You may have forgotten just how terrible looking at your email inbox used to be. Not too long ago, email spam cluttered our inboxes, making it next to impossible to wade through all of our emails and figure out which ones were legitimate and which ones to delete. And while with email this is largely a thing of the past, the problem has carried over into a new medium: our cellphones.
Pesky phone calls aren’t anything new, but in the last few years the situation has become rather drastic. According to one report, there was a total of 26.3 billion robocalls placed in the U.S. in 2018 — a staggering 46% increase in just one year. And while almost all of these calls are technically illegal, technology has accelerated to such a degree that it’s become extremely difficult for lawmakers and regulatory agencies to keep up.
Why This is Happening
It’s an old cliché: technology can be used for good and for bad. But recent advancements in calling services certainly prove this to be true. One of the main causes of the increase in robocalls is what’s called Voice over Internet Protocol (VoIP). Services offered by Skype and Google utilize this technology to help users communicate with one another at low costs. However, bad actors have learned to automate this technology in order to place thousands of calls to anywhere in the world at a rapid pace.
Alongside VoIP, spammers have also harnessed a technique called “spoofing,” which allows callers to use a fake number when placing a call. You’ve probably learned by now that if you receive a call from a number that looks similar to your own, it’s going to be a robocall. This is because spammers are using spoofing technology to carry out “neighbor spoofs,” a method that replicates your area code and sometimes your exchange number to trick you into picking up.
And while it’s not too difficult to learn to spot these tricks, spoofing can be used in even more nefarious ways. Because of the ease with which someone can mimic any phone number, spammers can have a call look like it’s coming from a local business or even the IRS. Or worse, if a spammer has gained access to your contact list, they can spoof calls to look like they’re coming from someone you know personally.
A Reason for Hope?
According to the FCC, 60% of all complaints filed are related to robocalls. And, given how pervasive the issue is, it can be extremely frustrating that not more is being done to tackle the problem. This month, however, there has finally been some movement from both the FCC and phone carriers to do something about it.
Earlier this month, the FCC unanimously voted to prohibit foreign callers from spoofing U.S. numbers, telling phone carriers that they have until the end of the year to implement technology to determine the legitimacy of calls.
The technology they are referring to is called STIR (Secure Telephone Identity Revisited) and SHAKEN (Signature-based Handling of Asserted information using toKENs). In essence, STIR/SHAKEN attaches a certificate of authentication to phone numbers that is then verified by phone companies when a call is placed. Phone carriers can use this technology to add check marks next to verified calls and warn you when a number is unverified.
AT&T and T-Mobile have since announced plans to implement this technology within the coming months. If you have either carrier you might already be seeing warning such as “SPAM RISK” or “FRAUD ALERT” appear on your screen when you get certain calls.
Of course, this technology doesn’t actually stop you from receiving robocalls. But maybe — just maybe — we’re moving in the right direction. After all, the decline of spam emails wasn’t because email providers outright blocked spam. As an article in NY Magazine points out, “The key insight that defeated email spam was that it would be nearly impossible to stop email spammers…But it was possible to make it so that the average person never saw that spam.”
The hope, therefore, is that call verification technology will make the business of robocalls less lucrative, and, overtime, the number of such calls will naturally decrease. Only time will tell how successful this will be, but this certainly seems to be a step in the right direction. When it comes to cybersecurity, there haven’t been a lot of hopeful stories recently, so we’ll take what we can get.