Handling Caller ID Spoofing?

An anonymous reader writes "A nice little old lady I know has had her number spoofed by some car warranty scammers. They're calling hundreds of potential victims per day pretending to use her phone number, and the angry ones call her back; some of them have even left death threats. She's terrified. Some well-intending anti-telemarketing folks have posted her address on the 'net as well. How can we figure out where these scammer bastards are, and what's the state of the current legislation to prevent caller ID spoofing? I called the FBI in Boston (near where she lives) and they said they can't help. She's called her phone company, but they said they can't help either. She's had the same number for over 50 years and doesn't want to change it." If the Feds can't or won't handle it, what's the best approach here?

Ouch

[Aphoxema (1088507)]

Well good grief, the two exact entities who are supposed to take care of this kind of thing refuse, then just what is going on in this country?

I'd just call them both a few more times to see if there's anywhere to get, it's very clear laws have been broken.

Re:Ouch

[JTorres176 (842422)]

I've worked accounts receivable before. If you call a company and don't like the answer you get, be polite, say thank you, then hang up. Call back immediately and 9 times out of 10, you get a different person. It's called "shopping", and people do it with doctors, salesmen, and even government offices. Call back until you get the answer you want or someone who's willing to help.

Re:Ouch

[IP_Troll (1097511)]

Wrong, neither of those entities are supposed to take care of this king of thing.

The correct agencies are the FCC and the FTC.

Here is an article about Caller ID fraud that gives the contact name and number for the FTC investigator in charge of this kind of thing.
http://www.ftc.gov/opa/2006/05/scorpio.shtm [ftc.gov]

It is from 2006, so the hierarchy may have changed, but it will send you to the right office. It the number doesn't work call - 1-877-FTC-HELP

Re:Ouch

[ionix5891 (1228718)]

the old lady should say someone called "Osama B" is spoofing her phone

she will get FBI attention in no time

Re:Ouch

[JCSoRocks (1142053)]

You could fix the "who cares" part by forwarding calls to her number to the FBI or your local phone company.

Re:Ouch

[mosinu (987941)]

You could fix the "who cares" part by forwarding calls to her number to the FBI or your local phone company.

Careful with that... I got my hand slapped by the FBI once because they wouldn't do anything so I redirected all the traffic I was complaining about to them. Took them 2 weeks but they had me hauled before a Federal Judge to tell me to stop. The judge vacated the charges on my promise to stop redirecting traffic.

Re:Ouch

[Just Some Guy (3352)]

I skipped the middleman and now answer "PRIVATE NUMBER" and obviously-forged numbers a little differently. Example:

Me: Nebraska Attorney General John Bruning's office, how may I help you?
Scammer: Ummm, would you... like to cut your credit card interest rates?
Me: If you hang up, I will arrest you. What number are you calling from?
Scammed: [scared expletive deleted] [dial tone]

OK, so I lied. I don't think they're going to file a complaint about it.

Re:Ouch

[mabhatter654 (561290)]

If she has received threats then a crime has definitely been committed. Perhaps the way to deal with it is not as a spoofed phone, but why are people she doesn't know making threats. Those people should be easy to track... let them explain to the telco and feds why they said that thing to a little old lady.

News Media

[topham (32406)]

Bring the news media in on it, somebody a little more mainstream than Slashdot.

Then start making threats, and if the phonecalls are inter-state commerce it is a federal issue. Back them up against a wall and force them to act.

Re:News Media

[Lemmy Caution (8378)]

Contacting the media is definitely the best strategy: not only is this newsworthy, it should shame several agencies into action.

Re:News Media

[BrokenHalo (565198)]

Contacting the media is definitely the best strategy: not only is this newsworthy, it should shame several agencies into action.

Even better if you turn up in person at the agencies and stick to your guns enough to get the complaint referred to some sort of managerial level, then make sure you get the name of the person you spoke to.

If you quote this person by name in your report to the media, it sends a clear signal that someone is going to need to cover his ass. At that point, the excreta should make contact with the impeller.

Re:News Media

[Attila Dimedici (1036002)]

The idea of contacting the news media is a good idea. But first she should contact the person who represents her district in the U.S. Congress and the person who represents her district in the State legislature. Many times these individuals are happy to go to bat for someone like this little old lady. There is a federal law against spoofing caller id.

