scammer calling

FCC comes down hard on robocallers with record $300m fine

Robocallers are in the news after the FCC issued a $300 million forfeiture to a persistent offender and shut down their operation.

A robocall network makes use of automated software diallers to spam out large numbers of cold calls to unsuspecting recipients. These calls promise much but give very little. Anyone taking the bait stands a good chance of losing control of their personal data or suffering from all manner of dubious payments leaving their bank account.

Cold calling has been associated with scam tactics for decades, and the growing number of ways to combat these techniques (like Do Not Call lists) are routinely ignored by the robocallers. This has, inevitably, brought us to our eye-wateringly large $300m fine aimed squarely at one of the most persistent robocalling operations yet seen.

From the official statement(s) regarding the record penalty:

The Federal Communications Commission today issued a record-breaking $299,997,000 fine for auto warranty scam robocalls made by the largest illegal robocall operation the agency has ever investigated. An international network of companies violated federal statutes and the Commission’s regulations when they executed a scheme to make more than five billion robocalls to more than 500 million phone numbers during a three-month span in 2021, including violating federal spoofing laws by using more than one million different caller ID numbers in an attempt to disguise the true origin of the robocalls and trick victims into answering the phone.

The enterprise violated a multitude of robocall prohibitions by making pre-recorded voice calls to mobile phones without prior express consent, placing telemarketing calls without written consent, dialing numbers included on the National Do Not Call Registry, failing to identify the caller at the start of the message, and failing to provide a call-back number that allowed consumers to opt out of future calls. The calls also violated spoofing laws by using misleading caller ID to disguise the enterprise’s role and prompt consumers to answer.

Insurance, claims, and compensation are all robocall topics you should avoid when the phone inevitably rings. This kind of call will never quite go to plan for anyone other than the individuals operating the robocalling software.

In this case, the bait being used was the claim of auto warranties in return for the collection of personal data from call recipients.

TechCrunch notes that the robocalls “exhibited the standard robocall characteristics” of failing to identify the caller, spoofing area codes, and ignoring various consent laws like the Do Not Call list.

No fewer than an astonishing five billion calls were made by the companies responsible for this operation. Members of the FCC themselves received some of these calls, which on reflection seems like a very poor decision made by the robocalling technology.

The FCC explains the sheer scale of the operation, alongside some of the tactics used to shut it down permanently:

Since at least 2018, this enterprise operated a complex scheme designed to facilitate the sale of vehicle service contracts under the false and misleading claim of selling auto warranties. Two of the central players of the operation, Roy M. Cox and Aaron Michael Jones, were under lifetime bans against making telemarketing calls following lawsuits by the Federal Trade Commission and State of Texas.  The multi-national enterprise did business as Sumco Panama, Virtual Telecom, Davis Telecom, Geist Telecom, Fugle Telecom, Tech Direct, Mobi Telecom, and Posting Express.

Last year, to stop this then-ongoing telemarketing campaign in its tracks, the FCC directed all U.S.-based voice service providers to cease carrying traffic associated with certain members of the enterprise.  As a result, these illegal auto warranty robocalls dropped by 99%. That enforcement action was taken in coordination with the Ohio Attorney General’s Office, which brought a lawsuit under the Telephone Consumer Protection Act against several entities and individuals associated with the enterprise. The Commission also proposed a fine and offered the parties a chance to respond, which they did not do, resulting in today’s unprecedented fine. Should the parties not pay the fine promptly, this matter will be referred to the U.S. Department of Justice for collection.

Sadly it remains to be seen whether the eye-watering fine will be enforced and those responsible made to pay up. Robocalling is so popular that even with such massive fines being thrown around, people making use of it will not simply abandon ship. We’ll be stuck with all manner of robocalling technology for some time to come.

Back to the FCC:

What happens next?  Under the law we will refer this Forfeiture Order to the Department of Justice to collect payment.  I hope, however, that Congress will consider giving the FCC authority to go to court and collect these fines ourselves. In the meantime, we will keep using the tools we have to hold those behind fraudulent calling schemes accountable. In fact, just this week the Enforcement Bureau identified another source of illegal robocalls and we have put all phone companies on notice they can block these calls.  We know the scam artists behind these calls are relentless—but we are coming for them and won’t stop until we get this junk off the line.  

Sounds good! In the meantime though, you’ll have to take some action of your own to help ward off the threat posed by robocallers. Entities such as the FCC can and will go into battle on your behalf, but we can speed things along by doing our part too.

What you can do to stem the tide of robocalling

  • Report the call to the FCC, Federal Trade Commission (FTC), and your attorney general. Doing so will help the collective efforts of regulators and phone companies in blocking these numbers.
  • Do not give out your number online or post it publicly in your social media profiles. They will likely be collected by scammers.
  • Some apps can help analyse the calls you receive and respond or reroute the call effectively. Your mobile provider may already include this technology in their network, so it’s worth asking before opening up your iOS or Android store. Additionally, the FCC passed a rule that gives phone companies the power to proactively block numbers that do not or cannot make outgoing calls.
  • Go old-school by turning off your landline’s ringer and then feeding the call to an answering machine with a caller ID. You can always return the call if you have determined that the caller is using a legitimate number or has actually left a message worth returning.
  • If you happen to pick up a call from a robocaller, hang up immediately and don’t say anything down the line because it’s almost certainly being recorded.

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

ABOUT THE AUTHOR

Christopher Boyd

Former Director of Research at FaceTime Security Labs. He has a very particular set of skills. Skills that make him a nightmare for threats like you.