This guy wrote a program to call scammers' phone lines 28 times a second

Originally published at:


That was entertaining.
I actually enjoy answering the phone and talking to these scammers because it is a good time to practice some IMPROV!
My personal favorite was calling them back and pretending to be a co-worker from another part of the call floor who was stuck in the bathroom. Someone locked the door on me as a joke and I could not get out and they need to help me.
The guy initially brushed me off, but then slowly turned on me and berated me for being stuck there and he wasn’t going to help me. He then made fun of me.


This was so satisfying to learn about. If ‘Project Mayhem’ stands up to scrutiny, I’ll be making a donation. Maybe it’ll only be a drop in the bucket, but that’s how all revolutions start. As Victor Hugo famously said, “There is nothing more powerful than an idea whose time has come.”


Here’s the thing - maybe this one example is egregious, but who decides who is a scammer? I have heard quite a few people assert that all telemarketers are scammers. I call on clients and prospects all day long, so I am a telemarketer, and yes, I take this personally.

There is a reason we don’t simply take the law into our own hands. How many people were cheering on the hackers who hit the Clinton campaign? A good many people would call them scammers too, including our President, if it occurred to him. DDOS is not the path to justice.


There’s a simple countermeasure for this: The scammer adds an IVR intro which asks inbound “potential-victim” callers to press a number [1], [2], [whatever] to speak to an agent. If no number is pressed the call is disconnected. This frees up their “agents” for non-robo-dialers. However, anytime you ask a caller to do ANYTHING it decreases the likelihood of the call continuing, so such a countermeasure is not without its own costs.

Until such a countermeasure is in place, the attacking robo-dialer will succeed. To keep an “agent” on the line as long as possible, don’t use the same script over and over but instead make several dozen actual human voice call-ins of the style of a disoriented person - try to keep the scammer on the line for as long as possible.


I LOVE IT!! Finally, someone’s actually doing something that doesn’t sound so much like a government scam (we’ll make it illegal) (we’ll create a “do not call this number” registry) (or something else that does not work at all)
I propose that we start a sort of distributed attack on these fake assed telemarketers and scammers.
If 100,000 lines start calling these clowns every minute or so, they’ll soon get the idea that they have an unworkable business model. Everytime they change the calling number, we can add it to the list. pretty soon, they will understand we have all the numbers they use.
However, it all has to stop somewhere, and all they will do is change the model.
There’s a new one out there now. You receive a call from what looks like a local number to you. If you do not answer it then but wait, when you call it back it resolves back to the scammers who called you in the first place.


The IRS will never call you. All of their contact is via mail. You can call them but it’s via phone number provided to you by mail or their known official contact numbers.

Should this be done to all telemarketers? Probably not, but it’s one thing to attempt to make sales of questionable timeshare properties and it’s another to pretend you represent a federal agency.

Is calling them back a solution? Once again, probably not, but it can be a deterrent if done correctly, much like having a security guard walking a property and interacting with people there, wether they are there legitimately or not.

If only the NSA would get in on this. You know, actually use all that tech for some actual good.


I think there’s a pretty clear distinction between scammer and telemarketer. If they’re doing something like claiming to be from a company that they’re not, or being deceitful in any way, really, then they should be classified as a scammer. Someone making cold calls for a business that they really represent is obviously legit, even if it can be annoying.


The intro menu is too slow to be of any use. The guy in this video is placing 28 calls per second. Even if the intro menu takes only 3 seconds, you will lose.

1 Like

This could be incredible, kind of like a SETI at Home type project. There could be an always-up-to-date remote list that an open source script pulls from, and people with a little bit of technical know how could set up the script to run constantly. Could quickly escalate to thousands and thousands of callers fighting back.


who decides who is a scammer?

The person with the Python script and the Twilio account. It’s just like how you’ve decided that you are a telemarketer and not a scammer, right?


I have gotten so many scam calls these days I really have a hard time having much sympathy for this. I believe the entire medium of the telephone has been destroyed. If I could get a feature to whitelist my phone to only the few numbers I want calls from I would turn it on.

I’m sorry.


There is only one reason this isn’t worse these days: they can’t call cellphones. That’s it.

I mean sure, they do, sometimes, but the ban is enough for 99.999% to still go through landlines.

The thing is they are calling. I get several spammer calls a day on my cellphone. The new thing I keep getting is contractors looking for home improvement things like solar or roof replacement.

Years ago we added a voicemail system with phone tree to our land line and that got rid of 100% of land line telemarketers.


I think it is totally out of order to call these people “scumbags of the lowest order”. I use a landline exclusively and yes, I also am totally fed up with India/Pakistan’s scammer cottage industry that floods my phone eternal. Is it obnoxious, yes. Is it unethical, probably. Let’s take a step back from our first world comfort for a moment though. The regions of the world where most of these phone calls originate, are gripped in wretched post-colonial poverty. These scammers are people. They are doing what they can to survive. I have read boingboing for years. I keep coming back, largely because of the progressive/compassionate worldview that is espoused here. Please don’t lose track of that. This may seem a trivial point, but civility is up to us in this current racist political climate.

I believe it’s called Poisoning the Well (though it is immensely satisfying to watch that video)

Says who? My wife gets calls from “IRS” nearly every day on her cellphone.


The only problem I see is that there’s no way to determine if the calling number is being spoofed. I’ve gotten calls from (999) 999-9999, (123) 456-7890, and even my own number. It would truly suck to be on the receiving end of this script because your number was grabbed by a scammer to hide their own.


And then some criminals could scam there way into a commit bit and drop in the phone number for a local police department just a few hours before they go off to rob a bank or some such and “convince” the open source phone vigilantly network to DDoS a legitimate public service.


It’s one thing to take the law into your own hands and make a decision to target a group. It’s another thing to voluntarily join a malicious bot net and abdicate all vetting of targets.


That sucks, but I’m under the impression that it’s easier to get the originating number in a cellphone context. Have you tried asking her provider? There’s TCPA violations that await.