Someone out there really, really wants to help me avoid expensive car problems.
Their recorded voice tells me that they’ve been trying to reach me about an extended warranty my car doesn’t have, yet which is somehow about to expire. I just have to press 1 to learn more. They’re persistent: I get multiple calls a day from multiple phone numbers across the country.
If you own a phone, you’ve probably had a similar experience. Maybe the call was about something else, like the IRS warning you that your arrest is imminent unless you buy a bunch of gift cards right now, or Amazon asking you about a large purchase you never made, or Marriott offering you a free vacation. (In case it wasn’t clear: These calls did not come from the IRS, or Amazon, or Marriott.) Or maybe it wasn’t a call at all, but a text message about a hold on an account with a bank you don’t even have an account with or a prize for a contest you didn’t enter. Just click on a link or call a phone number to learn more. Maybe you’ve noticed that you’re getting a lot more of those texts than you used to.
By “you,” I mean pretty much everyone in the US who has a phone. Americans are barraged with tens of billions of unwanted robocalls and robotexts every year. As a result, many of us have stopped picking up the phone at all when it rings. According to a recent robocall report from Transaction Network Services (TNS), which offers robocall identification and mitigation services, people accept calls from unknown numbers only 10 percent of the time. Like a hiker in Colorado, who was missing for 24 hours last October because he wouldn’t answer calls from an unknown number (in this case, that number happened to be the Search and Rescue Team).
The Colorado hiker is an extreme, if relatable, example. But unwanted robocalls and texts are more than just a pervasive annoyance or a reason a man was lost for longer than he might have been. They cost me a little bit of time and patience, but they cost the millions of people who fall for robocall- and text-related scams money — a lot of it. Truecaller, a call blocking app, estimates Americans lost nearly $30 billion to phone scams in 2021 (it’s difficult to know the real number, as most people don’t report being scammed).
How can this possibly be a problem, still, in this modern world of technological wonders? Our phones have become tiny computers that are more powerful than what NASA used to land people on the moon. Why can’t they stop an unsolicited phone call? How hard can it possibly be?
Pretty hard, it turns out. Those technological advances apply to phones, too. Robocalls and texts are one of the unintended consequences.
What made the robocall invasion possible
Calling and texting anyone anywhere in the world has become relatively cheap and easy. There was a time when you had to go through a switchboard to be connected to another person. Up until a few decades ago, there were only a few phone companies in the country, and they owned all the phone lines. And long-distance calls cost a lot. This made it difficult and prohibitively expensive to embark on mass-calling operations at the scale we see today.
Then the Telecommunications Act of 1996 came along.
“Congress passed a law that broke up all the monopolies,” Jim Dalton, CEO of the robocall prevention software company TransNexus, told me.
“The good news is it allowed all these different companies to come in and create all kinds of innovation, which drove down the price to basically nothing,” Dalton said.
That means there are lots of scammers using lots of services and technologies to make lots of calls and texts to run lots of scams on lots of us. Trying to stop them is a constant game of whack-a-mole; when one avenue of reaching us is shut down, another pops up. And when regulators tried to crack down on spoofed calls, scammers shifted to other means of reaching us. That’s why you’re getting more scam texts than you used to.
Or, as Dalton put it: “There is no integrity in the telephone network. It’s a free-for-all. You can do whatever the heck you want.”
To put that free-for-all in numbers: TNS says Americans got almost 80 billion in 2021; YouMail, a robocall blocking app, puts it at about 50 billion. Some truly unfortunate people get hundreds of calls a day. And if you think the number of scam calls you get on your mobile phone is bad, it’s even worse for landlines. TNS says that nearly half of all calls to landlines are unsolicited, compared to a fifth to wireless numbers. And then there are the texts. Robokiller, which makes a robocall blocking app, estimates that Americans got 86 billion spam texts last year — 55 percent more than the year before.
It’s not like we haven’t tried to do something about it. Over the years, new laws have made unsolicited robocalls illegal, created a Do Not Call registry, and forbidden spoofing phone numbers for malicious purposes. Scammers and companies that facilitate scammers have been hit with restraining orders, fined, sued, arrested, and sent to prison. The Federal Communications Commission (FCC), Federal Trade Commission (FTC), Department of Justice, and attorneys general from every state have made efforts to stop robocalls.
Nevertheless, the robocalls persisted.
