logo
FCC seeks to stop robocalls passing through caller ID authentication in older technology

FCC seeks to stop robocalls passing through caller ID authentication in older technology

Miami Herald28-04-2025
April 28 (UPI) -- The FCC wants to block robocalls from bypassing ID authentication tools in older non-Internet Protocol network technology.
Mass recordings promoting or selling something are illegal unless the person gives permission to be contacted.
But fraudsters have been able to pass through older non-IP technology and avoid digital fingerprints. These include cellphones and wired phones often transmitting small amounts of data infrequently.
On Monday, Federal Communications Commission panelists by a 4-0 vote moved forward to make sure the digital IDs are not washed off of any part of the call path.
They approved a Notice of Proposed Rulemaking to establish criteria for evaluating whether frameworks meet the TRACED Act standards. Commissioners want providers to regularly certify their implementation and would give them two years to comply after adoption of the new rule.
The agency is seeking comment on implementation of caller ID authentication solutions and is trying to determine if this "opens the door for further improvements down the road," the agency said in a news release.
For the last four years, the FCC has delayed the TRACED Act's deadline for carriers to implement an authentication framework for non-IP calls.
"The STIR/SHAKEN caller ID authentication framework is a critical element -- long championed by the Commission -- for tracking, blocking, and warning customers about malicious robocalls," a news release said.
The technology uses a caller ID system to verify whether calls on a provider's network are truly coming from the number on display.
In 2021, major U.S. phone providers -- including AT&T, Verizon, T-Mobile and Comcast -- were ordered to implement STIR/SHAKEN technology to prevent rampant spam calls.
STIR/SHAKEN are acronyms for the Secure Telephone Identity Revisited and Signature-based Handling of Asserted Information Using Tokens standards, with STIR representing the protocol and SHAKEN the framework for tracking robocalls.
The FAA has been trying to crack down on robocallers.
Unwanted calls dropped for the third straight year, according to data released by the Federal Trade Commission in November 2024.
The 2024 edition of the Federal Trade Commission's Do Not Call Registry Data Book, first created in 2003, shows complaints down by more than half since 2021. They were 1.1 million illegal robocalls last year, down from 1.2 million the year before and 3.4 million in 2021.
The registry allows Americans to add their information to a list, prohibiting them from being contacted by telemarketers.
"In the years to come, it will be critical we continue this progress by confronting not only telemarketers but those firms who knowingly profit from scam calls," FTC Bureau of Consumer Protection Director Sam Levine said in 2024.
In December, the FCC proposed a $299.9 million fine for Roy Cox Jr. and Michael Aaron Jones, who robocalled more than 550 million people offering misleading vehicle warranty services. TheFCC directed companies to book the calls.
Copyright 2025 UPI News Corporation. All Rights Reserved.
Orange background

Try Our AI Features

Explore what Daily8 AI can do for you:

Comments

No comments yet...

Related Articles

Ascent Funding Student Loans: 2025 Review
Ascent Funding Student Loans: 2025 Review

