VoIP to Fuel Plague of 'Dialing for Dollars'/Spam

Ant writes "Broadband Reports says Internet News is exploring how telemarketers world-wide are realizing they can dodge long-distance costs (and U.S. "Do Not Call" restraints) by voice spamming VoIP users. Different from SPIT (spam over internet telephony) because it's not automated, an analyst in the article predicts homes and businesses could see some 150 calls a day from overseas call centers."

Herm wait . . .

[OverlordQ]

so the DNCL only covers POTS Spam? IMO my number is in there, so no matter where they're coming from or through, be it POTS or VoiP they can't call me, further more theres'a nice tidbit on that DNCL site:

33. Are telemarketing calls from overseas covered?

Yes. Any telemarketers calling U.S. consumers are covered, regardless of where they are calling from. If a company within the U.S. solicits sales through an overseas professional telemarketer, that U.S. company may be liable for any violations by the telemarketer. The FTC can initiate enforcement actions against such companies.

New MaBell filter

[Overzeetop]

You can automatically block all VoIP call from your phone for just $1. For $5.99 you can add a whitelist. Or you can just tell all your friends to get a MaBell line and save that $5.99! Sounds like a win-win for the Bells!

Re:Better fix this

[blanks]

To answer your question, most telemarketing is either collections or credit cards, or charities. I have had many friends that have worked in collections and charities and you wouldnt belive the amount of positive sales they would get.

We need laws, but tools too

[Frater 219]

We're going to need some basic trespassing legislation here: in brief, a recognition that my phone is my property and that your freedom of commercial speech does not extend to the use of my property to carry your speech at my costs.

However, we're also going to need some software tools. A lot of sites, my own workplace included, are rolling out VoIP systems. Some of these are COTS systems of various levels of quality. Others (like us) are using open systems like Asterisk PBX and SIP Express Router (SER). Currently, as far as I have seen neither the proprietary nor the open tools have what it takes regarding abuse rejection:

• Dictionary attack rejection. Any caller who makes a vast number of wrong numbers in a day is just trying to guess numbers, and should be rejected.
• Call rate limiting. A single caller IP address should not be able to make a vast number of simultaneous or near-simultaneous inbound calls.
• Site-local blocklisting. One good way of telling if an IP address is going to spam me is if it has spammed the guy the next office over. The VoIP PBX is a good place to aggregate abuse information. Asterisk has the beginnings of a blocklist system, but it's not quite there yet.
• Distributed blocklisting. DNSBLs have worked very well in the email world, where a single highly reliable list such as Spamhaus SBL-XBL [spamhaus.org] can deflect over 50% of spam. We will need this ability in VoIP.
• Abuse reporting. If I'm getting VoIP abuse from your site, I need a way to report it to you or your ISP. Likewise, VoIP sites that want to be reputable should offer call recipients a way of reporting harassment, spamming, and other sorts of abuse.

Re:The ring that keeps on ringing

[Tony Hoyle]

They already do this over standard dialup.

I get phone spam from the US, and I'm in the UK do-not-call equivalent (the TPS), so never get any UK based phone spam.

You can always tell it though... it's international with the number witheld, and the moment you pick it up someone with a US accent starts "Hi, you've won..." (I slam the phone down before he gets any further).

Re:New MaBell filter

[edudspg]

Anyone that runs a voip system can always have the system route UNKNOWN or ANONYMOUS callers to a computer based screening tool. One bored gent wrote an elaborate voice-mail maze for telemarketers to wander into.

Telemarketer Torture [voip-info.org]

So far the only prank SIP call I have received was one from a buddy that was testing his SIP knowledge and wanted to see if he could really make my phone ring.

Re:The joys of computer controlled phones!

[FreeLinux]

Anyone else would get a message to find another way to contact me to be added to the whitelist, to enter the passcode to get through, or they be routed to /dev/null.

Anyone showing up as "UNKNOWN", "UNAVAILABLE", or originating numbers coming from outside the country would automatically be re-routed to /dev/null. I would sort of expect these options to be built into the software and easily enabled by end users as that would make the most sense.

