THE ANNOYANCE ENGINE: Spam robocalls became profitable scams by exploiting the phone system, but you can stop them

robocallers spam 4x3

Summary List Placement

Nearly every day for the past year, I have been breathlessly informed that the warranty on my vehicle is out of date. The situation is dire: it’s the middle of a pandemic, and if the warranty on my vehicle gives out, I could be out a serious chunk of money.

The problem is that I do not have a warranty on my automobile. I do not own an automobile. I have never owned an automobile. I last drove one my parents owned in high school. But unrelentingly, a woman calls me in the midafternoon to offer me a way out of my warranty problem.

Why?

Because spam calls are out of control. Billions of robocalls hit American cell phones every month.

A February 2021 Insider survey conducted on SurveyMonkey Audience found that 46% of Americans reported receiving spam phone calls on their cell phone every day, with another 24% receiving them multiple times per week.

Spam calls impact everyone evenly. Eighty percent of Democrats got spam robocalls at least weekly, as did 79% of Republicans. They impact men (76%) and women (78%), old (85%) and young (66%), rich (72%) and poor (71%).

Nobody is safe, nobody can escape them, and for many it seems nothing can stop them.

How we got here is the result of an erosion of protections on three fronts.

First is the technological, as advances have magnified fundamental flaws in the American phone system enabling unrelenting robocalls from untraceable origins.

The second is financial: because of that, it’s incredibly profitable to use spam calls to drive business whether the caller is a scammer trying to bilk money out of marks or an actual business using telemarketing to increase sales.

Lastly is the legal situation, with a series of enormous court decisions — with one more on the way — so far paving the way for telemarketers to get away with blowing up your phone scot-free, with next to no legal recourse and under-funded enforcement just trying to keep the lid on.

Further, special interests who prefer an unregulated robocall environment are enormously powerful compared to the pro-consumer groups; an Insider analysis found that the federal lobbyists employed by pro-robocall businesses outnumbered the anti-robocall consumer groups’ lobbyists by a factor of 100 to 1.

This doesn’t mean there aren’t solutions, just that the approach to spam calls needs to change. The prevailing message is that this is not a problem that can be legislated away or turned off with a switch. Rather, consumers must treat the American telecom system like an infected computer network, taking matters into their own hands with software protections for their phones.

Why do I keep getting spam calls?

Experts credit the ascendance of spam phone calls to fundamental problems with caller ID, a phone system where anyone can operate as a carrier, the inability to detect bad callers, and a number of bad actors exploiting those flaws to drive billions of calls to American phones.

Plus, spam calls make their perpetrators a killing.

The standard operating procedure is more sledgehammer than scalpel. There are different kinds of robocall scams: some are clearly illegal, such as calls the pretend to be the IRS or law enforcement, while others sell some kind of product like an auto warranty or an insurance policy but illegally telemarket the products. All basically use some iteration of the same business model.

robocallers flow

First you have a company that wants to find buyers. They could be selling actual products like insurance policies or alarm systems, or they could be a scam operation looking for marks they can coerce into buying gift cards. The product doesn’t really matter, what matters is they’re willing to pay someone $6 or $7 per lead to send them people who may be interested in buying.

The company they contract to find those leads is the robocaller; typically overseas, what they do is call millions of phone numbers with a prerecorded message. Most hang up, but occasionally some listen, and those people are plugged through a phone tree until they’re determined to be a qualified lead, which is then sold to the original company.

The robocaller is able to place their calls through a gateway carrier, which is a telecommunications company willing to place those calls to American phones. The gateway carrier may not always know they’re laundering scam calls into the US telecom system, but they’re often targets of FTC enforcement. Once the call is on US soil, it passes through the patchwork of carriers to your phone.

“They work,” said Aaron Foss, founder of Nomorobo, a company that blocks spam calls. “The response rates are abysmal, a tenth of a percent response rate. But the risk of getting caught is so, so low, and the rewards are so high.”

The economics of phone spam are incredibly favorable. For perspective, 125,000 minutes of robocalls from Message Communications Inc — which sustained a $25,000 penalty in 2015 for what the FTC described as “willful, repeated” violations — has sold for a mere $875. Assuming a consumer listens to the call for an average of three seconds, that $875 would translate into 2.5 million calls, with one cent getting a buyer 28 spam calls.

Even if just one out of every 10,000 calls turns into a qualified lead, at a going rate of $7 per lead, an hour of robocalls will pull in $1,750 in revenue, neatly doubling their investment.

It’s an engine that turns phone calls into money with a byproduct of distributed annoyance.

