A Spamming Nightmare

By

(This actually happened to me. This is not theoretical.)

We just had the most horrible thing happen to us because of SPAMMERS.

One of those spammers (presumably from India) who presents themselves as Microsoft Technical Support who is calling to help you remove bad software from your computer (while actually having you install malware that will take control of your computer) has been using one of our toll-free numbers.

Every time this spammer calls, our toll-free number shows up on the recipient’s Caller ID display. He’s displaying OUR number!

Angry callers then “redial” and the calls come in to our phone system. I don’t know what percentage of people called get angry and irate, but I am sure it’s a small percentage since I usually just hang up and ignore them.

We’re getting 5~10 angry retail-callers a SECOND into our phone system. It’s thousands of calls, and every one of them is irate and thinks that we are placing the calls to them. They just don’t understand that Caller ID is easily spoofed.

So let’s say that 1 caller in 100 bothers to press their redial button to call “us” and complain. This means that the spammer using our phone number about 30,000 times an hour. This ruthless, morally bankrupt person is plaguing 30,000 people every hour with efforts to steal your money, credentials, credit cards, or computer. That’s about three quarters of a million calls a day.

This is such an enormous volume of calls that it is impossible for us to handle them. The people don’t want to hear the fact that we didn’t place the calls, and that our number is being spoofed. And, since we pay about 2-cents a minute for inbound toll-free traffic, it is also costing us a significant amount of money.

We have finally made the decision to terminate the toll-free number.

Of course, this means that none of our customers can reach us, and that will economically hurt us.

We have talked with all of the police, security experts, and our VoIP carrier, and there is absolutely nothing that can be done.

What a terrible situation.

Why isn’t there an authentication on Caller-ID? And, why do we tolerate spammers? Really, it is a problem that can be solved remarkably easy.

Colin Berkshire