Caller ID Spoofing: Changing the Caller ID to show any desired number on a recipients Caller ID display.
Many people do not realize that Caller ID spoofing has been around since Caller ID was created. For over a decade Caller ID spoofing was used mainly by businesses with access to expensive PRI (Primary Rate Interface) telephone lines provided by local telephone carriers. A single PRI line can provided businesses with up to 23 telephone lines and all of these lines are capable of having unique telephone numbers. Caller ID spoofing, in it’s most basic form, was typically used by businesses to display one main telephone number on all outgoing calls, even though those calls were not really originating from those numbers.
Around the late 90’s and early 2000’s Private Investigators took notice of Caller ID spoofing in it’s most basic form and began purchasing these expensive PRI lines with the intent of selling access to other Private Investigators for a fee. These services were typically referred to as “blind lines” at that time. Private Investigators, concerned with their anonymity, would regularly use these blind line services to guarantee that their real telephone number would not be shown to the called party. Private Investigators knew first hand that Caller ID was not 100% blockable, and that toll free 800 numbers would typically be able to see their real Caller ID number, even if *67 (Caller ID Blocking) was used. Some of the providers that offered a blind line service were: US Tracers, Skip Tracey, Universal Communications, and IISNet. The services provided by these companies were marketed very discretely and only people with the P.I. industry typically knew about these services.
In the early 2000’s phone hackers, also known as “phone phreaks” or “phreaks”, began using Orange boxing to attempt to spoof Caller ID. Orange boxing is done by using a device, usually special computer software, to send a series of tones down the line during the first few seconds of a phone call, attempting to emulate the Caller ID signal sent from the telephone office. Orange boxing is very crude and unreliable, as it has to be done within a short timeframe at the beginning of a call. Phone phreaks, without access to PRI lines or blind line services at the time, thought the technique was clever.
In late 2003 and early 2004 the same phone phreaks began to explore a relatively new platform for developing voice applications, known as VoiceXML or VXML, which was offered by companies such as Voxeo. VoiceXML offers interactive voice applications, which are programmed in a similar fashion to HTML web sites. VoiceXML applications can easily be created to mimic functions of a normal PBX and typically these VXML providers are connected to PRI lines. Word began to spread around the phreaking underground that someone had created a VoiceXML application using Voxeo that let you change your Caller ID number. The Caller ID spoofing application worked, however it was somewhat crude, as the spoofed number had to be entered into the applications code and then re-uploaded to the VXML server before each use. Within a few days, phone phreaks figured out how to program these applications to allow you to enter the numbers you wanted to spoof over the phone, allowing you to fake your Caller ID on the fly, and began sharing the code on the Internet for others to use. To this day it’s still possible to spoof Caller ID with various VXML services, however people seemed to have found it easier to use other services and methods.
At the same time that people were discovering VoiceXML, VoIP (Voice Over IP) telephony started to become popular with savvy phone and Internet users and phone phreaks took notice very quickly. In 2003, phone phreak Lucky225 discovered a flaw with the VoIP provider Vonage that allowed users to send a fake Caller ID number by initiating a request to port your existing number to Vonage, but giving them any valid telephone number that you wanted to show as your Caller ID. At the same time, other phone phreaks began to use a new open source PBX software application, named Asterisk, to manipulate their Caller ID number. Phone phreaks and software developers figured out that Asterisk allowed users to set their Caller ID within the application and then pass the spoofed Caller ID number to their outbound VoIP provider or telco, in the same fashion that businesses had been setting their Caller ID with PRI lines for over a decade.
In 2005 a handful of new sites allowing you to spoof your Caller ID were quietly launched. Some of the sites were PiPhone.com, CallNotes.net, SecretCalls.net, StayUnknown.com, SpoofTech.com, and SpoofCard.com. During the same time Covertcall and then Camophone shut down, after they were hacked and their users information was traded around the Internet. During this time SpoofCard emerged as the dominant Caller ID spoofing provider with the most mass appeal. SpoofCard also was the first service to offer an IVR with free call recording and a voice changer that allowed users to sound like a man or a woman, making it even more appealing to the public.