Every person who buys from a telemarketer can facilitate hundreds of thousands of calls, according to an FTC spokesperson. While many calls may eventually sell an actual product, plenty are simply scams targeting the elderly or infirm, spam calls that are functionally elaborate elder abuse operations attempting to bilk seniors out of money.

The top scams of any given time are a reflection of anxieties; auto warranty scams are big today, and were last highly popular during the heights of the Great Recession, when economic anxiety roiled the country. As Americans take on debt to ride out the pandemic, calls preying on those anxieties remain popular.

The calls often originate overseas, where the FTC lacks jurisdiction. The Do Not Call list doesn’t work for robocalls on your cell phone, it just prevents live telemarketers from calling you. Even if it did work, the robocallers are already flaunting the law, and there’s little reason they’d respect the registry. They’re able to thrive on the US phone system because of a fundamental flaw in the structure of the grid.

“Caller ID was never verified,” Foss said. In the 1980s when caller ID was first implemented, there was only one phone company — AT&T — and as they were able to verify customers, caller ID was implemented the same way that a return address on an envelope was, where a person could put anything.

Then AT&T was broken up, and deregulation meant anyone could become a carrier, and the FCC laws that effectively protect the privacy of you as a phone user are equally capable of protecting bad actors, as well. As a result, caller ID is meaningless yet still relied on, which makes it easy for scammers to exploit.

So, why don’t the carriers just stop them?

“Carriers don’t shut it down unless it’s absolutely positively proven to be illegal,” said Alex Quilici, the CEO of YouMail, another spam blocker app.

Carriers want to move calls around, not actively regulate the calls. The reasoning is clear: if a debt collector robocalls someone, while the recipient may consider that a nuisance, it’s absolutely legal. They want to stay out of it.

There is a liability component, Quilici said. A pharmacy may contact a patient about their COVID-19 vaccine appointment with an automated call, and if a carrier blocked that there would be hell to pay. Carriers avoid interfering in grey areas, and will only block a gateway carrier or caller when given ample grounding to do so, often by federal action against a bad actor.

Why have they gotten worse?

If I’m getting overwhelmed by spam calls that are violations of the Telephone Consumer Protection Act (TCPA), why can’t I just sue them into oblivion?

“Federal courts have used a decision called Spokeo to curtail TCPA lawsuits,” said attorney Scott Owens, a litigator who specializes in these kinds of cases. “Spokeo held you can’t go into federal court for just a violation of federal law.”

The 2016 6-2 Supreme Court decision in Spokeo Inc. v. Robins has had broad implications in the rise of spam robocalling. Spokeo came to mean that being annoyed isn’t enough to sue an illegal telemarketer in federal court. A plaintiff needs to be injured, which makes it much harder to build a case against telemarketing operations doing flagrantly illegal things that rarely injure people.

If the federal courts are out of the picture, why not state courts? That’s also a no go, Owens said, as many states follow the same Article III injury standard as the federal courts, and plenty of other states, including New York, have a bar on bringing purely statutory violations to class actions. As a result, even if a dogged, furious person trying to sue a telemarketer took the full measure of legal remedies available to them, best they could probably win is $1,500.

With judgments that low, the risk has become negligible. And even if caught, there’s nothing stopping spam callers from closing down one operation and winding up another.

“Calls are cheap,” Owens said. “It’s easy to set up one of these operations if you have a little bit of money.”

In February 2018, YouMail estimated there were 2.75 billion spam calls. That same month, the Supreme Court declined to review the Spokeo case. The legal risk for telemarketers would remain nil.

By March, the number of monthly robocalls was up to 3.16 billion, then 4.06 billion by May, 4.41 billion by September, and rising to 5.11 billion by October. The gloves were off.

“Our best guess is the scammers realized they could scale,” Quilici said. Over the course of 2018, more gateway carriers launched. Some callers who had been placing a million calls per month upped to 20 million. Volumes exploded.

Why can’t the government stop them?

The easy cliché is that taking out robocallers is like whack-a-mole. The pros reject this analogy.

“Whack-a-mole is fun,” Foss said. “Fighting robocallers isn’t.”

Foss knows a lot about the government’s war on robocallers. In 2013, with their backs to the wall after a grueling, losing fight against surging robocalls, the FTC threw out the gauntlet, offering a $50,000 prize for the best overall solution to blocking illegal robocalls. One of the pair of winners, beating out nearly 800 other ideas, was Foss.

