General > General Technical Chat
UPDATED: Well... looks like I've l̶o̶s̶t̶ won the battle against scam callers
<< < (17/22) > >>
gnuarm:

--- Quote from: Halcyon on August 05, 2023, 12:22:58 am ---
--- Quote from: gnuarm on August 04, 2023, 02:34:59 am ---So you don't get spam calls from your own area code?  You are one in a thousand.   

But, I'm sorry that you understand so little of what I've said.  The phone number reported on your caller ID has nothing to do with where the call originates.

--- End quote ---

This is exactly what I said (read my last post).
--- End quote ---

Did you not write this?

--- Quote ---Simple, look at the number. 99% of the scam calls I've received originate from numbers in the +61 2 5119 2xxx, +61 2 725x xxxx and +61 2 9564 7xxx blocks of numbers.
--- End quote ---

When I say the calling number is meaningless, why do you counter by telling me how meaningful the calling number is?  I'm very confused.



--- Quote ---It seems that you're the one who has little understanding. Let me enlighten you. Australia doesn't use "area codes" in the traditional sense. Those were largely abolished a long time ago when we went to 8-digit telephone numbers (10 if you include the state (or STD) code). The first two digits in a fixed line phone number designates the state (02 is New South Wales and ACT for example). This "area code" (if you like) is optional when you're dialling within your own state. Whether it's a VoIP service or a landline phone, the equipment is present in that state and connects to an exchange there (with some exceptions for border towns). To give you some understanding of how big an area we're talking about, the state of New South Wales (where I live) covers an area of over 800,000 square kilometers. Travelling from the east-most point to the west-most point is over 1000 kilometers.
--- End quote ---

There's your problem.  The calls are from India.  Ultimately there is a connection to the land lines in Australia, but that's not the origin of the number reported by caller ID.  Unfortunately, this is a result of a world wide phone system. 



--- Quote ---In some cases, the first (and sometimes the second) digit of the phone number itself might loosely define a more narrower geographic area (like a council area or a county) but that's more of a throw-back from the old days. It's not a reliable method of determining where a call is coming from anymore.

Mobile numbers always start with 04; Landlines never do.

If you take the numbers I gave in my example, they loosely align to numbers based in Sydney but they could be anywhere else in the state. "Sydney" could be a few kilometers down the road, or 100 kilometers away.
--- End quote ---

None of those numbers matter.  They were generated by the spammers in India.  Phone numbers don't work like IP addresses on the Internet. 



--- Quote ---So no, I don't get spam calls from my own area code since they don't really exist anymore. In fact, some scam calls I've received in the past are from another block of VoIP numbers based in entirely different states.
--- End quote ---

You fail to understand that the numbers you see have nothing to do with where the calls originate.  This is much like spoofing a "from" email address.  I can use any "from" email address I want, and in fact, do use a number of them for my business.



--- Quote ---The only reason scammers use VoIP services based in Australia (and other countries) is so they appear "more legitimate" compared to say, an international number originating from India, or a blocked number with no caller ID. Most people would simply not answer those calls are they are out of the ordinary (and expensive for the scammers to place the call). Scammers are actually buying/leasing these services as they are relatively cheap, they don't spoof them (not here anyway). Some scammers will even go as far as operating "pop up" call centres physically in the country, I have seen this myself.
--- End quote ---

Exactly! 



--- Quote ---As I mentioned before, telcos are taking action against caller-ID spoofing and whilst I don't know the in-depth technical details about the mechanisms, I would say it's largely impossible to do on today's infrastructure (at least, without the telco's cooperation). How telephone networks operate outside of Australia, I don't know.

SMS spoofing is an entirely different topic. That does happen, at least on some networks.

--- End quote ---

The problem is, the calling number is supplied by the equipment at the origin of the call, and there's nothing to be done to prevent this being spoofed.
Halcyon:

--- Quote from: gnuarm on August 05, 2023, 12:47:13 am ---I'm very confused.

--- End quote ---

I don't think you're confused. I think you're trying to change the narrative from earlier when you said "How do you know the number is spoofed or not?" and "Do you ever get calls from someone with a thick Indian accent, offering you insurance for "final expenses"?...  If you do, and it's not an overseas call, you've been spoofed" then proceeded to claim that I was "kidding myself". Those were your words. Not mine.

