Spoofing Caller ID

By Al Weigand aweigand@abilita.com 

Recently there was a comment from a consultant who had a client who was receiving recorded solicitations to their cell phone with a bogus Caller ID of 407-000-6938, prompting a question about how CallerID can be faked or spoofed, as well as the legality of such an action. 

During the set up of a phone call, two key identifiers of the originating caller are sent across the signaling network – a packet data network, separate from the voice path, that controls call setup, tear-down and all of the data necessary for network features.  These two identifiers are the CallerID and the Automatic Number Identification (ANI).  

ANI is the most important identifier and typically represents the true billing telephone number of the originating line.  ANI is usually populated by the central office switch that serves the originating line and is the number that is sent to 911 centers to identify an emergency caller.  Every call must have an associated ANI to identify the originator.  

The CallerID is the second identifier that is sent with each call and this is the number that will be displayed to the called party when the call arrives at the destination.  The Caller ID (CID) can be blocked by the originating caller, either by invoking a feature code when the call is originated (per call blocking) or by subscribing to a privacy feature (per line blocking).  However, neither feature actually removes the CID information from the call, but instead sets a privacy signaling flag that indicates to the terminating office that the CID is not to be delivered to the called party.  

Under certain situations, both ANI and CID can be manipulated.  In most cases, this manipulation is  done by a PBX or Voice Over IP (VoIP) switch that is connected to the network by either an ISDN Primary Rate (PRI) trunk or a Session Initiated Protocol (SIP) IP trunk.  In these configurations, the North American signaling standard allows the end user switch, rather than the serving central office, to provide the ID information to the network as part of the call setup.  If the serving central office switch is strictly adhering to the standards, it will screen the ID information to ensure that it both exists and is a valid number within the range of numbers issued to the end user.  However, not all serving switches perform this screening, thereby allowing spoofed IDs to be attached to outgoing calls. 

If the CID information has been changed to a number that is assigned to another person or business, when the call is delivered to the far end, not only will the number not represent the real caller, but the Calling Name (CNAM) display will also be incorrect since the name (at least in the US implementation of CNAM) is found by a database lookup of the calling number.  So if the CID is spoofed, the CNAM will be spoofed as well. 

Although the technology exists to create a spoofed Caller ID, there are FCC rules that prohibit telemarketers from manipulating their Caller ID, requiring them to actually deliver a valid number that can be called during normal business hours. If the aforementioned calls are being originated by a telemarketer, then they are in violation of the FCC rules. 

In the scenarios described above, spoofing requires some investment in technology on the part of the originator.  However, it is now possible for anyone to spoof their CID on a call-by-call basis by utilizing a third party spoofing service and a quick web search will turn up four vendors who do just that.  All of these services operate as call re-originators - meaning that the spoofing service provider places the actual call to the desired target number, and bridges the outbound call to the originator's line.  During the process they substitute a fake CID that is delivered to the far end.  The originator either dials an access number and inputs his desired destination and spoof ID, or initiates the process over a web interface. 

Unfortunately, spoofing CID in this way is not illegal - as long as it not done by a telemarketer.  Congress has tried two or three times to introduce bills to outlaw all spoofing, but they have never been passed.  Florida had passed a CallerID anti-spoofing act, but it was struck down in July of 2009 as being unconstitutional since it effectively regulated interstate commerce. 

Spoofing does have its legitimate users, mostly law enforcement officers who want to disguise themselves during investigations, or abused spouses who want to maintain privacy about their location.  

So, what can you do about this situation when your home or business is being plagued by telephone callers who are spoofing their CID?  Sadly, not too much. 

If you could identify a telemarketer who is spoofing their CID, you would have a clear violation of FCC rules, and possibly a violation of the National Do Not Call Registry.  You could then file a complaint with the FCC or the DNC registry. 

Unfortunately, even the telephone company tools that are designed to capture information on harassing calls may be unable to crack some of these spoofing schemes.  Using the *57 Call Trace feature will simply capture the spoofed CID.  The Telco’s standard trap and trace tools will typically capture only the trunk group that the call arrives on and not the true caller ID or the ANI.  Some Telcos have more sophisticated tools that can capture all of the call signaling information, but even these may be fooled by a spoofed CID and ANI. 

In the case of the spoofed call that comes through a third party provider, there are now services that provide the true ID of a spoofing caller.  Ironically, these services are owned by the same companies that provide the spoofing! 

Bottom line - until the federal government enacts legislation to ban or regulate CID spoofing, and includes all providers, not just carriers, the problem will continue to exist and most likely grow more annoying. 

About Al Weigand

Al Weigand is an Abilita consultant and technology executive with more than 30 years experience engineering, deploying and operating complex telecommunications networks for small and mid-sized telecom service providers in competitive metropolitan markets.  As a technology leader, Al and his teams have deployed the latest technologies in support of business customers ranging in size from single person offices to Fortune 1000 firms, and even baseball's 2006 All Star Game. As an industry leader, Al has been a long-term participant in national policy and standards setting bodies as an active member of the U.S. Telecom Association (USTA) and the Alliance for Telecommunications Industry Solutions (ATIS).  Al has a BS in Electrical Engineering from Point Park University, an MBA from Robert Morris University, and is a registered professional engineer. You can contact him at aweigand@abilita.com.

About Abilita Advantage

Abilita Advantage is a practical business resource published 10 times each year. You receive it as a valued client or business contact of Abilita. Should you wish not to receive it, please send an email message to advantage@abilita.com indicating unsubscribe in the subject area.