CALL

(Calling Line Identification)

spoofing service Offered through websites

CONTENT TABLE

1. Introduction 2. Regulatory framework in India 3. Modus-operandi of Call Spoofing Services 4. Technical details of Call(CLI) spoofing 5. Other popular websites providing service Call(CLI) spoofing

6. Impact of the Call (CLI)spoofing services 7. Regulation in India and other countries 8. Refrences

CALL (Calling Line Identification) SPOOFING SERVICES offered through website

1.

INTRODUCTION:

The Call Spoofing Services are being offered through Internet wherein a caller having a phone/mobile number 'A' can ask the call spoofing service provider to present any other predefined calling line identification (CLI) say 'B' on the recipient number 'C', even though the call is originated from his Number 'A. On receipt of call, the recipient C perceives the calling number as 'B whereas the actual caller is 'A'. Thus, eventually the caller is able to hide his identity and befool the called party by presenting some other false/spoofed identity. The fake/spoofed calling line identification (CLI) is definitely a cause of concern as it may mislead the investigating authorities in prevention and detection of anti-national/anti-social activities. Since the miscreants are able to keep themselves unidentified, such kind of service provision may cause increase in the criminal activities. 2. REGULATORY FRAMEWORK IN INDIA:

CLI (Caller Line Identification) was introduced in Indian Public Switched Telephone Network (PSTN) to provide as a service to the called party, where the identity of the calling party is displayed on the phone of the recipient/called party. In due course, Caller ID and other services based on the Calling Party Number (CPN) became a commonplace due to technical advancements. Government vide Clause 41.18 of the UASL License and Clause 24.4. of CMTS license, made it mandatory for all service providers to provide the CLI to their customers. The relevant excerpt of clause is Calling Line Identification (CLI)
shall be provided. The network should also support Malicious Call identification and CAMA.

Further, Clause 41.19 of UASL license also warrants from tampering with the CLI. The relevant excerpt of clause is Calling Line Identification (CLI) shall never be
tampered as the same is also required for security purposes and any violation of this amounts to breach of security. CLI Restriction should not be normally provided to the customers. ..

Generally, in a multi TSP global scenario, more than one TSP are involved in the processing of the call and CLI sent by originating TSP is being passed over as it is by the intermidiatory TSP without being crosschecked, which is finally presented to Called party.

3.

MODUS OPERANDI OF CALL SPOOFING SERVICE PROVIDERS :

The Call Spoofing Services are generally sold through the Internet websites to the users of traditional telephone , mobile service , VOIP users etc. These websites offers additional option like voice recording, voice pitch change to disguise the customers. These companies often substitutes a number with the same area code as the called party code to increase the likelihood that called party will answer. There are two popular techniques for of using a third-part caller ID spoofing services: Technique-1 (Based on one time PIN allocation): Here the CLI spoofing service user creates an account on the CLI Spoof Service providers website who allots him a personal identification number (PIN). The PIN is used for accessing the spoofing service. Here for making a call with a spoofed caller ID, the user / caller dials the spoofing services toll free number and based on inputs from the IVRS system of spoofing service, the user/caller enters his pre allotted PIN and destination telephone number followed by the number (say Call Spoof Number) he wants to have displayed by the called partys Caller ID service. The spoofing service forwards the call to the telephone number specified by the caller and forwards the Call Spoof Number as the Calling Party Number. Technique 2 (Based on variable PIN allocation): Here the caller will access the spoofing service website and will submit the Called Number and Caller ID wants to be displayed (say Call Spoof Number). The website will generate a code say PIN to the user and will display the toll free number to be used for the calling session. In order to make a call with a spoofed caller ID, the caller dials the spoofing services toll free number and, when connected to the spoofing service, the caller enters his PIN. The spoofing service providers forwards the call to the telephone number specified by the caller on website for this session and forwards the Call Spoof Number as the Calling Party Number. In this model the user pays to the Spoofing Service Provider indirectly by the way of call termination / handling charges to be charged from the origination serve provider by other service provider who are involved in this call. One of the calls spoofing service offered through the Internet on the portal www.carzycall.net. In this service an intending user needs to access the spoofing service website and submit the actual calling party number, called party number and the Caller ID (spoofed CLI) which is to be presented to the called party in place of actual calling number. Thereafter an access code is generated. In order to make a call with a spoofed caller ID, the calling party has to initiate an international call from the same calling number (i.e. keyed in on
4