Help is on the way, maybe
So we’re trying again. The latest effort is 2019’s Telephone Robocall Abuse Criminal Enforcement and Deterrence, or TRACED, Act. Despite these times of deep political divides, the TRACED Act passed with overwhelming support in the House and Senate: Only four members of Congress between both houses and both parties voted against it. Presumably, three of them are the only people in the country who don’t get robocalls. The fourth is Sen. Rand Paul (R-KY).
TRACED gives the FCC the power to do several things, including mandating that service providers implement measures to authenticate their callers, better police their customers, and put their robocall mitigation efforts in the FCC’s new Robocall Mitigation Database. If they don’t enter their information in the database, they could be fined. Perhaps worse, other providers can block all of their calls — unsolicited or wanted, from spoofed numbers or legitimate. That’s a big problem for a provider because you don’t have much of a business if your customers’ calls don’t go through to anyone else’s networks.
So how are these providers supposed to authenticate those callers? The FCC is requiring them to use STIR/SHAKEN, which stands for Secure Telephone Identity Revisited and Signature-based Handling of Asserted information using toKENs (yeah, it’s a bit of a stretch to get to SHAKEN from there, but they really wanted to make this James Bond-inspired acronym work). STIR is the set of standards to add digital signatures to calls, verifying that they’re coming from the number on the caller ID, while SHAKEN is the framework to implement those standards, telling voice providers how to handle that certificate as it travels across networks from the origin to the endpoint (you).
“Until there is SHAKEN everywhere, it’s a joke,” Dalton said. “It’s a joke until the federal government gets serious and makes everybody implement SHAKEN.”
After Dalton and I spoke, the government did, in fact, “get serious.” The FCC decided to move the STIR/SHAKEN deadline up to June 30, 2022, for the types of providers that were found to be a major source of illegal robocalls. An FCC official told Recode that the agency expects we’ll see a significant decrease in bad calls after that.
Or the scammers will find new ways to get through to our phones. Like this: Jim Tyrrell, senior director of product marketing at TNS, says his company has found that scammers are increasingly buying up blocks of real phone numbers and making calls from them. Those aren’t spoofed, and they’re less likely to be flagged by your provider.
“They’ll make very few calls across hundreds of thousands of telephone numbers to try to avoid detection,” Tyrrell said. “It’s a constant battle. If I didn’t know better, I would think they have their own data science team trying to figure out what works and what doesn’t work.”
Guess what else STIR/SHAKEN doesn’t apply to? Texts. So scammers are turning to them, and the FCC is working on ways to stop them. Chair Jessica Rosenworcel said the agency is looking for ways that mobile carriers could identify and block texts before they reach consumers’ phones. In the meantime, be very careful about clicking on links in texts. Some of them can be pretty convincing.
I have taken matters into my own hands
Don’t give up on your phone just yet. Experts are optimistic about STIR/SHAKEN, and regulators and lawmakers are still working on the problem. In the meantime, there are things you can do to reduce the number of calls and texts you get.
Sens. John Thune and Ed Markey, who sponsored TRACED, recently introduced another robocall bill: the Robocall Traceback Enhancement Act. This bill would make it easier for members of the private industry group that TRACED set up to trace back scam calls, to share information about calls and callers. It would also let the group and the FCC publish a list of providers that don’t cooperate with anti-robocall efforts.
Thune told Recode that he thinks the new bill is “another important step toward holding these bad actors accountable,” and that he hopes his colleagues pass it “without delay.” Thune and Markey recently urged the FCC to get more data on which providers are recurring subjects of traceback orders.
One thing the FTC, FCC, and pretty much everyone else says you shouldn’t do is respond to scam texts or answer robocalls, no matter how tempting it is to yell at them. That only tells them that your number is valid, and you’ll get a bunch more calls and texts.
This is worth repeating: Do not answer robocalls or respond to scam texts. In the interests of journalism, I decided to disregard this good advice to see what would happen if I pressed 1 on a car warranty call. Eventually, I was put through to a “specialist,” who gave me the name of the company she said she worked for. But I asked one too many questions and she hung up on me.
Turns out that the company she named does exist, and it does claim on its website to sell “aftermarket protection products” for cars. (Not all extended warranties are scams, but some very much are. Either way, it’s illegal for them to call me at all.) The website had a phone number, so I called it. A woman actually answered, but said the man I needed to talk to wasn’t there. When I tried again the next day, he was in a meeting. I felt bad; it’s so annoying when people disturb you with unexpected phone calls at inconvenient times.
I left my name and number for him to call back. As I hung up the phone, I realized that, for the first time ever, I wanted to get a call about my car’s extended warranty.
