Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Telecom Industry Warns of Increase in Caller ID Spoofing Scams

USTelecom, a trade association representing service providers and suppliers in the telecom industry, has warned consumers about an increase in the number of scams that rely on caller ID spoofing.

USTelecom, a trade association representing service providers and suppliers in the telecom industry, has warned consumers about an increase in the number of scams that rely on caller ID spoofing.

According to the organization, one tactic used by sales people and fraudsters attempting to collect personal information is that they make calls that appear to come from the recipient’s own number. Those who have caller ID services usually pick up the phone out of curiosity, USTelecom said.

 “We’re hearing a growing number of reports from our members that customers are receiving these intrusive calls utilizing this deceptive method,” explained Kevin Rupy, vice president of law and policy at USTelecom. “Carriers are deeply concerned about this problem and are educating call centers to help customers who experience these calls.”

USTelecom advises customers to check with their carrier to see what type of services they could use to protect themselves against such calls. Some companies enable customers to block certain calls, while others offer tools that have the capability of sending unwanted calls directly to voicemail.

Pindrop Security, a company that specializes in phone fraud protection solutions, confirmed for SecurityWeek that the volume of attacks on consumers is increasing, and also pointed out that caller ID spoofing and other obfuscation is widely used in attacks on businesses as well.

Pindrop co-founder and CEO Vijay Balasubramaniyan says over half of the caller ID spoofing attacks aimed at US businesses are from outside the country.

The problem with caller ID spoofing attacks, according to Balasubramaniyan, is that they can be conducted with a wide range of legal tools that work on both smartphones and computers, and which also include voice distortion features. On the other hand, there is no technology to prevent spoofing; the best way to deal with these calls is to detect them by using technology such as the one provided by Pindrop Security, Balasubramaniyan said.

The Better Business Bureau provides three key tips for avoiding phone scammers. First, consumers are advised not to call back individuals who leave suspicious voice messages because they might be con artists who are after some information they can use.

“Another reason to not return phone calls is that this can expose you to long distance charges. A scam known as ‘One Ring’, is designed to lure callers into calling back at which point they are charged for the call at very high rates,” Balasubramaniyan said.

Second, caller IDs should not be trusted because scammers possess the technology to spoof any number, including the ones of family and friends, which they can obtain through social engineering tactics, and the ones of “trusted” sources, such as the victim’s bank.

Finally, consumers are advised not to hand out any sensitive information over the phone, unless they’re the ones initiating the call and they’re certain that the person they call is trustworthy.

“Don’t give out ANY information to a non-trusted caller – if someone calls you and then says they need to verify who you are, don’t respond. Even numbers from written correspondence, email and websites can be suspect,” Balasubramaniyan said.

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Artificial intelligence is competing in another endeavor once limited to humans — creating propaganda and disinformation.

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Cybercrime

Cybercriminals earned significantly less from ransomware attacks in 2022 compared to 2021 as victims are increasingly refusing to pay ransom demands.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.