I provided you a clear explanation of how these sorts of scam calls worked on our networks here.


--- Quote ---There's your problem.  The calls are from India.

--- End quote ---


You're making an assumption. Sometimes they are. Sometimes they aren't.


--- Quote ---Ultimately there is a connection to the land lines in Australia, but that's not the origin of the number reported by caller ID.

--- End quote ---

Now you're splitting hairs. You're talking about the physical seat where someone is sitting. I'm talking about the origin of the call on a telephone network. For all intents and purposes, the "origin" is the point where the call hits the telephone network (and thus the "A Party" number). That "origin" I'm talking about is the VoIP server sitting somewhere in Australia where it connects to the telco, i.e.: the boundary between internet and telecommunications network.

You claimed earlier that the number is simply "spoofed" (once again, your words, not mine). I told you that's incorrect when in fact it's a real number connected to a real telecommunications network. I also said they typically have incoming call restrictions so you can't call them back.




--- Quote ---None of those numbers matter.  They were generated by the spammers in India.  Phone numbers don't work like IP addresses on the Internet.

--- End quote ---

Wrong on both accounts. The numbers aren't "generated" by the spammers, at least not when it comes to our big networks here (your country and systems might be different and susceptible to spoofing in this way). As I mentioned, they are actual numbers sitting on the network.

And phone numbers are in a way analogous to IP addresses on the internet. A phone number is simply an "address" to a terminal or a phone somewhere. The digits reflect where and how the call is routed across networks.


--- Quote ---This is much like spoofing a "from" email address.  I can use any "from" email address I want, and in fact, do use a number of them for my business.
--- End quote ---

This is a good way to have your emails blocked by many mail servers. Mechanisms like SPF/DKIM and DMARC are used to prevent spoofed email addresses. You might want to look into that.



--- Quote ---The problem is, the calling number is supplied by the equipment at the origin of the call, and there's nothing to be done to prevent this being spoofed.

--- End quote ---
You're incorrect (at least when it comes to the big networks here, as I mentioned, your country might differ).

Telstra (Australia's largest telco) have taken steps to prevent CID spoofing from occurring, which is why scammers are increasingly resorting to leasing legitimate VoIP services with legitimate telephone numbers to get around this. There were cases years ago where caller ID was being spoofed and people would get "missed calls" from mobile numbers that never made the call. That's all stopped now.


Anyway, that's all I have to say on the matter. I don't feel like going around in circles with you. Feel free to respond, but I won't be reading it.

gnuarm:

--- Quote from: Halcyon on August 05, 2023, 01:55:09 am ---
--- Quote from: gnuarm on August 05, 2023, 12:47:13 am ---I'm very confused.

--- End quote ---

I don't think you're confused. I think you're trying to change the narrative from earlier when you said "How do you know the number is spoofed or not?" and "Do you ever get calls from someone with a thick Indian accent, offering you insurance for "final expenses"?...  If you do, and it's not an overseas call, you've been spoofed" then proceeded to claim that I was "kidding myself". Those were your words. Not mine.

I provided you a clear explanation of how these sorts of scam calls worked on our networks here.
--- End quote ---

You think you have done that, but you haven 't. 

Tell me this.  If a call comes from India, but is being spoofed to look like it came from Australia, how would you know? 

Three cases:

1) Call from Australia

2) Call from India

3) Call from India, spoofed to look like a call from the same Australian number in (1).

What will your caller ID show in each of these three cases?



--- Quote ---
--- Quote ---There's your problem.  The calls are from India.

--- End quote ---


You're making an assumption. Sometimes they are. Sometimes they aren't.
--- End quote ---

But, you are not allowing for any of that.  More importantly, you don't explain how you know where any calls are actually coming from. 



--- Quote ---
--- Quote ---Ultimately there is a connection to the land lines in Australia, but that's not the origin of the number reported by caller ID.

--- End quote ---

Now you're splitting hairs. You're talking about the physical seat where someone is sitting. I'm talking about the origin of the call on a telephone network.
--- End quote ---

That's the whole point!!!  They are calling from India, spoofing the telephone network to look like they are down the street from you!!!



