Carrier Responsibility

Robo calling should be a carrier responsibility and part of their quality assurance programs.

As a reactive measure, they can simply audit their client accounts to identify frequency of calls, sequence of numbers called, duration of calls, randomness of calls within exchanges, etc to determine possible robotic calling and potential fraud. All calls are logged and appear on phone bills. Self audits by the phone companies can pinpoint the source points and clients responsible for the calls. A verification by the phone companies can authenticate the client as valid or not. If not, the client (or client company) can be blacklisted. Analysis can be done whether or not they are using local PBX or other concentrators.

As a proactive measure, which may require additional software on the carrier's end, they can actively monitor calls from each source to sequential phone number targets, duration of calls, frequency of calls, random calls in short periods, etc. If an anomaly is suspected, a temporary block of the source phone can be initiated forcing the client to validate use by calling the phone company with explanation to release the block. Similar software can be employed, as is done with firewalls, intrusion detection methods (whether host based, network based, etc), anomaly detection, etc.

Host based solutions (ie end-user land lines, cell phones, smart phones) can be accomplished with programming set to allow end-user to press a key sequence to send an alert to the carrier to block the current call and all future calls from that number. On smart phones, local apps can hold that data as well to block future calls from that source.

Many distributed attacks are likely coming from the same PBX system or company, so stopping them can reduce large numbers of robo sources.

I think the best place to start is using existing data from the carriers and completing full audits and using good accounting procedures. That will stop a large population of illegal robo callers. And by levying hefty fines, will show that the Feds are serious about this and will deter future activity.

Another place to gather info on robo callers is to audit sellers of robotic software for client lists. Many dealers can be found using simple internet searches. One example would be: http://robodialer.net/Package.aspx. If this is a real Federal crime, I'm sure some controls can be put in place to regulate the industry. If the industry is regulated and software developers are required to input code to produce a preamble that can be captured by receiving systems, then the source can be verified easily as a legitimate user of robo software or an illegal (non-registered? user). Image used below was taken from the site referenced above.