At this point I'm firmly of the opinion that "leak this 10 digit code and anyone on the planet can call me relentlessly" is just a broken model. Maybe that worked better when the calls carried a significant cost, but clearly the scammers are able to do this sort of thing at scale.
In practice of course, my phone is 100% permanently in "do not disturb" mode and does not ring at all unless I've added you to my contact list. Which means the scammer, already pretending to live in small town rural USA (where they most certainly are not) has to correctly guess the number of one of my relatives before my pocket actually rings. It also means I'm unreachable for anything actually important that isn't in my contact list. That's an annoying price.
I'm not sure what the correct end solution is, but the current solution seems to be very broken.
I didn’t realize how bad it got until my father stopped answering calls. It turned out he was getting (no hyperbole) 90 calls a day from spammers and vendors he had no relationship with.
I used the iOS filter, the AT&T filter, and turned on the shortcut so the phone doesn’t ring unless the caller is in his contacts.
The problem is that it already changed his behavior. He doesn’t answer the phone anymore, even if it is a person he recognizes. The Pavlovian response to his ringtone is still very negative.
I’m sure there is a non-trivial percentage of the US who already viscerally hates receiving phone calls.
Try being a business where you are obligated to answer the phone in case it's a customer. We easily average a hundred junk calls for every one valid customer call.
I have taken to speaking like a robot, repeating two sentences in a loop ("You have reached technical support, please describe your issue." -> "I am sorry, I cannot deviate from the technical support script. You have reached technical support...") until the spammers come to the realization they cannot manipulate me into giving an affirmative response that they can interpret as consent to move our phone service, subscribe to service offerings, etc.
They have made phone service effectively worthless, just as they have made all other forms of communication effectively worthless.
Edit: Just remembered something else I do: I do not answer the phone with "Hello" or anything like that. The vast majority of calls that we receive are originated by an autodialer that is listening for a typical greeting so it knows in what language its payload should be delivered. Instead, I answer with only the name of the business and nothing else. If I hear silence, I repeat the name of the business. After a short time, the autodialer gives up and terminates the call.
That's wild. I'm in the US, and I get maybe 1-2 spam calls a month. I get more spam texts than calls, though not many of those either. I've never done anything special to try to prevent them, so I wonder what the difference is.
I suggest the caller stakes a little bit of money as a deposit that is, by default, returned to them within a day... But an angered recipient can retaliate by choosing to seize the deposit.
I think this works for many situations:
1. Between amicable friends and businesses/clients, nothing changes.
2. If there was a normal relationship, but one side starts unfairly seizing call-deposits... Well, maybe it's time to no longer have them as a vendor/customer/friend.
3. Spammers either eat the additional cost, or they have to work harder to make sure they only call people who are unlikely to retaliate.
_____
There's still a problem where someone asks to be called (the number needn't actually be theirs) as a way to trick the caller into losing money... But even then, I think it represents an improvement over what we've got now.
Yes, but this is probably best instituted at the telecom layer as there are fewer people to educate / complain / litigate drama. Telecoms who self-police don't need it and if they fall from grace they can post collateral to be let back in. I predict that suddenly the telecoms who previously turned a blind eye towards scam call-centers will suddenly become very good at pursuing scammers once they become a threat rather than an asset.
> There's still a problem where someone asks to be called (the number needn't actually be theirs) as a way to trick the caller into losing money... But even then, I think it represents an improvement over what we've got now.
That's basically the purpose toll free area codes used to serve; and there's no reason that same sort of solution (with some adjustments for the modern era) couldn't continue to be used under a deposit based system. Just add some universal prefix, some unused country code for instance, that can be dialed for a "no deposit" call; and then give control to the recipient whether they want to accept such calls.
Or, well, since most modern dialing is done by submitting the whole number at once rather than digit-by-digit; it could even be a suffix. If your number is +12125551212, maybe something like +12125551212*0 could indicate a "no deposit" call. I mean, the whole suffix space could even be turned into something akin to a password so instead of just opening up accepting "no deposit" calls from the entire world, you might only accept them from specific whitelisted suffixes; and if someone leaks one and you start getting spam calls on it, you can just turn off that suffix. There might need to be some provider-enforced fail2ban to prevent wardialing those suffixes, but it doesn't sound like it'd be too difficult.
If I could just block the numbers, or auto send to voicemail, that my phone already flags as Spam/Telemarketing this wouldn’t be so frustrating for me. I do need my phone to ring for unknowns/outside my contacts numbers, so the blocking ability I need isn’t available (on iOS anyway.) I am left manually doing this when something rings if it is flagged, I will ignore it and if it’s unknown and not flagged I will answer it. It’s not perfect but could easily cut more than half of my current interruptions.
For what it's worth, upcoming iOS 26 has a new screening feature. The idea is that calls from numbers you don't have a connection with will be asked to briefly identify themselves and why they're calling. It'll show you this text and give you the choice to block/send-to-voicemail/ignore/accept.
Yeah. I'm not sure why Spam Risk rings because it almost certainly is spam. But I do get doctor offices, service people related to something I'm dealing with at the moment, emergencies related to family members, etc. that are legit. I suspect the permanently do not disturb faction are mostly in a different life stage than many of us.
I'd probably add that the area code + exchange calls from an area code that you don't actually live in are spam as well though don't see those as much as I once did.
As others have alluded, there are unknown third parties who must call you (and you would want their call). For example, the hospital: something has happened with a loved one. We can probably solve this problem with certification. Show me your medical license (or hospital scale equivalent) and you get to make unsolicited calls. Then we allow people to select certified unsolicited calls by category: medical, financial, civic, etc.
Even in this case, I'd rather get a text message. A mere call doesn't provide any context and is not informative. Maybe your loved one showed up in their ER or maybe it's a billing issue.
The text message should explain the nature of the call and which number to call in reply.
I've received I think two total spam calls in the years since I ported my cell number to a voip service and set up an IVR in front that just says to press any number. It also blocks the very, very few robocalls I might actually want, and occasionally some company will refuse to accept a voip number as a cell number, but most everything just works fine.
Imagine if the concept of a phone call did not exist. We still have these computers in our pockets, but without the history of the telephone system.
Then, one day, an app developer thought: Wouldn't it be cool if there was an app that would interrupt what the user was doing, play a sound, vibrate the device, and put up a full-screen dialog, that this all could be activated remotely by any other device by simply typing in a short numeric code, and that if the recipient pushed a button, the remote attacker could send audio data and activate the recipient's microphone? Most app stores would classify this as malware, yet here we are today with devices that all have built-in apps that do exactly this, and only because of how normalized the legacy idea of a "phone call" is.