CNBC

time5 hours ago

  • CNBC

Ascent Funding Student Loans: 2025 Review

Paying for college often means turning to private student loans — and many of those require a cosigner, especially if you don't have an established credit history or steady income. A cosigner can help you qualify and even secure a lower interest rate. But not everyone has someone they can ask. Ascent Funding offers students the flexibility to apply with or without a cosigner, depending on their financial or academic profile. But it also offers flexible repayment plans, generous loan limits and cash back perks. 3.09% to 15.61% APR with autopay discount (undergraduate new loan). Other rates and loan types are available. Visit Ascent's website for full details. Undergraduate and graduate loans, MBA, medical school, dental school, law school, doctorate and Master's, health professional loans. $2,001 up to $200,000 for undergraduate loans and $400,000 for graduate loans 5, 7, 10, 12, 15, 20 years Deferment and forbearance options available For DACA recipients and non-U.S. citizens or permanent residents No Terms apply. Ascent offers private student loans for students attending eligible undergraduate or graduate programs. If you're a graduate student, you can also apply for a cosigned credit-based loan if you have a creditworthy cosigner, such as a parent, guardian or sponsor, or a non-cosigned credit-based loan if you meet certain credit and income requirements on your own. If you're enrolled in a specific type of graduate program, there are customized repayments terms available for: Ascent also offers parent student loans for parents, grandparents, guardians or sponsors who want to help cover education costs, though eligibility requirements apply, as well as bootcamp loans, which are consumer loans designed for career-focused bootcamps or accelerated-learning programs. Offers in this section are from affiliate partners and selected based on a combination of engagement, product relevance, compensation, and consistent and graduate students, parents, health professionals$5,000 minimum (or up to state); maximum up to cost of attendance5, 7, 10, 15, years; up to 20 years for refinancing loans Terms applyUndergraduate and graduate students, parents, international students with U.S. co-signer$1,000 up to the cost of attendance ($180,000 lifelong maximum)5, 8, 10, 15 years for undergraduate loans, up to 20 years for graduate loans Terms apply To qualify for an Ascent student loan, you must be enrolled at least half-time at an eligible institution. If you're applying for a non-cosigned outcomes-based loan, you must be a junior or senior enrolled full-time, or half-time within nine months of graduation at an eligible school. If you're applying with a cosigner, your cosigner must have a minimum gross annual income of $24,000 for both the current and previous year. For the outcomes-based loan, you'll need to maintain a minimum GPA of 3.0 and meet your school's satisfactory academic progress standards. Borrowers must be at least half-time in a degree program at an eligible U.S. college or university Ascent doesn't publicly disclose specific credit score requirements but approval depends on several factors, including: You can use Ascent's prequalification tool to get a better sense of which loan options you may be eligible for, without impacting your credit score. The exact rates and terms of your Ascent loan may vary based on your credit and program. Ascent offers fixed rates starting as low as 3.09% APR and variable rates starting at 4.31% APR. Ascent offers loan terms of 5, 7, 10, 12, 15 or 20 years. There's no prepayment penalty so you can pay off your loan early without added fees. If you select a 20-year term, you'll only be eligible for variable interest rates. And for loans with low balances, your minimum monthly payment account may shorten the total repayment period — meaning your loan may be paid off faster than the selected term. Ascent does not charge any application, disbursement, prepayment or late fees. The minimum loan amount available to borrowers is $2,001, while in Massachusetts it's $6,001. The maximum is $200,000 for undergraduate students, and $400,000 for graduate students. Ascent offers a variety of repayment options based on your credit profile and whether you apply with or without a cosigner. Interest-only: Pay only the interest while in school and during the grace period. Full payments begin after graduation. $25 minimum: Make flat $25 monthly payments while in school. Full payments start after graduation. Deferred: Make no payments while in school. Interest accrues and is added to the loan balance when repayment begins. Other than not always needing a cosigner, Ascent offers a range of perks. 1% cash back reward: You can get 1% of your original loan amount back when you graduate, as long as you meet certain eligibility requirements. Up to 1% interest rate discount: You can sign up for automatic payments to receive an interest rate reduction (0.25% for autopay, with additional promotional offers sometimes available). High loan limits: You can borrow up to $200,000 for undergraduate loans, and up to $400,000 for graduate loans. Ascent offers several advantages but there are some limitations to consider. Ascent offers support via phone, email and live chat during business hours. It's generally well-rated for ease of application but customer service experiences can vary. Applying for a student loan with Ascent is generally straightforward: While Ascent offers flexible borrowing options, its interest rates can fall on the higher side, especially if you don't qualify for discounts. If low rates are your priority, Earnest offers some of the lowest starting APRs among private lenders. It also lets you pick your exact repayment timeline and doesn't charge late fees. Undergraduate and graduate students, parents, half-time students, international and DACA students Undergraduate, graduate loans, parent loans, MBA, medical school, law school, international and DACA student loans $1,000 up to the cost of attendance for new loans, $5,000 to $550,000 for refinance loans 5, 7, 10, 12, 15 years Nine-month grace period available No Yes - click here for details Terms you're looking to refinance your student loans after graduation, SoFi is a top alternative. SoFi allows you to consolidate federal and private loans with no fees and potentially lower your interest rate, especially if your credit has improved or your income has increased. 3.23% to 15.99% APR with 0.25% autopay discount (Undergraduate New Loan). Other rates and loan types are available. Visit SoFi's website for full details. Undergraduate, graduate, parent loans, law school, MBA and health professions loans $5,000 (or state-mandated minimum) up to the cost of attendance 5, 7, 10, 15 years; refinancing loans up to 20 years No Yes - click here for details Yes - click here for details Terms matters — so make the most of it. Get expert tips, strategies, news and everything else you need to maximize your money, right to your inbox. Sign up here. At CNBC Select, our mission is to provide our readers with high-quality service journalism and comprehensive consumer advice so they can make informed decisions with their money. Every student loan review is based on rigorous reporting by our team of expert writers and editors with extensive knowledge of student loan products. While CNBC Select earns a commission from affiliate partners on many offers and links, we create all our content without input from our commercial team or any outside third parties, and we pride ourselves on our journalistic standards and ethics.

'Quishing' scams dupe millions of Americans as cybercriminals turn the QR code bad
'Quishing' scams dupe millions of Americans as cybercriminals turn the QR code bad

CNBC

time6 hours ago

  • CNBC

'Quishing' scams dupe millions of Americans as cybercriminals turn the QR code bad