Everything seemed to be going smoothly for the Caller ID spoofing industry, but then in late February 2006, SpoofCard and Telespoof both received letters from the FCC notifying them of investigations into their services. It is believed other Caller ID spoofing services received the same letter from the FCC in the first round of the FCC’s investigations. However, SpoofTel, SpoofCom, and SpoofTech was able to dismiss the investigations as it is headquartered in Canada. Shortly after the FCC’s letters, the Florida Attorney General began their own investigation into SpoofCard, SpoofTel, SpoofTech, SpoofCom and TrickTel.com. Not a lot of information was released about the Florida Attorney Generals investigation and exactly what they were interested in finding out.
Later in 2006, Caller ID spoofing became a target within the House of Representatives and the Senate, with several bills popping up attempting to stop Caller ID spoofing from being used for fraudulent purposes. As of this time, none of these bills have actually been passed and a few of them seem to have just disappeared.
On August 22nd 2006, Caller ID spoofing once again gained the attention of the mainstream media as SpoofCard announced it had canceled an account belonging to Paris Hilton which was being used to harass Lindsay Lohan, and to help break into her voicemail.
Word of the FCC’s probe into Caller ID spoofing seemed to slow down the launch of new services for the majority of 2006, but late in the year CIDSpoof.com, CovertCard.com and Itellas.com all quietly launched their own Caller ID spoofing services. By this time SpoofCard had already firmly cemented its position as the largest and most feature packed Caller ID spoofing provider, so the launch of these new sites did not shake up the Caller ID spoofing industry much. You can find more information on Itellas here.
As spoofing seems to be getting closer and closer to being regulated by the US government, the Caller ID spoofing industry seems to have slowed down and the only new site that has appeared in 2007 was SpoofEm.com, a white-label version of SpoofTel.com. In later April, SecretCalls.net was shut down and the domain name was renewed by someone other than its original owner. The domain is now parked and only displaying advertisements. A few weeks later, a new site called "PhoneGangster" launched it's own Caller ID spoofing service. However the service looks rather amateurish. Towards the end of May, another site, TheZeroGroup.com, launched offering Caller ID spoofing, amongst it's other phone related services. TheZeroGroup's site claims they are hosted off-shore to avoid any legal issues that may arise.
On June 13th the U.S. House of Representatives passed the "Truth in Caller ID Act of 2007" which would make it "unlawful for any person within the United States, in connection with any telecommunications service or VOIP service, to cause any caller identification service to transmit misleading or inaccurate caller identification information with the intent to defraud or cause harm." A similiar bill was passed onto the Senate in April, but the Senate hasn't acted on either of the bills yet.
Around June 19th a new site popped up called Call Condom. Call Condom is run by CDYNE, a company who for some time now has offered developers access to a web based application that allows spoofing. Call Condom claims they spoof ANI unlike, which they also claim no other company does, but we believe that this is just used as a sales pitch, and that they do not even truly understand ANI/BTN.
On June 27th the US Senate's Committee on Commerce, Science, and Transportation passed the "Truth In Caller ID Act of 2007" meaning that the bill will now actually go in front of the Senate for a vote. The bill previously stated that Caller ID may not be spoofed for fraudulent purposes, but now only states that Caller ID may not be spoofed to be intentionally misleading or inaccurate, which is very vague. Is Caller ID spoofing about to be made illegal? This bill would now inadvertently affect millions of businesses across the country.
On July 2nd we noticed a new Caller ID spoofing provider for the first time, called FakeYourID. However, FakeYourID.com's checkout system appears to be down, so we're not sure if the site is live or not. On July 3rd we received an exclusive one-on-one interview with the creator of a commercial Caller ID spoofing service. The complete interview can be found here.
This summer the first Caller ID spoofing company located outside of North America was launched in Germany. VisuKom Deutschland, located in Germany, is now offering what they call a "Call ID spoofing" service. It's unknown at this time if they work across Europe or only in Germany.
