Forgot your password?
typodupeerror
Crime Communications Government Wireless Networking Your Rights Online

FCC Ups Penalties For Caller ID Spoofing 68

Posted by timothy
from the spoofing-needs-no-scarequotes dept.
GovTechGuy writes "The FCC adopted new rules on Thursday that would significantly increase the penalties for individuals or organizations that alter their caller ID information to commit fraud or with other harmful intent. The new rules allow the FCC to fine violators $10,000 per violation plus more for every day it continues. Users can still change their caller ID info as long as it's not for fraud or harmful purposes."
This discussion has been archived. No new comments can be posted.

FCC Ups Penalties For Caller ID Spoofing

Comments Filter:
  • Is telemarketing harmful? Because every time I get one of those bastards calling me, I want to harm them.

    (Yes, I know about the DNC list. I'm on a cell phone)

    • by ocdude (932504)
      I have both lines of my cell phone account on the DNC list. Just because it's a cell phone doesn't mean you can't list your number on DNC.
      • by Drathos (1092)

        But it means you shouldn't have to. It's an FCC violation if a telemarketer or robodialer calls your cell phone. I've become quite familiar with form 1088 with all the complaints I've filed, but rarely does the FCC actually do anything about it (I did receive an apology letter from Dish Network after I filed a complaint about someone trying to sell me their service with a cold call to my cell, but that's one of dozens of cases).

      • Just because your number is in DNC registry don't mean squat, I am still regularly receiving unsolicited marketing calls (robocalls and human calls) on both land line and cell line (both of which are on DNC registry.) Yes, I get the urge to introduce the caller to my nail ridden 2x4 clue stick every time I get those calls too.

  • by bragr (1612015) * on Thursday June 23, 2011 @01:53PM (#36544210)
    So how exactly do they define fraud? Is it fraud it I make someone else's name show up to protect my privacy? Is a prank harmful to the other party?
    • by Anonymous Coward

      So how exactly do they define fraud? Is it fraud it I make someone else's name show up to protect my privacy?

      If privacy was what you were after, you'd just put "Anonymous" or some such in there. So yeah, I'd say that if you put someone else's name their, you're almost certainly committing some sort of fraud.

      Is a prank harmful to the other party?

      If you have to ask, then yes.

      • by Bengie (1121981)

        Coming up as just a number or with an "unknown" name is one thing, pretending to be someone you are not, is fraud.

        Think of it like this. I go to a bank and say "hi, I'm some random person". The Bank can just reject me because they don't know who I am.

        Or I can go to the bank and same "Hi, I'm John Doe" and the Bank says "Hi John Doe, here's you balance", even though I'm not John Doe.

        That's the difference between fraud and just remaining anonymous.

    • I define it like this:
      fraud[frawd] –noun
      1.deceit, trickery, sharp practice, or breach of confidence, perpetrated for profit or to gain some unfair or dishonest advantage.
      2.a particular instance of such deceit or trickery: mail fraud; election frauds.
      3.any deception, trickery, or humbug: That diet book is a fraud and a waste of time.
      I'm pretty sure making someone Else's name show up (regardless of the reason) is fraud. Making it say the name of your business instead of your personal name probably
    • That is an excellent question. We kept getting calls where the caller-id changed form "California" to "Montana" to "Ohio" etc. Our bank had given our number to telemarketers. This seems like fraud to me since they are clearly avoiding giving out an actual identifiable company id that you could call screen but they are bypassing the "no caller-id provided" call screening. Periodically changing the state name is a further ploy to make it harder to call screen them.

      To me that should all be counted as fraud
      • by Anonymous Coward

        "Our bank had given our number to telemarketers. "
        Shouldn't that be "Our PREVIOUS bank..."?

      • by tlhIngan (30335)

        That is an excellent question. We kept getting calls where the caller-id changed form "California" to "Montana" to "Ohio" etc. Our bank had given our number to telemarketers. This seems like fraud to me since they are clearly avoiding giving out an actual identifiable company id that you could call screen but they are bypassing the "no caller-id provided" call screening. Periodically changing the state name is a further ploy to make it harder to call screen them.

        Not really.

