I don’t recall Nomorobo ever being free for iPhone only landlines.
Here in Norway there has been a big improvement for me. I used to get spam calls nearly every day. Now it is once a month. The reason for this is described here in Norwegian on the website of Norwegian Communications Authority (Nkom) Nå har det blitt vanskeligere å “spoofe” mobilnummeret ditt - Nkom
The most important info, which I have translated, is this:
All mobile operators (Me: in Norway) already have systems in place to block scam attempts from their own numbers. Earlier this year, the Norwegian Communications Authority (Nkom) sent letters to Telenor, Telia, and Ice, urging them to strengthen cooperation to stop even more fraudulent attempts. The collaboration involves sharing information between mobile operators, enabling them to also block scam attempts from hijacked numbers on other networks—regardless of which Norwegian mobile network the numbers belong to.
The Norwegian mobile network owners Ice, Telia, and Telenor have developed a coordinated digital shield designed to filter out fraudulent mobile traffic entering Norway. The project has been led by Mattias Lindstedt at the National Reference Database (NRDB). NRDB is a provider of shared functions for emergency calls and number porting to the telecom sector. The companies Telavox, Lycamobile, and Global Connect have also contributed to the effort.
You don’t need an assigned-number line to originate calls. When I was running PBXs, our call origination pathway was completely separate (through different companies, even) from our termination (receiving) lines, and they had no associated number of any kind. That’s one of the reasons that you can’t just say that the “phone company” (whoever that is) must only report the caller ID of the originating line. Often, that “line” (actually a SIP trunk) has no number. You must program your originating calls to report the caller ID of the number for one of your termination points.
STIR/SHAKEN requires that you demonstrate control of a number (by, for example, answering a call to it and receiving a code) before you can set that as your ID for originating a call. It actually seems to be pretty widely implemented these days, but apparently hasn’t put an end to the phone spam problem.
PBX is a completely different beast. We were talking about individual lines, such as consumer and small-business lines. If any line could call out without an assigned number, then new area codes wouldn’t be constantly being added for the (openly stated) reason that the available numbers are being eaten up by credit-card verification lines—those systems will never receive a call, but the lines still get assigned numbers, because they’re not part of an independent routing system like a PBX. They are routed directly by the carrier network.
A PBX is essentially its own miniature phone network that has points connecting it to the main phone routing system, both incoming and outgoing access points that don’t necessarily match, as you described. Those access points aren’t “lines” in the sense that we’ve been discussing here. Each incoming access point needs at least one assigned external number, or it couldn’t receive calls from outside the PBX.
Phone calls x 6/day at all hours on our VOIP land line, spam calls on my iPhone, but the worst are the “political” and charity texts every day… and it doesn’t matter if I block them. It’s just awful ![]()
The same technology that makes PBX possible (the ability to use SS7 over a T1 (or ISDN or other similar kind of line) for placing calls) is what every VoIP provider uses, and what lots of small-business PBX-like systems use. It is not just for large corporate customers and is far more common than you think.
The spammers/scammers are not placing calls from individual lines that they purchased. They hack into insecure voice servers, just like they hack into insecure servers of all other kinds, and place calls through those servers.
Yes, these servers should be secured, but trying to force every voice sever operator worldwide to implement good security is going to be just has hard as trying to force every operator of any other kind of server (mail, web, database, cloud, whatever).
Or they use legitimate PBX-like cloud services in violation of the service’s policies. The service will shut them down, but you can fire off millions of spams before that happens.
I’m also on AT&T, but I haven’t tried Active Armor yet. It’s encouraging to read you’ve had success with it, but I’m wondering how does it deal with spam voice calls which are clearly from the same entity (same voicemail gets left), but always from a different number? Is it doing some sort of internal Caller ID verification check?
I think you may have forgotten the context in which I made my original statement that this tangent developed out of:
This was not specific to the lines spammers use, but a response to a question about what an “unknown number” actually is.
Also, if you replace “telco” with “exchange system”, my original statement mostly still stands. Lines that can directly receive calls within a PBX (or other independent phone network) have a number assigned to them in the PBX (AKA an extension number). Without it, calls to them are unrouteable. That assignment could be static or dynamic, but it must exist to route a call directly to a line.