In August SpoofCard, followed by Telespoof, began offering free Caller ID spoofing trials on their respective web sites for the first time, allowing users to place free calls up to two minutes in length. In August SpoofCard also launched an affiliate program at Commission Junction, one of the largest global affiliate networks.
In late August a new phoney Caller ID service was spotted at TheSpoofer.com. TheSpoofer appears to be another amateurish attempt to enter the Caller ID spoofing market, with very basic and unprofessional looking website that currently reads "The Spoofer allows you to change what someone sees on their call display when they receive a phone call. With your spoof card make personal and business calls with complete privacy. We currently provide local service spoofing in the 213 and 415 area codes."
In October OfficialSpoofCard.com released an iPhone app for free Caller ID spoofing trial calls. The iPhone application uses SpoofCard's free trial form and turns it into a lightweight AJAX interface for iPhone users. OfficialSpoofCard's Caller ID spoofing iPhone application is located at http://www.officialspoofcard.com/iphone/. A screenshot of the app is on Flickr and can be seen by clicking here.
Just a few weeks later, SpoofCardWidget.com released a downloadable SpoofCard Widget for Mac OS X users, also taking advantage of the free sample calls offer from SpoofCard. This is the first time Caller ID spoofing has been been brought to the desktop computer as a downloadable and installable application. A screenshot of the SpoofCard Widget can be seen by clicking here.
Sometime between the end of November and the beginning of December, PhoneGangster.com launched a newly redesigned web site offering Caller ID spoofing calling cards with 700 minutes for $100. These are the most expensive Caller ID spoofing calling cards that have been offered to date.
Sometime before the end of 2007 CIDSpoof decided to change their business focus and target small to medium business who are looking for a spoofing solution instead of individual consumers as they had in the past. This change came as they started offering SIP phones, software PBX's and voice termination instead of normal calling cards.
On January 25th 2008 Sony Pictures Entertainment released a high-tech thriller movie called "Untraceable" starring Diane Lane. During a scene in the movie Diane mentions SpoofCard and how it was used by the untraceable bad guy to make a spoofed call and change his voice. This is the first time SpoofCard had ever been featured in a movie and the first time many people had been exposed to Caller ID spoofing in general.
As of 2008 it looks like TelTech, the company behind SpoofCard, is branching out heavily into other phone card markets as well, as it is offering two new products based around the high tech "voice analysis technology." TelTech has launched two new phone card products using the technology - LiarCard and LoveDetect. It looks like they are still focusing heavily on SpoofCard as well though with all the new attention to the service after the release of Untraceable.
In late February 2008 and early March 2008 Caller ID spoofing once again became a hot topic. This is due to a few recent events, articles and television news stories. In Deleware many people have reported receiving telemarketing calls with a spoofed Caller ID of 867-5309. 867-5309 is a reference to the popular 80's song "867-5309/Jenny" by Tommy Tutone. Many news outlets have been reporting this story and it's also causing a huge increase in interest in SpoofCard and Caller ID spoofing in general so users can fool friends with 867-5309 as their Caller ID. The popular 867-5309 Jenny video can be seen here on YouTube.
In addition to the popularity of the 867-5309 Caller ID number, a Washington man was recently sentanced to 30 months in jail, after using Caller ID spoofing to send SWAT teams to the houses of a dozen innocent, unknowning individuals. He was also ordered to pay $24,000 in restitution. This case goes all the way back to 2006 and is one of the most publicized cases regarding fake Caller ID and the illegal uses. Kevin Poulsen, who wrote some of the first and most popular articles on Caller ID spoofing, has been covering this "Swatting" case on his Wired.com blog.
Sometime in the first part of 2008, the FCC added a page dedicated to "Caller ID and Spoofing" consumer facts to their website, with rules and regulations surrounding Caller ID.
SpoofApp is a new native-iPhone application, which utilizes the Installer.app (AppTapp) program for jailbroken iPhones and iPod Touchs, to offer Caller ID spoofing. SpoofApp allows users to easily place spoofed calls with their iPhones by connecting to PhoneGangsters Caller ID spoofing service. It looks like SpoofApp will also utilize SpoofCard in the near future as support is already built in and there is already an option for voice changing. However, it doesn't look like the call recording feature is built in yet as of the 0.9.3 version release.