QR codes were once a quirky novelty that prompted a fun scan with the phone. Early on, you might have seen a QR code on a museum exhibit and scanned it to learn more about the eating habits of the woolly mammoth or military strategies of Genghis Khan. During the pandemic, QR codes became the default restaurant menu. However, as QR codes became a mainstay in more urgent aspects of American life, from boarding passes to parking payments, hackers have exploited their ubiquity. "As with many technological advances that start with good intentions, QR codes have increasingly become targets for malicious use. Because they are everywhere — from gas pumps and yard signs to television commercials — they're simultaneously useful and dangerous," said Dustin Brewer, senior director of proactive cybersecurity services at BlueVoyant. Brewer says that attackers exploit these seemingly harmless symbols to trick people into visiting malicious websites or unknowingly share private information, a scam that has become known as "quishing." The increasing prevalence of QR code scams prompted a warning from the Federal Trade Commission earlier this year about unwanted or unexpected packages showing up with a QR code that when scanned "could take you to a phishing website that steals your personal information, like credit card numbers or usernames and passwords. It could also download malware onto your phone and give hackers access to your device." State and local advisories this summer have reached across the U.S., with the New York Department of Transportation and Hawaii Electric warning customers about avoiding QR code scams. The appeal to cybercriminals lies in the relative ease with which the scam operates: slap a fake QR code sticker on a parking meter or a utility bill payment warning and rely on urgency to do the rest. "The crooks are relying on you being in a hurry and you needing to do something," said Gaurav Sharma, a professor in the department of electrical and computer engineering at the University of Rochester. Sharma expects QR scams to increase as the use of QR codes spreads. Another reason QR codes have increased in popularity with scammers is that more safeguards have been put into place to tamp down on traditional email phishing campaigns. A study this year from cybersecurity platform KeepNet Labs found that 26 percent of all malicious links are now sent via QR code. According to cybersecurity company, NordVPN, 73% of Americans scan QR codes without verification, and more than 26 million have already been directed to malicious sites. "The cat and mouse game of security will continue and that people will figure out solutions and the crooks will either figure out a way around or look at other places where the grass is greener," Sharma said. Sharma is working to develop a "smart" QR code called a SDMQR (Self-Authenticating Dual-Modulated QR) that has built-in security to prevent scams. But first, he needs buy-in from Google and Microsoft, the companies that build the cameras and control the camera infrastructure. Companies putting their logos into QR codes isn't a fix because it can cause a false sense of security, and that criminals can usually simply copy the logos, he said. Some Americans are wary of the increasing reliance on QR codes. "I'm in my 60s and don't like using QR codes," said Denise Joyal of Cedar Rapids, Iowa. "I definitely worry about security issues. I really don't like it when one is forced to use a QR code to participate in a promotion with no other way to connect. I don't use them for entertainment-type information." Institutions are also trying to fortify their QR codes against intrusion. Natalie Piggush, spokeswoman for the Children's Museum of Indianapolis, which welcomes over one million visitors a year, said their IT staff began upgrading their QR codes a couple of years ago to protect against what has become an increasingly significant threat. "At the museum, we use stylized QR codes with our logo and colors as opposed to the standard monochrome codes. We also detail what users can expect to see when scanning one of our QR codes, and we regularly inspect our existing QR codes for tampering or for out-of-place codes," Piggush said. Museums are usually less vulnerable than places like train stations or parking lots because scammers are looking to collect cash from people expecting to pay for something. A patron at a museum is less likely to expect to pay, although Sharma said even in those settings, fake QR codes can be deployed to install malware on someone's phone. QR code scams are likely to hit both Apple and Android devices, but iPhone users may be slightly more likely to fall victim to the crime, according to a study completed earlier this year by Malwarebytes. Users of iPhones expressed more trust in their devices than Android owners and that, researchers say, could cause them to let down their guard. For example, 70% of iPhone users have scanned a QR code to begin or complete a purchase versus 63% of Android users who have done the same. Malwarebytes researcher David Ruiz wrote that trust could have an adverse effect, in that iPhone users do not feel the need to change their behavior when making online purchases, and they have less interest in (or may simply not know about) using additional cybersecurity measures, like antivirus. Fifty-five percent of iPhone users trust their device to keep them safe, versus 50 percent of Android users expressing the same sentiment. A QR code is more dangerous than a traditional phishing email because users typically can't read or verify the encoded web address. Even though QR codes normally include human-readable text, attackers can modify this text to deceive users into trusting the link and the website it directs to. The best defense against them is to not scan unwanted or unexpected QR codes and look for ones that display the URL address when you scan it. Brewer says cybercriminals have also been leveraging QR codes to infiltrate critical networks. "There are also credible reports that nation-state intelligence agencies have used QR codes to compromise messaging accounts of military personnel, sometimes using software like Signal that is also open to consumers," Brewer said. Nation-state attackers have even used QR codes to distribute remote access trojans (RATs) — a type of malware designed to operate without a device owner's consent or knowledge — enabling hackers to gain full access to targeted devices and networks. Still, one of the most dangerous aspects of QR codes is how they are part of the fabric of everyday life, a cyberthreat hiding in plain sight. "What's especially concerning is that legitimate flyers, posters, billboards, or official documents can be easily compromised. Attackers can simply print their own QR code and paste it physically or digitally over a genuine one, making it nearly impossible for the average user to detect the deception," Brewer said. Rob Lee, chief of research, AI, and emerging threats at the cybersecurity training focused SANS Institute, says that QR code compromise is just another tactic in a long line of similar strategies in the cybercriminal playbook. "QR codes weren't built with security in mind, they were built to make life easier, which also makes them perfect for scammers," Lee said. "We've seen this playbook before with phishing emails; now it just comes with a smiley pixelated square. It's not panic-worthy yet, but it's exactly the kind of low-effort, high-return tactic attackers love to scale."

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store