A similar hypothetical was in the classic book "Peopleware" from 1987, if I recall correctly, imaging the reaction if the phone was a new invention and the phone company salesman wanted your company to put a phone on every engineer's desk which would allow anyone else in the world with a phone to at any time interrupt your engineers with no warning.
They had an anecdote about one company they consulted at which illustrated how normalized interrupting engineers had become. The engineers were putting their phones on "do not disturb" (DND) to stop all the interruptions so they could get their work done, and management sent around a memo saying that the engineers needed to stop putting their phones on DND because that caused the calls to forward to the secretary, and all the calls were making it hard for the secretary to get any work done.
> Wouldn't it be cool if there was an app that would interrupt what the user was doing
It seems like this sort of idea is extremely common, considering how many websites love preventing me from viewing their content by slapping multiple modals asking me to sign up for a newsletter and/or to get my permission to be tracked using cookies.
It also shows up in native apps, in the form of some prompt asking the user if they are enjoying the app. NO! I do not enjoy being funneled into an App Store review or any similar bullshit. If I like using the app, I'll use it. If I don't, I won't. Stop asking me!
I build websites for a living and I'm constantly battling requests to infect our sites with these god-awful modals. It's like sitting down at a restaurant, being handed a menu, only to have the menu taken away seconds later and being asked if you'll return in the future. Not only is it rude, it's the wrong time to ask the question. Let me read the damn article or whatever, and when I'm done, if there's a newsletter form, MAYBE I'll sign up. Let me eat my meal, and if I enjoy it I'll think about returning.
> Then, one day, an app developer thought: Wouldn't it be cool if there was an app that would interrupt what the user was doing, play a sound, vibrate the device, and put up a full-screen dialog, that this all could be activated remotely by any other device by simply typing in a short numeric code
When you're actively using your smartphone, phone calls show up as notifications, not full-screen dialogs (which trips up my non-technical relatives, since they don't know how to answer a call through the notification). Given that, it's not that different from what we had on computers with instant message applications like ICQ. In a world without the concept of phone calls, they would be a natural evolution from these instant messengers (and, as I'm sure you remember, ICQ used a short numeric code as the user identity).
That‘s a great example of how technology can change the rules. In the era of rotary phones hardly anyone would have felt the need to describe it that way. But nowadays it‘s appropriate.
I don't have this problem at all thanks to Pixel Phone. That spam screen feature alone is keeping me on the Android ecosystem. I don't recall one spam call in the last year. And legitimate new caller (not on my contact list) can still reach me after like 5 seconds with the bot.
> In practice of course, my phone is 100% permanently in "do not disturb" mode and does not ring at all unless I've added you to my contact list.
I go even further, unless there is a good reason for someone to have the ability disturb me, they're not whitelisted. I have no phones that ring unless it's for a specific and temporary purpose.
A ringing phone is an anachronism, it's incredible to me that people let anyone bother them in this way these days. Its an invasion of ones personal space.
There are so many simple solutions, just like phone privacy is fixable (firewall your phone)
I just don't think anyone wants to fix it. Why can't apple let us send "spam risk" to voicemail?
Like adding extensions, possibly with passwords to your phone line.
It would be good to give an extension or password to friends, or one for each business, which can be automated to input with a pause after answering, and it gets through (or further) if possible.
> I just don't think anyone wants to fix it. Why can't apple let us send "spam risk" to voicemail?
You can. At least with iOS 26 you can, I don't know if it's new or not. You can have known spam numbers silenced, sent right to voicemail, and then the voicemail is immediately put into a spam folder.
>I'm not sure what the correct end solution is, but the current solution seems to be very broken.
If we just made it impossible for phone calls to reach US destinations if they originate from a short list of foreign countries, would that actually do anything to address this issue?
I’ve tried this method, but it didn’t work out for many reasons. I often have to deal with people I don’t personally know for various reasons (mechanic, lawn care, doctors, school staff, etc.), and I have missed too many important calls like this, so I basically just have to deal with it. About 50% of the time it seems to be caught with “spam risk” or something like that, otherwise I just use my judgment.
> I'm not sure what the correct end solution is, but the current solution seems to be very broken.
I think one of two high-level approaches:
We could be ultra-strict about who is allowed to call whom, and have penalties and enforcement similar to how we police credit card fraud.
Or, we could do away with phone numbers and instead come up with a scheme where you show a QR-like code to allow someone to call you; and then you can revoke that permission if/when it is abused.
---
Finally, I think the crux of the problem is that in the US we tolerate far too much of this kind of behavior. (Unsolicited contact for the purpose of sales.) Without a corresponding publicity campaign, there's far too much cultural tolerance of allowing anyone to contact anyone at any time for any reason to accept the kind of change needed to truly contain SPAM.
Leak? It's a 10 digit code where you can throw out more than two thirds of them. The only leaking is getting names attached and being currently active.
I mean numbers are as terrible as social security numbers. For both of them you can take your number, add one, and get another valid number.
I'm also not sure what the correct solution is but I'm sure there's some pretty smart people out there that have some really good ideas and understand the issue with a lot of complexity (aka: I won't believe anyone who starts with "It's so simple, you just...")
> I'm also not sure what the correct solution is but I'm sure there's some pretty smart people out there that have some really good ideas and understand the issue with a lot of complexity
While there are certainly technical challenges and various trade-offs, those are not the main reason we're still getting buried in spam calls. My understanding is that smart people have already come up with good solutions which can be implemented at relatively low cost and which would be substantially effective - but the solutions have not been universally deployed because:
1. They generally require coordinated action between governments, standards bodies, regulators and disparate companies at different levels of the telecom ecosystem. These parties have divergent processes, goals and opinions on who should bear the costs and/or responsibilities for implementation, enforcement, etc.
2. The major U.S. telecom companies make money by transiting calls they know (or should know) are very likely spam. They don't want to give up that revenue so they find ways to not fully adopt, delay or weaken various proposals. These can include the motivated leveraging of legitimate technical issues or concerns to complicate, defer and otherwise hinder the processes in which they are involved as significant stakeholders. Many mobile phone operators now also earn revenue selling spam call blocking as a separate feature or part of more expensive plans. If the problem was substantially fixed they would lose that revenue.
