LOGIN | SIGNUP

• Credit
• Data Breach
• Fraud
• Identity Theft
• Other News
• Privacy
• Reviews
• Scams
• Tips
• Truston

See our certifications »

« Previous Post | Blog Home | Next Post »

SpoofCard: I have a bad feeling about this

Posted on Apr 11, 2006 by Tom Fragala

Have you heard about SpoofCard? It's a calling card that let's you change the CallerID number that appears on the phone you are calling to. And it doesn't even have to be a 10 digit number. You could send "411" or "911." It also let's you change your voice. You can choose male or female! Sounds like fun and games, right?

Sorry, bells are going off in my head. First, their website gave me the willies. It looks like the kind of site I see behind all the work at home scams (I've documented these on my other blog, ScamSafe.com). Also, there is no address or phone number to reach these guys. And their domain name is registered through a proxy, so you can't see who they are.

This is the kind of service that is tailor made for criminals, scammers and fraudsters. My guess is that it is run primarily outside the United States. Can you imagine the telemarketing fraud this would enable? Here's what I would do if I was a fraudster. WIth stolen credit cards, buy thousands of SpoofCard minutes and hand them to the people dialing out in my boiler room. Manipulate the CallerID so it appears to come from whatever legitimate business I am pretending to be (bank, credit union, non-profit, whatever).  Then the people being called will tend to be more trusting.

SpoofCard's website does have this statement:

To ensure SpoofCard is used within our User Agreement, we have implemented several   security measures which includes the inability to dial toll free numbers or   911. Federal Regulations prohibit the use of our technology by telemarketers or debt collectors to hide or falsify the telephone number from which they are calling. You must agree that you will not use the SpoofCard in violation of this or any other applicable law or regulation.

To anyone in law enforcement reading this: Is what SpoofCard  doing (purposefully enabling the manipulation of CallerID codes) a violation of law? My guess is this falls under the authority of the FCC and would be a civil action. If you know differently, please email me or post a comment. I do know that any telemarketers using SpoofCard to mask who they are (as the quote above suggests) would fall under the authority of the Federal Trade Commission. But fraudsters don't care about the TSR's anyway.

The takeaway: don't trust the CallerID you see coming through your phone.

Tags: spoofcard, fraud, scam