Election Time

[jaredmauch (633928)]

Call local elected reps (state & federal) saying that you're unable to get anyone to deal with the issue. Call the FBI in DC as well. If she's getting interstate death threats, that's illegal and the FBI can call the people back. I've had good luck with my local FBI office (Ann Arbor) when I received an interstate death threat.

Re:Election Time

[JerkBoB (7130)]

I've had good luck with my local FBI office (Ann Arbor) when I received an interstate death threat.

...

Do you get a lot of those?

Re:Election Time

[hansamurai (907719)]

Anytime I get on I94.

Re:Election Time

[Zatoichi007 (910559)]

I've had good luck with my local FBI office (Ann Arbor) when I received an interstate death threat.

Yet another reason I make all my death threats locally...

Bogus.

[Anonymous Coward]

The call can quite easily be traced back to where it came from -- even if it's voip in nature, at very least you can find the originating carrier and they can deal with their customer.

We run a very popular VoIP service (http://ironvoice.com) and tightly control caller id in a manner that still gives our customers flexibility but still imposes responsibility.

The FBI can certainly help, that's bogus. The phone company can certainly help, that's bogus as well. The phone company knows from which carrier the call came from and so on and so forth until they can pin down the offending carrier.

Legislation isn't the answer -- customer service is.

Call the FCC?

[urbanriot (924981)]

In Canada, we have a governing body similar to your FCC called the CRTC. Whenever we have such problems we can contact them and they'll conduct an investigation. So far I've put an end to three instances of harassing telemarketing / late night fax blitzing. I'd contact the FCC next, see what they have to say. Someone somewhere is in charge of moderating this...

whocalled.us

[Anonymous Coward]

You can use http://whocalled.us/ to coordinate investigation. Even though the number is spoofed, as long as they are using it consistently it is still an identifier. As everyone shares facts they discover it's possible to find the true identity.

Caller ID spoofing has become a real problem, but political representatives are too busy flashing around fake solutions to hyperinflated problems, like throwing more money at stopping the 9000 pedo penises from raping children over the internets.

If anyone has a technological solution, please post it, as we have more of a chance of fixing this stuff as engineers than the politicians do as legislators.

Wire Fraud

[Ice Tiger (10883)]

Doesn't this count as wire fraud?

Mind you this practice will get attention when the numbers used are not those of citizens but those used by government lobbying corporations.

Quick workarounds

[grub (11606)]

1) Have her set up an answering machine with a short explanation.
2) Get the mainstream media involved.

Same boat

[Ollabelle (980205)]

I'm suffering through the same thing with scammers using my direct office line, although it's not as bad as this guy's mother - about 5-10 calls a week.

About all I can do is have a nice conversation with the caller, explain the situation, and ask them to talk with the scammer next time and find out who they are. I volunteer that I have some employees in Afghanistan who, in exchange for a ticket home, will be happy to pay the bastards a visit.

How do we know she isn't a terrorist?

[MosesJones (55544)]

Come on its 2008, we can't just take such trifling things as an individuals vouching for someone and their previous good record. She SAYS that she didn't make the call, but what would she say if she was waterboarded? Would she stick to her story or switch it to admit that she did make all the calls?

Sure she claims that she doesn't want to change her number just because she has had it for 50 years, but couldn't that be because she co-ordinates a major terrorist cell of grandmas across america (known in intelligence circles as Al-Quilter)? These evil women are spreading hate through out of date sugary treats and a fondness for knowing everything that is going on in the world while comparing it unfavourably with their own personal ideology of "it was better when I was young". We must stop these pedallers of hate against modern American who condemn the US of A as going to hell in a hand cart and not the sort of country that they want to live in. Death to Al-Quilter

I say condemn her based on the irrefutable caller ID evidence.

Seriously though its good that this old dear has someone looking out for her because in modern America you could easily see her being prosecuted because of an unfortunate conjunction of evidence.

Voicemail?

[MadHakish (675408)]

Why not, for the immediate future, setup her voicemail to answer after 1 ring, and set the voicemail message to something like "This phone number is being falsely used by a telemarketing company as their caller ID. Please call your local phone company and tell them you have received a telemarketing call using an hijacked caller ID entry.". If you can find out the actual company doing it, I'd throw their real phone number and company name in their too, just for good measure. At the very least, people will know not to leave a nice elderly lady death threats, and hopefully your phone company will take notice and track down the offending telemarketers and cut their "lines" off. I'd bet the voicemail volume drops significantly, legitimate ones get through and leave a message, and you'll probably hear a few less death threats against grandma.