        They are providing a Calle

        • IIRC: there was never a number displayed just the name - this was on two different phones (same line but not same base stations) so if there was fiddling going on to prevent the number showing it was happening outside our home, i.e. not a case of the phones not displaying information that was being provided (other callers showed name and number).
      • One of the exceptions to the "do not call" and telemarketing rules in general is "prior relationship." You gave your bank permission to give out your number to select business associates (read:anyone who wants to buy it) and they can legally call you because you agreed to this and they, by way of your bank, have "prior relationship" with you. It is bullshit, but it is a major loophole for the telemarketers.
    • by DogDude (805747)
      When you're sending out junk faxes, it is definitely harmful.
  • Even if you threaten them with the death penalty.

    After all, it's just phone calls. If there was oil at stake we'd send the Marines in a heartbeat.~

  • The FCC is supposed to be regulating the telcos, not the People. That's supposed to take an Act of Congress.

    We already have fraud statutes - they should be used.

    • by ffejie (779512)
      The FCC is for regulating the communications infrastructure of the country, not for regulating the telcos.
    • FTFA

      In compliance with the Truth in Caller ID Act signed into law by President Obama last year, the FCC rules would fine violators up to $10,000 every time they change their caller ID information with the intent to commit harm.

  • How about making it a crime to have a robocall from a politician that has spoofed caller ID?

    I'm pretty sure when I was getting phone calls for the 000-000-0000 was not a valid phone number.... and was simply used to block anon call blocking.

  • by navyjeff (900138) on Thursday June 23, 2011 @02:09PM (#36544468) Homepage Journal
    I've always wanted to spoof my number as "8008135".
  • I wish those friggin advertising calls wouldn't be allowed to spoof their numbers. As far as I am concerned, getting some stupid marketing company cold-calling my cell even though I am already on donotcall.gov IS harmful.

    • by hedwards (940851)

      While we're at it, let's ban those stupid calls where they use an unlisted number as well. The majority of the calls I get from telemarketers don't pop up with any meaningful information on my caller ID.

    • by Bengie (1121981)

      There is a guy who makes over $100k/year by reporting people who call him. He purposefully signed up for the do-not-call, but then indirectly gets his names into calling lists. He doesn't request to be solicited, but he knows how certain companies abusively data mine phone numbers and gets his numbers in areas that aren't suppose to be shared, but are.

      I guess when you report someone, you also get some of the money from the fine, or at least he did in his state.

      • by jank1887 (815982)

        reporting someone gets you no money. but, you can privately sue. and settle. If we're talking about the same guy, I think that's his process. If I recall, certain frequent offenders know him by name. he's a cost of doing business to them. it still works for them because he's a rarity.

  • FCC fail (Score:2, Insightful)

    by Anonymous Coward

    The FCC missed the opportunity to stop this crime wave against, mostly, elderly semi-disabled seniors in their kitchens. The FCC could easily have said that a local phone company that "knows" (because of complaints or otherwise) it is delivering spoofed cid calls can be held liable. Instead, this lame rule perpetuates the current model -- the phone company gets paid for terminating calls, turns a blind eye, and large numbers of old people who have never even used a computer get whacked by spoofers.

    • by Skapare (16644)

      The phone companies should be required to filter the caller ID info such that if any caller ID values that do not represent a phone number issued to that customer come through, the call will be rejected.

      • by DarthBart (640519)

        What about the termination only providers who don't "issue phone numbers" to customers?

        • by sjames (1099)

          When the call comes to them, they get the REAL caller info as well as the spoofed ANI. They can perfectly well compare them.

          • by DarthBart (640519)

            Uh, no. When I deliver VOIP calls to my termination provider, they get no ANI from me. They just get whatever CID I set in my SIP headers.

            • by sjames (1099)

              Your termination provider knows who you are. If not, why bother to pay them, just connect and go.

    • Telcos make money directly from phone scammers. Telcos make money from services (caller ID/blocking/etc) to combat phone scammers. Telcos make too much money from both sides to want to address the issue effectively. If they did, this would be a non-problem overnight. Of course, any regulation to address this would be labeled "job killing government takeover" by the GOP/T-Bags.
      • by bws111 (1216812)

        There already IS regulation, and it is called 'common carrier status'. Which means the telcos are REQUIRED to do business with everyone, whether they want that person for a customer or not.

