Applications, like SpoofPro, that let users change or “spoof” their Caller ID are gaining in popularity in mobile phone app stores.
Applications that let users change or “spoof” their Caller ID, like SpoofPro, are gaining in popularity in mobile phone app stores, even as Congress considers stalled legislation to outlaw particular uses of the technology, and criminals use it to engage in nefarious activity.
Caller ID spoofing technology allows a user to change the caller ID to show any desired number on a recipients caller ID display. There are currently a handful of companies that offer this service including Itellas Communications (and it’s mobile application called SpoofPpp). M ost spoofing apps allow pranksters to mask or change their voice as well. Popular desktop versions of SpoofPro are now becoming available online in Blackberry and Droid app stores.
Itellas Communications has over two million customers. “People use it for personal, business, investigative work..all kinds of ways we can't even think of,” says Roger Meeks, CEO of SpoofPro's parent company Itellas Communications. Most services tend to charge $10 an hour however Itellas charges $6 an hour which we found to be the cheapest.
There are useful and legitimate applications of the software: A doctor who has to call back a patient late at night and doesn’t want them to have his home or cell phone number, for instance; A public relations specialist calling on behalf a client, and wanting the client’s name to pop up on the Caller ID display.
And, of course, there is the cheating issue. Itellas started marketing its product to women when it found, early on, that 80 percent of its users were women who were trying to catch their boyfriend or girlfriend cheating. But the same spoofing software lets users hack into other people’s voicemail, by taking advantage of a feature in most mobile phone carriers that allows calls from a person’s own phone to default to voicemail without a password.
Spoofing companies blame the carriers for the security flaw. “It is not the service…. it’s the cell phone companies,” says Roger Meeks, President of Itellas Communications. “The cell phone companies have to take some type of responsibility.” Some companies, such as T-Mobile have a default setting for voicemail that does not include a password. “If the customer does not elect to turn the password on during setup, then the default setting is off,” says a spokesman for the company. “Individuals using these spoofing applications risk criminal as well as personal liability for their actions.”
AT&T also does not default its users to a passcode for voicemail. “Our customers strongly prefer to have one touch voicemail,” a spokeswoman says. “However, we make it simple to set your voicemail settings to require a password and encourage customers to do so.” Amy Storey, A spokeswoman for CTIA, the International Association for Wireless Telecommunications, which represents wireless carriers, believes Caller ID spoofing should be illegal and supports proposed lesiglation that would make certain uses of spoofing software illegal.
Spoofing companies are confident they will survive, in the same way email technology survived spamming, or similar phishing scams. Washington, D.C.-area based Telecom Attorney Mark Del Bianco, who also represents several of the spoofing companies says Congress cannot legislate against a technology. “They can’t make telling lies illegal,” he says. Del Bianco recommends setting up and keeping a password prompt on mobile voicemail. “In the end, it’s the responsibility of anyone who has a voicemail box to make sure it’s not easy to hack into that voicemail box,” he says.
And for those thinking of committing a crime with the Caller ID spoofing software, Del Bianco has words of caution. “There are an awful lot of people who believe that if they use Caller ID spoofing, somehow there is no call record, and it can’t be traced. That’s not the case.”