> I get a lot of calls from "Ann" or "Rachel" from "Account Services" > or "Cardholder Services". Aren't these folks breaking US law by spoofing > caller ID?
They are annoying as hell. When you ask to be removed, they hang up on you. And then call back 3 or 4 times later in the week. > Does anybody know how these underground businesses are set up? I'm guessing > that the actual telephone calls take place from hacked PBXs, and those > perps hand off to a second "boiler room" outfit, because I can listen > through all the recorded messages, but I often get hung up after that. Sounds about right... The problem is within the standards for caller id. I seem to recall your trunk is supposed to set the Caller ID to a "correct" value (for some definition of "correct"). The outgoing PBX can override it (the folks who sell service to the call center), and the incoming PBX can override it (the folks providing your local telco service). If any of them set the caller id information, they are setting it to bad/incorrect/misleading information. The incoming PBX override is basically not authenticated, so your Telco is just regurgitating bad information. Also see "OT: Question on Caller ID (Spoofing calls with Asterisk)", http://marc.info/?l=asterisk-users&m=140906431703331. > Fourth, I'd like to call upone every human to NOT hang up, but rather to > listen to the recorded scam message, and even try to talk to the human, FCC and FTC complaints work well, too. I was filing 3 or 4 a week. Jeff On Wed, Apr 29, 2015 at 4:30 PM, Bruce Ediger <bedi...@stratigery.com> wrote: > I get a lot of calls from "Ann" or "Rachel" from "Account Services" > or "Cardholder Services". Aren't these folks breaking US law by spoofing > caller ID? > > Does anybody know how these underground businesses are set up? I'm guessing > that the actual telephone calls take place from hacked PBXs, and those > perps hand off to a second "boiler room" outfit, because I can listen > through all the recorded messages, but I often get hung up after that. > > Third, is there any way to find out who does this, and have them prosecuted > to the fullest extent of the law? It's pretty clear that the FTC do-no-call > registery complaints web page just deletes all input data. Someone must > care, > right? > > Fourth, I'd like to call upone every human to NOT hang up, but rather to > listen to the recorded scam message, and even try to talk to the human, > to keep the PBX lines tied up as long as possible. I'm coming to believe > that every one who can, should waste cold caller's time, run honey pots > and generally intercept any scam communications possible. Who's with me? _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