SpoofApp users enter their PhoneGangster or SpoofCard PIN number and their iPhone's phone number into the application and the application connects to these services through SpoofApp's backend and automatically places calls for the user. The user then receives a call back on their iPhone that connects them to their destination number with their desired spoofed Caller ID. SpoofApp is the first native iPhone app for Caller ID spoofing as OfficialSpoofCard's Caller ID Spoofing iPhone App is a web based program. SpoofApp screenshots and demonstration videos can be seen at http://spoofapp.com/. SpoofApp was released on or around March 13th, 2008.
On March 27th SpoofApp was released into the iPhone Installer.app community sources and is now available for easy installation on jailbroken iPhones. SpoofApp also now features flawless SpoofCard support which integrates the voice changer as well as the call recording features. SpoofApp received over 42,000 installs in the first 24 hours of its release into Installer.app!
On March 28th, 2008 we launched a new site at SpoofCardCoupon.com to provide users with the latest SpoofCard coupon codes on a monthly basis. SpoofCard users can save 10% on their purchases from the SpoofCardCoupon.com coupon codes.
On April 14th, 2008 small-time Caller ID Spoofing provider, SpoofEm.com, sent out a press release stating that it had now earned over $1 million dollars from it's spoofing service over the past 14 moths. This press release raises serious questions about the legitimacy of SpoofEm. Those familiar with the financials involved in Caller ID spoofing, and the calling card business in general, know that $1 million dollars in sales from spoofing calling cards is a very difficult feat. SpoofEm sells cards starting at $9 for 60 minutes and going up to a mere $31.50 for 210 minutes. At that rate, SpoofEm would have to sell over 111,111 $9 cards to reach $1m in sales. This translates into over 6.66 million minutes of billable talk time at their rate of .15 cents per minute. While these numbers are do-able, and SpoofEm claims to have reached these figures through extensive advertising, we have not seen an advertisement for SpoofEm since early-to-mid 2007. SpoofEm does not actively promote its service through any of the major search engines, Caller ID spoofing websites, or other online and offline mediums. SpoofEm has also not been mentioned on any major news reports that we have seen. Additionally, SpoofEm has an Alexa.com traffic rank of 5,476,455. Comparatively, SpoofCard.com, who we believe may be the only spoofing company possibly able to reach $1m in sales in 14 months, has an Alexa.com traffic rank of 113,379. This is a 48x higher ranking than SpoofEm.com. Compete.com estimates that SpoofEm.com only has around 394 people visiting its site a month. With just 394 people visiting it's site a month, how would SpoofEm be able to reach it's "multi-million dollar" sales claim? The IRS would probably like to know the answer to this as well!
Sometime in April 2008, CIDSpoof.com stopped offering a commercial Caller ID spoofing service and switched its web site to a simple form for placing spoofed calls for free.
In April 2008 a bill was introduced in Florida that would regulate or potentially prohibit Caller ID spoofing. More details coming soon as we learn more about this bill.
On May 10th, 2008 we interviewed Al Beebe, the creator of SpoofApp for the iPhone about his wildly popular mobile spoofing application. Al's exclusive interview can be found here.
In June 2008 SpookCall made history and launched the first Caller ID spoofing service for the UK. Spook Call works exactly like commercial Caller ID spoofing services in the US and Canada, with a web based call-back interface and a dedicated 0808 toll free number. It appears that SpookCall also offers printed Caller ID spoofing calling cards. SpookCall.com only accepts PayPal as a payment method and rates are around £0.50 a minute.
On June 11th SpookCall.com decided to shut down, facing scrutiny from the public and Ofcom, the FCC-like telecom regulatory bureau governing the UK. SpookCall received letters from Ofcom before it decided to shut down to prevent any legal action while it consults again with its legal team regarding the legalities of the service in the UK.