3. There are various political stakeholders, industries and companies (not the off-shore, bottom-feeding spammer/scammers) which have a vested interest in keeping unsolicited calls legal. These include some of the more legit-ish forms of domestic telemarketers such as recruiters, fund-raisers, political campaigns, pollsters, market survey companies, etc. These companies have industry associations which hire lobbyists and make political donations to ensure their particular use is exempt from any regulations and that their cost of doing business doesn't go up to comply with the new system. Carving out all these exceptions and exemptions significantly complicates and/or weakens most technical solutions.
This is why I believe there is currently zero hope of any significant improvement despite the FCC issuing positive sounding announcements exactly like this one every 6 to 18 months for the last ten years. These FCC announcements rarely mention the workarounds, exemptions, appeals processes, delayed or unfunded enforcement which industry insiders already know will allow spam calls to continue with no substantial change. These announcements are merely the FCC fulfilling their political role of appearing to regulate and taking steps to mitigate the problem. Now the FCC managers who are measured on "do something about spam calls" can check that box on their KPIs. However all the various parties in the ecosystem have already taken steps to ensure whatever the FCC is announcing won't really work well or can be worked around relatively easily. For example, I'm sure most of the people behind the companies supposedly banned in this announcement (or their large offshore spammer/scammer customers) have already made other arrangements to continue operating uninterrupted. I hate that it's this way but the reality is, until the three fundamental blockers listed above change, this is all just "Regulatory Theater" much like the TSA's "Security Theater" performances.
It also means I'm unreachable for anything actually important that isn't in my contact list. That's an annoying price.
Calling me is now the equivalent to wanting to send me a telegram. The phone system is broken, we all know it's broken, and yet you want my phone number? Send me an email, it's just as fast and has better tools for managing scumbags. Unknown callers are silenced and go to voicemail. Wife is in an auto accident? State troopers know how voicemail works. Kid is in trouble? It can wait 30 seconds while I wait for the VM to come through (and, haha, trick question: we don't have kids).
OTOH, I grew up in the era of landlines and payphones, and well before answering machines (old school VM). People still got in accidents, kids still got sick at school and needed to come home, doctors still called, and we all got along just fine. Because EMTs still took people to the hospital, the school nurse still took care of your kid, and the doctor either called back or sent a letter, and the world move on despite not being able to instantly reach people 24x7. I realize I sound like one of those "we didn't have $SAFETY_FEATURE, and we lived", when in reality not all of us did. But we aren't talking about lawn darts, for the most part I think we did get along just fine. (Auto accidents and breakdowns are something made better by cell phones, but in the day lots of folks had CB radios. ::shrug::)
Both times my wife was in a car accident, and once that my son was, in the past few years, an unknown phone call was not necessary as either their phone or their car immediately alerted me.
I get relentless text and phone spam calls - both robotic and with humans - from just a few voice over Internet platforms. Bandwidth.com, Neutral Tandem, and ALL the brands associated with Sinch (https://en.wikipedia.org/wiki/Sinch_AB) like Inteliquent. Many of these companies got cease and desist orders in the past from the FTC. It didn’t help anything. We need to see them fined, shut down, and executives jailed.
There are other sites like this. And then you can use the carrier info, go to that platform‘s website, and submit an abuse complaint through their form. But all they will do is possibly block that one spammer from contacting your phone number while continuing to allow the spammer to operate. And of course they have other spammers as customers.
Better option is to skip their abuse form and send complaints to your state’s AG, to the FTC website, and FCC website. They’ll ask for a lot of info but I think it helps them identify the problematic companies.
You can also forward spam texts to 7726 (“SPAM”) in the US, and your carrier will use that info to take action.
I'm not positive, but i think they charge an astronomical amount for calls that don't originate from a local calling prefix. Of course you can get those, but some countries require ID.
Mainly I know that calling from a voip number was really expensive when I tried to set something up for a family member going on vacation to Europe. That probably cuts back on a lot of spam calls.
These are all platforms with many different products built but others on top of them. Shutting down all abuse is a cat and mouse game and not something they can "just do" if given tighter rules
This seems solvable. Put the person most closely traceable to the source of the spam in jail, like a form of KYC laws. If you can't identify the actual human who is causing you to put spam into the network, or that person is outside of your country's jurisdiction, then you are the one who goes to jail. If you don't want to go to jail, then don't accept calls from someone you can't point the finger at.
This is why executives need to be held personally responsible when they direct a company to wilfully, blatantly, and repeatedly disregard laws to the detriment of society. These are people who should be in prison for a time, and barred from serving as an officer of a corporation for more time after that. Eventually people get the message; you don't get to break laws just because you hide behind the name of a company.
Sinch just keeps acquiring one company after the other and turning them into the new spam channel. Weirdly the only responsible player seems to be Twilio. The others refuse to identify the spammers that are their customers, and keep saying it’s not their responsibility since they’re a “wholesaler” (their words).
I have been using Pixel phones since they came out and currently have a Pixel 9. They have EXCELLENT spam call blocking. There are a couple other comments below that reference this but I wanted to highlight it at the top. There are other reasons I like Google's phones, but this tops the list.
The assistant integration is great for this reason too. I occasionally get calls come through that are likely SPAM but I've learned to let the assistant answer for me. If it's a spammer, then I waste just a small amount of their time.
It's especially helpful that Google's Assistant has gotten good enough, AND that people making legit but unsolicited calls (like doctor's offices), that people calling don't hang up right away and actually answer the assistant. So I can see what they say and then answer when it's a legit call.
The ratio of SPAM calls to legit calls from unrecognized numbers is still higher for SPAM. But, the frequency is low enough (maybe a few a week), and dealing with them is so easy, that the distraction/annoyance factor is very low to the point that I'm not personally bothered by it anymore.
I've tried to get my grandma to switch to a Pixel phone for her main phone number at home, just for SPAM blocking, but she won't. I don't know how she stands getting multiple calls per hour, it's crazy to put up with when we are there.
The PSTN is simply not sustainable. It’s a relic of a time when there was no practical way to authenticate or validate calls. Today, with malicious actors able to dial in from anywhere in the world at negligible cost, the system is fundamentally unequipped to handle the abuse it faces.
Efforts like STIR/SHAKEN exist, but they’re little more than a band-aid—and not a particularly effective one—because the underlying network was never designed with resilience or trust in mind.
I know some people push back on this view, often pointing to edge cases where PSTN’s ubiquity still provides value. But as trust in the system erodes, so does its relevance. And if the majority of people already avoid answering calls from numbers they don’t recognize, its practical utility is clearly diminished.
