Beware of caller ID spoofing techniques.

The bank number displayed on the screen doesn't necessarily mean the bank is calling you. Recently, Anti-Fraud has received numerous reports about applications capable of impersonating phone numbers. In fact, this isn't a new trick, but rather a technique for spoofing displayed phone numbers, also known as phone number spoofing. Caller ID Spoofing, which has been around for many years.

Let's go together Anti-Phishing Learn about this technique and how to protect yourself from related scams.

1. Overview of Caller ID Spoofing

1.1. This technique is not new and has a history of over 20 years.

Caller ID spoofing is not an invention of the smartphone age or of today's scam groups. This technique has existed for a long time, initially in the hands of those with specialized connections to telecommunications exchanges. The first publicly available Caller ID spoofing service launched in the US on September 1, 2004, allowing for fraudulent calls to be made directly from a web interface, without the need for specialized equipment.

The technical barriers have only gotten lower since then. The key factor that has made this technique dangerous and widespread over time is the rise of... VoIP (Voice over Internet Protocol) is a technology for transmitting voice over the Internet. Previously, spoofing numbers required in-depth knowledge of telecommunications equipment and was expensive. But with the popularity of VoIP and open-source software, today anyone can do it with minimal cost and effort.

Over the past two decades, this technique has been documented in countless global scams, ranging from impersonating police officers, utility companies, and immigration officials, to impersonating relatives to request urgent money transfers. To the point that in 2019, the US AARP organization issued a warning:“You can no longer trust the numbers displayed on the screen."

1.2. The Technical Nature of Caller ID Spoofing

Since 2021, experts at Anti-Fraud have conducted in-depth research on this technique across several Internet Voice over IP (VoIP) services, digital PBX systems, and cloud calling services. At that time, due to its dangerous nature, the technical details were kept confidential to prevent exploitation by malicious actors.

Regarding Caller ID spoofing, in short, it means the caller doesn't necessarily use their real number when making a call, but the recipient's phone can still display a different number on the screen. In other words, The number you see on the screen may not be the actual number calling..

Technically speaking, a phone call isn't as simple as we think. It's divided into two separate parts: Actual route of calls within the telecommunications network and Information displayed For the recipient.

The difference lies here:

• Number used in the network: It is the actual identity of the caller that the network operator connects them to.
• Display Number: This is the information sent along with the message to be displayed on the recipient's phone screen.

Through intermediary systems like VoIP, fraudsters can easily alter the displayed data fields. Below is the simple technical logic that scammers use:

• source = The number you want to display (Example: Bank hotline 1900…)
• cupboard = The victim's phone number.
• callFlow = Call content or forwarded order.

In services like MessageBird (Figure 1, now fixed) or Cloud Call services, at the step transfer, The bad guy just needs to specify the school. source It's any number they want. The result? Your phone rings with the correct name and number of the bank, but in reality, the person on the other end is sitting in a "fraud center" in Cambodia or somewhere else in the world.

Currently, there are many technical approaches to this, including Telegram bots and applications on official app stores such as the App Store/Google Play Store.

2. Caller ID Spoofing Scams

Once they've spoofed a phone number, the scammers will devise incredibly sophisticated schemes:

• Impersonating a bankNotifications such as "Your account has just had an unusual transaction," "Credit card blocked," and "Urgent verification required to protect funds" are displayed.“
• Impersonating police officersThreatening you with involvement in an ongoing drug or money laundering investigation, demanding "I need your cooperation immediately."“
• Impersonating customer service representatives.Request for information verification, provide OTP to “resolve the issue”
• Impersonating a customer to call the bank.To request a change to your account information or a password reset...

Common points: They always use a hurried tone to leave you no time to think, demanding that you stay on the line constantly and asking you to provide a code. OTP/verification, including card information or requests to transfer funds to a “secure account” belonging to the investigating agency.

3. How to prevent scams

Don't try to distinguish between genuine and fake products just by the displayed numbers!

3.1. For individuals

If you experience any of the above symptoms, please... Hang up now. Then, proactively call back the official number on the website, statement, or official contact channel to verify.

NOTE: Fake applications You can only make outgoing calls, you cannot receive incoming calls.. Therefore, even though your phone's call history still shows the spoofed number, when you call back, the person who answers will be the legitimate caller, not the scammer.

3.2. For banks and financial institutions

The biggest risk on the organizational side is Trust the displayed number as proof of customer identity verification.. If the call center assumes "this is a call from the registered number, so it must be the right customer," fraudsters can easily exploit this to request password changes, information alterations, account unlocking, or further data extraction. Therefore, banks and financial institutions need to be vigilant:

The phone number displayed should only be used for reference purposes.,
Not verifiable evidence.