In August 2008 a new site called StealthRecorderCard launched a "Caller ID Changer" service. StealthRecorderCard.com offers essentially the same Caller ID spoofing service as SpoofCard. However, you can send recordings via email according to the site, which is a nice feature, making it easier to share recorded calls. StealthRecorderCard appears to be targetting professionals only instead of marketing the product to anyone, as SpoofCard does.
On August 14th, 2008 a new version of SpoofApp, the popular Caller ID spoofing app for the iPhone, was released and brought SpoofApp to the new 3G iPhone for the first time. The newest version of SpoofApp, is called SpoofApp 3G and with its release it was announced that SpoofApp has hit over 1 million downloads.
In late August a new Caller ID spoofing site called 123Spoof began offering spoofing services. 123Spoof is the first new Caller ID spoofing site in years to add a new feature. 123Spoof.com offers traditional features, like spoofing, voice changing and call recording, but also offers an online phone book/contacts list, the ability to make call notes after each call and international dialing support.
On December 18th, 2008 SpoofApp was released for the Google Android mobile platform. SpoofApp was released into Google's Android Marketplace as a free download. This version of SpoofApp is essentially a complete clone of it's iPhone application, which has not yet been approved by Apple for the AppStore. In less than 24 hours SpoofApp for Android received over 7,000 installs. Noteably, the application also received over 300 comments, much higher than most applications, with users expressing how much they enjoy the application.
In February 2009, the makers of SpoofCard released a revolutionary new service, called TrapCall. TrapCall is not a Caller ID spoofing service or product, but it's worth mentioning because it effectively makes Caller ID blocking (*67) completely useless now. TrapCall "unmasks blocked calls" so if a number is private, TrapCall can unmask, and reveal, the blocked number to the callee. A Caller ID unmasking service has never been offered commercially before and now many are saying that Caller ID privacy is dead. TrapCall also means that TelTech's other product, SpoofCard, is now the only way to block your real number and really keep your number private. TrapCall.com also offers a free plan, so anyone with AT&T and T-Mobile can utilize the basic service completely free.
Throughout 2009 SpoofApp continued its growth and released a mobile app for all the major mobile platforms that now feature application stores, including the iPhone, Google Android and BlackBerry. After more than 6 months in review, SpoofApp was finally rejected by Apple for inclusion in the Apple App Store.
In July 2009, 123Spoof.com was shut down and the domain name was handed over to SpoofCard. 123Spoof was found to be in violation of SpoofCard's trademarks by using the word "spoof" in the name. At the same time, SpoofCard launched a complete redesign of its website and launched its most important new feature to date: international calling. Since then, SpoofCard has also introduced the "Straight To Voicemail" feature, popularized by SlyDial.com and has released other important updates, like recording sharing via social networks and email.
In August 2009 it appears that 123Spoof was resurrected as BluffMyCall. The term "bluff" has never previously been used in conjunction with Caller ID spoofing. Around the same time, CallerIDFaker also popped up. Caller ID Faker is believed to be run by the same group as BluffMyCall.com.
On July 28th, 2009 SpoofCard released a press release saying that a federal court striked down Florida's Anti-Caller ID Spoofing law. Florida had enacted this law in 2008, but the law was found to be unconstitutional by the federal court and was overturned. This means SpoofCard is clear to do business in Florida again and sets a precedence for other states who attempt to block Caller ID spoofing services.
On September 16th, 2009 SpoofApp released its Windows Mobile SpoofCard application. This is believed to be the first Windows Mobile Caller ID spoofing application. However, the app was not a direct port of the iPhone and Android versions of SpoofApp and is still in beta form, as it appears very basic, while still being fully functional with address book support being the major benefit of the application.
But a few days later, on September 22nd, 2009 SpoofCard and SpoofApp succesfully released their newest mobile application, iSpoofCard, in the iTunes App Store. The app was essentially snuck into the App Store, right under Apple's nose, after having been rejected from the App Store previously. Hitting the App Store was a major success for SpoofCard and SpoofApp, and iSpoofCard quickly hit the top 10 apps in the Utilities category within the App Store. Over 70,000 users would install the iSpoofCard app within a few months, before Apple finally realized what had happened, and swiftly pulled the app in December 2009. iSpoofCard was officially labeled as too controversial for the App Store.
