Trust Caller ID, Become a Crime Victim!

Fraud using the telephone is nothing new; it's probably been around as long as there have been telephones. After all, a telephone is merely a communication device and can be used to dupe someone into doing something they shouldn't have.

Saying that, telephone technology, which has grown rapidly in recent years, has given fraudsters a wide array of new tools to use to depart common people and even large businesses from their hard-earned money.

Take caller ID for instance, which is marketed as a means of protecting our privacy. When I say marketed, it's normally sold for a fee so we can see who is calling us. The irony of the situation is that for a fee, just about anyone can make the caller ID appear to whatever number they desire.

The ability to spoof (fake/impersonate) caller ID has been around for a few years. Collection agencies, private investigators and even law enforcement agencies use it to get people to answer their telephone. In these instances, they are normally paying the telecom company for the service. I guess this means the people selling caller ID and the ability to spoof it are making money on both sides of the fence.

While some might argue the semi-legitimate (?) uses are deceptive in themselves, I'm far more concerned when criminals or malicious beings use it to further one of their schemes.

For instance, caller ID spoofing has been used to dispatch a SWAT team to an unsuspecting person's house, and a Pennsylvania man made obscene phone calls to women and made the caller ID appear as if they were coming from within the house. It has also subjected a lot of people to abusive return phone calls when their number was spoofed and angry consumers wanted to complain.

Of even greater concern is when caller ID spoofing is used by "stalkers." In January, Alexis A. Moore did a very well researched post on her blog about this subject. Moore is a "crime victim advocate and expert in cyber stalking, identity theft, traditional stalking, domestic violence and privacy protection," according to her profile on Blogspot.

Before I move forward, please note that it seems to have worked on a 911 dispatch system. In this case, law enforcement – who is known to spoof their numbers – is being victimized by the same technology they use to cloak calls themselves. Please note that if anyone should be able to legally spoof calls, it’s probably law enforcement. Nonetheless, it is ironic.

More and more frequently, caller ID is being used by organized (and maybe some not so organized) criminals to commit fraud.

Last month, spoofing caller ID was reported to be used as a tool by an international credit card fraud ring that was broken up by the NYPD and the Queens District Attorney's office. The ring was using an easily purchased portable spoofing tool, known as a Spoof Card. Spoof Cards can be bought by anyone who has the money to buy them, right over the Internet! Besides spoofing a number, the cards can be used to disguise a person's voice and gender.

The ring, which was described as stretching from New York to Nigeria, obtained cards and activated them using a number they spoofed as legitimately belonging to the intended recipient of the card. Please note, most banks require you to activate a card from a known number when you receive it in the mail. I wonder how many of these same banks are using caller ID spoofing technology in their collections departments.

While the methods used by this group included counterfeiting, mail theft, taking over accounts and fraud applications to get the cards, using a Spoof Card was obviously a pretty successful tool used in furthering the fraud scheme. The victims were from all over North America and the cards were used worldwide. According to the authorities, the financial impact of this activity was estimated at $12 million in the past year alone.

While devices like Spoof Card are an issue, the problem doesn't stop there. Semi-legitimate (?) marketing firms, such as Voice Touch, Inc. and Network Foundations LLC – ones that the FTC shut down last month – were using robocalls with spoofed caller IDs. Of course, there were a lot of complaints that these warranties they were selling (provided by Transcontinental Warranty, Inc.) were virtually useless if you tried to use them, too.

Spoofing caller ID has led to a rash of vishing (phishing by telephone scams), also. Last year in November, I wrote about a call I was getting offering to lower my interest rate. The calls in question were robo-generated and the intent was to get you give up your credit card numbers to a scammer. As of this month, I received another one of these calls. Besides this particular scam, there have been numerous reports of financial institutions having their telephone numbers spoofed in vishing schemes.

Of course, Spoof Card isn't the only spoofing service out there. Some services offer software programs that can be used to spoof calls over a Web interface. One even calls itself PhoneGangster.com.