www.crazycall.net portal) to 00220-775-8612 or 0044-741-812-0145. The call will lend on the server of the crazy call service provider to an interactive voice response system (IVRS) which will ask to enter the access code. Once the Code is entered, the spoofing service provider (i.e. Cray call service provider) initiates a call to the Destination number provided on website presenting the Spoofed CLI keeping the calling party online and connection is put through to calling and called party accordingly.

Thus, basic requirements for making Spoofing Call Crazy Call website are as follows: (a) ISD Enable Telephone. (b) Access to Internet to have a code generated through www.crazycall.net. (c) Information like (CLI to be presented and Destination number need to be provided in the web-site www.crazycall.net). Caller has to then make an ISD Call to 00220-775-8612 or 0044-741-812-0145 and provide the code obtained. Call will thus be made by the server located abroad to the destination number with a Spoofed CLI as required by the Caller. 220 is ISD Code of Gambia. 44 is ISD Code of the UK. CLI Spoofed call is actually having two segments; one is an ISD outgoing Call made by the caller to Crazy call server and other is initiated by Crazy Call server to the Destination number with spoofed CLI as depicted in Spoofed-CLI call diagram. Other salient observations on modus operandi are as follows :
5

In the first segment, ISD Call is made by caller to 00447418120145 or 002207758612. In second segment, the Call is initiated by the Crazy call server to the Destination number with spoofed CLI as per the requirement of Caller. Then both the calls are interconnected by the server. In first segment, Outgoing ISD Call part, Call charges were found to be very high for 67 second of call duration. These charges are around 3 times higher than normal ISD charges to UK. During Incoming call segment in UAS providers calls were traced upstream till ILD starting with their MSC and GMSC. In this model the user pays to the Spoofing Service Provider indirectly by the way of call charges paid to the Originating TSP further shared with the TSP. In the call testing involving both numbers from UAS providers it is clearly evident that the Spoofed CLI was pushed by IP based Point of ILD Interconnection reportedly from London to ILD.

4.

TECHNICAL DETAILS OF CALL (CLI) SPOOFING:

The following signalling techniques are being used in CLI presenting and restriction techniques a. Conventionally SS7 Signalling is used in the entire traditional circuit switched network wherein it was practically not possible for an individual /company other than licensed TSPs to alter the CLI to provide spoofed CLI kind services. b. SIP/H.323 Protocols of IP based networks and Soft Switches with increasing capabilities made it possible for any individual/company to provide CLI Spoofing as a service not only within the country but also globally. The interconnection of IP based protocols with Public switch Telephone Network (PSTN), in providing CLI has given rise to a new security issue of spoofed CLI, like the service being provided by www.crazycall.net. The CLI is being changed (Spoofed) as requested by the caller, through this website, with the help of Internet Protocol. These servers are located abroad, in the instant case www.crazycall.net translated to 72.167.232.188 which is allotted to M/s Go Daddy Software, Inc. 14455 N Hayden Rd, St 226 City Scottsdale State/Province AZ US, as per information available through www.arin.net. The advent of new technologies lessened the overall accuracy and reliability of the CLI. The third party service providers are providing CLI spoofing services and are increasing scope for further services like voice pitch alteration, modulation etc. to disguise the callers.
6

5.

