Spam and scam calls are an absolute menace in India, to the point that the prime minister went on record warning citizens about some of them (there was a wave of "digital arrest" scams recently). The authorities are generally trying to crack down, but it's a case of too little too late; they should've started at least a decade and a half ago when things were just starting to pick up, but corruption and lack of technical proficiency in most government departments meant that it all just grew unchecked.
There are tools though: Google is generally good at identifying most spam, there's also Truecaller (filled with ads and a privacy nightmare). You also have avenues for sending complaints (most providers have do-not-disturb complaint forms right within their apps, and there's a system called Chakshu which the government has introduced). But it'll be a very long time till domestic scam calls get reined in, and unless there is significant internal and international pressure, outgoing scam calls to other nations will still keep going on.
Yeah they are firing arrows,lets discuss shield technology and make protection a private endeavour . Meanwhile everyone of this scam calls is a very effective advertising for isolationism and protectionism. How much water does there have to be in a boat before you stop giving swimming lessons and start calling the gaping hole in the hull a systemic risk?
The story of minor Chinese celebrity Wang Xing who was abducted in Thailand forced into a scam call center in Myanmar as really shined a light on this scam call center issue. As a result of these scams in Thailand, the Telecoms and Banks have added restrictive measures like limiting person to person transfer amounts and KYC on all SIM cards. We can't have nice things.
They already are doing something. Google will warn about potential scams in their phone app, for example. Same for Gmail.
I think the most important issue is one of trust, which is one the scammers are trying to exploit. Do you trust Google saying "this might be a scam" over a person on your phone assuring you that there is some urgent need to do something? The answer depends obviously on how you view technology, generally older people tend to place less trust in technology and more trust in humans. That is why these scams work, they play on an inherent trust bias.
I don't see that Google or Apple really can't do that much more, as the issue really is a social one.
Here's an idea. If a call is detected as a scam, provide an OS level hook for the call to be diverted to an app that can access an API. That'd be all that Apple and Google would do.
At that point, App makers would get access to the call and could do a variety of things with it.
So for instance, you might have a vulnerable grandparent you want to protect, so you install an aggressive AI screener app to handle these things.
Or, you might just send a log of calls to a loved one.
Or, you might send a transcript of that call to a loved one, or an AI, or both for protection.
Basically, Google and Apple saying "Potential Scam" says to me that they can know when a call is risky. They need to do more with that and open up an ecosystem of defensive software.
Why them and not the legal system? We should use the systems designed to catch criminals for catching criminals.
Start with getting the phone companies to not lie about the real phone number. Then implement blocklists at the borders and catch the criminals inside your own borders. Start some interpol like treaties so cooperatieve countries can help each other, then treat the noncooperators as probable criminals. And do this for IP routing too while you're at it.
It's not either/or. The legal system has its place, but so many scams are international and the jurisdiction is murky. Apple/Google are uniquely positioned here by owning the phone OSs.
It is called pig butchering. Your online girlfriend teaches you how to invest in crypto. Both you and her get incredibly rich and you pour more and more money into your investment. Until one day you learn everything was a lie. Your online girlfriend. The riches you supposedly earned.
The answer for these scam centers and for ransomware is to declare any nation that harbors them as state sponsors of terror.
The core issue with pig butchering is that the harm process is distributed across platforms, so there’s no single view of the problem at a platform level.
This hasn’t stopped efforts to improve knowledge and coordination, but the next barrier to action is in geographical location, and out right kidnap of people to man the fake accounts.
But now, to make matters worse, there’s LLMs which can simply fake humans at scale.
I find it pretty amazing that so many people have a positive view of AI, when the plus side is that it perhaps makes writing code faster and easier (although too fast and easy and you'll be put of a job) while the downside is, as you point out, widespread scamming at infinite scale, destruction of trust in photos and videos as reality, spamming, cheating, harming, and who knows what else once not-so-nice people get creative on its uses. Automated internment camps? Dynamic pricing to extract the absolute maximum from every consumer transaction? Families unable to trust each other? I expect them all and more.
That is an odd take. Ransomware gangs had held hospitals and cities in the US hostage for years. The scam centers are making elderly destitute who then have to fall back on the state for subsistence. If nations do not attempt to rein in these terrorist gangs, yes, they should be held accountable.
Would a simple solution, like demanding that anyone who isn't in your contact list pay a relatively substantial amount (like $5, or even $0.5), in order to contact you, and you are the one that decides if to return that money when the call ends or to keep it for yourself (send it to a charity/pay taxes).
This would also cripple a lot of business in advertising, but not a big loss, if someone really wants to talk to you, they can pay the price.
What am I missing? Why would this not work? What side effects on other industries could there be?
