caller might be in India, the call might not enter the PSTN until it reaches the UK.

The issue comes when calls are passed between telcos, two or three or four times - how could you police that? How could you maintain a white or black list when there are hundreds and hundreds of millions of calls a day, and numbers change on a daily basis? Telcos have to trust each other or the whole system falls apart - and that's where careless or rogue behaviour can allow things like CLI spoofing to propagate.