Skip to content ↓ | Skip to navigation ↓

Have you ever received unwanted calls from auto-dialers and telemarketers at a time when you did not want to be called? Has an auto-dialer or telemarketer ever tried to scam you? Have you noticed that the numbers of certain incoming calls don’t seem accurate?

If you have answered yes to any of these questions, you might have seen a spoofed caller ID. Anyone can spoof a phone number and make it seem like another person is calling. In the past, caller ID spoofing has been used to break authentication on voicemail. However, there are a number of ways to protect yourself when you think the caller ID has been spoofed.

What Is Caller ID Spoofing?

Caller ID spoofing is the process of changing the caller ID to any number other than the calling number. When a phone receives a call, the caller ID is transmitted between the first and second ring of the phone. To transmit the caller ID, we use a technique called Frequency Shift Keying, which transmits the caller ID in a binary format. It is possible, during this part of the call, to transmit the caller ID we want instead of the true number.

How to Spoof?

There are multiple online services that offer caller ID spoofing for a price; some even offer a 30-second free trial, so you can try out the service. To make the service work, all you have to do is provide three pieces of information: the phone number you want to call from, the phone number you are calling, and the number you wish to show up in the caller ID.

Once all the information is provided the service will create a conference type phone call and connect you to the number you have specified. If you wanted to, you could potentially set up something to spoof caller ID yourself. All that you need to do is set up a host with Asterisk and then have a SIP trunk line.

Some service providers have been known to allow any number in the caller ID sequence sent out on Primary Rate Interfaces. This allows any company having a legitimate purpose change the caller ID to a number they specify. Unfortunately, it also allows anyone who owns a Primary Rate Interface to specify a number for malicious purposes.

Can you bypass authentication?

Voicemail used to use caller ID as the only form of authentication, allowing anyone to spoof the phone number and listen to the messages. This was a very insecure policy and most voicemail services have been updated to protect against this attack.

Are there ways around caller id spoofing?

The call-back method allows for some security when you think caller ID spoofing is being used. You could put the caller on hold, and then call the displayed number. If the number is busy or you reached the company they said they are calling from then they are potentially telling the truth.

However, they could be forwarding you to the company. At that point, when you are on phone with the company in question, you could ask whether or not the person is calling on behalf of the company.

The final check you could make is to enter the number in question in a search engine. This allows you to see if the company has the number on their website or if the company has mention of a scam that is going on. It also allows you to figure out what other people are saying about number.

Real World Example

Earlier this year, a tax scam in Pottsville, PA, claimed to arrest victims if they didn’t pay outstanding tax debts. The caller ID that was spoofed showed that the originating call was from a Pennsylvania phone number: 570-622-1234. This number belonged to Pottsville City Hall, giving a false sense of security to anyone who received the call. The police warned of the scam and reminded Pottsville citizens to never give out any personal information over the telephone.

What you should know Legally

It should be noted that spoofing a phone number with malicious intent is against the law. In Canada, the CRTC suggests suspected victims file a complaint if they believe the caller ID has been spoofed by a telemarketer.

The FCC also prohibits the use of using caller ID spoofing with intent to defraud, cause harm and wrongfully obtain anything of value.

If you ever question the number that you see on you caller ID, remember to be cautious. When anyone has the ability to call you as another person or company, it’s impossible to know his or her intentions. Make sure to take the time to verify the person on the other end of the phone.

 

Hacking Point of Sale
  • Dorothy

    First someone stole my identity and filed Income Tax Return with in my name and someone else's and now I'm getting phone calls from my own phone. Now I received a check for 1,230,946.00All I have to send them 12.99 and it's mine. Go figure.

  • Paul

    One of the ironies of the FCC reporting is that you don't know the actual number or entity that defrauded you because the number was a spoofed one. How to report?!

  • Nunya Bidness

    Report spoofed numbers to FCC.gov and also your phone service provider. Soon the FCC will require phone providers to block unwanted calls upon request by customers. But you have to report the stalker/harassment.

  • Anon E. Mouse

    "The FCC also prohibits the use of using caller ID spoofing with intent to defraud…"

    Quote "prohibits"

    TOOTHLESS "prohibitions" and TOOTHLESS FCC.

    IT'S ANNOYING.

    TALKING ABOUT AN OUT-OF-TOUCH GUBMENT.

  • Misty

    Someone has been calling a family member at 1 in the morning using my cell number! How can they do that ? My phone was even turned off at the time..

  • Gary

    All that has to happen is to close the technical loophole that allows the "caller" to change the caller ID. Make it such that only the provider can change the ID, and then only when certain conditions are met:

    1. The requested number MUST ring to a live person (recordings prohibited) 24/7.
    2. The requested number MUST be registered to the person/company making the request.