This is a corollary to Chesterton’s fence. unsignedint’s public good.
If you can’t explain the benefit then you can’t tear it down.
The PSTN guarantees that all telco operators interoperate. Without it you get what happened with instant messaging. AKA walled gardens. You take for granted the ability to call an iPhone with an Android.
The FCC is responsible for maintaining trust, which they have done here. They can incentivize telco providers to curb the spam activity. You don’t need to throw the baby out with the bath water.
I think Chesterton’s fence is a fair analogy—but it only works if the “fence” still serves a protective function. With the PSTN, the fence is riddled with holes, and the people meant to maintain it can’t keep up with the erosion. Interoperability was indeed its greatest strength, but today that same universality is what lets malicious actors reach everyone at trivial cost.
Comparing PSTN to instant messaging walled gardens is interesting, but I’d argue the real parallel is email: a federated, open standard that also suffers from spam and abuse, yet still manages to limp along thanks to heavy filtering and layered trust systems. The PSTN never evolved those trust layers; instead, it relied on scarcity (call cost, geographic constraints) to keep abuse in check. Once those costs collapsed, the trust model collapsed with them.
As for the FCC, sure, they can try to incentivize carriers. But the fact that we need constant regulatory intervention just to keep basic trust afloat suggests the system is no longer structurally sound. Band-aids like STIR/SHAKEN prove the point: we’re bolting authentication onto a protocol that never envisioned it. That might extend its life a little, but it doesn’t make the foundation any less fragile.
So the question isn’t whether the PSTN once had value (it did, massively), but whether preserving it now delivers more value than the cost of propping it up. If a good chunk of people already treat unknown calls as spam until proven otherwise, then the social contract around the PSTN has already been broken.
On a side note, today and yesterday I've been bombarded with spam calls. Even got one while writing this comment. All of which have my same area code, which is for a location I haven't live at for over 15 years. No voice mail, nothing. It's not even this bad around election time.
Btw, if you haven't already, you can sign up for the FCC's Do Not Call list[0]. While obviously this isn't going to solve everything, it does make it illegal for legitimate companies to call you. Absent this incident, it did appear to have a significant effect in reducing spam calls when I signed up years ago. Also, here's some info about junk mail[1]. It costs about $6 and lasts 10 years.
The do not call list seems to be a "Spam me, you brute" list.
In the beginning, they seemed to take their job seriously, but I doubt that has been the case for many years.
Right after SHAKEN/STIR was passed, I got zero spoofed calls. I did get a few robocalls, but they weren't spoofed.
For a month or so. So that shows the problem can be solved, legislatively.
Then, they started coming back, and now, almost every call I get, is spoofed. This includes some legit ones.
Also, legit callers should keep in mind that the autodialer companies they employ, might also moonlight as spammers, so they get blacklisted. I have had quite a number of legit calls get listed as spam.
Cynically, I feel as if politicians are unwilling to get tough on these, because they (or their proxies) use them. That seems to be both sides of the aisle.
Cynically, I feel as if politicians are unwilling to get tough on these, because they (or their proxies) use them.
Of course they do, and they voted themselves an exception. Same reason some small business in Redmond, WA isn't allowed to put out a sandwich board sign, but 10 months before every election every g*ddamned piece of dirt in Redmond has a political sign stuck into it.
They figured out the flaw to SHAKEN/STIR.
It was mandated for VOIP calls.
So instead these scam call centers switched to the legacy SS7, that's how you are getting all these fraudulent calls. SS7 is not IP based and incompatible with SHAKEN/STIR
And it'll be 400 years from now before any US telecom thinks about discontinuing SS7.
Also, legit callers should keep in mind that using a screening service (like Google's) should mean "I'm looking at my phone but you're calling from an unknown number so why do you expect me to pick it up in a world where literally everyone knows how common spam calls are?"
As well as "If you leave a message there's a decent chance I'm going to call you back in 30 seconds, I don't want to start a game of phone tag."
If I don't know your number AND I'm not expecting a call, I 100% will not answer it. If you're legit, sorry, you are the exception, not the typical case. Don't blame me, blame the spammers.
The modern world is absolutely infuriating, filled with self-inflicted problems.
> Right after SHAKEN/STIR was passed
It has definitely gone through ebbs and flows. Predictably around legislation about this topic. I 100% believe this is a problem that can be solved (greatly impacted) through legislation given this strong correlation. But I don't think it is because the DNC list is a list to call but rather that I've had this number for a few decades and it definitely made it onto some list years ago.
> moonlight as spammers
This is 100% happening. As well as a lot of other illegal stuff. I worked at a call center for two months between my undergrad and getting hired and my coked up bosses 100% asked us to do illegal things. I disobeyed. Anytime someone asked me to take them off the list I complied. Got written up, didn't give a fuck. They were definitely selling those lists to spammers who were happy to have confirmation that the numbers were legitimate.
> All of which have my same area code, which is for a location I haven't live at for over 15 years
I am in a similar situation. One of my not-yet-implemented projects is to route my phone through a VOIP app that automatically blocks any number from my phone's area code (or even the whole state) where the caller is not in my contact list.
A few times it has been bad enough I've thought about picking up learning how to make phone apps so that I can one click report the numbers to the FCC. I'm not sure it'll do something but making an explicit "fuck you, do something about this" statement tends to help. Squeaky wheel and all that... (Why is this not a feature in the base phone app?)
I have an app on Android called SpamBlocker. I added a regex rule to deny any call from my area code - like you, I haven't lived there for a long time. I'd 100% recommend this approach.
"do not call" means "call me from India on a burner number". Seriously, I've been fighting scammers for years now and their MO is some sort of SEO service where a local business pays to get more "marketing" and (probably unbeknownst to them) their money is used to fund an outbound call center in India that robodials all day long, careful to not call during the night. The calls solicit Medicare upgrades, burial insurance, or home improvement. I don't think these are the malignant "clean your bank account" scammers, they end up promoting legitimate business with the catch that "by accepting this offer you agree to be called (by the local rep) even if you are on the DNC list". So their original robodial is illegal but it's from India so good luck with that, but they record your consent if you pretend to be interested in the product, so you cannot sue the people who contracted them. It's just a classic skirt the law ploy.
Funny, Today I received TEN spam calls. Each had about half an hour in between, from various numbers and area codes. I have never received that many spam calls ever.