Re:Voicemail?

[Insightfill (554828)]

Why not, for the immediate future, setup her voicemail to answer after 1 ring, and set the voicemail message to something like...

Because: I've noticed that most people don't listen to the outgoing voicemail message. During the ringing and soon after the pickup, most people are mentally rehearsing their script in their head. "Hi, I'm calling to tell you..." I've created messages to the effect of "I'm not in the office, won't be back for a week, and won't be checking messages. Here's an alternate number for you to try..." and they STILL leave a message oblivious to what I've just told them, asking for immediate or short-term response.

Call the FBI and telco again

[Anonymous Coward]

I'd call the FBI and the telephone company again. Be firm but polite when asking for help. Get names and phone numbers of everyone you talk to. If that person says no, ask for the next person up in the chain of command.

Oftentimes, people just don't know how to ask for help correctly when contacting an agency such as the FBI or telephone company. If she can't clearly articulate the problem to the person on the other end of the phone they simply might not be aware of the issue or its ramifications.

If you're able to clearly articulate the issue and still get denied, start writing letters. To the SAC of the local FBI office, or as high up as you can go to the telco. And as others suggested, contact the media: the local newspaper omsbudman, the local TV station's investigative reporter. And also as others have suggested contact your local elected representatives.

I'm not defending the FBI or phone company, but I've seen instances where a problem simply isn't stated clearly enough for the other party to understand what's going on. So the first thing to do is ensure that when the FBI and telco are involved, that the problem is stated in correct terms (and that you're talking to the proper person in the organization).

Logic has it

[icepick72 (834363)]

She should start providing a car warranty if she wants to keep her phone number.

I know who they are

[Lookin4Trouble (1112649)]

I had these assclowns call the emergency services number at my work with their auto-dialer. That number rings to a ton of desks and is SUPPOSED to spread info about a medical emergency in the building. It took a good bit of google-fu to track them via their spoofed caller ID.

You're looking for:

Digitcom Services, Inc.
12923 Venice Blvd, Los Angeles, CA 90066
Phone (310) 358-7000
TollFree(800) 464-5446
Fax (310) 437-4105

Please note: I am not posting this so you can pester, annoy, harass, or threaten them. If you call, call once, speak to their manager, and politely let them know what you think about their business practices. What you do with this is up to you, I hold no responsibilty for the actions of others.

Re:I know who they are

[teridon (139550)]

Do you have proof that they are indeed the company responsible?

Re:I know who they are

[Anonymous Coward]

Yeah, I just called them and got some sad sounding old lady.

i have the reverse problem

[circletimessquare (444983)]

little old ladies are always calling me

no seriously. the best i can make out from the odd chats i've had with various little old ladies over the years is that my number was previously owned by a high end and antique pen dealership. that explains the demographics of the calls i get. an occasional little old man, sure, but mostly little old ladies make up the customer base for fine crafted pens

Phone logs and the FTC

[killmofasta (460565)]

Dosn't matter a bit FBI? CIA? RGB? TFB?

If she was getting call backs, she should tell EVERY ONE WHO CALLS, AWS are scammers, and they should register with the FTC: and START Signed and dated PHONE LOGS. Every one I hear gets these phone calls, I show them the origional post card that started it all, and my phone log. I have clued in about 20 people, and we have filed over 15 reports for illegal telemarketing contact, i.e. Dont call EVER, and ... they ... call @ $500 per complaint.

http://www.ftc.gov/ [ftc.gov]

Scammer name:
Automotive Warranty Solutions
6501 congress ave, ste 140, boca raton, fl 33487
877-700-5880,
Call their 800 number, and ask to be put on their do not call list. ( just everone call plz )

This is a Attorney General who is taking this problem seriously. ( Note: California and Florida are probibly NOT ):

http://www.ct.gov/AG/cwp/view.asp?A=2795&Q=411422 [ct.gov]

a blogger who did a lot of flatfoot work:

http://www.markturner.net/2007/11/08/car-warranty-scam-continued/ [markturner.net]

Remember: REMEMBER! Documented phone logs make diffrence. If you can document DNC and the call back time and date. Give them a call and get on their DNC list ANYWAY. So when they do call...