The services that allow it to be done over a Web interface enable the activity to be performed on a much larger scale. A simple Google search for "caller ID spoofing" brings up all kinds of Adsense ads selling a wide range of caller ID spoofing services. Of course, I shouldn't single out Google or Adsense; my guess is that any search on most commercial browsers will net the same type of advertising.

With VoIP technology in full vogue and services like Skype, the fraudulent use of caller id spoofing services now can feasibly be done across borders. This will make it much more difficult for law enforcement agencies to investigate and prosecute these cases.

In 2007, two bills were sent to the Senate to address caller ID spoofing. Neither was voted on and as a result no effective law has been put into place to address this issue. This year, Senator Bill Nelson (FL) and three co-sponsors introduced another bill (S.30) dubbed "The Truth in Caller ID Act."

In my humble opinion, the need for this legislation is pretty apparent. Laws are designed to protect people and it there are too many good reasons people need to be protected from caller ID spoofing!

The right place to file a complaint about something like this is the Federal Trade Commission. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). There is also a link on the page to file a complaint on an overseas entity.

You can also write your representatives (elected officials) and encourage them to make 2009 the year that they finally pass some legislation on this issue.

P2P under Congressional scrutiny - FTC to investigate

Although there are legitimate uses for P2P (peer to peer) software, there is no doubt that there are a lot of dangers to using it, also.

Officially, the concerns are how this exposes people to identity theft -- but this costs the entertainment industry (who probably have a few lobbyists dedicated to this matter) a lot of money when they don't get their royalties (money) on music and videos -- which people download for free using P2P.

Now Congress is asking the Federal Trade Commission to take a deeper look into the matter.

Still worried that peer-to-peer filesharing networks like Lime Wire are causing users to "inadvertently" expose sensitive documents, posing potential security risks, members of Congress are now asking for a formal investigation into the phenomenon.

The latest concern from the House of Representatives Committee on Oversight and Government Reform, judging by a 7-page letter (click for PDF) dated Wednesday to Federal Trade Commission chairwoman Deborah Majoras, appears to be this: Peer-to-peer networks may make unsuspecting consumers vulnerable to identity theft.

The same group of politicians, led by Reps. Henry Waxman (D-Calif.) and Tom Davis (R-Va.), suggested earlier this summer that peer-to-peer networks can pose a "national security" threat by allowing users to expose sensitive information unwittingly. (Some politicians, particularly those with entertainment industries in their districts, also took the opportunity once again to condemn unlawful transfer of copyrighted content via the networks.)

I've written a little about why it isn't a good idea to use some of the P2P networks out there:

Japanese cop exposes confidential information on 6,000 people using P2P (file-sharing) software

How P2P Software like Limewire Compromises Personal and Financial Information

Besides being a potential national security threat and an identity theft venue, most of this software is liable to do a lot of damage to your system. And unless you are pretty technically inclined, you will probably have to spend a little of your hard-earned money to fix the damage it will cause!

CNet news blog story, here.

Has a lot of money been lost because of fraud, waste and abuse in Iraq?

There is no doubt that the war in Iraq has cost the taxpayer's a lot of money. Many brave young and women have even paid a greater price.

Jim Fry (Voice of America) is reporting:

"Government auditors told Congress Thursday that waste and fraud in the reconstruction of Iraq have been rampant. They predict they will uncover losses in the billions of dollars. Key Democrats on the House Armed Services Committee demanded an accounting within two months."

Voice of America story, here.

There are going to be some, who claim that this is political posturing for for the "upcoming" presidential elections, but there is no doubt - we need to take a hard look at what's been going on.

If fraud has been a problem in Iraq - and hard evidence is brought forward - the guilty should punished, severely. After all, many of our nation's finest (the brave men and women I referred to above) have paid with their "blood" for justice in Iraq.

They deserve some (justice), also!

Should this turn out to be "political posturing," the voters (who by now should be getting tired of special interest/pork barrel politics) should make their voices be heard on election day.

I will be one of the people, who vote every election, watching the results of this, carefully!