Spoofing calls has become all too common a phenomenon. They are a nuisance to the call recipient. While the spoofer is seeking to get a hold of the call recipient, the spoofer seeks to do so while concealing its identity. By classic definition, spoofing calls is when the spoofer, “caller” hides its telephone number or uses another number not associated with the caller to make the call. Many times, the recipient believes that the call is legitimate. In some instances the spoofer uses numbers of family members of the call recipient. Other times when the caller uses the recipient’s own number, it is a nuisance invading the recipient’s privacy.
Spoofing calls is also done by scammers who use numbers that may be familiar to the call recipient. Spoofing calls may also happen coming from numbers that call recipients may know and trust, such as their bank, social security administration or any other recognizable trusted organization. By disguising the origin of the spoofer, the spoofer can seek to acquire private information from the call recipient. Website as well as phones can be spoofed, and spoofing is essentially a cyber-attack.
Spoofing calls fall under the Caller ID Act of 2009 (Truth in Caller ID Act), as codified in section 227(e) of the Communications Act. The federal government has addressed the severity of caller ID, as Congress recognizes that caller ID is crucial for voice telephone service. Congress confirmed the code in the Truth in Caller ID Act. The Act prohibits “…any caller identification service” in connection with any telecommunications service or Internet Protocol-enabled service to “knowingly transmit misleading or inaccurate caller identification information with the intent to defraud, cause harm, or wrongfully obtain anything of value”. Of import is the element of causing harm and the extent to which the calls invade privacy or cause a nuisance.
Spoofing calls may also fall under the Rules and Regulations Implementing the Telephone Consumer Protection Act of 1991, CG Docket No. 02-278, Report and Order, 18 FCC Rcd. 14014, 14115, para. 165 (2003) (2003 TCPA Order). Federal courts have rules that spoofing calls are an invasion of privacy, an injury in fact sufficient for Article III jurisdiction. See, LaVigne v. First Community Bancshares, Inc., 215 F. Supp. 3d 1138, 1146-47 (D. NM 2016). See also Mims v. Arrow Financial Services, LLC, 565 U.S. 368, 372 (2012) (robocalls are an invasion of privacy); Frisby v. Schultz¸ 487 U.S. 474, 484 (1988) (the sanctity of the home is an important value).
Spoofing calls can be traced. Spoofers should know this! The traceback mechanism of the US Telecom Industry Traceback Group traces calls. All things considered, the Federal Communications Commission (FCC) considers spoofing calls that are done to “defraud, cause harm, or to obtain valuable personal information”. Spoofing calls are illegal.
Handling spoofing calls requires simple attention when the call is incoming. A call recipient should not answer calls from unknown numbers. The call recipient should not answer calls showing the caller ID number appearing as if they are calling themselves. If the call recipient does answer inadvertently, do not answer any questions. Especially do not answer any questions that require a yes or a no answer. Just keep in mind that anything legitimate will be in writing. Most fraud is done by phone or email where the identity of spoofer or fraudster is concealable.