    No third parties and no exceptions.

    In addition, make 3rd parties that create these "conference" call setups in an effort to hide the true source of the call equally culpable in any lawsuit or criminal prosecution.

    • Mel

      Gary you got it nailed! Its not rocket science; I can't understand why the authorities are not doing this already.
      Every time I get one of these calls I give them some very colourful invective until they hang up. Guess what? The calls are becoming much less frequent now!

  • Peter R Mare

    This just happened to me. Our phone rang, caller ID stated that the call was coming in from our own number in our own name. The phone rang 5 times, we did not answer, called Verizon tech service and Ian never heard of this, then after holding, he gave me the Verizon fraud unit phone number, 800-257-2969. When you call this number it gives you 4 choices. Number 4 states that there is nothing they can do to prevent caller ID spoofing. What if we answered? Could that person, who may be a terrorist, use our phone number to plot a deadly attack and then the FBI knocks on my door and says I am a terrorist? Technology is beyond normal human conception to realize potential terrorist ability to use it to take us back to the good old days in 800AD

    • Geno2733 .

      This shit happened to us about a year ago.. Verizon said they were aware of the problem, and that there wasn’t anything they could really do about it.. At least T-Mobile is trying to eliminate the problem, for my cell got spoofed, and I reported it to them.

  • Notorious_bob

    the FCC forbids it but doesnt enforce diddly. pointless. we should send seal team six to the home of anyone caught using this. we ignore the geneva convention any other time.

    • You’re Fired

      You go Donald, hey, you should run for President!

      • Notorious_bob

        yeah, you see how well that’s working out for him. the majority wants a country of people that roll over and let life happen to them because assertiveness and self-worth are viewed as tyrannical now.

  • Willie Trumble

    Ask them for number to call them back because you’re really busy

  • ELAINE WILLIAMS

    contact your carrier. If it’s Verizon good luck!

    • guest12345678

      Or you can set up your own network capture system and trace the call to the actual VOIP origination location then go visit them with your complaint…

  • ELAINE WILLIAMS

    Oh Dear God Dorothy – that’s a very old scam. The check looks real and is verifiable when presented to a bank. It’s not!

  • Mojo_jo_jo

    If I don recognize the number I don’t answer it. I let my answering machine pick it up and most of the time no message is left and therefore is usually a scam.

  • JSFLA

    Spoofed? Yeah. I just called myself. My number and named showed up on caller ID.

    • Liane Laskoske

      Same here. I got the guy talking for a bit and then roared DO NOT CALL ME! into the phone. I think I broke his eardrum. I hope I did.

      • Paula Hunt

        Liane, I remember back in the day when we used to keep a whistle by the phone, sadly I think it is time to get the whistle out again. I also used to play with the telemarketers and ask them filthy, dirty, nasty questions until they became so disgusted they hung up.

  • biffula

    The problem nowadays is that these calls are originating from foreign countries who could care less about u.s. law. They just want people money.

  • DogAunt

    I haven’t found any legal, effective solution but one: a police whistle. I wait until a person is on the phone and talk very quietly for a few seconds–ask if they can hear me, then put the whistle in my mouth, fingers in my ears, take a deep breath and blow the hell out of the whistle into the phone. Yes, it works because it also usually damages their equipment! Hooray!

    • TheLawToday

      Not a good idea. One of the two people on the other end is innocent. That means YOU become an asshole too. Thats the spoofer’s advantage and reason in the first place. Its like being framed.

      • Neo404

        Not really. Maybe when these people get the same results over and over they will realize they are as guilty as the people they work for. Caller —> “Gee people keep saying that my number looks odd or not right and looks -spoofed- hmm, am I working for a spoofer company?” …….Like WTF yeah….

        • Comic BookGuy

          I tell them that what they are doing is illegal and if their employer knows that then they probably aren’t going to pay them either. They always hang up, even when they sound American.

        • TheLawToday

          In this described situation… yes, really. One is innocent. You just don’t understand the logistics behind this brand of spoofing.

      • Blayze Kohime

        Any company that uses that sort of telemarketing in today’s world is a scam. ANY and ALL of them. Anyone that calls you out of the blue and asks you to give them money for anything is a scam. period. No exceptions.
        And there is no way that the person on the other end of the line does not know this. They either know, or they are so ridiculously stupid that they can’t figure it out. Either way, I have no pity for them.

  • Dawnsdad

    idk about other carriers, but Verizon offers a service that directs calls from numbers not in your contact list to voicemail. But they charge $5 a month. In my opinion, by doing so, they are profiting from the prohibited activity and, therefore, just as guilty as the scammers. They should offer it for free.

