Technical Discussion
  >> VoIP (e.g. BT Digital Voice, Sky Internet Calls, etc.)


Register (or login) on our website and you will not see this ad.


  Print Thread
Standard User Michael_Chare
(knowledge is power) Tue 18-May-21 23:06:52
Print Post

How will VOIP allow number spoofing to be stopped?


[link to this post]
 
Huw Saunders, a director at Ofcom, has said that when VOIP is fully in place, with a target date of the end 2025, the industry will be able to stop number spoofing. How will this work?

Link to BBC article.

Michael Chare
Standard User Pheasant
(fountain of knowledge) Wed 19-May-21 09:10:45
Print Post

Re: How will VOIP allow number spoofing to be stopped?


[re: Michael_Chare] [link to this post]
 
It’s rampant. For some reasons scammers have decided if they call and spoof the same 8 leading digits matching my mobile number I will somehow be fooled into believing it’s a number I can trust or something…

sorry I have to go now as there is apparently a warrant out for my arrest with HMRC..🤣
Standard User Tacitus
(experienced) Wed 19-May-21 18:50:39
Print Post

Re: How will VOIP allow number spoofing to be stopped?


[re: Pheasant] [link to this post]
 
There's an interesting piece on Charles Arthur's Blog commenting on a Guardian article on text scams where he alleges that the failure to prevent number spoofing is a direct result of the requirement that the UK government can tap phones.

No idea how true this is but as the linked piece by Tim Panton says, a whole generation is being raised to not answer the phone since it is most likely to be a scam artist. Personally I only answer calls from known numbers - and even they can be spoofed - with everything else going to voice mail.

Edited by Tacitus (Wed 19-May-21 18:52:10)


Register (or login) on our website and you will not see this ad.

Standard User Pheasant
(fountain of knowledge) Fri 21-May-21 11:22:23
Print Post

Re: How will VOIP allow number spoofing to be stopped?


[re: Michael_Chare] [link to this post]
 
In that article, the Ofcom director, Huw Saunders says when VOIP is fully in place, with a target date of the end 2025, the industry will be able to stop number spoofing.

"It's only when the vast majority of people are on the new technology (VOIP) that we can implement a new patch to address this problem [of spoofing]."

I’d really love to know what this magic “patch” is that he speaks of? Why can’t it be deployed now?

Anyone with a brain cell and access to an asterisk box can create a number spoofing rig very easily and cheaply. Here is a virtual recipe…

How to Build Your Own Caller ID Spoofer: Part 1

How to Build Your Own Caller ID Spoofer: Part 2
Standard User kitcat
(experienced) Fri 21-May-21 13:43:44
Print Post

Re: How will VOIP allow number spoofing to be stopped?


[re: Pheasant] [link to this post]
 
When everything was 'PSTN' ( ETSI signalling) it was not possible to spoof CLIs as the Network CLIs were all generated by the switches. ( Presentation ones could be but the network CLI was always present) . This meant that you could track down the originator very easily.

VOIP opened the box to spammers and you could never know what the real originator was from the CLI as both network and presentation could be spoofed by the caller.

In theory VOIP calls are trackable as the originator IP address is required to actually service the call. However even then they can be hidden so that the call will work but the IP is only traceable if you have access to the intermediate host and support from the (usually) foreign IP range holder.

How OFCOM are going to stop number spoofing Internationally is beyond me, could be easy to do in this country but would be possible now but the reality is 99% of the calls come from elsewhere. IP6 also makes it far harder as the number of addresses is astronomic and every call will appear from a different one so IP blocking goes out of the window.

There was a suggestion that a database of valid numbers was set up, but all that will happen is the scammers will just use valid numbers and this already happens to overcome call blocking.
Standard User adrenalize_
(regular) Fri 21-May-21 19:40:22
Print Post

Re: How will VOIP allow number spoofing to be stopped?


[re: kitcat] [link to this post]
 
The protocol to prevent spoofing is STIR/SHAKEN (no I'm not taking the whatsit). The US are slightly ahead of Ofcom implementing it as I think a lot more of their telephony had moved to VoIP. The FCC gives a tiny bit of info here https://www.fcc.gov/call-authentication
Standard User kitcat
(experienced) Fri 21-May-21 20:43:05
Print Post

Re: How will VOIP allow number spoofing to be stopped?


[re: adrenalize_] [link to this post]
 
adrenalise

Nice read, but as section 3.5 indicates unless International VOIP originators are prepared to take action, and in my opinion regulators agree that carriers can block certain originating networks that transit the vast ,majority of these calls, the proposed actions will only reduce calls within countries implementing them.

Very few of these calls originate within the UK or US so the STIR/SHAKEN protocols will only cover these minimal calls. OFCOM have already priced most of these in the UK out of business with their fines which make it unprofitable to make UK originated 'nuisance' calls.

Until the countries that the majority of calls originate in start to take action you will still be plagued with calls from Windows /BT helpdesk etc.

Alternatively all VOIP calls that show a CLI within your country not attested by a country based supplier will have to be binned, this could be done now BUT OFCOM has never allowed it to happen. (This could have been done in 2010-15 when we were setting up the VOIP gateways but BT was not allowed to as it would have interfered with OFCOMs competition principles. Most calls came via new entrants).
Standard User Pheasant
(fountain of knowledge) Fri 21-May-21 21:46:46
Print Post

Re: How will VOIP allow number spoofing to be stopped?


[re: adrenalize_] [link to this post]
 
It’s a bit of a stretch to call that a “patch” though isn’t it? Who are they kidding.😎

More like full blown coordinated industry wide programme of a suite of protocols.
  Print Thread

Jump to