A bit of history
Long ago there were such things called diverters. The phone company used them so employees could dial a number and get a second dial tone; this way when dialing long distance the charges would be billed back to the company and not the employee.
I recall my friend using them to dial in to a BBS in the early 90’s. The BBS was in FT Worth, which was long distance for us on the other side of Dallas. He had a program that would dial a block of phone numbers all night long and give a report of which numbers gave a second dial tone. Could you imagine a phone call at 3:00 AM waking you? This was before Caller ID so no one could call him back or ever know who called.
If I recall correctly, I believe Hollywood had a few “Hacker” movies where the actor used diverters to mask their number.
Where we are today
In today’s world we have programs that dial people directly from a computer using VOIP. With this age we have apps that allow people to spoof their Caller ID information. I’m sure there are plenty of other ways to make this happen as well and I ask why this is still a thing.
Why should I care?
Prank calls are my least of concern. What does bug me is that scammers take advantage of the trusting and those with little knowledge. Most of the time this is an elderly person with little technology knowledge. In fact, my father in law fell victim to the “Microsoft IT” scam. Someone called and said they worked at Microsoft IT and there was a virus on his machine. He allowed them to remote in and who knows what they did but we all know it wasn’t good.
Chances are if you’re reading this you don’t fall into the bucket of “little knowledge”. So let me help you remember this annoying scam: Remember a couple years ago when you’d get calls once, twice, maybe three times a day about your auto warranty expiration? This scam got so big that the government actually cracked down. The FCC even posted a warning about them: https://www.fcc.gov/consumers/guides/beware-auto-warranty-scams
Don’t remember those? What about the calls we all get today about your student loan debts and @POTUS enacting some laws that can enable you to pay them off faster with paying less? Do you get these calls? I do and I have never had student loans. Not only that I’m also on the federal do not call list!!
Why am I blogging this today?
As it turns out, I’ve yet to receive one of those fake IT calls until today. I got a call from a number that when you attempt to call it back is not in service. It was a spoofed number.
The voice on the other line said that he was from “Windows IT” and asked if I was the owner of my machine. I thought I’d play along a bit to hear what he had to say; so I told him to get to the point.
He said that my machine has been hacked and that it has many viruses but he could remove them. I asked if he knew it was an international crime and a felony to impersonate someone and hack a machine.
He again replied that he could remove the viruses. I’m not sure he understood what I had just said, so I said “Do you know I work at Microsoft?” Actually, I left Microsoft in 2013 but he wouldn’t know either way.
Once I said this, I heard a sigh followed by 3 “___ you”s and then the phone call promptly ended.
I’ve had other calls from telemarketers that spoof their number as well. When you want to call back the number is disconnected and I don’t think this is right. In fact I feel it should be illegal and eliminated from being a thing.
What can I do about it?
We must ask ourselves if warnings suffice or if we should step up and close this stuff forever. If you work in Tech and design products like Android or iOS, why not ask yourself if you should lock this down? A SIM should only allow calling from the number it has, Period.
We’re all technologists. We should work to better the world and eliminate tactics that scammers can use to steal from us and people we know.
I would expect that the phone company be able to provide me the actual phone number of any caller that has rang my phone; but, I don’t see that happening without some new rule from the FCC or congress.
What if you’re an average Joe like me? You could always call your congressman or the FCC. After all it is election season and I’m sure their ears are open. 🙂
Here’s the FCC link: https://www.fcc.gov/general/send-us-your-comments
Here’s how to find your congressman: http://www.house.gov/representatives/find/
2 thoughts on “Off-Topic: Phone number spoofing. Why is this still a thing?”
Thats quite an informative information about the phone number spoofing. Keep of the good work.
Wow I remember the WAR dialers and trying to get divert-er numbers. The only thing about that is if you use a divert-er too long the company might put a trap and trace on it. That’s why I shy’ed away from using them. I had friends in highschool who did the same thing. I wonder with the do not call registry you might be-able to file a suit against the carrier? IE they provided the IP for the call before it gets pushed to the fake number. There might be Phreakers out there who do this all the time.