This is already available and has been for years. It's called Anonymous Call Rejection(ACR) [campbells.org]

I'm sorry if I Slashdot The Campbells.

Re:Since it's Voice over IP...

[Big_Breaker]

The article is talking about marketting spam launched using VOIP on the caller side. The receiver will get the call on any old telephone hook-up IE POTS or VOIP.

A firewall won't do a thing to protect you. A caller ID based black list of challenge/response system could though.

prediction is absurd, voip spam will be *lower*

[xlurker]

Prediction may be right in the short term *but* in the long term I predict that blocking spam calls on voip lines will be *much* easier then blocking telemarketers on conventional landline systems.

Why?

Because the user has many software tools availible here that simply aren't doable on landline systems. Hell, the easiest first method of screening is using a simple whitelist. Can you do that with normal landlines???

Since voip is run by software on your computer you *have* the possiblity of applying code to the screening process, in other words CAPCHA of one sort or the other, can you do this with landlines?? the captchas don't even have to be complicated. It could be a verbal command requesting the user do do a simple task (type a number, say a word, look up something on website, send an email). What ever it is, this is to time-comsuming for spammers. All of this is simply not possible on landlines.

I can't help but think that this "prediction" is simply the drawing of a parallel from email spam to voip spam. The reason why email spam is hard to block, is that you don't want to throw away legitimate email. Why is throwing away legit email bad? Because the legit sender already sent it and assumes you got it and will read it! That doesn't apply with voip. If you block a legit caller he immediately knows you didn't get his call! For this reason applying spam filters to voip is much easier than email.

Sad, But True.

[Threatis]

As someone who worked as a Telemarketer for about a year, i can tell you that this will happen. the company that I recently worked for was putting together a "voIP team" to tackle all the new tech popping up around it. Sad that this is the world we live in now, where people feel the only way to sell a product is to market it directy to someone over something as personal as a Telephone.

150 calls per day

[NoGuffCheck]

I dont think this will ever happen, Ive been in telemarketing for 5 years and the hardest sells are always the customers who receive more cold calls a day from other telemarketing companies. Now if everyone was getting 150 calls per day I dont care what the call costs are, paying my wage is too expensive for my boss if im never going to make a sale.

Re:IP Blocking?

[Big_Al_B]

It depends on how the telemarketer connects to the VoIP network. If they're coming in from the PSTN, then the source IP will be the PSTN gateway where they enter the IP world.

While this isn't so bad if the telemarketer is running their own analog-to-IP telephone adaptor/IAD/Asterisk etc., it is quite problematic if the gateway belongs to a major carrier for a large exchange (say, for example, in NYC.)

PSTN carriers can't risk common carrier status by filtering or denying access to telemarketers (e.g. they can't operate like an ISP with an AUP against spamming) so they can't stop the traffic themselves. And you could be cutting off connectivity to large portions of the PSTN every time you apply a filter. Even if it worked for awhile, eventually you would notice severe end-to-end connectivity problems.

Re:The ring that keeps on ringing

[walt-sjc]

Even easier with an Asterisk [asteriskpbx.com] phone system. I already have whitelists, blacklists, and greylists setup. Quite easy really.

I don't get ANY telemarketing calls anymore and I'm not even on the DoNotCall list.

Re:Sue them!!!

[Profane MuthaFucka]

Go to the Sheriff with the judgement and hire him to go in and start confiscating property. Show up with the Sheriff to helpfully point out particular items that they should take. The Sheriff with sell the items at auction, take his cut, give you the rest. At that time you will have the opportunity to purchase (along with the rest of the public) some of the choice items that you suggested the Sheriff should take, cheap. If it weren't for mechanisms such as this, nobody would pay any judgements. Make the system work for you.

Re:Cell phones -- missing the point

[Anonymous Coward]

Yes, the cell phone companies want you to use your phone, but they don't want your cell service to become useless. They know that, if the utility of the service drops, people will disconnect in search of another carrier or another way to communicate. Besides, even if telemarketing calls go unanswered by people using Caller ID to screen, those unanswered calls still clog their switches and towers, reducing the number of legitimate calls that can get through. And believe me, this is something the cell companies do not want.