The FTC has been waging a war on robocallers for nearly two decades. They began by going after the robocallers themselves, though this presented significant difficulties because they were often offshore and tended to be small operations with low overhead. A single person can be responsible for 100 million robocalls, and it’s impractical to go after all of them.

So next, the FTC began going after the companies that hire them. They went after alarm companies fueling spam calls in 2014, and secured a $1.1 billion judgment from Caribbean Cruises in 2017.

After that they began to go after the gateway carriers that bring the calls onshore, and the individuals who make the software that enables illegal robocalling. This is where they have had considerable success lately.

Take the gateway carriers later involved when the agencies cracked down on illegal coronavirus-related telemarketing in April and May of last year. According to the FTC and FCC, the calls were promoting bogus free test kits and HVAC cleaning services, targeting desperate Americans amid the initial uncertainty of the pandemic. Those robocalls were originated, according to the agencies, by two companies called VoIPMax in The Philippines and Oberlo Peer BPO in Pakistan. Their action targeted three gateway providers — SIP Join of Virginia, Connexum of California, and VoIP Terminator of Florida — who the feds said got those calls into the US and into the phone system.

Again, these are not companies you’ve probably ever heard of, but the fact that anyone, anywhere can pretty much get a telephone call into the system without a great deal of difficulty or cost means that it takes just one bad apple to spoil the entire telecommunications barrel.

Taking down just one entity can have a drastic impact, as seen in the 2018 FTC complaint against Jamie Christiano and the company TelWeb, which the agency said was responsible for creating and hawking “a computer-based telephone dialing platform” behind billions of illegal robocalls.

infographic net dot solutions timeline1

The FTC is fiercely proud of its work, and has room to boast. They do a lot with a little: In 2015, the FTC budget was $300 million. They returned $9 billion to consumers in refunds. They can hit bad actors with civil penalties, but the criminal prosecutions are up to the Department of Justice.

Lately they have begun to step up. Just last week the DOJ announced 11 guilty pleas in a $300 million telemarketing scam.

Last year, the DOJ launched cases against three individuals and five companies  — Ecommerce National, SIPRetail, Global Voicecom, Global Telecommunication Services, and KAT Telecom — who they allege were gateway carriers bringing in hundreds of millions of fraudulent robocalls.

Again, just by removing bad actors from the mix, a considerable dent can be made in the volume of calls, with the DOJ claiming that two of those companies carried 720 million calls in just 23 days, with 425 million of them lasting less than one second. An earlier FTC bust of SBN Peripherals in 2012 found that one company carried out 2.6 billion outbound calls over a 20-month period, a volume of annoyance that led to 12.8 million people — about one half of one percent of the overall call volume — being connected to a sales agent.

Still, all it takes is one server and a little bit of money.

‘If they win, what we will have is a tsunami of unwanted texts.’

This year will be enormous in deciding the fate of robocalls for three reasons — one technical, one financial, and one legal.

First, on the technical side, this year will see the full rollout of STIR/SHAKEN, a new system designed to hit robocallers who spoof numbers illegally. This is being rolled out across carriers to mixed efficacy. National carriers developed the program and have the tech to seamlessly roll it out, smaller or regional carriers may have a less elegant implementation, and the fragmented state of the phone system makes any nationwide technical rollout difficult to nail down.

Still, the expectation is that STIR/SHAKEN — which digitally validates the handoff of phone calls and ensures that the caller ID is signed as legit — will have an impact come this summer on reducing the volume of calls that make it to your cell phone.

Second, the unfortunate reality is that as the COVID-19 pandemic abates, spam calls are poised to increase because call centers shut down due to social distancing will re-open.

“When India and Pakistan shut down, you saw an instant decline in robocalls,” Quilici said. “When the pandemic recedes, you’re going to see more robocalls in general.” Call centers that were shuttered will re-open, and a volume of calls that had been at around 75% of peak over the course of the pandemic will get back up to full capacity.

Lastly, on the legal front, a case before the Supreme Court could also make spam texts and calls far more pervasive.

Last November, the Supreme Court heard oral arguments in a case with enormous implications for the sanctity of your phone. Several years ago, someone linked their telephone number to their Facebook account. They eventually gave up that telephone number, and in 2014 it was assigned to Noah Duguid, a person who does not even have a Facebook account.

When Facebook began texting that number repeatedly about suspicious activity on the account of the previous number’s owner, Dugiud asked them to stop texting him. When they didn’t, he sued. The case wound its way through the legal system and, after Duguid won at the Ninth Circuit court of appeals, Facebook took the case to the Supreme Court. At issue now is whether Facebook used what under the TCPA is an automated telephone dialing system, but as tends to be the case with legal matters escalated to the Supreme Court, it’s about more than that.

