Tuesday, January 24, 2012

CALLER-ID SPOOFING IS ABLE TO DECEIVE YOU

Most of our mobile phones have a feature that allows you to identify the caller. If it is the landlord you want to avoid, just add his number to your contacts and switch on the Caller-Identification (C-ID) feature.

Caller-ID (C-ID) transmits a caller’s name and number to the called party’s network provider which then forwards this information to your phone. You can then decide to either pick or reject the call. Caller-ID is based on the informed consent principle.

C-ID is a powerful feature if linked to a database. The recent attempt to register SIM cards owners was a step in the right direction. A database of SIM owners would have eliminated anonymous calling that is currently rampant.

By using a database of SIM card owners the network providers can be able to ensure that mandatory C-ID is enforced. All calls would have a name and number indicated. This is a simple solution that could have been implemented to stop the threatening calls mobile phone subscribers receive.

C-ID however can be circumvented by new technologies that allow criminals to masquerade as other people and present a false identity. This is called Caller-ID spoofing. C-ID spoofing is where a criminal makes the call appear to have come from any name and phone number the criminal chooses. Caller-ID spoofing software easily allows criminals to lie about their identity and present false names and numbers which can be used to blackmail, threaten and defraud unsuspecting victims.

Imagine how useful this technology would be to the Kamiti fraudsters out there. A criminal would, for example, be able to impersonate one or our banks and convince an unsuspecting account holder to part with their ATM PIN.

This insidious crime is already with us and Caller-ID spoofing software is readily available in the internet.

C-ID spoofing is especially rampant with Voice over Internet Protocol (VoIP) or IP telephony systems that are in use by many multinationals in Kenya. VoIP basically allows you to use an Internet Protocol (IP) network such as the Internet to communicate via phones. The threat posed by spoofing is considerably higher in these systems due to the distributed geographic nature of the internet. Legal jurisdiction challenges therefore ensue.

SIM Card registration and implementing Caller-ID across all our networks is our first line of defense against the anonymous callers. Combating Call-ID spoofing is the next step in ensuring that we can identify all the callers in our phone networks.

No comments: