Feeds

MPs urge action as spooky caller ID-faking services hit UK

'Be anyone you want to be'

Internet Security Threat Report 2014

Exclusive Communications watchdogs have today been pressed by MPs to investigate a new service that allows people to fool caller ID systems into displaying a fake number, amid fears it will be abused by ID fraudsters and other conmen.

It's thought such trickery is currently legal in the UK. The Liberal Democrats have called on regulators to act however, claiming the availablity of such services in the UK could make it even easier to fleece the public and invade privacy.

Spookcall logoSo-called caller ID spoofing services have been available in the US for several years. Now, a new firm named Spookcall is bringing the controversial practice to the UK with the tagline "be anyone you want to be".

Ofcom has not responded to requests for comment on the launch, made on Monday afternoon and Tuesday morning.

Spookcall works for landlines, mobiles and VoIP calls. Such services have been used in the US by private investigators, direct marketeers, prank callers, voicemail hackers and phone phishers. More benign uses such as allowing call centre workers to work from home are also common. You can get a feel for its applications from Spookcall's "testimonials" page and this independent site.

Spookcall sells pre-paid calls via its website at £5 for every 10 minutes. Users dial a freephone number and enter a PIN to access the spoofing system, which simply requires the number they want to call and the any number they want the call to appear to be from. It also offers to pass your call through voice-changer software.

Liberal Democrat culture, media and sport spokesman Don Foster voiced worries over the potential uses of caller ID spoofing. He told The Register: "The opportunities for abuse that Spookcall presents, in terms of its potential for extremely distressing and dangerous hoax calls are a step too far.

"I have contacted Ofcom asking them to investigate this service, looking particularly at the ways this service could be exploited. Invasion of privacy and identity theft are serious issues and we must make sure we are all protected as new technological developments emerge."

Spookcall founder Royce Brisbane defended the service today, saying he had sought advice on whether the caller ID spoofing was legal under UK law prior to launching the service. He told The Register: "It should be up to the person you're calling to make sure you're who you say you are."

Brisbane and his partner in the business have a background in selling surveillance equipment to law enforcement and private investigators. They decided to bring caller ID spoofing to the UK after seeing its success Stateside. A version that Brisbane says will only be available to law enforcement is in development, but he declined to discuss details.

The US boom in caller ID spoofing began in 2004, with more than half a dozen services launching in quick succession. The burgeoning practice attracted scrutiny from politicians and regulators. The FCC, the US equivalent of Ofcom, launched investigations of two of the market's leading players in 2006.

Last June the House of Representatives passed the Truth in Caller ID Act 2007, which prohibits the intentionally misleading or inaccurate use of spoofing technology. The Bill has now passed the Senate committee stage and is awaiting a full hearing.

The FCC has a page of consumer information on caller ID spoofing here. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Broadband sellers in the UK are UP TO no good, says Which?
Speedy network claims only apply to 10% of customers
Virgin Media struck dumb by NATIONWIDE packet loss balls-up
Turning it off and on again fixes glitch 12 HOURS LATER
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.