--- Quote ---For all intents and purposes, the "origin" is the point where the call hits the telephone network (and thus the "A Party" number). That "origin" I'm talking about is the VoIP server sitting somewhere in Australia where it connects to the telco, i.e.: the boundary between internet and telecommunications network.
--- End quote ---

So, if they are calling from India and not spoofing the number, how does the network know the call is from India?  Where does it get the number?



--- Quote ---You claimed earlier that the number is simply "spoofed" (once again, your words, not mine). I told you that's incorrect when in fact it's a real number connected to a real telecommunications network. I also said they typically have incoming call restrictions so you can't call them back.
--- End quote ---

I don't know what a "real" number is.  Every long distance call is the same.  There is a protocol that reports the calling number, which can be spoofed. 



--- Quote ---
--- Quote ---None of those numbers matter.  They were generated by the spammers in India.  Phone numbers don't work like IP addresses on the Internet.

--- End quote ---

Wrong on both accounts. The numbers aren't "generated" by the spammers, at least not when it comes to our big networks here (your country and systems might be different and susceptible to spoofing in this way). As I mentioned, they are actual numbers sitting on the network.
--- End quote ---

This has nothing to do with your network.  When a phone calls from India, it has to report the number that is calling.  That can be spoofed.  You keep talking about the Australian telephone exchange as if it doesn't connect anywhere else in the world.  That's not how they work.



--- Quote ---And phone numbers are in a way analogous to IP addresses on the internet. A phone number is simply an "address" to a terminal or a phone somewhere. The digits reflect where and how the call is routed across networks.
--- End quote ---

The number analogy is where it ends.  In the IP, whoever your server contacts knows your server's IP address, and repeats for each step from IP to IP address.  This gives a traceable chain of IP addresses that points right back to you.  That does not exist in phone systems.



--- Quote ---
--- Quote ---This is much like spoofing a "from" email address.  I can use any "from" email address I want, and in fact, do use a number of them for my business.
--- End quote ---

This is a good way to have your emails blocked by many mail servers. Mechanisms like SPF/DKIM and DMARC are used to prevent spoofed email addresses. You might want to look into that.
--- End quote ---

LOL!!!  I've already told you I've been doing this every day for the last 20 years!!!!  Just like you talk about phones reporting the company's main number, rather than the exact phone you are calling from, it is commonplace to have any number of email addresses that send email, but direct replies to another email address.

You clearly know less about email than you do the telephone network, so I won't continue to try to explain this analogy.



--- Quote ---
--- Quote ---The problem is, the calling number is supplied by the equipment at the origin of the call, and there's nothing to be done to prevent this being spoofed.

--- End quote ---
You're incorrect (at least when it comes to the big networks here, as I mentioned, your country might differ).

Telstra (Australia's largest telco) have taken steps to prevent CID spoofing from occurring, which is why scammers are increasingly resorting to leasing legitimate VoIP services with legitimate telephone numbers to get around this. There were cases years ago where caller ID was being spoofed and people would get "missed calls" from mobile numbers that never made the call. That's all stopped now.


Anyway, that's all I have to say on the matter. I don't feel like going around in circles with you. Feel free to respond, but I won't be reading it.

--- End quote ---

Exactly.  No point in trying to teach you anything, when you refuse to answer any of my questions, which clearly show you don't understand.
tom66:

--- Quote from: gnuarm on August 03, 2023, 10:41:57 pm ---It doesn't work that way.  Just like boiler rooms can spring up overnight, these VOIP routing companies spring up overnight and operate until they have to pay a bill or two.  The payments are not made in real time.

--- End quote ---

Well, make them pay a deposit upfront for the first 1,000 calls, and cut their connection if they don't pay up.  It's really not that difficult, it's just that phone companies aren't motivated to stop it.
Shonky:
Numbers are (or at least were) spoofed in Australia.

This is how you end up with real calls from non scammers asking why you called them when you absolutely did not.

Or hang up calls where the from number is one or two digits off my mobile. That is no coincidence.

And that's within the last 12 months on both occasions. Saying numbers aren't spoofed is simply not correct.
Navigation
Message Index
Next page
Previous page
There was an error while thanking
Thanking...

Go to full version
Powered by SMFPacks Advanced Attachments Uploader Mod