I have received that many on average every day for the last 2-3 years. Nothing I can do about it, my number is public for business calls. It's absolutely rage inducing.
Exactly. My city started posting about online safety and warnings about various scams. Unfortunately, almost every one of them also mentions how a local resident was victimized. We have a fairly large senior population.
It's easy to say it's idiots who fall for this stuff when we're young enough to have grown up in this world or started using new technology at an early age. We will be the ones targeted someday and it will be a medium that didn't become available to us until later in life just like what the seniors are experiencing now.
The "r/scams" sub-reddit is an amazing glimpse into this world. The saddest ones to me are the peoples' parents who fully believe they're talking to a celebrity who needs their money for some outlandish reason (and they send it to them over and over).
I know a gal whose grandmother sent ~400k to scammers, which is the kind of victim they are looking for - someone in cognitive decline who is malleable. The neighbors apparently also were preying on her, and ended up with her cars and a bunch of other stuff.
Good start. Next, put the people running these scam phone providers in jail.
I agree. In fact, 1200 SS7 circuits is nothing. If these people are not locked up they will just get another circuit using another fake identity. It's like blocking 1200 ASN's and saying one made a dent in spam.
Being outside of US legal jurisdiction is exactly why they ought to be thrown into a wood chipper.
I don't understand why this doesn't happen EVERY DAY until the problem is resolved.
And before someone cite US code: it's virtually impossible for foreigners to seek justice in this context. Not only do these criminals lack the money, education, and access to legal representation to do so, but the DoJ has better things to do than spend their time looking into the veracity of an international claim of this kind.
If a country dares have IP laws less restrictive than the US would like, the US finds plenty of levers to pull. But in this case, the matter is something that is illegal in the scammer's country also (clear fraud tends to be illegal everywhere), so there's probably more that US police could do than literally nothing.
All the companies have a direct connection to the phone network in the US. The FCC is cutting them off from the US phone network because they have failed to adopt robocall mitigation measures.
We have robocalls, just not that much. I have 1-2 every months. Similar amount of spam SMS during the worst month. But I didn't get spam texts for months now. And my phone number is basically a public domain now.
Why can someone from outside the US make my phone ring? Why can't I opt out of calls sourced internationally? Seems like an easy way to fix the problem. There is no reason for anyone overseas to call me, and if someone US-based does phone spamming, we can prosecute them.
Even when the scammers are out of the US, at some point in the chain a US based telephone company is accepting inbound connections that don't provide the validation required.
I'll definitely believe it when I don't see those calls, but I could not be more in favor of turning the phone network into a much more "trusted" type of system -- similar to how SSL certs used to be prior to the Let's Encrypt era, where it requires some form of validation of something besides 'existence':
Conceptually, someone US-based should have to cryptographically sign, with their license to continue participating at stake, an assertion that the source phone number is real. People should be free to configure their devices or phone accounts (A) what countries to accept calls from and (B) whether to accept unverified calls whose numbers are presumably spoofed.
Note: i'm aware that SHAKEN/STIR or whatever exists and shares some of that idea, I'm just looking forward to full adoption of something so that I can make those choices described above.
Combine this next with ability to report numbers who spam (with the Apple/Google duopoly it should be trivially easy to put a "report spam" button in the call UI) and sanction providers (first financially and eventually with revocation of their credential to sign calls).
Maybe 30 years ago it would have been seen as too draconian to prevent someone from being able to call others anonymously but the Internet exists and provides ample avenues for those cliche use cases like "whistleblower needs to talk to journalists" so I'm 100% happy to have 'burdensome regulation' here if it stops scammers from ruining the phone as a usable channel for urgent information like "Your car is ready to pick up from the shop" or "Hi, you're the emergency contact for ____ and they are headed to the hospital."
Categorizing “whistleblower needs to talk to journalists” as a cliche really undermines your argument here. This isn’t an insurmountable problem. We have regulatory frameworks. FCC has proven they have teeth. It’s a political problem we can solve without losing any of the benefits of the PSTN.
I'm happy to be proven wrong here where whistleblowers can only use the PSTN. They already, I would wager, universally would not. They use Signal. All the reporters publish their Signal usernames and not their phone numbers.
Why? Probably because the PSTN as normal consumers can access it, is pretty non-anonymous. The best case for anonymity is a burner, but you have to buy those burners somewhere that probably has CCTV, or order them online with a paper trail, so it's pretty risky for someone who needs assurances of anonymity.
No whistleblowers are using SS7 trunks to place anonymous calls.
> Conceptually, someone US-based should have to cryptographically sign, with their license to continue participating at stake, an assertion that the source phone number is real.
But phone numbers aren't real. They aren't any more real than an IP address. It's arbitrary. This is how VOIP systems work. You just assign a number from your block.
I totally get this, however they are assigned -- meaning someone is responsible for them. If you own the range 212-555-0000 through 9999 and you sign calls for spammers as coming from that range, those numbers should be revoked from your control, or you should be denied the ability to sign those outbound calls/texts so that your calls appear as likely fake.
Ideally anyone who owns numbers would stop letting literally anybody do anything with their numbers (the way they do today) because they don't want to lose the numbers or to get banned from operating a PSTN-connected system.
The outcome I'm going for is that if you're a spammer you can't find any US phone number owners who will let you use their numbers so you can only send "unsigned" calls that are obviously spam, or sign calls as originating from irresponsible countries, which are easily filtered out by those of us who don't have any friends in the Phillipines or whatever (I get a lot of "DMV" threat texts from +63)
Here's to many more. Some may be downcast because they feel like its a drop in the ocean, but many drops an ocean do make. Hopefully its the start of actually enforcing some of our laws on the internet.
Readit News
In practice of course, my phone is 100% permanently in "do not disturb" mode and does not ring at all unless I've added you to my contact list. Which means the scammer, already pretending to live in small town rural USA (where they most certainly are not) has to correctly guess the number of one of my relatives before my pocket actually rings. It also means I'm unreachable for anything actually important that isn't in my contact list. That's an annoying price.
I'm not sure what the correct end solution is, but the current solution seems to be very broken.
I didn’t realize how bad it got until my father stopped answering calls. It turned out he was getting (no hyperbole) 90 calls a day from spammers and vendors he had no relationship with.
I used the iOS filter, the AT&T filter, and turned on the shortcut so the phone doesn’t ring unless the caller is in his contacts.
The problem is that it already changed his behavior. He doesn’t answer the phone anymore, even if it is a person he recognizes. The Pavlovian response to his ringtone is still very negative.