Caller ID spoofing - ILLEGAL

[Phil_at_EvilNET (569379)]

The US Senate Committee on Commerce, Science, and Transportation passed S. 704, a bill that would make it a crime to spoof caller ID.

Dubbed the "Truth in Caller ID Act of 2007," the bill would outlaw causing "any caller identification service to transmit misleading or inaccurate caller identification information" via "any telecommunications service or IP-enabled voice service." Law enforcement is exempted from the rule.

Specifically these sections:

SEC. 2. PROHIBITION REGARDING MANIPULATION OF CALLER IDENTIFICATION INFORMATION.

Section 227 of the Communications Act of 1934 (47 U.S.C. 227) is amended -

(1) by redesignating subsections (e), (f), and (g) as subsections (f), (g), and (h), respectively; and

(2) by inserting after subsection (d) the following new subsection:

`(e) Prohibition on Provision of Inaccurate Caller Identification Information. -

`(1) IN GENERAL - It shall be unlawful for any person within the United States, in connection with any telecommunications service or IP-enabled voice service, to cause any caller identification service to knowingly transmit misleading or inaccurate caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value, unless such transmission is exempted pursuant to paragraph (3)(B).

`(3) REGULATIONS -

`(A) IN GENERAL - Not later than 6 months after the enactment of this subsection, the Commission shall prescribe regulations to implement this subsection.

`(B) CONTENT OF REGULATIONS -

`(i) IN GENERAL - The regulations required under subparagraph (A) shall include such exemptions from the prohibition under paragraph (1) as the Commission determines is appropriate.

`(ii) SPECIFIC EXEMPTION FOR LAW ENFORCEMENT AGENCIES OR COURT ORDERS - The regulations required under subparagraph (A) shall exempt from the prohibition under paragraph (1) transmissions in connection with -

`(I) any authorized activity of a law enforcement agency; or

`(II) a court order that specifically authorizes the use of caller identification manipulation.

Law enforcement is negligent if they fail to take action. IMO - If the Law doesn't work, the local newspaper and/or television station might get the ball rolling.

Re:Revenge

[Albert Sandberg (315235)]

.. or she could hire - the A-TEAM!

Re:Revenge

[eclectus (209883)]

if she can find them.

Re:Revenge

[xaositects (786749)]

"I pity the fool who scam ol' ladies, pretendin' t'be ol' ladies. Murdock! Git off the phone, fool!"

Re:I know it would suck, but...

[iangoldby (552781)]

...why doesn't she just change her phone number?!

Why should she change her phone number for goodness sake? She has done nothing wrong. She's had that number for over 50 years. Seriously, you should be outraged against those who have actually done wrong here, not suggesting she take the rap herself.

Re:I know it would suck, but...

[graphicsguy (710710)]

Why should she change her phone number for goodness sake?

Even if the perpetrators are caught, she may still have to change her phone number, so she should probably consider just doing it now. Now that her number has been associated with the scammers, the effects may linger for a long time.

Re:I know it would suck, but...

[Shajenko42 (627901)]

Being in the right does not mean you don't get hurt.

Sometimes bad people get away with things, and there's nothing you can do to get them back. You just have to do the best you can to protect yourself, and changing your phone number is a relatively minor thing to do to end this.

Re: Don't sue, ask for sex.

[ccandreva (409807)]

Asking to be removed doesn't work.

Citing the do not call list doesn't work. They laugh.

Telling the male calling, in my deepest voice, that he sounds cute and I want his home number, THAT seems to work. Especially on the ones with southern accents.

I wonder what would happen if everyone started propositioning these callers for 'favors'.

Re:Vigilante Justice ala Slashdot Anyone?

[mikael (484)]

Just post their website here - the sheer curiosity of a million slashdotters will flatten their servers faster than a horde of Mongol warriors on horseback.

Re:Vigilante Justice ala Slashdot Anyone?

[Lookin4Trouble (1112649)]

http://www.digitcom.net/ [digitcom.net]

Re:Vigilante Justice ala Slashdot Anyone?

