Talk:Caller ID spoofing

From Wikipedia, the free encyclopedia
Jump to: navigation, search

This is not a hoax, see, for example: http://www.theregister.co.uk/2004/10/28/caller_id_website/, or just Google it. -- X15 10:27, 19 February 2006 (UTC)

Reads like an ad... -- Taral 21:17, 17 April 2006 (UTC)

Added section on spoof program.


I don't think this article reads quite like an ad, but it does fail to explain (rather than just name) the techniques of Caller ID spoofing. I have provided an example with the sentence (now paragraph) summarizing Orange Boxing. We don't need to write a whole section on each one, but we do need to briefly summarize, for example, how VoIP or PRI ISDN are used to spoof CID, rather than simply saying that they are. I would be particularly pleased to see a brief explanation of how access to an SS7 trunk would be gained for the purpose of spoofing a call.

More article links would be nice too. I added a bunch tonight but the article still needs more. A casual user reading this article may not be familiar with the technical terms, and we should be making it easier for him to learn them.

Dethme0w 07:19, 9 February 2007 (UTC)


I have been robbed of my wallet at gunpoint. It appears to me that the perps are now trying to get into my house to get account numbers. I am getting calls from numbers that a reverse lookup says aren't in use. They appear to be trying to determine when I am not home.

My question for the experts: Can the phone company (Qwest) or a VoIP company (Lingo) determine where these calls are really coming from? Would the police be able to extract that information? If the answer is "yes," I will pursue it with the police, and see if I can break up a large burglary ring. (Eight houses have been hit in a nearby neighborhood of 50 houses.) --Docduke 16:45, 24 March 2007 (UTC)

Yes the phone company can. Have a look at ANI —Preceding unsigned comment added by Dovidb (talkcontribs) 22:58, 19 March 2009 (UTC)


Merge into Caller ID[edit]

I propose this page be a (large) section of caller id, as it's an aspect thereof. It was started Dec '02; this article was started Feb '06. The questions/issues from Docduke and Dethme0w above are answered there, - info about more reliable ways to track the caller, and the underlying technology. I think that supports a merge; it doesn't make sense that these be separate, IMO. --Elvey (talk) 02:03, 2 December 2008 (UTC)

I disagree...this article looks pretty long and detailed and I imagine there's a reason this was spun-out from there. If there are problems with this article, they can probably be addressed by copyediting it and including a better summary of the issues in the parent article, rather than merging it back. rʨanaɢ talk/contribs 11:52, 17 February 2009 (UTC)
Oppose: If the articles were merged, the combined article would be too large to comply with Wikipedia policy. For an example of such a situtation, please see the Dell article. [|Retro00064 | (talk/contribs) |] 10:12, 21 February 2009 (UTC)
Oppose: The Caller ID article has its own problems that should be resolved first, before any merger consideration. See Talk:Caller_ID. It doesn't need further confusion. Bellhead (talk) 18:20, 25 February 2009 (UTC)
Oppose: I too oppose this. This caller id spoofing is a big problem of its own... its been causing me nightmares... litterally. I have removed the merged article as well.--Dr. Pizza (talk) 22:56, 12 April 2009 (UTC)

brand name vs. generic name[edit]

The term "Caller ID" is very prevalent, but it is a brand name (and thus probably should be capitalized as a proper noun). The generic term would be calling party number (CPN). Should this article be renamed?

I can see the counterargument though, that some brands have become synonymous with the object they represent, such as Xerox (copy or photocopy) or Kleenex ((facial) tissue).


Your thoughts?

