Communications watchdogs have today been pressed by MPs to investigate a new service that allows people to fool caller ID systems into displaying a fake number, amid fears it will be abused by ID fraudsters and other conmen. It's thought such trickery is currently legal in the UK. The Liberal Democrats have called on regulators …
... as if it wasn't bad enough having these fuckers calling me *every* day from overseas trying to sell loans to someone who no longer lives here, now we can't even block the calls because we won't be able to tell who it is.
This needs to be outlawed and fast.
"Spookcall founder Royce Brisbane defended the service today, saying he had sought advice on whether the caller ID spoofing was legal under UK law prior to launching the service."
I wonder which labout MP is Royce Brisbane's mate? and how much they will make from this personally?
I look forward to the Home Secretary telling us how this will make the telephone safer for our Children
of fraud to me.
I see this service as being of more use to criminals than honest persons.
Perhaps the tagline should be "who do you want to be today?"
I want to be a Nat West call center whilst asking for a customer CC details.
technical point in law
To claim that the receiver of the call should determine who the caller is would fall down in law if a deliberate attempt to change your identity is made. This could then be construed as fraud. Unless the caller ID is genuine, and the caller does not identify themselves, they are free to assume that the callee should find out who they are. If they intentionally misrepresent their caller ID, then the onus is on them to clarify their ID on the call to avoid any kind of investigation.
Seems to be a harmless prank line, but clearly this can lead to a more sinister practice. Personally, i dont believe anyone who calls me these days, but i am king of the cynics.
We have this in Canada, it is used by all sorts of scammers.
the government does nothing at all about it (probably some of their friends)
Call from +666 666 666 666
YOU'RE GOING TO HELL!
Phone your boss and tell him what you always wanted before it becomes illegal (might want to distort your voice).....
Evil thought could always pretend to be the bosses wifes boyfriend/girlfriend?
Have you read how some people use this system? Frankly most of the stories are disgusting abuses of trust and how anyone can call this system innocent is clearly Very misguided.
I avoid harassing phone calls by not having a phone connected to my wall socket. Bollocks to landlines, I only want the internet, anyhow.
....today I'm going to be the House of Lords' tearoom.
This will be outlawed in the UK ....
... the second someone spoofs being Gordon Brown, and orders a load of strippers and baby oil to no.10.
Seriously, given the pedomania in Britian. all someones got to do is say "think of the childuhrunnn" and it'll be banned. With knobs on.
This will come back to haunt him
"It should be up to the person you're calling to make sure you're who you say you are."
Royce Brisbane better have his lawyer on speed dial the first time the Daily Mail reports his service has been used by a stalker or an unwanted ex to make someone's life hell.
Honestly, can anyone think of a legitimate use for this business that can't be done through other, better, entirely legal means?
Oh what fun
The government has something new to legislate against and then ignore.
A few people are going to have to change their terms and conditions.
For example, www.bt.com/privacy
"BT Privacy at Home* registers you for the Telephone Preference Service which helps stop unwanted sales calls.
It also includes Caller Display**, which lets you see the number of the person who's calling, so you can decide whether or not you want to take the call."
All that goes down the pan if the person who's calling is not really the person who's calling at all.
As it happens, I once had a call from a Gordon Brown.
He even had the correct accent for our current incumbent.
However, he didn't claim to be our erstwhile PM - but from an agency we were dealing with at the time.
We laughed about his name, and his accent.
Sometimes, truth is stranger than the quite hideous fiction this service will bring about. I hope it is outlawed soon.
Does anybody know Royce Brisbane's number? ;-)
AC because when this happens, I don't want it coming back on me ;-P
OK, simple answer (sic)...
I will no longer be accepting ANY phone calls. yes, folks, the plug is being pulled from the wall as I speak - I mean type ;)
This means that:
* No one notifying me I've won the lottery will be able to contact me, as I no longer accept any mail to my home due to the massive amounts of junkmail;
* I don't read email for the same reason (only there it's called spam)
* I don't answer the door due to the threat of home invasions
* And now I cannot be sure the called ID isn't being spoofed on my home phone.
That's four more reasons to quit the UK, folks.
I am Sooooo outta here...
Er... when I win the lottery, I mean - D'OH! how the hell will I know when I've won it?!
Apparently If I choose to sign up for this service their T&C's are governed by New York state law, hardly likely to worry me or anybody else in the UK.!!....
PS how does one lobby for this to be stopped without attracting more exposure to the service?
On the Other Side...
Perhaps BT will now released incoming international callerID? Given that their argument against it was always that they couldn't be sure it was accurate, now they've either got to withdraw the callerID service altogether or accept that they can't guarantee the accuracy of any supplied numbers and provide all of them.
The perfect tool for Bunny Boilers
I love this one from their testimonials site ...
"I've used the Spoof caller id when my boyfriend (during that time) was just ignoring my phone calls (even when i blocked my number) he still didn't answer. Up until i had found this wonderful spook caller ID website, i was AND STILL AM VERY THANKFUL for such a WONDERFUL PRODUCT THAT SUITS MY CERTAIN NEEDS. once i've purchased the minimum amount of minutes for this, i had put it to a test! I called my exboyfriend with HIS house phone number and HE HAD ANSWERED the phone call without hesitating!! and he was just tripped out about it. he had thought that i was AT HIS HOUSE!! which i found quite exciting!! the whole idea of how i could use ANY NUMBER to show up on the caller ID, the whole idea of recording the call (which REALLY HELPS WHEN I COULD USE THE RECORDED CALLS AS PROOF THAT HE HAD LIED!PROVING THAT HE TOLD ME ONE THING OVER THE PHONE AND THEN TELLS ME A DIFFERENT STORY IN PERSON THANKS SPOOF!!! I WILL DEFINATELY BE YOUR LONG TERM CUSTOMER!!! THAT'S A FACT!! THANKS!"
If only they had a green ink option to go with THE EXCESSIVE USE OF CAPS. At least the poor boyfriend was only 'during that time' so it looks like he escaped (unless she did a Han Reiser on him)
"could make it even easier to fleece the public and invade privacy"
Well, no wonder the Gov. doesn't seem to mind it...
The big users will be telephone marketers and they will have bulk rates a lot cheaper than the 50p per minute quoted in the article.
That's merely unpleasant and annoying. Moving down the list, we get pranksters, malicious callers and stalkers, malicious journalists - seriously, the tabloids are becoming a kind of privatised Stasi and it's only their relatively small numbers that prevent them being a bigger threat to the liberty of the individual than an overbearing Surveillance State - and, finally, fraudsters.
The 'protecting children' pretext for legislation is appealing but implausible. I don't think that children use caller ID to verify who's on the phone; further, telephones aren't an avenue of attack for paedophiles.
Hmm, how about the Data Protection Act to stop this ??
Lets not forget the impotent Information Commissioner. Remember that it is now a Criminal Act to even Attempt to obtain data from someone excepting under strict criteria. If the person using this system was to ask you for your name, details etc etc (i.e. personal information) then that could well constitute a criminal offence.
Information Commissioner informed and very interested !!!
I just spoke to Information Commissioner (yes I know i am a spoilsort but YouTube is trashy enough and can imagine what will happen with this crap) and they are very interested in knowing about this. They have advised that obtaining personal data from someone using this service could very well be a breach of DPA 1998 and thus a criminal act.
MPs beware - Spinners spun out
From what I understand in the article it should be possible to send a fax to an MP's Westminster office, with the fax appearing to come from that same MP's consituency office.
Something along the lines of "A package of £20 pound notes has arrived from your friend the property developer. Shall I do the usual?".
Then have a similar thank you fax to a real developer known to the MP, sent from the Westminster office number & Sun headlines here we come.
"Spookcall founder Royce Brisbane defended the service today, saying he had sought advice on whether the caller ID spoofing was legal under UK law prior to launching the service."
Any time that someone feels that they have to state that they're within the *letter* of the law, it's a tacit admission that they are in violation of the *spirit* of the law.
(Skull and crossbones because I'd not be overly upset if these schmucks were to see one of these peering up from the bottom of their latté cups some morning!)
What is the legitimate use of this?
If you don't want someone to know your number, withold it. The only reason to use it is to pretend to be somewhere/one you aren't.
BT should refuse to route calls from this service. But I bet they get a nice kickback, just like from Phorm.
Getting around anon call blocking
This happens already; incoming number from an 084x or 087x number simply so they can get around anonymous call blocking. And if you try and phone that number back... it's dead! (Besides, the displayed number should be the geo number that it's mapped to; anything else is spoofing anyway.)
Anon, 'cause it's like those using dirty tricks like this.
It's not a feature, it's a bug
If caller-ID can be spoofed like this, that means it's broken and needs fixing. It shouldn't be up to lawmakers to put a stop to it, it should be the telephone networks' job to verify that calls come from where they say they do. Where the lawyers may be helpful is in allowing us to beat BT with the "inaccurrate advertising" stick until they either fix it, or stop claiming that callerID is a service.
...unless I've completely misunderstood the system, and the phone networks are actually full of holes equivalent to open SMTP relays?
They won't strangle Phorm...
...so I'm not going to hold my breath waiting for this to be outlawed. I'm sure both are going to be making money for some MP or other.
Um... sorry to be a pedant, but you will know if you win by checking your numbers.
I'll dig out that autodialer and set my number to Phorms head office.
Incompetent leglislation - again.
"It should be up to the person you're calling to make sure you're who you say you are." says the guy setting this up.
Sure - we can work like that. Like we could allow people to counterfeit our currency and say that it is up to the person receiving the cash to check.
We don't allow that with money because the cost of such an approach is severe and obvious. Imagine the queues in shops and ticket offices if it was considered fair game to try and pass off dud currency and every front-line employee had to check every note and coin.
One of the roles of government is surely to prevent cases like this, where a tiny minority stand to make money at enormously greater cost to everyone else.
So, attempting to pass dud currency is an offence -and that is enough of a disincentive to reduce the risk to the point where the populace can swap money with each other quickly and simply.
How depressing to find that those framing rules for telecoms haven't been bright enough either to anticipate CLI-spoofing, or to have a catch-all provision that allows them to close down this sort of operation overnight.
Remember rogue diallers? Oftel (as they were then) couldn't see that coming either.
And the rest of us are going to work to an advanced age to help provide these comfortable fools with a gilt-edged pension.
As a telephone engineer I've come across this
As the title says
I've recently heard of people recieving calls from supposed confidential
contact lists, claiming to be from a certain company.
I've had, probably 20, "faults" this year relating to spoofed Caller ID's
They seem to be coming from overseas, as you can trace them on ISDN
well at least I thought I could!!!
I always tell the customer never to answer personal or company info, an to call the number back and verify the call.
maybe now it's going to get a whole lot worse.
When I see an 08xx number on my home phone, I tend to ignore it
but the corporate world answer every phone call.
I recently took a call from my local garage, well so I thought
It ended up being from a insurance company that were using a "LOCAL"
number to try and solicite business.
This should be stopped NOW
lots of taxi firms use cli to get the "for an immediate taxi to..."
What it will come to...
"<bzzz> <click> This is Anonymous Coward. Please identify yourself. If you are not a telemarketer I will pick up the phone, if possible."
Some weeks ago I got tired of daily vishing calls from some scamster in Tacoma, Washington, so now use my answering machine as a screening device. Works like a hot damn. Highly recommended tactic. These calls are now much less frequent, though they still try every few days, I suppose in hope of catching me out.
If you try this technique, make sure your announcement does NOT start with the word "hello", as there is evidence that telemarketing scum use voice recognition techniques and "hello" triggers their spiel.
URL for info on Tacoma vishers:
Just what we need
It'll be great for the scumbags won't it.
Thought the crimestoppers by text was a thick idea but this?
And who is hosting the infrastructure for this I wonder and providing the webspace and the telecoms links, the directors of all companies should be shot and Royce Bastard Brisbane should have his limbs chopped off.
"If caller-ID can be spoofed like this, that means it's broken and needs fixing."
Hear hear! Give that man a beer. If someone does this to me then I'm straight on to Trading Standards plus Small Claims court to get back every penny extracted from me under false pretences that Caller ID was actually supposed to show me the number of the caller. FFS who amongst the ship of fools will take any responsibility for anything. I want someone to fine, right now!
Paris - because she is fine... <ahhhhh>
Any readers here heard of "presentation CLI"?
If you're in the telecoms business dealing with big companies you'll be aware of "presentation CLI". I was under the impression that there were rules (the law, and the telco rules) governing what you could do with "presentation CLI", eg nothing too dodgy. Why don't those rules seem to apply here, which seems dodgy in the extreme?
It must be cool
Look at all this unanimous fucking whinging by all the constipated types. Oh no teh callerid is lies!!1! So what.
It increases the anonymity and freedom of the average Joe Public and allows kids to drive anyone they like demented.
Isn't this service just straightforward "deception"?
"Caller ID witheld" is what it says and used not to be an issue - I generally don't take them unless I've a fairly good idea who they are from.
However, a call from a spoofed number is deception and I'd suggest that, in the event of a fraud, the service supplier (BT or whoever) would be guilty of conspiracy.
A little bit more "challenge" and ingenuity from our Civil servants and legislators would be helpful. Perhaps they could focus their creativity on these sorts of topic rather than their expense and job prospects? But they wont...
Mine's the one with "Luddite" on the back.
Yes... but for an even tinier fraction of 50p/min a telesales office could have their outworkers hooked into their comms system by voip or even POTS dialed in and looped back.
That the company are publishing a "testimonial" from a bunny boiler indicates that they don't give a flying f*ck for the spirit of the law.
"If caller-ID can be spoofed like this, that means it's broken and needs fixing. It shouldn't be up to lawmakers to put a stop to it, it should be the telephone networks' job to verify that calls come from where they say they do. [snip]
...unless I've completely misunderstood the system, and the phone networks are actually full of holes equivalent to open SMTP relays?"
As I understand it, the caller ID is just passed from telco to telco until it gets to it's destination (as well as a preference flag for whether it should be delivered to the called phone). The delivering telco really has no option but to trust the originating telco. All they could do is check that it wasn't one of their own numbers as it came into their network, which would cost them to implement and which might help for big telcos but wouldn't make much difference for the smaller ones. Yep - pretty much like open relays except that at some point there is a telco accepting (or generating) the spoofed IDs and if it was made illegal to do it then it would be pretty easy to find out who was doing it by back tracing through call records.
50p a minute you say, hmm now then, where's that price list for PC based switches.
I for one...
Caller ID is the useless intrusive thing that's bothering me in the first place. It's already spoofable btw, so the threat is not new. Go ahead spookCall.
CLI is used as part of the UK monitoring of electronically tagged offenders. Another nail in its coffin I fear.
This isn't illegal, and never could be...
I read once that anyone can call themselves anything they want, at any time, (without even resorting to deed poll,) so long as it is not used to commit in, conspire in, or assist in fraudulent acts. It is for this reason that muslim terrorists with 20 different names are never charged simply by going by multiple identities - because it's not illegal.
It therefore naturally follows that there's no legal obligation to be honest about your number, since there's no legal obligation to be honest about your real identity.
If there is a contract between caller and callee that obliges the caller to legally provide his correct number, then I've yet to see it.
I suspect, however, once one or two MPs have been had, they'll ban the practice.
The real headline is that Telco's lied.
Apparently they haven't actually implemented called ID, just a few features that look like it.
Am I the only person on here that doesn't have caller ID to rely on to tell me if it's my bank or not?
On similar lines, does anyone use a bank that give you personal details and a password so you can check they are who the say they are?
Companies have been able to use it for years - most switchboards allow the CLI number to be set to whatever the operator decides.
Ban what exactly?
Bearing in mind that caller ID spoofing is used as standard by a wide range of users and businesses already there may be some difficulty in banning it. It is now quite a normal feature in a PABX to be able define the caller ID rather than leaving it to the network provider. The is the standard way of having all calls from a range of phones appear to come from one number. So waht exactly is it that everyone wants to ban.
Do we make it illegal to issue a caller ID which does not match the network number for calling the exact phone line making the call?
Do we make it illegal to issue caller ID which does not allow reliable call back to the business that was making the call (allows current generally used spoofing)
For those of you that care caller-ID has always been broken since it is fed through the network from the originating exchange as a completely seperate signal from the originating caller signalling. It is simply a field that the network passes through without caring what is in it. All you needed was to be an "originating exchange" which has been widely and economically available to business for sometime and for a little while now available to anyone that wants via Internet telephony.
Anyone who wants to ban it, can we have some proposed wording for this law so we can have fun pointing out the consequences.
(p.s. Yes, I would like to ban it too but I'm not sure how. I already give call centres a lot of stick over this issue since they claim it clearly indicates who they are)
i thought you just can cut off carriers that do not follow standards?
in the SS7 specs, the CI element may be set to untrustet, or network-provided...
if they _can_ set it to network provided, then the telco who allows this should be kicked sky-high....
- Comment Renewable energy 'simply WON'T WORK': Top Google engineers
- Useless 'computer engineer' Barbie FIRED in three-way fsck row
- Game Theory Dragon Age Inquisition: Our chief weapons are...
- 'How a censorious and moralistic blogger ruined my evening'
- Amazon warming up 'cheapo web video' cannon to SINK Netflix