        • by sjames (1099)

          They do have to do business with everyone, but they DON'T have to create an arms race where they offer consumers a for pay service to help screen out scammers and then offer scammers a service to defeat the screening.

  • Primary Source (Score:4, Informative)

    by KiahZero (610862) on Thursday June 23, 2011 @02:24PM (#36544794)

    Rather than parsing a sparse recitation of a press release, people wanting more information could always read the actual document justifying and implementing the new rules:
    http://hraunfoss.fcc.gov/edocs_public/attachmatch/FCC-11-100A1.pdf [fcc.gov]

  • It doesn't matter (Score:4, Insightful)

    by Trailer Trash (60756) on Thursday June 23, 2011 @03:15PM (#36545556) Homepage

    I get sometimes 3 or 4 calls in one day from "Account Services", a scam company that tries to get credit card info from people. I'm on the do-not-call list, and they sometimes even call my cell phone. They do robo calls and they spoof caller id. It's illegal in many different ways.

    But I can't get the FCC to pay any attention to them, and I've tried.

    They might as well up the penalties to $5 Trillion + death penalty. It doesn't matter. If you're not going to enforce it the actual penalty is irrelevant.

  • *67 in the states to get around it and go anonymous. Nobody is likely to answer, but you can always leave a message or try again later. I recall (no pun intended) that a fella craiglisting some game I wanted to buy wouldn't answer his phone but posted it in his duplicate ad on FleeBay. I called, and called, and 2 months later the guy finally answered and explained why he had not been answering. I told him, hey, answer your damn phone if you post an ad with the number. Lesson is you can spoof, you can h
  • http://edocket.access.gpo.gov/cfr_2010/octqtr/47cfr64.1200.htm [gpo.gov]

    print that out read it and have it on you when you get one of these calls.
      it begins
    " (a) No person or entity may: (1) Initiate any telephone call (other
    than a call made for emergency purposes or made with the prior express
    consent of the called party) using an automatic telephone dialing system
    or an artificial or prerecorded voice;
            (i) To any emergency telephone line, including any 911 line and any
    emergency line of a hospital, medical physician or service office,
    health care facility, poison control center, or fire protection or law
    enforcement agency;
            (ii) To the telephone line of any guest room or patient room of a
    hospital, health care facility, elderly home, or similar establishment;
    or
            (iii) To any telephone number assigned to a paging service, cellular
    telephone service, specialized mobile radio service, or other radio
    common carrier service, or any service for which the called party is
    charged for the call.."

    oh and just for fun it also includes this bit

    "(4) Identification of sellers and telemarketers. A person or entity
    making a call for telemarketing purposes must provide the called party
    with the name of the individual caller, the name of the person or entity
    on whose behalf the call is being made, and a telephone number or
    address at which the person or entity may be contacted. The telephone
    number provided may not be a 900 number or any other number for which
    charges exceed local or long distance transmission charges."

    i think most call centers will dump the call if you even breath 47CFR64.1200 (or invoke federal law)

  • by valderost (668593) on Thursday June 23, 2011 @05:03PM (#36546974) Journal
    This is worthless pandering. The fact is that there is no way for the receiver of a spoofed CID call to complain. The number on the Caller ID doesn't identify the caller, and the caller won't identify themselves. If you can't identify the caller, you can't complain. If you can't complain, the callers can't be held accountable. The system is broken, and therefore so are all the laws that assume the system is working. Fix the system first, then write new laws if they're needed.
    • by e9th (652576)
      What can't be spoofed, and why you shouldn't try CID spoofing on, say, ransom demands, is Automatic Number Identification. ANI (not CID) is used by telcos for billing purposes, so spoofing is not allowed, and it is stored for long periods. ANI is also passed to 800 numbers, and to E911 services, so spoofing and *67 are of no use there.

      The problem is that telemarketers and fraudsters don't call 911 or 1-800 numbers, and it generally takes a subpoena to get telcos to release ANI information to anyone else.

Remember: use logout to logout.

Working...