caller ID spoofing

Fusion Voice service, features and help.
6 posts Page 1 of 1
by ankh » Mon Nov 16, 2020 10:40 am
We are getting dozens of calls from strangers who think we called them--- some robocaller has been using our number as their caller ID.

Is there a problem for us if people mistakenly report our number as the source of spam calls? The FTC page says
https://www.consumer.ftc.gov/blog/2017/ ... nted-calls

many call blocking tools rely on blacklists. Those are databases of phone numbers that have been reported as the source of illegal calls. In addition to the number, the data the FTC releases will include the date and time a person got the unwanted call, the general subject matter (debt reduction, warranties, home security, etc.), and whether it was a robocall. Companies will be able to use this information to help identify which calls should be blocked or flagged. Even if a scammer fakes caller ID information — so the number you see isn’t the scammer’s real number — reporting it can make a difference.


This sounds like faking our number as a caller-id could amount to a denial of service attack, if our number ends up on blocklists. I wouldn't be surprised if my longtime habit of reporting junk emai to Spamcop has gotten me on some spammer's shitlist.
by jerrielm » Mon Nov 16, 2020 11:45 am
Hello!

The cruddy thing with Call Spoofing is there not a real way to protect you from it. If they choose your number there is not much a company can do about it. They can spoof any number they want. If you do end up on a blocklist for another company you should be able to request that they unblock you. Soon enough call spoofers stop using the same number and move onto a new one. I am sorry for the issues you have had with this. Let me know if there is anything else we can assist with.

Best Wishes!
by dane » Mon Nov 16, 2020 12:24 pm
This is the issue with using 1975 technology (SS7) today. Just like with email, with a circa 1982 protocol (SMTP) to deliver email today.

With both SS7 and SMTP, for phone calls and for emails, the originating party can claim to be whoever they want, and there is no system of authentication to assure they really are who they say they are. This is the crux of the issue of spam, and robocalls today.

Thankfully, the FCC has advanced industry standards for call authentication (SHAKEN/STIR) which carriers will be required to implement, and when that is complete there is some hope that spoofed caller ID is finally resolved. We will see!
Dane Jasper
Sonic
by ankh » Mon Nov 16, 2020 2:24 pm
The FCC says, about their database of spam callers:
Companies will be able to use this information to help identify which calls should be blocked or flagged.


would we know if a company is using this database to block us from making calls go through?
by george_byrd » Tue Dec 15, 2020 4:03 pm
dane wrote:
This is the issue with using 1975 technology (SS7) today. Just like with email, with a circa 1982 protocol (SMTP) to deliver email today.


From your comment, it appears that old fashioned Automatic Number Identification (ANI) used by telephone operating companies to pass along call billing information, is also being spoofed by telephone spammers.

My semi-educated (and long out of date) guess is that the telephone spammers are using outbound VOIP, and that the robot calls originate outside the USA from anywhere in the world.

I hope the new initiatives you mentioned succeed.
by virtualmike » Tue Dec 15, 2020 8:19 pm
Actually, ANI is still used for billing purposes, for example when a call is handed over to a long distance service. It's also used by 9-1-1 systems to identify the service address for the incoming call, and is the number sent to the receiver of a toll-free (800, 888, 877, ...) call. It cannot be blocked. It goes with all phone calls, even those from older equipment (though I doubt any non-computerized phone switches are in use anymore).

CLI ("Calling Line Id") is the number that is sent the the recipient's equipment. If the caller blocks the number, it will still be in the data packet, but there will be a "privacy" indicator to tell the receiver's phone company not to send it to the called telephone.

ANI and CLI do not need to be the same. For most home phone lines, cell numbers, etc., they will both have the same number. But some companies will configure their systems so that all phones will send the same ANI, but a different CLI for each physical phone.

Yes, most of the phone spammers are originating their calls using servers outside the US, but some are working inside the states, and a few have been caught.

You can also find phone apps and services that will allow you to spoof your caller ID. Not that I've ever done such a thing.
6 posts Page 1 of 1

Who is online

In total there are 4 users online :: 1 registered, 0 hidden and 3 guests (based on users active over the past 5 minutes)
Most users ever online was 999 on Mon May 10, 2021 1:02 am

Users browsing this forum: Bing [Bot] and 3 guests