At the same time that iSpoofCard was removed from the App Store, SpoofApp also released the first Caller ID spoofing application for Facebook. Apps.Facebook.com/SpoofCard was launched on December 6th, 2009 and quickly gained over 20,000 users within the first month according to reporting posted onto the SpoofCard Facebook Page.
In response to Apple pulling the iSpoofCard mobile application, SpoofApp and SpoofCard came up with a way to make the app a 100% web based application that could be easily "installed" on a users phone. The technique takes advantage of the ability to bookmark web pages to the users iPhone home screen and launch as a full screen web app. The only noticeable difference from the App Store version of iSpoofCard is that the Address Book integration functionality is not present in the web app version. However, SpoofCard users now were given a 100% legitimate way to install the SpoofCard app on any iPhone and iPod Touch, without any harassment from Apple.
On February 16th, 2010 SpoofCard made the announcement that it's patent had been approved by the USPTO, after originally being submitted in 2006. SpoofCard's patent is patent number 7,664,242 and is titled "System And Method For Anonymous Telephone Communication." It's unknown what this may mean for competiting Caller ID spoofing companies or future Caller ID spoofing companies, if the patent is not licensed from SpoofCard. Will SpoofCard be the only remaining Caller ID spoofing company by the end of 2010?
In late February/early March 2010 SpoofApp and SpoofCard released the iSpoofCard mobile app for Palm's webOS. This is SpoofCards 5th mobile application, clearly showing that the company is not taking mobile applications lightly as it now has all major smartphone platforms covered (iPhone, Android, BlackBerry, Palm and Windows Mobile).
SpoofCard was able to introduce a "lite" version of iSpoofCard into the iTunes App Store at the same time as April Fools' Day 2010 under the name of "Phone Gangster". The new "Phone Gangster" app features voice changing, call recording, straight-to-voicemail, address book integration and recording sharing, just like the iSpoofCard app, with the exception of Caller ID spoofing! Apple would not approve the app with Caller ID spoofing enabled, so the app currently uses the users phone number for the outbound calls.
April 2010 also became a major turning point for the Caller ID spoofing industry as a whole. The United States House of Representatives passed HR 1258 also known as the infamous Truth In Caller ID Act. This is the first time that the House of Representatives and the Senate have passed bills containing Caller ID Spoofing legislation, as the Senate had previously passed the S-30 bill, but had not acted on it. The bill is now in the hands of the Senate for reconciliation, where it would then head to the presidents desk to be signed or rejected. With the passage of HR 1258 the Caller ID spoofing industry took aim at the law and the misconceptions behind the law. SpoofCard put out a statement saying that it has always supported legislation for Caller ID spoofing, as long as it was done with the proper language, to assure that the spoofing industry would be able to survive, weed out the illegitimate uses, and continue to operate as a legitimate industry. Most illigitmate uses of Caller ID spoofing already violate state and federal laws as separate crimes, so the fact that there is additional legislation to cover Caller ID spoofing, is seen as being somewhat redundant. For example, if Caller ID spoofing is uses to deceive or defraud, by posing as a police officer or a bank, then separate crimes have already been committed. This bill would add an additional crime to existing charges where Caller ID spoofing is used.
It is unknown what the fate of HR 1258 and S-30 are. Industries such as the Private Investigator and Security Professionals have rallied against the bill as passed by the House, due to vague language. It is also believed that Google is lobbying the Senate to ensure that the bill would not effect its voice services, where Caller ID comes into play, such as Google Voice.
The are many misconceptions now in 2010, but currently, Caller ID spoofing is NOT illegal at the federal level in the United States and services like SpoofCard and Phone
Last Update: May 17th, 2010
The content on this website is the sole property of calleridspoofing.info and may not be copied to any site, or publication, including the Wikipedia.