The FCC Is Still Trying to Stop Spam Calls and SIM Swap Scams

We’ve all been spammed by robocalls and confronted the specter of SIM swap assaults for years, and now the FCC is lastly planning on doing one thing about it.

The three main U.S. carriers applied STIR/SHAKEN authentication across their networks in June in an effort to chop down on extremely annoying spam calls. This week the FCC proposed two new guidelines to fight the endless spam name scourge, together with new proposals to guard towards SIM swaps and port-out assaults.

The FCC announced beginning Sept. 28, carriers and voice service suppliers who haven’t applied STIR/SHAKEN or filed certifications with the FCC’s Robocall Mitigation Database will likely be blocked from home telephone networks. For carriers who haven’t been capable of implement STIR/SHAKEN, certifying information with the FCC’s Robocall database ought to additional remove the usage of faux numbers to spam folks’s telephones.

“The FCC is using every tool we can to combat malicious robocalls and spoofing—from substantial fines on bad actors to policy changes to technical innovations like STIR/SHAKEN,” Acting FCC chairwoman Jessica Rosenworcel mentioned in an announcement. “Today’s deadline establishes a very powerful tool for blocking unlawful robocalls.”

Additionally, to assist stop robocalls from overwhelming 911 name facilities, the FCC also adopted another set of rules that require carriers and voice service suppliers to dam all calls made to 911 name facilities from numbers listed on the Public Safety Answering Points’ (PSAP) Do-Not-Call Registry.

The FCC also proposed new rules to assist stop SIM swaps and port-out fraud. Hackers have began utilizing SIM swap assaults, wherein they persuade a service to swap their goal’s wi-fi service to a telephone the hacker controls. This permits the hacker to receive any two-factor authentication verification codes that may get despatched to the sufferer’s quantity, probably permitting the hacker to realize entry to the sufferer’s on-line accounts. A port-out fraud happens when a hacker is ready to trick a service into switching somebody’s service to a wholly new supplier, as soon as once more permitting the hacker to realize entry to the sufferer’s 2FA verification codes.

To assist reduce down on the variety of these assaults, the FCC is proposing new guidelines that might require carriers to raised authenticate an individual’s identification earlier than transferring somebody’s quantity to a brand new gadget or service supplier. Additionally, the FCC desires carriers to correctly notify clients anytime a service change or SIM change is requested, hopefully giving folks an opportunity to substantiate the request or reply to a possible assault.

But even with the FCC’s new proposals, it’s vital to do not forget that every time attainable, you must attempt to use an authenticator app like Authy or the Google Authenticator, or a hardware-based safety key as a substitute of your telephone quantity for 2FA, as your telephone quantity is one of many least safe 2FA strategies.

That mentioned, not each app or account helps authenticator apps or safety keys, so right here’s hoping the FCC’s proposed guidelines might help.