Slashdot Mirror

← Back to Stories (view on slashdot.org)

Caller ID Spoofing for the Masses

Posted by michael on from the e.t.-phone-home dept.

lolly72 writes "SecurityFocus has a story on a new U.S. website offering a caller I.D. falsification service. It's called Camophone. It's being advertised in Google ads that appear with search results for Star38.com, which was the the last service to try and make money off caller I.D. hacking. But unlike Star38.com, Camophone isn't limited to collection agencies and private investigators, and it doesn't cost $125 to sign up. Anyone with a PayPal account can use it, and at five cents a minute, probably will. Who do you want to fake out today?"

14 of 286 comments (clear)

  1. do this for free by Prophetic_Truth · · Score: 5, Informative

    you can already do this using an asterisk pbx and a VoIP provider. Although once this starts being abused I doubt it will remain a feature.

    --
    time is a perception of a being's consciousness
    time is your 6th sense, the wierd ones are 7+
    1. Re:do this for free by DarthBart · · Score: 4, Informative

      Assuming your VoIP provider lets you set caller id. We've started implementing filtering that only allows you to set your CID to one of the DIDs that are assigned to you.

    2. Re:do this for free by kgasso · · Score: 2, Informative


      > CID, yes. ANI? Are you sure?
      >
      > Since ANI is used for billing purposes, including 900 numbers, I highly doubt any telco allows it to be modified.

      I have a 23-channel PRI here from a local CLEC (utilizing it for inbound local DID numbers and toll-free DNIS numbers as well as outbound calls) who lets us not only stuff our own CID, but sends that as the ANI as well. Not sure if they even know they're doing this, although we have a pretty good standing business relationship with them, and we have no intent of using it for "evil" purposes.

      (We utilize sending outbound CID for sending the DID # of individual extensions behind the PBX, as well as the primary number of the "account" we're calling for... we're a call center for several ISPs. It's also useful for call transfers/routing from our PBX, as the original caller's CID shows up when we transfer.)

      The PRI that I have running into the same PBX from the ILEC (Qwest) only sets the CID, as expected.

      It's not overly hard to forge your ANI; it just takes some legwork and potentially a wad of cash. There is still an audit trail at the ILEC and CLEC switching facilities, too. I suspect if they start getting complaints about things being billed to wrong numbers, it's not hard to find out which one of your interconnects did it.

      -k

  2. Doesn't Work by The_Rippa · · Score: 5, Informative

    I signed up for the service while this article was still in the mysterious future. Tried it out, didn't work.

    I got to file my first Paypal dispute claim!

    Seriously though, the website is just text and there's no contact info for anything.

    Scam.

  3. Re:It's just a web-site by tcopeland · · Score: 2, Informative
    Running an outdated version of Apache 2.0, too:
    [tom@hal tom]$ curl -sI http://www.camophone.com/ | grep Serv
    Server: Apache/2.0.48 (Fedora)
    [tom@hal tom]$
    --
    The Army reading list
  4. I also signed up... by daveschroeder · · Score: 5, Informative

    Figured $5 through PayPal (and yes, it really was PayPal, not some spoofed tab or scam site) was worthwhile.

    However, even though their FAQ said it would be ready in 30 seconds, my account still shows zero minutes. Don't know if that's because PayPal takes a while to do the transfer, but I wasn't about to use a credit card with them.

    For what it's worth, their "Privacy Guard" service page looks like this:

    Camophone.com Home | Login to Privacy Guard | Frequently Asked Questions | Signup for Service

    Logged in: das
    Time Remaining in Seconds: 0
    Time Remaining in Minutes: 0
    Recharge Account

    Enter all phone numbers without a leading "1" and with no dashes or spaces. Example: 9095551212
    Caller ID must be ten digits to be passed properly through the telephone network. When the system calls you, the caller ID you set will be sent to you as well.
    number to call [recipient]: (format: NPANXXXXXX)
    your number [caller]: (format: NPANXXXXXX)
    caller ID to send:

  5. Re:Glad by JUSTONEMORELATTE · · Score: 5, Informative

    You're mixing callerID (in the case of "voice mail access without password") with ANI (in the case of credit card activation)
    CallerID is spoofable, but ANI info is not. Any time you call an 800 number (or 888, or 877, or any of the other variants that are out now) your info is sent prior to the first ring. This is ANI (Automatic Number Identification? It's been a while. I'm sure someone will correct me if I've got it wrong :) You can't disable this with star codes, or with the "Private Name" feature of callerID blocking.
    CallerID, on the other hand, can be enabled or disabled, and can be spoofed.

    Easy way to remember -- who's paying for the call? If it's you, then it's callerID. If it's the other guy, then it's ANI.
    --

  6. It's Too Easy... by xanadu-xtroot.com · · Score: 4, Informative

    Just use a calling card...

    I have a calling card that I got through WalMart. The caller ID comes up as Denver, CO. I live in PA. This is via my cell or my land-line...

    --
    I'm not a prophet or a stone-age man,
    I'm just a mortal with potential of a super man.
  7. If you just want to hide your number... by AGTiny · · Score: 2, Informative

    If you just want to hide your number, not necessarily spoof your enemies, any calling card will do, like another posted mentioned.