    • guest12345678

      Any Samsung phone can be set to do not disturb then set permissions to allow only callers in my contact list. This stops most unwanted calls since robo callers rarely want to leave messages to avoid giving their prey a valid number to pass on to phone companies.

    • Bill Engvall

      Here’s your sign…

  • anon-telecom-engr

    The current carrier system is SS7 and they CAN stop CID spoofing, but that is not profitable. By setting their call switches to prevent inbound CID information being used and appending the correct CID information from their own CID database for that circuit, the spoofing stops. To stop calls coming in from ‘numbers not in use’, each end point call switch would have to query the carriers own database and then disallow the call to complete. This is actually very simple, but since they never implemented this type of security to their call switches it would cost a fortune to reprogram every call switch in every local carrier location.

  • wanderingwillows

    An autodialer calls my phone about once a week supposedly having an offer from Merriot Suites, the worst part is it calls from XXX-750-XXXX and always has the same zip and prefix but the last four changes each week. Problem is I get a call back from some other person with a 750-xxxx number thinking i called them and I’ll call someone else asking if they called my 750-xxxx number. It’s a little annoying.

    • Bill Engvall

      Well, they spoofed your phone and a multi-billion dollar company, Merriot??? Is tripwire really this full of Bill Engvall “Here’s your sign” idiots?

  • 2spooky5me

    I got a call once from a telemarketer… I pranked them like a friend of mine did once and made them think they phoned an adult toy shop… If u get my drift… They never called back…lol stupid idiot telemarketers r so fun to mess with…

  • Stormie

    I had to change my number because I blocked telemarketing phone numbers but they use this spoofing practice, so blocking each incoming call wasn’t a help. Sometimes I hate technology for so many reasons. I wish we could go back to the days when everyone’s phones were tied to a wall and we had to dial our numbers.

  • Tiger

    Sign up with NoMoRobo. Free for landlines for many carriers. Not available yet for mobile numbers, though. One ring and it sends the call to a dead line.

  • Mars

    The call was not from the irs scammers. The call was to see who was home and who wasn’t home. The call was intended for a specific person – a person who would recognize the caller ID and/or the phone number and know who was calling. If that person is alone, they will answer the phone with a code word, maybe “yo” or “sup dawg”. The caller will then know that it’s safe to talk. If privacy is compromised, due to other people being in the room, the intended recipient will simply answer the phone with a “hello”, and not use the code word, letting the caller know that now is not a good time or if the call goes to answering machine, a recording of a telemarketer or a scammer will be played and the whole event will look exactly like a common nuisance call. In reality, it’s the equivalent of the old “let the phone ring once” trick. You call and let the phone ring once. If it’s a good time to talk, the intended recipient can call back. If it isn’t a good time to talk, well then, it was just a random single ring. Get it?

  • frank

    got a cordless phone that you can block thirty numbers, but I need more memory

  • Blayze Kohime

    Don’t use the callback method, some scammers WANT you to do this. They set up a phone number that will charge you by the minute and then try to trick you into calling it. Sometimes they won’t even speak to you; they’ll just ring your phone once and count on you calling back the number you see in your call id.
    Go to the Internet, look up the company they claim to be, and IF it is a legit company, then call the number you find on their web site to verify them. NEVER call the number that they give you.

  • Comic BookGuy

    They are spoofed so this won’t do anything but block innocent people.

  • LorDor

    They should just disallow spoofing by law. Stop the practice and protect the public. What has happened to common sense?

  • DBH

    Regardless of the “Person on the other end” Spoofing is a crime and therefore a LIE. It’s deception to get you on the phone. If the person on the other end is as innocent as you think, ask them for the location of the company, a call back number, and I’ll bet they hang up, or, get aggressive. Simply install Extreme Call Blocker from the google app store. Be sure to to to settings and white List all your contacts. Since installing this, I do NOT get these calls. Anyone calling you out of the blue trying to sell you “SECURITY” or a CRUISE is a SCAM. I agree with Gary, and I agree that Verizon and the others should be protecting it’s investment. CUSTOMERS

  • DBH

    Regardless of the “Person on the other end” Spoofing is a crime and therefore a LIE. It’s deception to get you on the phone. If the person on the other end is as innocent as you think, ask them for the location of the company, a call back number, and I’ll bet they hang up, or, get aggressive. Simply install Extreme Call Blocker from the google app store. Be sure to to to settings and white List all your contacts. Since installing this, I do NOT get these calls. Anyone calling you out of the blue trying to sell you “SECURITY” or a CRUISE is a SCAM. I agree with Gary, and I agree that Verizon and the others should be protecting it’s investment. CUSTOMERS

  • Gary

    So The Article header Says,”How to Protect Yourself From Caller ID Spoofing” Where Is the Information To support The Article? It Tells You How to Spoof, Your Legal Recourse And What Spoofing is. But Not how to protect youself?