My error was in not accounting for the existence of lines that cannot be directly dialed but can place outgoing calls or pick up incoming calls from hold, which you don’t have in the main phone network but can have in a PBX/VoIP/other internally managed phone network.
None of this directly addresses the question of what lines spammers use, nor was it intended to. It’s strictly about the nature of call routing within a telephone network.
I “disabled rings from numbers that aren’t in my contact list,” but that does block calls I want to receive. Many businesses and doctors have multiple numbers which may not be in my Contacts if they are new to me. As others have said they can leave messages, but that’s another step.
At this point seems insoluble.
I use TrueCaller app to power iOS call blocking feature.
https://apps.apple.com/us/app/truecaller-caller-id-lookup/id448142450
This was not specific to the lines spammers use, but a response to a question about what an “unknown number” actually is.
I think the key piece of information you’re missing is that the 10-digit (or or other length for international calls) phone number is not actually necessary for placing a call. Although those numbers once corresponded to various geographic regions and circuits, that hasn’t been the case for a long time.
Within the modern phone system, calls are placed using the SS7 protocol stack. SS7 uses an internal addressing scheme for identifying the endpoints of a connection. (I don’t know the specific format, but I think it is related to the 20-byte NSAP address used by many circuit-oriented networking protocols.)
The phone number you dial is very similar to an Internet hostname. The SS7 stack does a lookup to translate that number to one or more lower-layer addresses, which are actually used to signal and complete the call.
Someone with access to an SS7 endpoint (which means every PBX operator, every VoIP operator and every ISDN customer, in addition to phone companies) can bypass that lookup and place calls directly to the internal endpoint addresses, if they know what they are.
Within the stack, “caller ID” is just a data packet forwarded along with the rest of the signaling data as a part of establishing a call/connection.
When you get an “unknown number” call, it simply means that the caller ID packet was not sent as a part of the signaling that connected the call. Maybe because the sender doesn’t have the capability (which would be very surprising today), or because the caller has enabled a privacy feature to not send it.
The critical piece of information, is that the caller ID information is in no way related to the data used to actually place the call. The underlying addresses are of course known to the network (otherwise the call couldn’t go through), but these are normally not visible to users (much like how when you access web sites, you don’t normally see the IP addresses used for each connection and you can’t see the MAC addresses that belong to the devices at the endpoint devices.)
Totally agree about the need for blocking communications (e-mail, text, phone calls) not only based on country of origin but on language. I receive daily spam e-mails in Japanese characters but Apple provides no way for me to send anything not in the English (Latin) alphabet to trash.
I “disabled rings from numbers that aren’t in my contact list,” but that does block calls I want to receive. {snip} At this point seems insoluble.
Correct. In my case, I can accept disabling rings from numbers that aren’t in my contact list, but not everyone can. Unfortunately, for many people, the problem is, indeed, insoluble.
I think the key piece of information you’re missing is that the 10-digit (or or other length for international calls) phone number is not actually necessary for placing a call.
You are getting way too bogged down in the technical details and ignoring the fundamental principle under which this side tangent started: To directly receive calls, a line must have an “number”. This is in reference to the original statement I was addressing about “every number is ‘known’”.
Whether that number is still the original ten-digit area code + exchange + number that was the original routing method for the self-switching phone system or a newer addressing scheme is irrelevant to the question at hand about “known” vs. “unknown” numbers. If you can initiate contact with a call-receiving device, it has an address assigned to it. That is the only sense in which one can say “every number is known”.
Honestly, I feel like I’m being mansplained to, whether that’s what’s actually happening here or not, from the first moment you brought PBX systems into this discussion. You have superior current technical knowledge to mine, but most of that technical knowledge is completely beside the point that if a line can be directly called, it has a number that is known to the system that routes calls to it. And that technical knowledge feels like it’s being used as a bludgeon here.
I’ve already acknowledged my error in not accounting for lines that cannot be directly routed to. Beyond that, this tangent has gone way too far from the original question, and I’m done.
My household has had an AT&T landline and a Verizon cell number (iPhone) for more than 20 years, but spam is only a minor nuisance on both.