“Facebook and Yahoo have an interest in not being sued when they fail to stop texts,” said Margot Freeman Saunders, the senior counsel at the National Consumer Law Center.

Facebook, backed by dozens of business groups, and Duguid, who has the support of several consumer advocates and Congressional representatives, are each arguing for a different interpretation of what an Automated Telephone Dialing System is. Facebook’s legal team argues that an ATDS, under the law, only calls numbers randomly or sequentially, and as a result their use of a machine to automatically contact phone numbers through a dialing system does not technically count as an ATDS because they’re calling from a list. Duguid’s argument is the law specifically stipulates consent, which necessitates a list, and as a result the system is still an ATDS.

Naturally, the Supreme Court oral arguments came down to an intense discussion of grammar.

“Courts are buying some of these excuses, and the FCC under Trump did not come down hard on these ridiculous excuses,” Saunders said. “Instead they didn’t do anything.”

Facebook did not respond to a request for comment.

Legal wrangling aside, the Supreme Court’s ruling will have a direct impact on your cell phone. If Facebook wins, it’s a massive boost not only for businesses trying to robocall you, but also for the people who abuse the system. It will grant legal cover to spam calls and spam texts that hasn’t existed in decades, consumer advocates say.

“If they win,” Saunders said, “what we will have is a tsunami of unwanted texts, because there will be no limit on uninvited texts.”

Either way, when the case is decided a legislative fight will kick off. Despite polls showing vast public annoyance with robocalls, the political might of the pro-robocall lobby vastly exceeds that of the anti-robocall crowd. In addition to Facebook, 35 unique companies and associations wrote or signed on to friends-of-the-court briefs to bolster their case. These organizations all have their reasons for supporting Facebook’s cause, most of which comes down to less liability for texting and calling people. Those companies and groups also exert an enormous amount of influence in Washington outside of the legal realm. 

An Insider analysis of Center for Responsive Politics data found that as a whole, the pro-Facebook forces spent a collective $184.7 million on federal lobbying across all issues in 2020, employing a collective 689 unique lobbyists. By comparison, the various consumer groups that signed on to support Duguid’s case employed a collective six federal lobbyists in 2020, and spent a grand total of $250,000 across all issues.

Congress has relented in pursuing aggressive anti-robocall policies. The reality is that the factions that prefer the status quo are vastly better capitalized and connected than the consumer advocates.

What can I do to stop them?

While it’d be ideal if there were a simple technical solution to spam calls, there isn’t for the very same reason there isn’t a simple technical solution to computer viruses, or a simple immune solution to the common cold.

Anyone, anywhere on earth can set up a script to spam robocalls for fractions of a penny. No government agency can find and dismantle those servers, or the gateway carriers that slip them into the system; no carrier can find them in the billion-call flow of the telecom system, and even if they could they’d be skittish about killing a call without an external push to do so.

Essentially, the chance to solve the technical problem in the phone system ended in the 1980s, and unless you are a Supreme Court justice, there is little to be done about the legality of spam calls.

The solution, according to the people who do not operate mobile applications designed to fight call spam, is to install a mobile application designed to fight call spam. These systems are fairly clever in maintaining a more active block list than the carriers.

In addition to the FTC-maintained blacklist that can nuke a bad number across the board, apps like Nomorobo and YouMail can be effective in weeding out robocalls. Nomorobo has stopped 2 billion robocalls since Foss first launched it in the FTC bake-off, analyzing 150 million calls a month to find patterns. When there are billions of calls per day, and spammers pick up and drop numbers to evade detection, it’s a constant war of attrition. YouMail works by using your own voicemail as a trap, finding new robocallers by listening in and comparing incoming calls against a database of scams, a “Shazam for Spam.”

It’s also important to never fall for a scam call, and to advise loved ones on how to avoid them; the FTC maintains a list of common scams to prepare against.

Lastly, make sure to read the fine print when signing up for things; many companies “obtain consent” to robocall you by burying it in terms and conditions many skip.

Beyond that, it’s up to the courts to decide how much power consumers have over their own phones.

“I take the view that if they adopted a more broad and expansive view of what is an automatic telephone dialing system, there would be an uptick in lawsuits but a decrease in robocalls,” Owens said. “I think people dislike robocalls more than they dislike plaintiff’s attorneys.”

Join the conversation about this story »

NOW WATCH: Inside London during COVID-19 lockdown

Related posts