I think one of the easiest way to combat this to make getting phone numbers harder. For example, you need to be a citizen of that country or have a business or other legitimate reason to get one. After that you can just block all foreign phone numbers.
Also, maybe a warning in OS level for remote access tools or block them by default.
I get like 7-8 spam texts and calls a day from numbers within my own state.
I suspect that something like hashcash or adding some small fee (like $1, that is returned to the spender if the recipient doesn't reply "STOP") would pretty much shut down these spam calls.
Please do not suggest these terrible solutions that make SMS/calls an unreliable transport, when it is just a sybil problem.
I had (have?) the idea that one could have an off-band signal that "Yes it's actually my number trying to call your number". Anyone who wants to steal it, feel free, but I have a feeling Google/Apple could implement it and eat your lunch.
So before I call the number (say the phone number is 9), my phone app will log into a central server and say "My number is 7, and I'm trying to call 9". The phone 9 will check the server and see that "Oh I'm getting a call from 7" and then ask the server, "Is 7 trying to call me?", and will get a confirmation.
There'll be different warnings if 7 currently doesn't have data connection, or got a new phone and hasn't logged on for a while, or 7 doesn't even have an account on the server. If 7 has recently pinged the server and then tries to call 9 without notifying the server, the server can say "I can't see any sign from 7 that he's trying to call you." then 9's phone can warn her. There'll be different warnings for different situations.
And we can use certificates and do tricks like not needing an account for each phone number, but send a message "Yes this number from Microsoft tech support is actually trying to reach you.", signed with Microsoft's certificate. But then the scammers will get a certificate for "Micro5oft", etc.
Looking forward to a reply moaning about centralized authorities monitoring people's calls. Although as I write this I realize telcos can do this already. Perhaps it can be a P2P solution...
Indeed. All these issues with scam calls from spoofed numbers should lead to BCP38, but for phones. Someone calling shouldn’t be allowed to set their own number in the first place, but we could start by limiting country codes. There’s no reason that a phone should be able to spoof the country of origin. If you want a phone number in France, you can go get a number from a French provider.
Why not make a warning, for example when someone calls from certain Asian country to US, warn that this call comes from this country and can be a scam?
Of all the things for Trump to overreact and overreach on, this should be #1. Send these people to prison in El Salvador. Very few tears will be shed for these pieces of shit.
I have a land line that was installed as part of a simple alarm system for insurance purposes, that
was only used to test the line and get the number,
and never given out , and it is hitched up to an old answering/message center phone, so every time I walk past it I can see the calls pilling up.
The real issue is that the whole phone system is porous, well realy ,all comunications and data, so we lurch along, the scams very much like a parasitic infection that is only an inconvienience
to it's host species, to which we apply powders and salves, the question then, is there the will to rebuild everything with a real immune system
that is effective enough to prevent any scam ecosystem from evolving to profitability.
certainly we are all exasperated by the irritation
and the inability to swat and squish the offenders
and gain some sense of retrebution, giving the whole ordeal a singular grimmness
true.
the other thing, as I have gone through, is having
my number given out by some random scammer, who in my case must have been unusualy successfull, given the rather excited and agitated nature of the calls I was getting from people trying to contact that person....I finnaly was bumped up to someone who had enough experience to just take me at my word, that no, not who they want, zero knowledge of the situation, no fucking way I am giving them
MY name, to be attached to whatever it is they wont detail to me.....and it stopped.
But scamming it is realy a problem , so engaging strictly on my terms with whatever is going on.
No end to it, unless there is a strong will to remove these horrible distractions, permanently.
Recently bought some Chinese stocks. Minute later received robocall from UK number to add them on WhatsApp. Call on the number saved at the broker. Parents are receiving calls in their native language from a native speaker regarding various investment accounts. This whole thing is fully automated with global outreach, with personal data leaking like liquids from 20 years old beater car. Meanwhile legit banks are sending emails and SMS with messages like "be careful with scammers contacting you over email and SMS". It's one big psychotic chaos.
Spam and scam calls are an absolute menace in India, to the point that the prime minister went on record warning citizens about some of them (there was a wave of "digital arrest" scams recently). The authorities are generally trying to crack down, but it's a case of too little too late; they should've started at least a decade and a half ago when things were just starting to pick up, but corruption and lack of technical proficiency in most government departments meant that it all just grew unchecked.
There are tools though: Google is generally good at identifying most spam, there's also Truecaller (filled with ads and a privacy nightmare). You also have avenues for sending complaints (most providers have do-not-disturb complaint forms right within their apps, and there's a system called Chakshu which the government has introduced). But it'll be a very long time till domestic scam calls get reined in, and unless there is significant internal and international pressure, outgoing scam calls to other nations will still keep going on.