I’m sure there is a non-trivial percentage of the US who already viscerally hates receiving phone calls.
I have taken to speaking like a robot, repeating two sentences in a loop ("You have reached technical support, please describe your issue." -> "I am sorry, I cannot deviate from the technical support script. You have reached technical support...") until the spammers come to the realization they cannot manipulate me into giving an affirmative response that they can interpret as consent to move our phone service, subscribe to service offerings, etc.
They have made phone service effectively worthless, just as they have made all other forms of communication effectively worthless.
Edit: Just remembered something else I do: I do not answer the phone with "Hello" or anything like that. The vast majority of calls that we receive are originated by an autodialer that is listening for a typical greeting so it knows in what language its payload should be delivered. Instead, I answer with only the name of the business and nothing else. If I hear silence, I repeat the name of the business. After a short time, the autodialer gives up and terminates the call.
The IRS and FBI are apparently constantly after me.
They do love to leave empty voice mails for me quite often and that is annoying.
I think this works for many situations:
1. Between amicable friends and businesses/clients, nothing changes.
2. If there was a normal relationship, but one side starts unfairly seizing call-deposits... Well, maybe it's time to no longer have them as a vendor/customer/friend.
3. Spammers either eat the additional cost, or they have to work harder to make sure they only call people who are unlikely to retaliate.
_____
There's still a problem where someone asks to be called (the number needn't actually be theirs) as a way to trick the caller into losing money... But even then, I think it represents an improvement over what we've got now.
That's basically the purpose toll free area codes used to serve; and there's no reason that same sort of solution (with some adjustments for the modern era) couldn't continue to be used under a deposit based system. Just add some universal prefix, some unused country code for instance, that can be dialed for a "no deposit" call; and then give control to the recipient whether they want to accept such calls.
Or, well, since most modern dialing is done by submitting the whole number at once rather than digit-by-digit; it could even be a suffix. If your number is +12125551212, maybe something like +12125551212*0 could indicate a "no deposit" call. I mean, the whole suffix space could even be turned into something akin to a password so instead of just opening up accepting "no deposit" calls from the entire world, you might only accept them from specific whitelisted suffixes; and if someone leaks one and you start getting spam calls on it, you can just turn off that suffix. There might need to be some provider-enforced fail2ban to prevent wardialing those suffixes, but it doesn't sound like it'd be too difficult.
I did ask if I could just send all calls not in my contact list to get screened, and that idea seemed to "blow their mind," though.
I'd probably add that the area code + exchange calls from an area code that you don't actually live in are spam as well though don't see those as much as I once did.
The text message should explain the nature of the call and which number to call in reply.
Then, one day, an app developer thought: Wouldn't it be cool if there was an app that would interrupt what the user was doing, play a sound, vibrate the device, and put up a full-screen dialog, that this all could be activated remotely by any other device by simply typing in a short numeric code, and that if the recipient pushed a button, the remote attacker could send audio data and activate the recipient's microphone? Most app stores would classify this as malware, yet here we are today with devices that all have built-in apps that do exactly this, and only because of how normalized the legacy idea of a "phone call" is.
Considering Facebook ([0] and [1] to name a few) is still available, I think that's a pretty high bar to clear.
[0] https://news.ycombinator.com/item?id=44401406
[1] https://news.ycombinator.com/item?id=44169115
They had an anecdote about one company they consulted at which illustrated how normalized interrupting engineers had become. The engineers were putting their phones on "do not disturb" (DND) to stop all the interruptions so they could get their work done, and management sent around a memo saying that the engineers needed to stop putting their phones on DND because that caused the calls to forward to the secretary, and all the calls were making it hard for the secretary to get any work done.
It seems like this sort of idea is extremely common, considering how many websites love preventing me from viewing their content by slapping multiple modals asking me to sign up for a newsletter and/or to get my permission to be tracked using cookies.
It also shows up in native apps, in the form of some prompt asking the user if they are enjoying the app. NO! I do not enjoy being funneled into an App Store review or any similar bullshit. If I like using the app, I'll use it. If I don't, I won't. Stop asking me!
I build websites for a living and I'm constantly battling requests to infect our sites with these god-awful modals. It's like sitting down at a restaurant, being handed a menu, only to have the menu taken away seconds later and being asked if you'll return in the future. Not only is it rude, it's the wrong time to ask the question. Let me read the damn article or whatever, and when I'm done, if there's a newsletter form, MAYBE I'll sign up. Let me eat my meal, and if I enjoy it I'll think about returning.
When you're actively using your smartphone, phone calls show up as notifications, not full-screen dialogs (which trips up my non-technical relatives, since they don't know how to answer a call through the notification). Given that, it's not that different from what we had on computers with instant message applications like ICQ. In a world without the concept of phone calls, they would be a natural evolution from these instant messengers (and, as I'm sure you remember, ICQ used a short numeric code as the user identity).
I go even further, unless there is a good reason for someone to have the ability disturb me, they're not whitelisted. I have no phones that ring unless it's for a specific and temporary purpose.
A ringing phone is an anachronism, it's incredible to me that people let anyone bother them in this way these days. Its an invasion of ones personal space.
Or do you rely on others letting their phones ring when you call them back while not providing them the same courtesy?
I just don't think anyone wants to fix it. Why can't apple let us send "spam risk" to voicemail?
Like adding extensions, possibly with passwords to your phone line.
It would be good to give an extension or password to friends, or one for each business, which can be automated to input with a pause after answering, and it gets through (or further) if possible.
we should have phone rules just like mail rules.
You can. At least with iOS 26 you can, I don't know if it's new or not. You can have known spam numbers silenced, sent right to voicemail, and then the voicemail is immediately put into a spam folder.
If we just made it impossible for phone calls to reach US destinations if they originate from a short list of foreign countries, would that actually do anything to address this issue?
I think one of two high-level approaches:
We could be ultra-strict about who is allowed to call whom, and have penalties and enforcement similar to how we police credit card fraud.
Or, we could do away with phone numbers and instead come up with a scheme where you show a QR-like code to allow someone to call you; and then you can revoke that permission if/when it is abused.
---
Finally, I think the crux of the problem is that in the US we tolerate far too much of this kind of behavior. (Unsolicited contact for the purpose of sales.) Without a corresponding publicity campaign, there's far too much cultural tolerance of allowing anyone to contact anyone at any time for any reason to accept the kind of change needed to truly contain SPAM.
I mean numbers are as terrible as social security numbers. For both of them you can take your number, add one, and get another valid number.
