1. Computing

Why You Shouldn't Trust Caller ID

Is Microsoft really calling me?

By

Why You Shouldn't Trust Caller ID
Photo: Brand New Images / Getty

When someone calls us on the phone, most of us immediately glance at the Caller ID information to see who is calling. It's a perfectly natural reaction. We've been conditioned over the years to trust this information. The problem is that not everyone is aware of how easy it is to spoof this information and hackers, scammers, and pranksters are taking advantage of this fact.

Scammers and Hackers Love to Spoof Caller ID Information

Scammers and Hackers take advantage of Voice Over IP (VoIP) technology to fake Caller ID information so that they can create a phony situation in which they pretend to be someone they're not in order to steal information from you or scam you out of money. This is known as pretexting.

Prank Callers Love to Spoof Caller ID Information

For a long time, prank calling went out of fashion because of Caller ID. When pranksters figured out that they could use Caller ID block, the Caller ID arms race began. After Caller ID block allowed scammers to be semi-anonymous once again, phone companies added the Anonymous Call Rejection feature that forced anyone who had blocked their Caller ID to unblock it before their calls would be accepted by the party who had Anonymous Call Rejection turned on.

With the advent of spoofed Caller ID services such as SpoofCard, pranksters began their antics once again. Although most uses of spoofed Caller ID information is illegal in the US and other countries, many pranksters continue their efforts because they don't believe that they will ever be caught.

How Does Someone Spoof / Fake Caller ID Information?

There are a few ways one can spoof Caller ID information. One of the easier ways used by both scammers and pranksters is by way of internet-based Caller ID spoofing services such as Spoof Card. Spoofing services are often sold as a re-loadable card, similar to a long distance calling card.

Scammers wanting to hide their true phone number would purchase a prepaid 'spoof' card. After they have purchased the service they would provide their 'real' number (number they are calling from), the number of the intended victim, and then the false information they want the victim to see on their Caller ID when they answer the phone.

When they are ready to initiate the spoof call, they do so via the spoofing website or app. The spoofing service provider calls the scammer/prankster back at their real phone numbers, calls their victim's number, and links the calls together, providing the spoofed Caller ID information to the victim. The intended victim sees the false Caller ID information before they pick up the phone and are connected to the spoofer.

Scams Using Spoofed Caller ID Information

Their is a major international fake tech support scam dubbed the 'Ammyy Scam' where scammers calls victims under the guise of spoofed Caller ID information. The spoofed information, which makes it appear that the scammer is calling from Microsoft or some other well-known company, convinces the victims that there is a security issue with the victim's computer. The scammers convince the victims to install a remote administration tool called Ammyy which allows the scammer to take over the victim's computer and install malware, collect personal information, or do whatever else they want to it. The scammers also convince the user to purchase fake antivirus (scareware), gaining access to the victim's credit card information as a result.

This scam, which is responsible for cheating people out of millions of dollars, is effective because the caller ID information lends false credibility to the scammers story, making it very convincing. Had the Caller ID information read true, red flags would have gone up and victims would have been more on guard.

To sum things up, don't believe everything you read, including the Caller ID information that comes up when you answer your phone.

©2014 About.com. All rights reserved.