OTHER POPULAR WEB-SITES PROVIDING CALL(CLI) SPOOFING SERVICE:

The list of some web-sites providing CLI spoofing service found through search engines over Internet. 6. www.telespoof.com/ www.spoofcard.com/ www.spoofem.com/ www.youspoof.info/callerIdSpoofing.html www.phonegangster.com/ www.itellas.com/ www.spooftel.com/ www.fakemytext.com www.smsglobal.com IMPACT OF CALL (CLI) SPOOFING SERVICES:

Call Spoofing as explained above maybe misused with the intent to defraud, cause harm, or wrongfully obtain anything of value. The possible impact of same may be understood through following examples: 1) Threat to national security: Call spoofing using the Crazy call or other medium may be a threat to national security. Bad Actors/terrorist/Antisocial activists may misuse this procedure for making the calls and disguise their actual identity. It wont be possible to trace their identity by the Law Enforcement Agencies. 2) Possibility of committing Frauds: There is a strong possibility of committing of frauds misusing the call spoofing. For example: (a) A person can commit a fraud misusing the call spoofing as he/she can send the CLI of the targeted person to the banking services and can be able to steal information about credit/debit cards. The same can be misused for committing a financial fraud. (b) A person can make hoax call to emergency services (e.g. for Police Assistance, dialing 100) and by sending the spoofed CLI can befool the officials causing the inconvenience to general public and wastage of manpower and money. (c) A person can send the spoofed CLI while making a ransom call in case of Kidnapping and other criminal cases. In such case, it shall be impossible to reach and catch the actual accused /criminals.

7.

REGUALTIONS IN INDIA and OTHER COUNTRIES:

In the USA to deal with such crimes an act, Truth in Caller ID Act of 2009 was passed on 22-Dec-2010. In this act the spoofing of caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value has been prohibited and provision for imposition of heavy penalty and punishment has been made. On dated 22-June-2011 the FCC issued the rules and regulations implementing the Truth in Caller ID Act of 2009 and submitted its report on Caller Identification Information in Successor of Replacement Technologies. FCC examined the caller ID aspects of technologies underlying current trends in communications and submitted legislative recommendations to tighten the current prohibitions on malicious caller ID spoofing and to address identification spoofing in new and emerging communication services. Legislative recommendations also includes clarifying the scope of the Truth in Caller ID Act to include (1) persons outside the United States, (2) the use of IP-enabled voice services that are not covered under the Commissions current definition of interconnected Voice over Internet Protocol (VoIP) service, (3) appropriate authority over third-party spoofing services, and (4) SMS-based text messaging services. In the U.K the telecom regulator has issued the guidelines for provision of Calling Line Identification and other related services over electronic communication networks. In India, the techniques and protocols being used for this CLI Spoofing are operational from abroad. Only some parts of the process are within the control of Indian authorities. It is illegal to use these services in India as these service providers are not granted any license under the Indian Telegraph Act -1885 or any registration / No Objection Certificate from Department of Telecommunications India and therefore the sale and use of these services is punishable offence under the Indian Telegraph Act. The Government of India has also banned such website like www.crazycall.net and others offering the spoofed CLI services. If someone is found indulged in causing loss, damage, harm, bad reputation to anybody or wilfully obtain anything of value using the Call Spoofing Services is liable to punished by police authorities under the Indian Law.
References: 1. 2. 3. 4. 5. 6. 7.

http://www.gpo.gov/fdsys/pkg/PLAW-111publ331/pdf/PLAW-111publ331. http://www.fcc.gov/document/rules-and-regulation-implementing-truth-caller-id-act-2009
www.dot.gov.in http://en.wikipedia.org/wiki/Caller_ID_spoofing http://stakeholders.ofcom.org.uk/telecoms/policy/calling-line-id/caller-line-id/ www.crazycall.net , www.spoofcard.com, www.itellas.com, and other Call Spoofing websites Mr. R. S. Shakya Director, Mr. Ram Krishan Majety Director TERM Cell Andhra Pradesh , Mr. P.C. Gupta Director TERM Cell Delhi from Department of Telecommunications India who shared their personal inputs and experiences on above matter.

(C) All copyrights are reserved with Harish Kumar R/o Gangwar Colony, Nawabganj , Bareilly , Uttar Pradesh India. Email id. Harish_gang@yahoo.com Disclaimer: I hereby declare that the above views are my own and not of the Government of India.