[Loether (769074)]

How do we know this is the company and not just someone who pissed off "Lookin4Trouble"? That's the problem with vigilante Justice. Vigilante's don't always check the facts, neither do slashdot editors for that matter.

Re:Vigilante Justice ala Slashdot Anyone?

[rcpitt (711863)]

Brings to mind a somewhat similar "Vigilante Justice" story from the past. Irnalee Stohrs' phone number was inadvertently printed as the contact number on a bunch of summons from the local Juvenile court - only after people from all over the country started phoning the court would they (the court) do something about this flood of calls the poor lady was getting. Read the story from Comp.Dcom.Telecom Usenet group 1990 postings [google.com] Maybe the "proper authorities" need something like this to open their eyes too.

Re:same here

[Z00L00K (682162)]

The phone companies shall have so called call data records, often declared as CDR:s. These provide information about the calls made to/from a certain number. Using these records it is possible to back-track the phone call to the originating operator. The phone companies have a lot of information available to allow for tracking, but since it requires a lot of work to dig through the data they are very reluctant to do so.

Another way is to catch on to the caller and check who purchased their service and then follow the money trail.

Unfortunately it is possible that the caller that spoofs the number is offshore somewhere.

And if the FBI won't help, I suggest that you also check other channels of law enforcement and keep everything in writing so that you have a history to refer to. Taking help from a lawyer may be one way to continue this. It's always interesting if you can get in touch with the right lawyer who knows which buttons to push to get some results.

Re:same here

[Phrack (9361)]

A CDR may or may not have accurate information as to the source of the call. If the call is entirely local (the LEC handles call termination on both ends as well as transit), then it should have all the information. However, if the call transits a different carrier, then the LEC that handles termination for the target of the scammer only knows the caller ID that was passed to it from the transit carrier. If it's unknown, then that's what is passed into the CDR. You may be able to glean other source information about the handoff to the transit carrier, then get THEM involved to find the call that was routed to that handoff at that time, and so on.

Oh, and since those aren't her calls (the scammer wasn't calling HER), then you must have a subpoena. If one of the scam targets cooperates, then THEY might be able to request their own records, but to get intervening carriers to cooperate, you'll need a lawyer or law enforcement. I'd try the latter, first. Keywords like "terroristic threats" and such may get you some attention. Once you know it crosses state lines, and perhaps some idea of how wide sweeping the scope is, then you might have something the FBI can/will look at. Try your local state bureau of investigation first, as they may have more immediate resources.

Ob. disclaimer: Though employed in telecom, I am not a lawyer.

Re:same here

[CyberVenom (697959)]

Actually, I am sure that ANI is what is being spoofed here. (I have received calls from the same group myself.) ANI can be spoofed if the originating carrier allows, which is common practice for high-volume outbound automated calling campaigns. It is usually used legitimately to provide a number via which the called party can call back later if they miss the call or are disconnected.

(I work for a company which legitimately performs this sort of high-volume outbound calling.)

One other thing to note - this is actually the jursidiction of the FCC, not the FBI (at least not yet). As soon as you can prove that there is some sort of actual fraud going on beyond just violating FCC rules, then they might get involved.

Re:same here

[twistedsymphony (956982)]

on my voice mail it says to "enter your password followed by the # key" but if you're calling from the number associated by the account you can simply press "#" and get your voice mail... it doesn't say it on the message but that's how it works.

Re:Your daughter come to my house and kick my dog!

[gd2shoe (747932)]

"Hello?"

"You ^&*% fraudster! How dare you call me and #$%^@^$ demand my money!"

"Call the FBI for me. Please."

"What?"

"No, I'm serious. The Boston FBI specifically. I'll give you the number if you want..."

After you've woken them up with that shock, you can give your sob story. Might work. Might not. I think most of them will come to their senses. At least it will alleviate and redirect some of the anger of the callers. On the plus side, it might tick off the FBI, but they can't blame you for all the calls they'll be getting. (I know religion on Slashdot is taboo, but you might refer to the parable of the unjust judge: Luke 18:2-5) I would also recommend contacting a lawyer.

Re:Lawyer.

[caluml (551744)]

As a bemused observer from the UK, it seems strange to me that two of the methods offered here are "contact the media", or "get a lawyer".
I leave it to others to decide what this says about the US.