The US Government refers this as "Caller ID" in the "Truth in Caller ID Act of 2010". I've never heard of Caller ID being a trade name, but I am not too versed in this. If it's good enough for it to be referred to in general as "Caller ID" by an Act of Congress, it should be acceptable on Wiki. 166.216.128.74 (talk) 00:49, 18 April 2010 (UTC)


You make an interesting point, but also a good counterargument. Let's stick with Caller ID. MrJosiahT (talk) 05:26, 10 July 2011 (UTC)

Page needs a comparison of spoofing services[edit]

I think it would be good to add a section to this page that compairs the various spoofing services eg. when they were founded, interface for placing calls, rates, etc sort of like there is in the Comparison of VoIP software article. 151.200.36.205 (talk) 18:53, 17 October 2009 (UTC)

This is not exactly the same, this page is about Caller ID spoofing, not about Comparison of caller ID spoofing services. Moreover, your list included a) signup lists, which make the list into a spam magnet, and b) none of the actual services seems (until now) notable for an own article, which makes this list look like 'well, at least we do mention them somewhere' (whereas for most/all of the mentioned VoIP software, separate articles do exist!). I have cleaned the list a bit, but if none of the services has its own article in due time, I would suggest that the list should go again. We are not an internet directory. --Dirk Beetstra T C 23:16, 17 October 2009 (UTC)
Ah yes, I can see the problem with including signup links! Although none of the providers have their own article as of now, SpoofCard is probably notable enough that it should. Although Wikipedia is not an internet directory, my idea in creating the list was to show how extremely varied the prices and services of the various providers are. 151.200.36.205 (talk) 02:17, 18 October 2009 (UTC)
We should remove the links to the non-existant articles and instead link to the sites of the spoofing providors. This a good idea? 71.163.238.120 (talk) 02:46, 3 November 2009 (UTC)
No, we are not the yellow pages. --Dirk Beetstra T C 08:54, 26 November 2009 (UTC)

History[edit]

Caller ID spoofing is more than 20 years old. A friend of mine who moved away from Montreal in June of 1997 and cut his Montreal service with Bell Canada then. His name and phone number appeared on the caller ID screen of my home phone about November of 1997. Go figure. Peter Horn User talk 00:22, 26 November 2009 (UTC)

1997 to 2009 is 12 years. Is there a documented spoofing case occurring on or before 1989? Boomshadow talk contribs 19:47, 2 December 2009 (UTC)

Fraudulent billing[edit]

A more sinister aspect of telephone number spoofing is the fraudulent billing of long distance telephone charges to s third nomber. This practice was mentioned in the Montreal Gazette some time ago when it featured an article about firms that were hit with $25,000 or $ 35,000 charges for long distance calls that they did NOT make. Peter Horn User talk 01:27, 26 November 2009 (UTC)

  • Caller ID spoofing does indeed have several sinister aspects, but what you're talking about is probably the ages old third party billing trick. It's a simple trick involving social engineering, doesn't require spoofing, and has been around much longer than Caller ID itself. 151.200.31.38 (talk) 23:26, 26 November 2009 (UTC)

VoIP doesn't use or spoof telephone numbers[edit]

This is a topic that doesn't see much discussion and probably deserves some. A pure voice over IP call uses IP addresses to determine the end points. Both end points must have IP connectivity but there is no requirement to expose either end point to a traditional phone switch. A combination of software such as Asterisk and a set of FXO and FXS cards can use VoIP as a carrier to bridge traffic that originates as POTS to an endpoint that terminates as POTS. The software at the VoIP endpoints can create the CallerID at will. In fact, an Asterisk confguration with the apprporiate line cards and no VoIP capabilities can do the very same thing. There are services that provide a POTS termination to a VoIP call and that service can provide any value for a CallerID. The VoIP component is not the spoofing enabler, that is one of the features of the rest of the configuration. Docdave (talk) 03:56, 27 April 2011 (UTC)

Hmm, that is interesting, but how do you propose it be added to the article? Perhaps adding "It isn't actually VoIP that enables spoofing but software at the VoIP endpoints that bridges the call from VoIP to POTS."  ? MrJosiahT (talk) 17:26, 11 July 2011 (UTC)

Bad link address and wrong link title[edit]

The following reference has an unrelated title and a dead link: 12. "Virginia girl found eating herself in cage in mobile home; parents Brian and Shannon Gore charged". Daily News (New York).[dead link]

Could the following link be used instead? "Brooklyn wife Kisha Jones drugs husband's lover to force miscarriage, sends poison as 'breast milk'" http://articles.nydailynews.com/2009-12-05/news/17941538_1_breast-milk-anthony-jones-cops

Alternatively, "Police Allege Elaborate Bid for Revenge by a Wife" http://www.nytimes.com/2009/12/05/nyregion/05baby.html

I will not edit the article; I hope that someone more familiar with the topic will take a look.