I'm also not sure what the correct solution is but I'm sure there's some pretty smart people out there that have some really good ideas and understand the issue with a lot of complexity (aka: I won't believe anyone who starts with "It's so simple, you just...")
While there are certainly technical challenges and various trade-offs, those are not the main reason we're still getting buried in spam calls. My understanding is that smart people have already come up with good solutions which can be implemented at relatively low cost and which would be substantially effective - but the solutions have not been universally deployed because:
1. They generally require coordinated action between governments, standards bodies, regulators and disparate companies at different levels of the telecom ecosystem. These parties have divergent processes, goals and opinions on who should bear the costs and/or responsibilities for implementation, enforcement, etc.
2. The major U.S. telecom companies make money by transiting calls they know (or should know) are very likely spam. They don't want to give up that revenue so they find ways to not fully adopt, delay or weaken various proposals. These can include the motivated leveraging of legitimate technical issues or concerns to complicate, defer and otherwise hinder the processes in which they are involved as significant stakeholders. Many mobile phone operators now also earn revenue selling spam call blocking as a separate feature or part of more expensive plans. If the problem was substantially fixed they would lose that revenue.
3. There are various political stakeholders, industries and companies (not the off-shore, bottom-feeding spammer/scammers) which have a vested interest in keeping unsolicited calls legal. These include some of the more legit-ish forms of domestic telemarketers such as recruiters, fund-raisers, political campaigns, pollsters, market survey companies, etc. These companies have industry associations which hire lobbyists and make political donations to ensure their particular use is exempt from any regulations and that their cost of doing business doesn't go up to comply with the new system. Carving out all these exceptions and exemptions significantly complicates and/or weakens most technical solutions.
This is why I believe there is currently zero hope of any significant improvement despite the FCC issuing positive sounding announcements exactly like this one every 6 to 18 months for the last ten years. These FCC announcements rarely mention the workarounds, exemptions, appeals processes, delayed or unfunded enforcement which industry insiders already know will allow spam calls to continue with no substantial change. These announcements are merely the FCC fulfilling their political role of appearing to regulate and taking steps to mitigate the problem. Now the FCC managers who are measured on "do something about spam calls" can check that box on their KPIs. However all the various parties in the ecosystem have already taken steps to ensure whatever the FCC is announcing won't really work well or can be worked around relatively easily. For example, I'm sure most of the people behind the companies supposedly banned in this announcement (or their large offshore spammer/scammer customers) have already made other arrangements to continue operating uninterrupted. I hate that it's this way but the reality is, until the three fundamental blockers listed above change, this is all just "Regulatory Theater" much like the TSA's "Security Theater" performances.
Calling me is now the equivalent to wanting to send me a telegram. The phone system is broken, we all know it's broken, and yet you want my phone number? Send me an email, it's just as fast and has better tools for managing scumbags. Unknown callers are silenced and go to voicemail. Wife is in an auto accident? State troopers know how voicemail works. Kid is in trouble? It can wait 30 seconds while I wait for the VM to come through (and, haha, trick question: we don't have kids).
OTOH, I grew up in the era of landlines and payphones, and well before answering machines (old school VM). People still got in accidents, kids still got sick at school and needed to come home, doctors still called, and we all got along just fine. Because EMTs still took people to the hospital, the school nurse still took care of your kid, and the doctor either called back or sent a letter, and the world move on despite not being able to instantly reach people 24x7. I realize I sound like one of those "we didn't have $SAFETY_FEATURE, and we lived", when in reality not all of us did. But we aren't talking about lawn darts, for the most part I think we did get along just fine. (Auto accidents and breakdowns are something made better by cell phones, but in the day lots of folks had CB radios. ::shrug::)
Both times my wife was in a car accident, and once that my son was, in the past few years, an unknown phone call was not necessary as either their phone or their car immediately alerted me.
There's no free source of this information anywhere. The only affordable option is telcodata.us
There are other sites like this. And then you can use the carrier info, go to that platform‘s website, and submit an abuse complaint through their form. But all they will do is possibly block that one spammer from contacting your phone number while continuing to allow the spammer to operate. And of course they have other spammers as customers.
Better option is to skip their abuse form and send complaints to your state’s AG, to the FTC website, and FCC website. They’ll ask for a lot of info but I think it helps them identify the problematic companies.
You can also forward spam texts to 7726 (“SPAM”) in the US, and your carrier will use that info to take action.
Is that what European countries do? Is that why there are no robocalls there?
Mainly I know that calling from a voip number was really expensive when I tried to set something up for a family member going on vacation to Europe. That probably cuts back on a lot of spam calls.
Really sad how these rules do nothing to stop them
Dead Comment
The assistant integration is great for this reason too. I occasionally get calls come through that are likely SPAM but I've learned to let the assistant answer for me. If it's a spammer, then I waste just a small amount of their time.
It's especially helpful that Google's Assistant has gotten good enough, AND that people making legit but unsolicited calls (like doctor's offices), that people calling don't hang up right away and actually answer the assistant. So I can see what they say and then answer when it's a legit call.
The ratio of SPAM calls to legit calls from unrecognized numbers is still higher for SPAM. But, the frequency is low enough (maybe a few a week), and dealing with them is so easy, that the distraction/annoyance factor is very low to the point that I'm not personally bothered by it anymore.
I've tried to get my grandma to switch to a Pixel phone for her main phone number at home, just for SPAM blocking, but she won't. I don't know how she stands getting multiple calls per hour, it's crazy to put up with when we are there.
Efforts like STIR/SHAKEN exist, but they’re little more than a band-aid—and not a particularly effective one—because the underlying network was never designed with resilience or trust in mind.
I know some people push back on this view, often pointing to edge cases where PSTN’s ubiquity still provides value. But as trust in the system erodes, so does its relevance. And if the majority of people already avoid answering calls from numbers they don’t recognize, its practical utility is clearly diminished.
If you can’t explain the benefit then you can’t tear it down. The PSTN guarantees that all telco operators interoperate. Without it you get what happened with instant messaging. AKA walled gardens. You take for granted the ability to call an iPhone with an Android.
The FCC is responsible for maintaining trust, which they have done here. They can incentivize telco providers to curb the spam activity. You don’t need to throw the baby out with the bath water.
