Skip to content
Naked Security Naked Security

AT&T takes aim at scam callers

Imagine tech support scammers unable to ring through and threaten to chop you up like a stew ingredient when you resist installing malware.

Wouldn’t it be nice if spam or scam calls were blocked before they ever reached your mobile phone?

Just imagine: the “Microsoft tech support” crook couldn’t threaten to chop you up like a stew ingredient and toss you in the river when you resist installing his credential-snarfing malware.

Likewise, the “computer support” guy from “Windows” wouldn’t be able to threaten you and your family. The con artists wouldn’t be able to work over your grandma with the years-old “It’s me, it’s me, send money quick!” scam, and those cursed robocalls – as in, the ones the FTC has repeatedly tried to beat by running competition after competition – might actually stop driving us mad.

AT&T’s on it.

On Tuesday, it announced a free, network-based service that gives its eligible wireless customers with HD Voice more control over unwanted calls.

It’s designed to give customers automatic fraud blocking and warnings about suspected spam calls. The service can also be extended with optional features including temporary call blocking by downloading a complementary app called AT&T Call Protect.

Temporary call block lets you manually block unwanted calls for 30 days, after which you can renew the block.

The service is only available on postpaid iOS and Android devices. You can activate it through the MyAT&T portal. AT&T has published this list of HD Voice devices currently available.

Unfortunately, you won’t get the warnings about potential spam calls outside of an AT&T HD Voice coverage area, so that means you’re out of luck with blocking international calls.

Fraud calls are still automatically blocked internationally, as well as the numbers you manually block.

There’s nothing new about the ability to block calls, of course. That’s been around for years. Third-party apps such as Whitepages and PrivacyStar rely on large databases of suspicious numbers to preemptively block calls.

We’ve also seen companies, particularly in Japan, try to spot scammers by using keyword and voice tone analysis.

Nothing like a stressed-out flattening of vocal high-frequency range and a conversation peppered with words like “indebtedness,” “compensation,” “debt,” or “repayment” to raise warning flags.

AT&T notes that the fraud-blocking service might inadvertently block wanted calls. Users can, however, adjust the setting to turn off blocking or can allow specifically designated numbers to ring through.

At any rate, we can all contribute to beefing up lists of known fraud callers. With regards to AT&T in particular, you can report unwanted calls and text messages here.

Outside the US, here are some places to report phone scammers:

  • In Australia: The Australian Competition & Consumer Commission’s SCAMwatch.
  • In the UK: ActionFraud, the UK’s national fraud and internet crime reporting center. The UK also has its Telephone Preference Service (TPS) database, a free service that lets you opt out of receiving unsolicited sales or marketing calls. Here’s where you can file a complaint against the callers who persist anyway.
  • In the US: the Internet Crime Complaint Center, at IC3. You can also register with the FTC’s Do Not Call list and file complaints against offenders.

Readers who are also AT&T subscribers: please, if you start using the service, could you leave us your feedback in the comments below?

If the service does what AT&T says it will, the carrier well may tempt me to ditch my current plan, and it could save my Android from being hurled through a window.


Other phone providers are already providing this service via NoMoRobo. We took advantage of it on our home VoIP phone through Time Warner Cable and our scam/telemarketing calls have disappeared (you get one ring and that’s it). It should be a standard feature of any phone provider. I wish VZW would offer it for cellphones for free.


I suspect this and NoMoRobo (mentioned by ejhonda, above) will cause the other market players to start offering similar services. For things that folks see in day-to-day life, this is probably the single most hated action.


Another thing:

I think, though, that there might be an even better way: give people a code number that they can punch into their phone when they receive a call from an unwanted number. Similar to #69. The effect would be to put a charge on the caller’s phone, payable through the caller’s phone company. (I haven’t thought through whether it would be a good idea to pay part of this to the recipient.)

It would have an obvious problem, though: spoofed and VOIP numbers; spammers would just copy legitimate codes. For those, change the way phone calls work. Phone service providers would be given special coded hashes that would be transmitted with every phone call made. They would have to be encrypted, salted, etc. And, they would change continuously (or, possibly based upon time of day and date, etc.)

Once in place, then people could choose to block all calls which did not arrive through a registered telephony provider. Or, do that, but allow a whitelist of exceptions.


Jim, your scheme is more complicated than it needs to be.

All mobile, VoIP, and digital (ISDN) phone calls are set up via a protocol called Q.931. The Call Setup packet includes the Calling Line ID and Called Line ID, along with a bit indicating whether the Calling Line ID was set by the telephone provider or the customer. If the telephone company really wanted to stop these spam callers, all they would have to do is provide an option to block all calls where the Caller ID was customer-provided–similar to the option to block incoming calls where Caller ID is suppressed.

The only reason they don’t provide this option is that they are making a lot of money from the spam callers. There’s no technical barrier to it.


I’m an AT&T customer with this feature.

“Unfortunately, you won’t get the warnings about potential spam calls outside of an AT&T HD Voice coverage area, so that means you’re out of luck with blocking international calls.”

The above quote it paragraph isn’t quite correct. It only means you need to be in a voice over LTE area (VoLTE) and doesn’t matter if it’s international or not. It works still. And against know international scam numbers.


I use Jolly Roger to handle telemarketers. Back in February, Naked Security did a story about the guy who runs it. Fortunately, this AT&T system can be turned off so that I can still get those calls. I wonder how this is going to work for the situation of a business getting a big batch of phones under one account for employees.


Arrrrrrr, me hearties, we ROTLFed at Jolly Roger! So simple, and so polite, but so effective :-)

In case you haven’t heard of it:


In the UK on my landline (yes, there are still some about!) I use a device called trueCall Call Blocker. It’s nothing less than brilliant. You code in the caller numbers you’ll accept, and specific ones you don’t want, then choose one of 9 different responses to be given to callers (including line unavailable) and that’s it. In more than three years I have received only one call that I didn’t want – the caller faked the origin number to look like my local area (reported for criminal activity). I check the log from time to time and have never found a rejected call that should have come through.


Let me just get this clear. The Telcos are agreeing to maybe block just a few of their highly profitable customers who purchase, anonymously, those high rate phone lines (the call back scam), and also to maybe block their anonymous customers who make 100,000s of calls to random customers from typically far eastern call centres, all of which they very assiduously bill-back for each and every call made, and receive their share of the huge total call revenue for each call centre, but have NO IDEA who is paying them for each call?
Nah, and I don’t believe in the Christmas Fairy either.
The Telcos know EXACTLY where EACH call comes from and COULD block all those call centres INSTANTLY but they don’t because IT’S SO PROFITABLE!
If the Gov introduced a simple law with millions of $$$ penalty fines for KNOWINGLY allowing those scam calls across their networks then the problem would vanish overnight. Trust me!
It’s all about money, not the consumer.


Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to get the latest updates in your inbox.
Which categories are you interested in?
You’re now subscribed!