So I have a question. Suppose that I wanted to report a call as being spam to my provider, say. With email, I can just send them a message with the full headers since it's in my inbox. There isn't the equivalent for an inbox for voip, so that would require the provider to keep records of the signaling, right? I mean it could be kept on the phone if it's terminating SIP, but it seems like the provider keeping records would be more efficient. What I want is a spam button on the ones that it doesn't say are a scam.
With AT&T and perhaps others, you can forward the message to 7726 (spells SPAM on the keypad) and they'll reply asking for the originating phone number or email address.
With AT&T and perhaps others, you can forward the message to 7726
(spells SPAM on the keypad) and they'll reply asking for the originating
phone number or email address.
This is, of course, the root of the problem. The recipient of the spam does not know either the originating phone number or the originating e-mail address. All they know is the Advertizing ID -- and that is useless for everything except what it was designed for -- advertizing.
If one knew the originating phone number then one would know who to hunt down and which throat to slit from ear to ear, and there would be no need to involve AT&T at all... This, and the fact that the Telco's get bloody rich from providing termination for all the crap they have enabled is exactly the reason they did it in the first place!
The root cause of phone spam is because Caller-ID service was first deteriorated by a marketing gimmick that enabled the spoofing of the Caller-ID. Combined with eMail spam techniques, VoIP operations have now become out of hand. Below is an overview of these annoyances. This is a topic that I am not sure whether NANOG is the proper forum to deal with. Although, certain parameters and considerations are closely related to the Internet issues.
Abe (2022-04-27 22:17)
I believe the intent is for the service provider to then look up that call by source:destination, investigate how it came into the network, investigate if STIR/SHAKEN signed, and deal with appropriately. If signed, then there’s a responsible party to engage.