Hyderabad: Scammers are not leaving out even the country’s premier investigating agencies such as the Central Bureau of Investigation (CBI). This is evident in recent events such as spoofing the landline number of the CBI and approaching persons booked by the CBI and demanding a bribe after pretending to be senior officials of the investigating agency. Cyber security experts warn people to be extremely careful of these cheats.
Recently, the conmen even impersonated CBI Chief R.K. Shukla and Union home minister Amit Shah among others.
Spoofing is a method of changing the number that is assigned officially by the licensed telecom service provider. There are primarily three technologies through which calls can be transmitted - Plain Old Telecom (POTS) landlines, Primary rate interface (PRI) for businesses, and Voice Over Internet Protocol (VOIP).
All these exchange caller ID information over a communications method called frequency shift key (FSK) and the caller ID can be spoofed very easily. All one needs is a few hundred bucks, an internet connection and a mobile or laptop. There are many apps and websites from where one can avail of such services at the click of a button. In addition, with a little technical knowledge, one can set the system using free open source systems like asterisk for the job.
Sai Krishna, chairperson of the Global Cyber Security Forum, said, “Scammers mostly use foreign websites and apps over virtual private network (VPN) service to get away from being tracked or illegally interconnect VOIP to telecom network. Sometimes, due to lack of restrictions at the telco’s switching side, scammers can spoof the number.”
He said gone are the days when it was a complex technical task. Now, anyone can spoof caller ID for a malicious use, sitting in India and executing the crime outside Indian jurisdiction, making it difficult for Indian law enforcement agencies to track.
Suggesting ways of avoiding falling for these spoofing tricks, Mr Krishna said, “We have to validate the unknown caller’s claim by giving a call back, validating voice and physical verification. Even If the number is spoofed, the return call will go to the original
subscriber number through which we can confirm the veracity of the caller.”
