The scammers are usually are sitting in a call center (in Asia usually.) However if they would call from that number people won’t pick it up or would not believe that it is Amazon, Microsoft or your bank. This is the reason they are pretending to be calling from an another (local) number. They can do this using a loophole in the roaming system. So this why you can receive calls pretending by to be your contact’s number or even from your own number. This is why just blocking those numbers is not that effective. Also if you call the number back, it is not the scammer, just a normal person or business with that number. Hope this explains it.
If you are targeted they can get the number of your contacts by using OSI or other methods. But in most cases it is just a coincidence that it looks like that that someone you know is calling. All that said, if the call is coming from your contact named uncle Joe and some guy with a strange accent saying they are calling from Microsoft, you will know it is a scam.
What are you referring to by “OSI”? Not the 7 layer model, but that’s all I can find. It’s good to explain abbreviations when they’re not the most common usage of that abbreviation.
If they don’t have my contacts, they can’t spoof a number from my contacts. If they just spoof local numbers, the chance of them choosing one of my contacts is incredibly slim.
Sorry, I am really bad at explaining things. By OSI, I meant was Open-source intelligence. And the proper abbreviation is OSINT. So this time instead of explaining, I just link to Wikipedia
There are actually tools that can unmask spoofed calls and show the true number that a call originates from. I’ve never used them personally, but I worked in computer telephony years ago so I have an understanding of how these tools work.
Caller ID was created so that a company like a bank that might have 100 or more telephone lines could program them so they always show up as “1-555-ACME-BANK” if they wanted to. So it’s trivial to set Caller ID to whatever you want.
But there’s another identification baked into calls that goes way back to the days when long distance calls were expensive and charged by the minute. The telephone companies needed to ensure the calling number was passed along from one phone carrier to another for billing purposes, and since it involved collecting money you can be sure it was accurate and unchangeable. This is called Automatic Number Identification (ANI).
Typically ANI is only passed between phone companies, or over high capacity phone circuits like T-1 lines, so it’s not sent to the person receiving the call. But there’s a feature available to most mobile phone plans that, combined with ANI, can provide for a way to do just that.
Depending on your mobile provider there’s likely a way to forward calls you explicitly ignore to another number. This only happens when you click to ignore/disconnect the call, and not let it time out and go to voicemail. When you sign up with one of these unmasking services then you set up your phone to forward these calls to their service. Then, if you get a spoofed call or even one where the caller id says unknown or unavailable, you click to ignore it. The call gets rerouted to the unmasking service, which has access to the ANI data. It reads the ANI number, replaces the Caller ID data with the ANI, then immediately routes the call back to you again. This time it will show you the number the call originated from and would be billed to.
It just dawned on me that I only ever get spam calls OR texts - never a call followed by a text. Seems like some form of success could be had with doing that.
Not that I want to give them any ideas – I assume they’ve already tried this and determined it wasn’t successful.
What has worked for me quite well over the last few years was answering the phone without saying anything. Spammers usually are dead silent as it’s just a voice recognition bot waiting for a “hello” or similar and hang up within a couple of seconds if nothing is said. Regular people have “static” most of the time. I’ve had a few recruiters call while having their mic on mute, but they start talking themselves fairly quickly.
I’m just going to start not answering the phone unless it’s a number in my contacts. If it’s important they can leave me a message.
The scammers can spoof any number, including one of your contacts.
Care to explain ?
The scammers are usually are sitting in a call center (in Asia usually.) However if they would call from that number people won’t pick it up or would not believe that it is Amazon, Microsoft or your bank. This is the reason they are pretending to be calling from an another (local) number. They can do this using a loophole in the roaming system. So this why you can receive calls pretending by to be your contact’s number or even from your own number. This is why just blocking those numbers is not that effective. Also if you call the number back, it is not the scammer, just a normal person or business with that number. Hope this explains it.
An explanation without an explanation.
If you want more details, let me refer to you to the Wikipedia article
And how does a scammer get my contacts?
If you are targeted they can get the number of your contacts by using OSI or other methods. But in most cases it is just a coincidence that it looks like that that someone you know is calling. All that said, if the call is coming from your contact named uncle Joe and some guy with a strange accent saying they are calling from Microsoft, you will know it is a scam.
What are you referring to by “OSI”? Not the 7 layer model, but that’s all I can find. It’s good to explain abbreviations when they’re not the most common usage of that abbreviation.
If they don’t have my contacts, they can’t spoof a number from my contacts. If they just spoof local numbers, the chance of them choosing one of my contacts is incredibly slim.
Sorry, I am really bad at explaining things. By OSI, I meant was Open-source intelligence. And the proper abbreviation is OSINT. So this time instead of explaining, I just link to Wikipedia
They call me from my own number? How does that work out?
They are not actually calling from your number. They just spoofing the caller ID. More on this in the Wikipedia article
Ah least they would need to know it first.
There are actually tools that can unmask spoofed calls and show the true number that a call originates from. I’ve never used them personally, but I worked in computer telephony years ago so I have an understanding of how these tools work.
Caller ID was created so that a company like a bank that might have 100 or more telephone lines could program them so they always show up as “1-555-ACME-BANK” if they wanted to. So it’s trivial to set Caller ID to whatever you want.
But there’s another identification baked into calls that goes way back to the days when long distance calls were expensive and charged by the minute. The telephone companies needed to ensure the calling number was passed along from one phone carrier to another for billing purposes, and since it involved collecting money you can be sure it was accurate and unchangeable. This is called Automatic Number Identification (ANI).
Typically ANI is only passed between phone companies, or over high capacity phone circuits like T-1 lines, so it’s not sent to the person receiving the call. But there’s a feature available to most mobile phone plans that, combined with ANI, can provide for a way to do just that.
Depending on your mobile provider there’s likely a way to forward calls you explicitly ignore to another number. This only happens when you click to ignore/disconnect the call, and not let it time out and go to voicemail. When you sign up with one of these unmasking services then you set up your phone to forward these calls to their service. Then, if you get a spoofed call or even one where the caller id says unknown or unavailable, you click to ignore it. The call gets rerouted to the unmasking service, which has access to the ANI data. It reads the ANI number, replaces the Caller ID data with the ANI, then immediately routes the call back to you again. This time it will show you the number the call originated from and would be billed to.
Thank you. I did not know this.
If you’re on Android, you can automate that with this app (available on F-Droid):
https://github.com/x13a/Silence
It also includes options to allow numbers you’ve contacted by phone or text, even if they’re not in your contacts, e.g. the doctor’s office.
I’ve always done that. If it’s not a contact, I let it go to voicemail. If it was actually important, they leave a message.
In this day and age, if it’s actually important they’ll probably immediately send you a text message/WhatsApp/etc. anyway.
It just dawned on me that I only ever get spam calls OR texts - never a call followed by a text. Seems like some form of success could be had with doing that.
Not that I want to give them any ideas – I assume they’ve already tried this and determined it wasn’t successful.
What has worked for me quite well over the last few years was answering the phone without saying anything. Spammers usually are dead silent as it’s just a voice recognition bot waiting for a “hello” or similar and hang up within a couple of seconds if nothing is said. Regular people have “static” most of the time. I’ve had a few recruiters call while having their mic on mute, but they start talking themselves fairly quickly.