Tilting at Windmills

My parents receive telemarketing and scam calls (as we all do), so I never thought much of it.

I’ve spent a lot of time at my parents house this year. Which meant I’ve been there having the phone ring 15-25 times / day. A high percentage of their calls are targeted scams towards the elderly. I decided they (and I) had had enough. I moved their Spectrum VOIP phone service (and number) to MagicJack.

Magicjack has call screening. Nothing complicated, just a message that plays to the effect of, “The number you have dialed has call screening, please press [n]” (where [n] is a number from 0-9). It blocks probably 95% of the calls. Not perfect, because “The number you have dialed…” is the same beginning to “… has been disconnected or is no longer in service”. There’s no way to adjust that message. But it stops 95% of incoming spam calls.

One of the most aggressive, with actual humans on the other end, soon learned they could just press the number and get through. These guys call often enough that they know my mother’s voice on the phone. I would dutifully add the number to call blocking, but as we all know, Caller ID can be readily faked.

In this case I started to see a pattern. All the calls coming in were from the same area in Florida (Pompano Beach). After blocking a half-dozen of the (954) area code calls, the area code switched to (786), and then added to the mix (561) — all the same region of Florida.

I called on occasion, and would ask to be added to a do-not-call list. They, generally, laughed at me.

Then I called back, and tried something different. I said, “Hi! I’m returning your call. You called me about a travel package? This is Ted Anderson.” What proceeded was an aggravating call. They told me they were calling because I’d attended a time share presentation years ago.  I hadn’t met all of the criterion for the time share presentation, and now I owned them money. Debate ensued, with my owing them thousands of dollars.  I was transferred to a “Senior Manager” and then a “Director”, all assuring me that they were correct, and I owned them money.

Let’s be perfectly clear here. I called, with a made-up name, from a different phone number. And they told me I owned them money. This was not a legitimate business.

OK, so that pissed me off. After speaking with my father, I reconfigured my parents’ MagicJack to forward to my own phone.  THAT stops all calls from going to my parents, at the cost of a very expensive call screening service — me.

And of course they kept calling. I loaded an autodialer on my phone, and used it to harass those calling, and–when they eventually would sent me to voice mail–max out their voice mail boxes. Along with the occasional completed call with voices in the background asking how they could block the number, and make it STOP. I did learn there had to be audio on the phone for Voice Mail to store the call, so I set up this to play in the background.

That was still a moderately manual process, and involved listening to a LOT of Rick Astley. Time to see if all these IT skills are good for anything.  I knew it was possible to forge caller ID. What could I do here?

That lead down a rabbit hole. One involving virtual machines, Linux servers, Amazon Cloud Computing, SIP providers, phone exchanges, bash scripts, and a variety of other open source software. But by the time I was done, I had a full-blown Asterisk PBX (telephone exchange) set up on an EC2 instance. I have a enterprise-class phone setup with the same power and complexity of those calling me.

They can’t block it, because the caller ID is one of their phone numbers –“The call is coming from inside the house”. When they call, I call the number back (to confirm it’s really them). Then, with a couple of scripts, I can auto-dial that number back… a few times…

The following numbers have been identified as spam/telemarketing/scam:
Fortunately, no one would ever inappropriately scrape phone numbers from a web site for more calls.