Comparing PSTN to instant messaging walled gardens is interesting, but I’d argue the real parallel is email: a federated, open standard that also suffers from spam and abuse, yet still manages to limp along thanks to heavy filtering and layered trust systems. The PSTN never evolved those trust layers; instead, it relied on scarcity (call cost, geographic constraints) to keep abuse in check. Once those costs collapsed, the trust model collapsed with them.
As for the FCC, sure, they can try to incentivize carriers. But the fact that we need constant regulatory intervention just to keep basic trust afloat suggests the system is no longer structurally sound. Band-aids like STIR/SHAKEN prove the point: we’re bolting authentication onto a protocol that never envisioned it. That might extend its life a little, but it doesn’t make the foundation any less fragile.
So the question isn’t whether the PSTN once had value (it did, massively), but whether preserving it now delivers more value than the cost of propping it up. If a good chunk of people already treat unknown calls as spam until proven otherwise, then the social contract around the PSTN has already been broken.
Deleted Comment
Btw, if you haven't already, you can sign up for the FCC's Do Not Call list[0]. While obviously this isn't going to solve everything, it does make it illegal for legitimate companies to call you. Absent this incident, it did appear to have a significant effect in reducing spam calls when I signed up years ago. Also, here's some info about junk mail[1]. It costs about $6 and lasts 10 years.
[0] https://www.donotcall.gov/index.html
[1] https://consumer.ftc.gov/how-stop-junk-mail
In the beginning, they seemed to take their job seriously, but I doubt that has been the case for many years.
Right after SHAKEN/STIR was passed, I got zero spoofed calls. I did get a few robocalls, but they weren't spoofed.
For a month or so. So that shows the problem can be solved, legislatively.
Then, they started coming back, and now, almost every call I get, is spoofed. This includes some legit ones.
Also, legit callers should keep in mind that the autodialer companies they employ, might also moonlight as spammers, so they get blacklisted. I have had quite a number of legit calls get listed as spam.
Cynically, I feel as if politicians are unwilling to get tough on these, because they (or their proxies) use them. That seems to be both sides of the aisle.
Of course they do, and they voted themselves an exception. Same reason some small business in Redmond, WA isn't allowed to put out a sandwich board sign, but 10 months before every election every g*ddamned piece of dirt in Redmond has a political sign stuck into it.
So instead these scam call centers switched to the legacy SS7, that's how you are getting all these fraudulent calls. SS7 is not IP based and incompatible with SHAKEN/STIR
And it'll be 400 years from now before any US telecom thinks about discontinuing SS7.
As well as "If you leave a message there's a decent chance I'm going to call you back in 30 seconds, I don't want to start a game of phone tag."
If I don't know your number AND I'm not expecting a call, I 100% will not answer it. If you're legit, sorry, you are the exception, not the typical case. Don't blame me, blame the spammers.
The modern world is absolutely infuriating, filled with self-inflicted problems.
It has definitely gone through ebbs and flows. Predictably around legislation about this topic. I 100% believe this is a problem that can be solved (greatly impacted) through legislation given this strong correlation. But I don't think it is because the DNC list is a list to call but rather that I've had this number for a few decades and it definitely made it onto some list years ago. This is 100% happening. As well as a lot of other illegal stuff. I worked at a call center for two months between my undergrad and getting hired and my coked up bosses 100% asked us to do illegal things. I disobeyed. Anytime someone asked me to take them off the list I complied. Got written up, didn't give a fuck. They were definitely selling those lists to spammers who were happy to have confirmation that the numbers were legitimate.I am in a similar situation. One of my not-yet-implemented projects is to route my phone through a VOIP app that automatically blocks any number from my phone's area code (or even the whole state) where the caller is not in my contact list.
Also hate the scam "work from home for $125,000 per year" texts. They really prey on the desperate.
It's easy to say it's idiots who fall for this stuff when we're young enough to have grown up in this world or started using new technology at an early age. We will be the ones targeted someday and it will be a medium that didn't become available to us until later in life just like what the seniors are experiencing now.
Absolute scum of the earth.
I agree. In fact, 1200 SS7 circuits is nothing. If these people are not locked up they will just get another circuit using another fake identity. It's like blocking 1200 ASN's and saying one made a dent in spam.
I don't understand why this doesn't happen EVERY DAY until the problem is resolved.
And before someone cite US code: it's virtually impossible for foreigners to seek justice in this context. Not only do these criminals lack the money, education, and access to legal representation to do so, but the DoJ has better things to do than spend their time looking into the veracity of an international claim of this kind.
I have no idea the reason.
Dead Comment
Also, pragmatically, basically everywhere outside of China and Russia is subject to US "prosecution".
Conceptually, someone US-based should have to cryptographically sign, with their license to continue participating at stake, an assertion that the source phone number is real. People should be free to configure their devices or phone accounts (A) what countries to accept calls from and (B) whether to accept unverified calls whose numbers are presumably spoofed.
Note: i'm aware that SHAKEN/STIR or whatever exists and shares some of that idea, I'm just looking forward to full adoption of something so that I can make those choices described above.
Combine this next with ability to report numbers who spam (with the Apple/Google duopoly it should be trivially easy to put a "report spam" button in the call UI) and sanction providers (first financially and eventually with revocation of their credential to sign calls).
Maybe 30 years ago it would have been seen as too draconian to prevent someone from being able to call others anonymously but the Internet exists and provides ample avenues for those cliche use cases like "whistleblower needs to talk to journalists" so I'm 100% happy to have 'burdensome regulation' here if it stops scammers from ruining the phone as a usable channel for urgent information like "Your car is ready to pick up from the shop" or "Hi, you're the emergency contact for ____ and they are headed to the hospital."
Why? Probably because the PSTN as normal consumers can access it, is pretty non-anonymous. The best case for anonymity is a burner, but you have to buy those burners somewhere that probably has CCTV, or order them online with a paper trail, so it's pretty risky for someone who needs assurances of anonymity.
No whistleblowers are using SS7 trunks to place anonymous calls.
But phone numbers aren't real. They aren't any more real than an IP address. It's arbitrary. This is how VOIP systems work. You just assign a number from your block.
Ideally anyone who owns numbers would stop letting literally anybody do anything with their numbers (the way they do today) because they don't want to lose the numbers or to get banned from operating a PSTN-connected system.
The outcome I'm going for is that if you're a spammer you can't find any US phone number owners who will let you use their numbers so you can only send "unsigned" calls that are obviously spam, or sign calls as originating from irresponsible countries, which are easily filtered out by those of us who don't have any friends in the Phillipines or whatever (I get a lot of "DMV" threat texts from +63)