Today, I received a telephone call on my home phone from a cell phone number.
Whoever it was did not leave a message, and so I hit re-dial to find out who it was.
I got an error message saying the phone number was not in service.
How is this possible? The message was recorded, but it had an error code attached to the message, so I assume if I knew what cell phone company owned the number, I could call them and ask what the error code translates to. But there is no way to know the carrier who assigned this number, at least not that I can figure out.
Following up, there are legitimate (and legal) reasons to spoof. I had a friend who needed to reach me from overseas, and had to borrow a cell phone. He knew I wouldn’t pick up a call from an unknown international number, so he spoofed his normal number. I’m not sure where telemarketing falls - it doesn’t seem like they are trying to defraud you by making you think they are someone else; they just don’t want you returning the call. I’ll leave that to the FCC or our legal experts.
As far as how, it is relatively easy with VoIP. Most VoIP clients have a configuration section where you enter the phone number you want to appear. For regular phones, there are many services that will do it (I’ll leave the googling to you if you want to find one).
The very fact that called-ID can be spoofed, I should think, it a total major complete fuck-up in the design of the caller ID protocol. I can’t imagine how in ever-blazing tarnation the wizards who designed caller ID in the first place could ever have allowed this.
I can see that the caller should be allowed to put whatever he wants into the NAME field, although even there, I think it should require that the caller set it up in advance with the phone company. But allowing the caller to spoof the originating number? What were they thinking?
The originating number should be inserted into the data stream by the caller’s company, never by the caller himself. Why couldn’t they think of that?
Yes, but a common feature of phone systems is some magic code you can dial (*69 in my quadrant of the galaxy) that will re-dial the last number that called you.
Caller ID information is passed by the calling system to the destination system. A feature of VoIP trunks (internet to phone system) is that some trunks allow you to construct and send the caller ID data along with your regular connection request. Also, someone who owns a private switch or similar programmable PBX can also set how it should pass the caller ID information.
Spoof means you pretend to be someone you are not. If you simply create a totally fictitious name or number, it’s not fraudulent spoofuing if you are not using that infomation to try to convince the person you are someone you are not - i.e. make the call look like it comes from their bank, or a government agency.
However, my phone has a button that permits you dial the number that is currently on the screen. My phone holds about 30 numbers, so when. I scroll through the calls i have received during the day, when. I come to the one I want to call, i just hit the re-dial button on my hand set. "Maybe it’s called the “call back” button, but I don’t know now that you are forcing me to actually think about it,
Caller ID was designed when only the major telephone company (companies?) had control of the data being sent. Same idea as email, where it was never anticipated that the senders would be so numerous that fraudsters would sneak into the mix and forge invalid data.
I worked at a place where they implemented VoIP a while ago, and the problem they ran into was - can we have one Caller ID internally (“I see Bob Smith is calling”) and another externally so the people reciving the call knew it was XYZ Limited, not some guy named Bob Smith? I think eventually they got the phone company to override the trunking so that all outside calls appeared to come from the switchboard number with XYZ Company as the ID.
That’s the dilemma. Switches were never designed to ensure the caller ID data was authentic, because the sending system was supposed to be trusted. You can’t really tie it to hardware, because there are numerous legitimate occasions when the data may be different - The call comes from extension A but we want it to show the switchboard. You might force phone companies to block untrustable trunk lines, but who wants half their calls (and more each day) to say something like “Blocked Trunk Data”?
Could the call be from Skype? I sometimes buy a month of Skype outgoing only (about $3) if I have lots of calls to make as I have limited voice minutes, but there is no call back number. I think something comes up on a CID, but I don’t think you can call it. So it is possible the caller has outgoing only.
I have VoIP. (Internet phone.) There’s an entry in the setup for my account where I type in what number is displayed as caller ID. I’ve set it to our actual number. But I could have put anything in there or nothing.
Since a lot of telemarketers use VoIP (especially since many originate or route thru overseas), it’s just as easy for them to fake it.
With VoIP, there’s a bunch of mungy details concerning SIPs and stuff. The process of “attaching” a (real) phone number to a device goes thru several layers. None of which forces a particular number to go with particular device as far as caller ID goes.