By John Breyault, Vice President of Public Policy, Telecommunications and Fraud and Alex Schneider, NCL Public Policy Intern
Responding to the passage last December of the Truth in Caller ID Act of 2009, the Federal Communications Commission released rules last week to stop abuses of caller ID spoofing. This is an important step, but the National Consumers League urges consumers to remain cautious, as spoofing can still occur.
So what’s caller ID spoofing?
Consumers may be surprised to learn that caller ID information that a person sees when receiving a call can be incorrect, manipulated by the caller to mask their identity. Online services such as http://spoofcard.com make caller ID manipulation easy by allowing a caller to enter any caller ID information they want, including both name and number, and then displaying that caller ID information when the call is placed.
As an example, a doctor could call a patient from his or her cell phone but display the caller information, “Dr. Smith, 555-867-5309,” the number of their office. More dangerous, though, a scammer could enter “Bank of America, 800-432-1000,” and then the person who picks up the call might think their bank is calling. In one instance, theives stole $15 million, as described in The New York Times. Needless to say, caller ID spoofing is – in the words of the FCC – “ripe for abuse.”
More work to be done
The newly released FCC rules place financial penalties on those who maliciously use spoofing services. That’s a good start. But as the Department of Justice argued, criminalizing malevolent caller ID manipulation will not alone deter scammers already intending to break the law. Criminals with thousands of dollars to gain from defrauding consumers might not be deterred by a $10,000 fine.
The Department of Justice suggested spoofing services should be required to verify ownership of a given phone number before that number may be used to spoof. While technologically savvy users may be able to get around this requirement, this kind of verification would help ensure that when spoofing is used, it’s the doctor who wants to mask his personal number who benefits, not the fraudster.
The FCC has asked Congress to take another look at this issue by recommending Congress enact legislation that would allow regulation of third-party spoofing services. We urge consideration of this additional legislation to best protect consumers.
How to protect yourself
In the meantime, spoofing remains legal. And while spoofing scams are now illegal, there are some common sense ways to ensure you
1. Never give personal information out over the phone when you receive an incoming call.
2. Don’t rely on caller ID to verify the identity of a caller.
3. If you didn’t expect a call or aren’t sure who is on the other line, hang up and call them back.
4. To block your own number from appearing on Caller ID, dial *67
To learn more about Caller ID spoofing, visit the FCC’s website, http://www.fcc.gov/guides/caller-id-and-spoofing
To read the new rules related to spoofing, click here: http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-11-100A1.pdf