Yeah they are firing arrows,lets discuss shield technology and make protection a private endeavour . Meanwhile everyone of this scam calls is a very effective advertising for isolationism and protectionism. How much water does there have to be in a boat before you stop giving swimming lessons and start calling the gaping hole in the hull a systemic risk?
The Economist recently ran an excellent podcast series on the scam industry called Scam Inc. https://www.economist.com/audio/podcasts/scam-inc
The story of minor Chinese celebrity Wang Xing who was abducted in Thailand forced into a scam call center in Myanmar as really shined a light on this scam call center issue. As a result of these scams in Thailand, the Telecoms and Banks have added restrictive measures like limiting person to person transfer amounts and KYC on all SIM cards. We can't have nice things.
https://www.cnn.com/2025/01/14/china/china-actor-thailand-sc...
It boggles the mind that Apple and Google don’t take meaningful steps to combat this. Is it really that hard of a problem or do they just not care?
They already are doing something. Google will warn about potential scams in their phone app, for example. Same for Gmail.
I think the most important issue is one of trust, which is one the scammers are trying to exploit. Do you trust Google saying "this might be a scam" over a person on your phone assuring you that there is some urgent need to do something? The answer depends obviously on how you view technology, generally older people tend to place less trust in technology and more trust in humans. That is why these scams work, they play on an inherent trust bias.
I don't see that Google or Apple really can't do that much more, as the issue really is a social one.
Here's an idea. If a call is detected as a scam, provide an OS level hook for the call to be diverted to an app that can access an API. That'd be all that Apple and Google would do.
At that point, App makers would get access to the call and could do a variety of things with it.
So for instance, you might have a vulnerable grandparent you want to protect, so you install an aggressive AI screener app to handle these things.
Or, you might just send a log of calls to a loved one.
Or, you might send a transcript of that call to a loved one, or an AI, or both for protection.
Basically, Google and Apple saying "Potential Scam" says to me that they can know when a call is risky. They need to do more with that and open up an ecosystem of defensive software.
Why them and not the legal system? We should use the systems designed to catch criminals for catching criminals.
Start with getting the phone companies to not lie about the real phone number. Then implement blocklists at the borders and catch the criminals inside your own borders. Start some interpol like treaties so cooperatieve countries can help each other, then treat the noncooperators as probable criminals. And do this for IP routing too while you're at it.
It's not either/or. The legal system has its place, but so many scams are international and the jurisdiction is murky. Apple/Google are uniquely positioned here by owning the phone OSs.
It is called pig butchering. Your online girlfriend teaches you how to invest in crypto. Both you and her get incredibly rich and you pour more and more money into your investment. Until one day you learn everything was a lie. Your online girlfriend. The riches you supposedly earned.
The answer for these scam centers and for ransomware is to declare any nation that harbors them as state sponsors of terror.
https://cyberscoop.com/ransomware-terrorism-ndaa-2025/
Pit butchering scams are a subtype of scams.
The core issue with pig butchering is that the harm process is distributed across platforms, so there’s no single view of the problem at a platform level.
This hasn’t stopped efforts to improve knowledge and coordination, but the next barrier to action is in geographical location, and out right kidnap of people to man the fake accounts.
But now, to make matters worse, there’s LLMs which can simply fake humans at scale.
I find it pretty amazing that so many people have a positive view of AI, when the plus side is that it perhaps makes writing code faster and easier (although too fast and easy and you'll be put of a job) while the downside is, as you point out, widespread scamming at infinite scale, destruction of trust in photos and videos as reality, spamming, cheating, harming, and who knows what else once not-so-nice people get creative on its uses. Automated internment camps? Dynamic pricing to extract the absolute maximum from every consumer transaction? Families unable to trust each other? I expect them all and more.
Seems like a way to use lax consumer protection as an excuse to bomb people.
That is an odd take. Ransomware gangs had held hospitals and cities in the US hostage for years. The scam centers are making elderly destitute who then have to fall back on the state for subsistence. If nations do not attempt to rein in these terrorist gangs, yes, they should be held accountable.
How about holding hospitals accountable for connecting sensitive systems to the internet.
And not some poor country where government are hardly in control and some guy has some vpn server running in a closet somewhere.
> If nations do not attempt to rein in these terrorist gangs, yes, they should be held accountable.
I recognize this...
I don’t see how technology is going to stop lonely old people from falling for someone who says they love them. Human desire is stronger than reason.
It's a hard problem.
It is nice to see news of this in the actual news rather than just on YouTube channels like Scammer Payback.
Would a simple solution, like demanding that anyone who isn't in your contact list pay a relatively substantial amount (like $5, or even $0.5), in order to contact you, and you are the one that decides if to return that money when the call ends or to keep it for yourself (send it to a charity/pay taxes).
