The Wall Street Journal reports a rise in popularity of applications that can “spoof” Caller ID numbers. With spoofing, the number that shows up on a call recipient’s Caller ID display is different from the actual phone number the dialer is using.
There are numerous legitimate reasons for a person to want her phone number hidden. For example, domestic violence survivors or stalking victims may need to contact their abusers to discuss custody arrangements or other questions. These victims need the ability to mask their phone numbers, so abusers could not track them down. (The National Network to End Domestic Violence has a paper about how abusers and stalkers use technology to control and harass their victims.)
Another example is journalists who wish to keep secret their sources. The journalists don’t want anyone with access to a whistleblower’s phone to know who has been calling. Doctors may not want patients to know their home phone numbers so spoof in order to have their office numbers displayed.
But, as the Journal reports, Caller ID spoofing can be used for criminal activity:
[T]he same spoofing software lets users hack into other people’s voicemail, by taking advantage of a feature in most mobile phone carriers that allows calls from a person’s own phone to default to voicemail without a password.
Spoofing companies blame the carriers for the security flaw. “It is not the service…. it’s the cell phone companies,” says Gregory Evans, President of Spoofem.com. “The cell phone companies have to take some type of responsibility.”
Some companies, such as T-Mobile have a default setting for voicemail that does not include a password.
“If the customer does not elect to turn the password on during setup, then the default setting is off,” says a spokesman for the company. “Individuals using these spoofing applications risk criminal as well as personal liability for their actions.” […]
Spoofing companies are confident they will survive, in the same way email technology survived spamming, or similar phishing scams. Washington, D.C.-area based Telecom Attorney Mark Del Bianco, who also represents Spoofcard, says Congress cannot legislate against a technology. “They can’t make telling lies illegal,” he says. […]
And for those thinking of committing a crime with the Caller ID spoofing software, Del Bianco has words of caution. “There are an awful lot of people who believe that if they use Caller ID spoofing, somehow there is no call record, and it can’t be traced. That’s not the case.” He says Spoof Card gets regular subpoena requests from unhappy spouses and the NSA, among others.