Mecanoge (talk) 18:53, 20 February 2012 (UTC)

unclear to me[edit]

I could only think of a way to make this work, if the faked number is owned by the provider doing the faking (I'm assuming here (common sense) that the phone company does not provide access to an interface allowing to change the forwarded phone number). This would not be a real faking, but allowing somebody to use ones phone. If the provider allows somebody to use his phone number, he would be responsible for any legal results for the calls done with his phone number. Please somebody explain this to me? Does the phone company provide access so that people can feed in the number they want? — Preceding unsigned comment added by 192.73.228.23 (talk) 19:56, 2 August 2012 (UTC)

On voice over IP providers like les.net and voip.ms, the user can obtain multiple inbound numbers in multiple cities (DIDs) through a web interface and can also specify any arbitrary number to be sent as caller ID on outbound calls. The caller name, on calls within Canada, is taken from the analog telephone adapter settings - also under user control. That much is a Nortel quirk, the US bell standard is to send just the number as caller ID and use a database lookup at destination to find a corresponding name, but in either case the number is trivial to spoof on VoIP gateways.
On calls going directly from Internet-to-Internet without being gated onto PSTN, this is even more of a bad joke. One can spam telephone calls with bogus return addresses just as trivially as one can spam unsolicited commercial e-mail. K7L (talk) 13:31, 25 June 2013 (UTC)

Valid reasons[edit]

Valid reason #1 is already taken care of by the phone companies themselves. It's called Number Replacement. A company might have a block of 100 or 800 numbers for their DID (Direct In Dialing) system, but they don't want every employee's private extension showing on Call Display when they call out to a customer, so they ask the phone company to substitute a specific number in place of one or more private extensions. It could even be the main switchboard number, or the company's toll free number.

What I don't understand is how these spoofing companies bypass the phone companies' own SS7 system that processes call display information. This information is supposed to originate from the exchange where the call originates, and if that exchange doesn't have an SS7 connection (as in the case of rural areas particularly in northern Canada), then "out of area" or "unknown" is shown on recipients' display units. The spoofers might be generating their calls through the spoofer's own PSTN service, but then, it should be whatever number the phone company programmed when they hooked up the spoofer's lines. Customers shouldn't be able to override the information generated by the exchange when it identifies the line that is originating a call. If the call is being made over an internet service like Skype, it still has to connect to the PSTN of area codes and 7-digit phone numbers by means of some kind of connection to a phone line which should have a number associated with it.

It seems to me that there are shady CLECs (competitive local exchange carriers) that don't care and are somehow facilitating the spoofers with access to manipulate the number that the CLEC sends over its connection to other LECs. This CLEC then would be breaking the law adopted by Congress and badly needed by other countries, and this CLEC should be shut down for this kind of deception. A self-respecting LEC would not allow customers access to the number display generating mechanism, other than to suppress the appearance of the number (Call Display Block). GBC (talk) 03:33, 10 October 2012 (UTC)

There is no such thing as a self-respecting LEC. Bell Canada holds the record for largest fine for do-not-call violations in that country, and it's the largest ILEC in the region.
The "spoofing companies", while an annoyance, are unnecessary as it's too easy to use voice over IP gateways to send spoofed calls. That's generating huge do-not-call violation problems as every telemarketer in India can call into other countries and pretend to be a domestic caller, while ignoring the targetted country's laws with seeming impunity.
Anyone with a digital primary rate interface line, such as those used to connect business private branch exchanges, can spoof calls directly. This appears to be the usual means by which the voice-over-IP gateways obtain PSTN access. K7L (talk) 13:43, 25 June 2013 (UTC)

The whole 'valid reasons' section needs to be removed. It's not appropriate for an encyclopedia article, it cites no sources, and it's nonsense. — Preceding unsigned comment added by 98.247.50.244 (talk) 03:07, 9 August 2014 (UTC)