The landline gets a handful of spam calls a day, during daylight hours. When it rings, I always jump up to answer it, because (a) that prevents the caller from leaving voice mail that I would have to process later, and (b) it’s good exercise. But if I don’t get an immediate response to my “Hello” then I hang up, presuming that it’s a robocall which is about to switch over to a bucket shop clerk. (If I’m wrong, a human can dial again, but that almost never happens.)
The cell phone gets at most one spam text and one spam call a month, and the calls are usually flagged by Verizon as potential spam, so I cancel them. (I never see the check mark in the Recents list, so I don’t know what Verizon might be doing to block spam.)
I don’t use any of the filtering systems that other folks have described, so I don’t know why my telephonic life is so easy. Maybe I’m just blessed! (Email spam is a different story.)
The problem with always answering and saying “Hello” to every landline call is that by doing to, you are verifying to the robodialer that this number leads to a valid line with another person on the end, and thereby ensuring that it will get marked as such, probably to be circulated later in lists for scammers who aren’t doing random or sequential dialing. So in addition to the robocalls, you’ll also start getting targeted junk calls.
Generally speaking, these robodialers can tell the difference between a live person picking up and an automated response (like a voicemail system, AVR, or answering machine). That’s why so many never leave messages: whatever scam they’re running depends on getting a live person. Those that do leave messages weren’t going to connect you to a live scammer in the first place, just give you an automated message.
The nice thing about a Visual Voicemail system, such as what iOS incorporates, is that now you often can get a rough transcript of the message content, saving you the time of listening to a junk message. Yes, you still eventually have to do something with it (or your voicemail gets full), but for most people, it takes far less time to glance over a transcript and see that it’s junk than it does to listen to the message to reach the same conclusion. (One that I get repeatedly is pretending to be a Comcast Xfinity offer. As soon as I see “Comcast”, I know I can delete it, because Comcast doesn’t service my region at all.)
The prevalence of junk calls and total lack of legitimate calls are why we dumped our landline years ago—I’m not paying AT&T an increasing ridiculous amount of money for a line that gets nothing but junk. (Almost all our legitimate contacts started using our mobile numbers almost exclusively well before this. My mobile number hasn’t changed in nearly thirty years. The only ones we had to remove the landline number from were doctor’s offices.) With the mobile, dealing with the junk calls is magnitudes easier.
I have a voip landline and an ’ old fashioned " answering machine. What I have found re most spam calls might help some. My answering machine is set for 4 rings before it picks up and says
"you have reached xxx yyy zzz Please leave a message at the tone "… What happens most of the time is that spam caller hangs up. I do have one simple ( old radioshack ) phone that shows the number calling which I may not be close to when it rings .
I sometimes go online and via xfinity- block that number. My friends knows to leave a message. Thus if i do not recognize the number I do NOT pick up before answering machine.
It doesn’t eliminate spam- but does reduce the aggrevation .
Frankly, I’m not asking Apple or anyone else to block any text messages. Thanks to using incogni, NoMoRobo, and various other protection schemes, I no longer get more than a scattered, few commercial spam/scam texts, and even more rarely calls. But I do get both “legitimate” political texts (altruistically [cough] excepted from Do Not Call bans — which I guess includes texts) and scam/spam texts poorly mimicking political texts. Almost all of the latter “originate” with US area code 773.
All I ask from Apple, the carriers, anyone, is the ability to screen out any regular expression or other wild-card-capable range of phone numbers from appearing in Messages on any platform. Out of sight is out of pure, white, burning hatred. As it is now, 773 texts are filtered as junk on my iPhone (probably because I told it to do so in enough instances), but the *&^%$@ messages still appear in Messages in macOS and iPadOS. Really frustrating.
I dropped my landline about a dozen years ago, too, because even though Verizon FiOS’s POTS-over-IP service kept increasing the number of phone numbers customers could block, they did so only arithmetically, while the number of Caller ID-spoofed numbers “originating” calls to my landline was increasing exponentially, the Do Not Call registry be damned. For a few, short years, I got few or no spam/scam calls on my iPhone. Ah, the halcyon days of innocence.
So, I’m not sure why falsifying one’s phone number is not considered fraud, and facilitating that (phone companies that take bribes for allowing injection of fake callerid) aren’t considered conspirators. Massive fines of phone companies would shut the fake traffic down right quick.