Tuesday, July 28, 2015

Scam Phone Calls

Ah yes, the topic we all love to hate, with a passion...

Over the years, the poor excuse for humans that make these calls, seems to have grown at an exponential rate. And over the years, the various telephone companies have taken your complaints about these calls, and it would seem like nothing is ever done.

The various telcos all offer the same wide range of excuses... "if we block that number they will just use another one" or "it's coming in from over seas so there is nothing we can do about it". And I am sure you have heard a lot more. It's my very humble opinion, that you are getting lied to. And here is why...

First of all, you need to understand a bit about the phone system. There really isn't a lot of difference between cell phones and landlines, they all operate in the same basic principle.

Way back "in the old days", phone exchanges had no computers to control them. The system was a design of mechanical switches and relays that would take each number you dialed on your rotary phone, and step through those numbers to connect you to your call. Quite often, if you were calling a number that was in the same exchange that you were in, you only needed to "dial" the last 4 digits. So if your phone number was 555-1234 and the person you were calling was at 555-2345, all you needed to dial was 2345, and you would be connected.

As the system grew, dialing all 7 digits was a requirement, and with those changes came the recognition of touch tone phones, and computers to control the connections. As with every industry around, computerized exchanges were a major game changer for the communications industry. Neat things could happen, such as caller identification (CID), three-way calling and call waiting. The software in the computer could send the number of the person calling (called ANI or Automatic Number Identification) during the 'silent period' between the first and second ring. Phones with a CID could then display that phone number and name. This is why you always had to wait until after the first ring, to see who was calling.

Along the way, the phone companies and software makers however, got lazy. Really lazy...

The presumed that the information supplied by the "calling office", would always be accurate, always be correct... after all, it was a closed system, and nobody ever thought about what would happen if that information was hacked.

Times changed, technology changed, equipment changed, and the internet and cell phones appeared in the mix of that technology. Yet, the way to identify that same information, never kept up with things.

Computers advanced, and the UNIX type operating systems started to change over into the various forms of FREE open sourced licenses for the multitude of LINUX type operating systems.

This allowed the creation of server machines with such a wide range of features, those software developers came up with a way in their programming languages to determine and confirm the IP address of the connection being made by users into that same server. And if the IP doesn't match the one identified in the incoming connection, the server would refuse to allow it to happen.

This... has been a standard in the LINUX and "server" world for a long long time now. Anyone that has ever played with a LINUX type server system, will see these connections being refused in the system log files, or the system administrator being sent alerts or messages, at which point they could take other options to ban those connections. Naturally, much depends on just how the administrator wants to control their system.

The point being, it can and is being done, if a very free and very powerful operating system.

Yet despite the technology being available, the software for the phone companies has not progressed at all in this area.

The latest scams seem to be using a method that will "spoof" that ANI/CID information, so that the number that appears is from the same exchange that you are in. These scammers will say they are from Air Miles, or a hotel chain, or a credit card company, etc.

In this case, these are called "intra-office" calls, because they (supposedly)  come from the same exchange. One would *think* that the computer in the same exchange could easily test to see if the calling number is indeed the number listed. But nope, that's too difficult to do. In several cases, we have even had our own number appear as the number the call is coming from. Which of course, is impossible.

Other scams have had numbers appear to be from the police, or the government, or even from Microsoft (to fix that virus you have). These calls are classified as "inter-office" calls, because they come from external exchanges. Which of course, could be any where in the world.

Yes, it would take a few more lines of code to signal back to that exchange "hey, is this really your number?" but... its only a few more lines of code.

If the LINUX type operating systems have the smarts to be able to do this, then why are not the multitude of phone companies fixing their software? And the answer to that, is really quite simple...

In Canada, the CRTC has not ordered the phone companies to make the required changes.

"It would be too hard" ... "There are too many players in the field" ...

But it's really not that hard. All it takes is some balls to stand up to the big players in Canada, and the rest of the world too. They can easily mandate that all calls must be verified within the next year. And they can mandate that calls that do not provide the required verification must be dropped within two years. This would allow for those in backward civilizations to get on the band wagon.

One would think that the phone companies, with all of the consumer complaints they get about these, would be begging the CRTC to order this to get done. But no, that also, is not happening. And some will point out that it's not really the CRTC's mandate to look after this. But it should be. Anyway, with that said...

There is however, some good news in this. Perhaps for you. Certainly not for the phone companies though.

Since CID is not guaranteed to be accurate, you should be asking YOUR provider why you are paying for it. Some phone plans include "all features" for one price. Those companies will be a little harder to barter with. However if you are with say, TELUS... where you get charged for each feature or group of features, this is very easy. Just complain. Loudly... and ask for money off of your bill until they get it fixed.

In our case, its 5 bucks a month. If everyone on TELUS (or any other provider) would complain then you will be hitting them in THEIR pocket book. And if you all do this, the financial loss to them will be huge. And you know how they hate to lose money.

If the law doesn't mandate that they fix this, perhaps the financial loss will encourage them to get off their butts and finally.... do the right thing.

Isn't it about time?