    I use OneSuite as my long distance service because their rates are excellent. Caller ID from OneSuite shows up as either Unknown or some random out of state number.

  8. SS7 - ANI by Qbans · · Score: 5, Informative

    No one's mentioned that Caller ID isn't really used for that much authentication. Let me give you a little bit of background on caller ID.

    There is actually two types of calling number identification one being the popular Caller ID which as we know can be manipulated and blocked and the other being ANI or Automatic Number Identification which the user has no (or minimal) control over. Caller ID is used for the little displays on your phone and can have a flag set to block it, as well as define what number displays usually on outbound or two way trunks for use with DID (Direct Inward Dialing).

    The reason the phone companies allow you to set your outbound caller ID is so when you are using DID, you can have people reach you back directly instead of thru the companies generic number. Now a little bit of background on DID: Mid and large sized companies use DID for everything, it's how everyone has a seperate phone number or fax number on their desk. It would be uneconomical for the businesses to bring in a seperate phone line for everone in the office, so they share them. So say for example a company with 100 employees would have a block of 100 phone numbers, but only 23 incoming phone lines, any number can come in on any one of those phone lines and the company's PBX determines which desk to route the call to. Pretty simple. So when an employee wants to make a call, again he can use any phone line, and the PBX sets the outbound caller ID to his real number so it's easy for people to call him back. Some phone companies limit you to what Caller ID data you can send them, (which makes sense that you can only have outbound Caller ID on numbers that are in your block.)

    ANI always knows the calling trunk, and location. It's what's used for credit card verification, 911, etc. You can't block it and usually can't set it. ANI is transmitted (amongst other things) over SS7, which is basically an out of band protcol (which actually does carry caller ID too) that is used between switches. Few companies have phone systems that speak SS7, or a link into the SS7 network for that matter, it's just not useful. Phone companies would crack down pretty hard on fake SS7 info, because they could loose money on billing.

    So in summary, Caller ID - not secure, ANI - A little more secure.

  9. Re:emergency services is gonna love this by yetanothermike · · Score: 2, Informative

    Emergency services should be using an e911 service with the telco that isn't caller ID. e911 existed before CID was in place and works in areas where switches are not capable of carrying the service. If the local setup is relying on CID instead of whatever the telco should be serving up you all are in SERIOUS trouble.

    --

    [insert sig file here]

  10. Re:haven't been monolithic for a decade by Doc+Ruby · · Score: 2, Informative

    Telco equipment is still "vertical": NorTel switches require NorTel plugins. The most important vertical "silo" is the telco itself, which might outsource feature supply, but users get all their services from the telco, in whatever bundles they integrate and sell. No third party service provision direct to the customer, integrated with telco equipment or services, has ever survived. Even something as simple as DSL was blown away by the telcos' extreme competitive (including legislative) advantages.

    VoIP is different. It's inherently distributed. Since it's entirely executable on commodity hardware with open source software and published standards, distributed interop comes first. So a component architecture is available for any integrator, even an agressive end user. Of course all that changes the marketing, customer service, technical support. Even the "customer care", integrated billing and customer service, becomes a necessity rather than a luxury, and gets pushed closer to the customer than in the proprietary telco model. Customer care itself can be an addon from a third party with aggregated niches around the Net.

    Sure telcos have slowly moved towards their versions of some of the features and architectures of VoIP. The ATM long lines network between COs is VoIP (for lowercase "i" and some value of "P" :). This callerID spoof is an example of the blurred lines. Those blurred lines will make transition to VoIP smoother, bringing the benefits of open interop to every user and provider.

    --

    --
    make install -not war

  11. Re:So give me that... by rcw-home · · Score: 2, Informative
    So I want the ANI info in my CallerID line. Why is this hard, or why are the Baby Bells unwilling to do it?

    Because they didn't create a way to do it that was backwards-compatible.

    CallerID is sent as 1200baud FSK between the first and second rings. ANI is, for E&M trunk lines, sent as DTMF codes by the phone switch, or for BRI/PRI trunks, sent digitally with the other call connection information. DTMF incurs a significant connection delay - sending ANI plus DNIS (dialed number identification service, basically telling you which number the call was placed to) means sending 17 or more DTMF tones - so PRI is the preferred method.

    So ANI in its current form really only works with trunk lines. In some areas with some ILECs trunks can be analog (leaving you stuck with E&M DTMF) but otherwise you're looking at the expense of ISDN or a T1.

    The current CallerID protocol is flawed in that if you answer the call before the second ring, you don't get the CallerID information. I don't know why the telcos released such a flawed protocol or why they aren't interested in fixing it today. Maybe they figured that ISDN would replace POTS by now. Instead, as you mentioned, probably VoIP will instead.

  12. Re:A horrible idea, real experience... by NardofDoom · · Score: 2, Informative
    Install a recording device in your car and/or on your person. Someone I know was able to keep most of his stuff because he recorded the crazy stuff his ex-wife said.

    And if she's really crazy, have your friend bring a video camera to any meetings. You never know...

    --
    You have two hands and one brain, so always code twice as much as you think!