  • Susan

    My problem is my phone number is being used in spoof calls, and people are calling me to see who called them. I am getting around 10 calls a day. Some people are getting repeat calls.
    I have talked to the FCC, and they are unable to do anything. They are working on legal avenues, but can do nothing at this time. FCC rep said that people have reported similar issue lasting a few days up to a couple of months. I have been dealing with it for 1 month.

    I do not want to have to change my phone number! I have put a message on my voicemail telling people who don’t know me to block the phone #.

    • Love to travel 2014

      We are going through this right now. Our number was spoofed. Over 200 calls in the last 24 hours with people calling us, even threatening us. We reported it to the FCC and there is nothing they can do. The phone company can’t help us either. This is a number that we have had for 16 years and we use to market our vacation rental. We have had to turn the phone off and put on our answering machine. Some people don’t even listen to the whole message where we say we have been spoofed and think we are trying to get them to rent our property. Total nightmare. This is threatening to ruin our business. I was hoping from the title of the article that they had some solutions.

  • Hsd3

    The number on my call logs is 864-534-9588 the last 4 digits change every time Greenville sc it says there not on phone in recents .call logs showing I called them numbers I didn’t ,it’s a lot of them happens most when I calling my wife

  • Ernie

    I receive an harassing spoof call nearly every day – sometimes several times a day. The caller ID provides a number, but it’s not the real number calling me. When I answer the call I hear the sound of a fax machine trying to make a connection. But, it’s a pre-recording, not an actual inbound fax call. Has anyone else receive this type of harassing call?

  • Verizon CEO

    LOL, have you heard of technology?

    • Fred H

      Of course, what a stupid question. The FCC should pass a law that there are no anonymous phone calls period. The person on the phone can remain anonymous but the owner of the phone will still be identified….that way people will be accountable at least to give information about who used their phone if it was used to commit a crime!!

      Great post Gary!!

  • Fred H

    Remember the customer can get what they want in these circumstances.
    If company won’t meet customer demand….customer’s find a company that will!

  • Steve W.

    Folks, the horrible truth is the FTC (No Call List enforcement) is a total scham! I have handed the FTC directly, very specific information regarding “robo-call” centers and the FTC and other authorities do NOTHING! Simply research on the internet, look at the FTC and Florida State Attorney General case November 2014, Even by their own figures, these “rono callers” scammed almost $23 MILLION dollars from SENIORS alone. What di the FTC settle for? Some $79K in JUNK ASSETS (old car, boat, etc.) .. and NO ONE WENT TO JAIL! The FTC does NOT care and clearly shows CRIME DOES PAY! The FTC contacted me directly (an individual) and I have more information regarding this subject than the FTC does (pathetic but true). They wrote me in early 2015 (I have the letter) requesting my information and assistance. I advised them that I would assist, but ONLY if I were allowed to be added as a Plaintiff in the case (to make sure the 2014 bs fiasco would never be repeated)..they declined! I also recently (2016) located a DIRECT line into one of the largest robo call centers operating in the US (in US territory) and gave this information directly to the FTC office in Chicago (who is in charge of this operation) and they once again did NOTHING! So to rely on ANY “authority” is a total waste of time! The only way to help curtail this plague is to ENGAGE then directly! Whenever a robo caller contacts you and is selling a “product” (one of the most common now is the “health monitor systems for seniors”). TAKE THEIR PRODUCT..and this is 100% LEGAL! I use a low limit credit card specifically for this. Order their product and once you receive the unit, immediately contact your CC company and dispute the charge. You can advise them of why you are doing it and the vendor is in violation of FEDERAL LAW. Tell the CC company to block any and all attempts of any charges from the vendor. The KEEP THE UNIT, do not even open the box, just put it aside (I have dozens in a closet). Then when the vendor contacts you again, clearly tell them they are in violation of federal law and you are holding the unit as evidence for federal prosecution (which is TRUE). You will not be getting any other calls from the vendor..I never have. When you take their units, you take their inventory! Then, amazingly, you stop getting those robo calls! It’s the only remedy currently available, because, again, the “authorities do NOTHING..and this is 100% LEGAL! It will be up to the consumer to take action to help make this plague stop.

  • DCHsr

    The FCC was created to tell what we already know and fine and regulate us for the money. It is aways the money.