Phone spoofing is the practice of falsifying the caller ID information that appears on recipients' caller ID displays to conceal callers' true identities. Spoofing technology allows users to alter their phone numbers and/or names. Various mobile applications and websites offer spoofing services. Caller ID spoofing is legal in the United States except when used to harm, defraud, or steal valuable items. Often, scammers spoof phone numbers to take on the identities of government agencies or familiar legitimate organizations.
If a caller spoofs Caller ID with an intent to cause harm or obtain the call recipient's personal information wrongly, then such spoofing is illegal. This does not imply that there are no legitimate uses for Caller ID spoofing. For instance, law enforcement agencies engage in spoofing if they plan to conceal their direct contact numbers from crime suspects. In the same manner, medical doctors spoof their phone numbers when calling their patients from home to display the names or phone numbers of their hospitals. Scammers use phone spoofing to perpetrate different phone scams and other vices. These include:
With spoofed robocalls, fraudsters contact unsuspecting individuals pretending to be legitimate telemarketing companies. These robocalls instruct their targets to follow certain prompts to speak with live agents. Once transferred, scammers will try to sell phony products and services and steal victims' money.
Financial and Identity Frauds
Scammers spoof Caller IDs to assume the identities of legitimate businesses and government agencies. They impersonate employees of those institutions and attempt to get personal and or financial information from their targets. For instance, scammers impersonate the police department and threaten arrests if their targets fail to pay specific fines. A widely known scam in the United States is the Internal Revenue Service (IRS) scam. Typically, fraudsters who perpetrate the IRS scams use Caller ID spoofing to fool marks and obtain their social security numbers and financial information.
Ill-intentioned persons use spoofing to trick their targets’ caller IDs to display the numbers of individuals they know and trust in order as part of their mischievous plans. Some phone calls may appear to be coming from friends or relatives but when answered, callers verbally insult the recipients. This is done to sabotage and damage the targets’ personal and business relationships.
How Do You Know If Your Number Is Being Spoofed?
If you get inundated by calls or text messages responding to communication you did not start, odds are your number has been spoofed. The reason anyone will do that is to perpetrate scams using your identity. However, to avoid getting implicated, you can file complaints online with the FCC.
Why is Phone Spoofing Illegal?
Caller ID spoofing is illegal in California when done with malicious intent. Spoofing allows fraudsters to alter their caller IDs more frequently, making it hard for law enforcement agencies to apprehend them. According to the Truth in Caller ID Act, phone spoofing is illegal if employed to cause harm, defraud individuals, or unlawfully acquire valuables.
Sometimes, residents receive phone calls from numbers similar to their own or their exact numbers. This is only possible by spoofing and has gotten many Californians scammed. Generally, it is advised to disregard a phone call that appears to be from your phone number or a similar number. It is also possible to get a call that seems to be coming from your area code but is actually from a caller in another country. This type of spoofing is called neighbor spoofing. It is a ploy used by scammers to trick residents who ignore phone calls from international numbers.
How Can You Identify and Protect Yourself from Illegal Spoofed Calls?
While it may be challenging to ascertain if an incoming call is from a spoofed number, efforts can be made to avoid falling victim to scammers who engage in phone spoofing. Some of these include:
- Hang up the phone if you realize the caller spoofed trusted institutions’ caller IDs to request personal identifying information. Never disclose sensitive information to anyone over the phone.
- Be wary of repeated calls from IDs that appear to be from legitimate businesses and did not leave any message as they are probably spoofed calls. Block such numbers from subsequently reaching you.
- Download call-blocking applications on your cell phone if there are no built-in call-blocking features. You can block phone numbers perceived as spoofed to avoid falling victim to scams.
- Add your number to the Do Not Call List provided by the Federal Trade Commission (FTC) to stop receiving spoofed robocalls.
- Report Caller ID spoofing online to the FTC and FCC. The FTC can be called on 1 (888) 382-1222, while the FCC takes complaints via phone calls on 1 (888) 225-5322.
Does California Have Anti-Spoofing Laws?
Anti-spoofing laws prohibit anyone from engaging in illegal caller ID spoofing. The Truth in Caller ID Act of 2009 describes it as unlawful for individuals in connection with any telephony service to alter caller ID with the intent to defraud. In the State of California, millions of dollars are lost to illegal phone spoofing yearly, hence, the necessity to enact laws to combat the menace.
The State of California currently has two anti-spoofing laws. These are:
Consumer Call Protection Act (CCPA) of 2019 - This law was signed into law in 2019. It requires service providers to implement technology that can verify and authenticate caller IDs for calls routed over internet protocol networks. The Act authorizes the CPUC and the California Attorney General's Office to implement specific parts of 47 U.S.C. 227. This makes it illegal for anyone in California to alter caller IDs intentionally to defraud or cause harm. The CCPA corroborates FCC's suggestion on implementing the Secure Telephony Identity Revisited and Secure Handling of Asserted information using toKENS (STIR/SHAKEN) protocols.
These protocols help to limit spoofed calls and can identify phone numbers associated with illegal robocalls. The CCPA wants Telecommunications Service Providers (TSP) to ensure the implementation of the STIR/SHAKEN by January 2021. The Act does not empower individuals to file legal actions against TSPs. This does not prevent a bill for an amendment of the Act to create a private right of action. TSPs must, however, must implement the STIR/SHAKEN protocols by January 2021 to avoid liability from the CPUC or the AG, and avoid liability under the Act.
Assembly Bill No. 1132 - The AB 1132 regards as illegal in California any attempt to tweak Caller ID information to impersonate local, state, or federal agencies' phones. This was enacted to curb the activities of scammers who spoof government agencies' phone numbers to mislead residents into divulging personal information or making payments. Under this law, violators are subject to a penalty of $10,000 for each violation. The law, however, exempts the blocking of Caller ID information as well as spoofing for law enforcement agencies. It also does not apply to the federal government's security and intelligence agencies.
What are Common Phone Scams involving Caller ID Spoofing in California?
Scammers use phone spoofing to get Californians to answer their calls. They often take on the identities of familiar organizations and government agencies to fool residents and steal their money and personal information. Californians who are victims of Caller ID spoofing scams can file complaints online with the FCC.
Common phone spoofing scams being perpetrated in the state of California include:
- Charity scams
- Chinese Consulate scams
- Medicare scams
- Bank scams
- IRS scams
- Telemarketing scams
- Lottery scams