This would also cripple a lot of business in advertising, but not a big loss, if someone really wants to talk to you, they can pay the price.
What am I missing? Why would this not work? What side effects on other industries could there be?
I'm from Europe. Everyone who calls me has to pay. I still get the microsoft people etc... calling me once in a while.
I think one of the easiest way to combat this to make getting phone numbers harder. For example, you need to be a citizen of that country or have a business or other legitimate reason to get one. After that you can just block all foreign phone numbers. Also, maybe a warning in OS level for remote access tools or block them by default.
I get like 7-8 spam texts and calls a day from numbers within my own state.
I suspect that something like hashcash or adding some small fee (like $1, that is returned to the spender if the recipient doesn't reply "STOP") would pretty much shut down these spam calls.
Please do not suggest these terrible solutions that make SMS/calls an unreliable transport, when it is just a sybil problem.
I had (have?) the idea that one could have an off-band signal that "Yes it's actually my number trying to call your number". Anyone who wants to steal it, feel free, but I have a feeling Google/Apple could implement it and eat your lunch.
So before I call the number (say the phone number is 9), my phone app will log into a central server and say "My number is 7, and I'm trying to call 9". The phone 9 will check the server and see that "Oh I'm getting a call from 7" and then ask the server, "Is 7 trying to call me?", and will get a confirmation.
There'll be different warnings if 7 currently doesn't have data connection, or got a new phone and hasn't logged on for a while, or 7 doesn't even have an account on the server. If 7 has recently pinged the server and then tries to call 9 without notifying the server, the server can say "I can't see any sign from 7 that he's trying to call you." then 9's phone can warn her. There'll be different warnings for different situations.
And we can use certificates and do tricks like not needing an account for each phone number, but send a message "Yes this number from Microsoft tech support is actually trying to reach you.", signed with Microsoft's certificate. But then the scammers will get a certificate for "Micro5oft", etc.
Looking forward to a reply moaning about centralized authorities monitoring people's calls. Although as I write this I realize telcos can do this already. Perhaps it can be a P2P solution...
I believe this is what STIR/SHAKEN was trying to do, however getting global adoption (which is what would be required) is where it fell over
I know this won't solve it, but it's a low-hanging fruit, they need to delete that stupid feature where you can receive SMS from an email address.
Anyone can spoof any phone number, right? Seems like that's on the telco standards.
Indeed. All these issues with scam calls from spoofed numbers should lead to BCP38, but for phones. Someone calling shouldn’t be allowed to set their own number in the first place, but we could start by limiting country codes. There’s no reason that a phone should be able to spoof the country of origin. If you want a phone number in France, you can go get a number from a French provider.
Why not make a warning, for example when someone calls from certain Asian country to US, warn that this call comes from this country and can be a scam?
Of all the things for Trump to overreact and overreach on, this should be #1. Send these people to prison in El Salvador. Very few tears will be shed for these pieces of shit.
For irony, turn on showdead and notice the scam post on this thread.
I have a land line that was installed as part of a simple alarm system for insurance purposes, that was only used to test the line and get the number, and never given out , and it is hitched up to an old answering/message center phone, so every time I walk past it I can see the calls pilling up. The real issue is that the whole phone system is porous, well realy ,all comunications and data, so we lurch along, the scams very much like a parasitic infection that is only an inconvienience to it's host species, to which we apply powders and salves, the question then, is there the will to rebuild everything with a real immune system that is effective enough to prevent any scam ecosystem from evolving to profitability. certainly we are all exasperated by the irritation and the inability to swat and squish the offenders and gain some sense of retrebution, giving the whole ordeal a singular grimmness
whoever had the number before you probably gave it out plenty. "fresh" numbers are not really a thing anymore.
true. the other thing, as I have gone through, is having my number given out by some random scammer, who in my case must have been unusualy successfull, given the rather excited and agitated nature of the calls I was getting from people trying to contact that person....I finnaly was bumped up to someone who had enough experience to just take me at my word, that no, not who they want, zero knowledge of the situation, no fucking way I am giving them MY name, to be attached to whatever it is they wont detail to me.....and it stopped. But scamming it is realy a problem , so engaging strictly on my terms with whatever is going on. No end to it, unless there is a strong will to remove these horrible distractions, permanently.
Recently bought some Chinese stocks. Minute later received robocall from UK number to add them on WhatsApp. Call on the number saved at the broker. Parents are receiving calls in their native language from a native speaker regarding various investment accounts. This whole thing is fully automated with global outreach, with personal data leaking like liquids from 20 years old beater car. Meanwhile legit banks are sending emails and SMS with messages like "be careful with scammers contacting you over email and SMS". It's one big psychotic chaos.
[dead]
[dead]