Caller ID spoofing??? It can be done!
Who’s on the Line? Increasingly, Caller ID Is Duped By MATT RICHTEL Published: November 22, 2011 Telemarketers increasingly are disguising their real identities and phone numbers to provoke people to pick up the phone. “Humane Soc.” may not be the Humane Society. And think the I.R.S. is on the line? Think again. Caller ID, in other words, is becoming fake ID. “You don’t know who is on the other end of the line, no matter what your caller ID might say,” said Sandy Chalmers, a division manager at the Department of Agriculture, Trade and Consumer Protection in Wisconsin. Starting this summer, she said, the state has been warning consumers: “Do not trust your caller ID. And if you pick up the phone and someone asks for your personal information, hang up.” Regulators in Wisconsin and many other states are hearing a significant jump in complaints about what is often called “caller ID spoofing” or “call laundering.” The rise of such tactics has prompted the Federal Trade Commission, which already prohibits telemarketers from masking their identity, to consider new rules. And last year, the Federal Communications Commission introduced rules to strengthen enforcement against the practice, and law enforcement officials in many states are working on other ways to combat it. Such efforts have done little, though, to help people like Thomas Harbon, 74, a retired computer science professor who lives in Anderson, Ind. He has complained several times to state officials about the spate of calls that have made him distrustful of caller ID. Sometimes, the calls appear to come from his town. Lately, if he is curious enough to pick up, he hears a recorded voice from someone named Rachel offering help with credit card interest rates. “Sometimes it looks legitimate, and I’ll pick up and hear ‘This is Rachel from...’ and that’s about all she gets because I cut it off,” Mr. Harbon said. Several federal rules prohibit forms of caller ID spoofing and laundering. Under the Truth in Caller ID Act, passed last year and enforced by the F.C.C., it is illegal to transmit inaccurate or misleading caller ID information “with the intent to defraud, cause harm or wrongfully obtain anything of value.” The F.C.C. said it has received complaints about caller ID spoofing, but declined to say whether it is investigating any of them. Privacy and consumer advocates say caller ID spoofing started on a small scale several years ago, but has risen sharply recently. The authorities say many spoofers are debt collectors or companies that promise to help consumers reduce their credit card payments or other debts. Julie Schultz, 46, a homemaker in Chicago, started getting 30 calls a week from debt collectors in the spring of 2010, after a run of bad luck, including a car accident that severely injured her husband, left her family unable to make its minimum credit card payments. But the calls typically showed up on her caller ID as a string of zeros, a local number without a name or even, in one case, “Humane Soc.” “They want you to pick up that phone because you think it’s somebody else or an important call that you’re expecting,” Ms. Schultz said. She has hired a lawyer who has taken on a handful of clients suing telemarketers. As laws have tightened, technology has made it easier for spoofers to cloak themselves and avoid getting caught. For instance, law enforcement officials say, it is easy to route a call onto the Internet and back onto the public telephone network, thereby masking the call’s origin. Companies can also use free software or inexpensive services to have a fictitious name appear on caller ID. These services are often used for legitimate reasons by companies wanting to identify themselves to callers, but they can also be used to create aliases. Automated dialing technology, known as robocalling, which lets telemarketers place thousands of calls per second, has added to the problem of caller ID spoofing. The trade commission has received an explosion of complaints about telemarketing and robocalls. In September, it received 140,000 complaints about prerecorded robocalls, more than double the 61,000 complaints in the same month a year ago, the agency said. In addition, the F.T.C. said on Tuesday that it had filed a complaint against a company that it said violated its rules prohibiting the use of robocalling by telemarketers and the masking of caller ID. The agency said Sonkei Communications sold robocall services to telemarketers that generated tens of thousands of consumer complaints. The telemarketers sold home security systems, credit card services and programs, using caller ID readouts that said “Service Message” or “Service Announcement,” the F.T.C. said. Sonkei Communications could not be reached for comment. Law enforcement officials around the country said they were also seeing more fake caller IDs. “It’s just grown and grown,” said Marguerite Sweeney, the head of telephone privacy enforcement for the Indiana attorney general. She said the state had heard from about 5,000 residents this year complaining about some form of caller ID spoofing. The tricks are getting more sophisticated, she added. In some cases, consumers complain that when they call back the number on their phone, they hear an automated recording for a “do not call” list, offering to take the caller’s number. Ms. Sweeney said she assumed the scheme was intended to gather numbers of people who might be willing to entertain a telemarketing pitch. In other cases, she said, a number shows up on caller ID from a legitimate local business that is being used as a cover for a telemarketing pitch. “Some random business or a person will call us and say, ‘I’m getting irate calls from people saying I’m dialing them,’ ” she said. In North Carolina, officials said they were seeing big growth in caller ID spoofing from companies promising to consolidate credit card debt and, more recently, marketers selling what they claim are inexpensive medical products to treat diabetes. When the state tries to trace the numbers, officials say, they wind up following a labyrinth that leads to China, Panama or the Philippines. They have also heard of cases of caller ID reading “F.B.I.” or “I.R.S.” For the most part, according to consumer advocates, the problem has been relegated to landlines. But they worry it threatens to spread to cellphones if proposed legislation passes that would allow businesses to use robocalls to reach consumers on their cellphones. Advocates for the legislation, the Mobile Information Call Act, say it is necessary because a growing number of Americans use only cellphones or rarely use landlines anymore. Under the legislation, businesses and nonprofit organizations could reach people on their cellphones to “deliver information calls for commercial purposes.” Attorney General Greg Zoeller of Indiana, who testified before Congress against the legislation, said he worried that the proposed rules threaten to pre-empt states from prohibiting sales pitches by cellphone. And then, he worries, caller ID on cellphones will be taken over by fake ID’s. “The misuse of this could have people afraid to answer their cellphones the way they have their landlines,” he said. |