Discussion:
[asterisk-users] OT: Question on Caller ID (Spoofing calls with Asterisk)
Jeffrey Walton
2014-08-26 14:45:01 UTC
Permalink
I got a call from an overseas call center telling me about the
problems with the Windows machine I was using. They wanted to remote
in and fix things for me ... (Ignore the fact I use a MacBook Pro or
an ASUS laptop with Debian).

What I found curious was the caller's name was Asterisk, and the
caller's number was ***@10 or or ***@10 similar. (I don't
recall the exact number, but it was malformed and it had an '@' in
it).

I'd like to read a little more about spoofing calls with Asterisk. Can
anyone provide a reference?

Thanks in advance.
David Duffett
2014-08-26 14:49:46 UTC
Permalink
Asterisk can set any Caller ID name and number you want with the CALLERID()
function.

Type 'core show function CALLERID()' on the Asterisk command line to get
the details.

Whether your trunk will convey the Caller ID you have set is another matter
- and entirely the choice of your outbound carrier.
Post by Jeffrey Walton
I got a call from an overseas call center telling me about the
problems with the Windows machine I was using. They wanted to remote
in and fix things for me ... (Ignore the fact I use a MacBook Pro or
an ASUS laptop with Debian).
What I found curious was the caller's name was Asterisk, and the
it).
I'd like to read a little more about spoofing calls with Asterisk. Can
anyone provide a reference?
Thanks in advance.
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
http://www.asterisk.org/hello
asterisk-users mailing list
http://lists.digium.com/mailman/listinfo/asterisk-users
--
[image: Digium logo]
*David Duffett*
Digium, Inc. · Director, Worldwide Asterisk Community
6 Landscape Close, Weston on the Green · Bicester, Oxfordshire OX25 3SX · UK
direct/fax: +1 256 428 6119 · mobile: +44 7722 442236
twitter: dduffett · linkedin: www.linkedin.com/in/davidduffett
Check us out at: http://digium.com · http://asterisk.org
<http://www.asterisk.org/>
Doug Lytle
2014-08-26 14:55:26 UTC
Permalink
Post by Jeffrey Walton
What I found curious was the caller's name was Asterisk
On our systems, if I don't assign a CID number to an inbound call that is blocking it's CID, the default shown on the Polycom phones is Asterisk. I've set it up that any inbound call with no CID is assigned a 0 for the phone number and Restricted as the CID name.

Doug
Jeff LaCoursiere
2014-08-26 14:58:33 UTC
Permalink
Post by Doug Lytle
Post by Jeffrey Walton
What I found curious was the caller's name was Asterisk
On our systems, if I don't assign a CID number to an inbound call that is blocking it's CID, the default shown on the Polycom phones is Asterisk. I've set it up that any inbound call with no CID is assigned a 0 for the phone number and Restricted as the CID name.
Doug
So, in other words, they had a moron install the system that is trying
hard to social engineer their way into people's computers.

j
Markus
2014-08-26 15:01:31 UTC
Permalink
Post by Jeffrey Walton
I got a call from an overseas call center telling me about the
problems with the Windows machine I was using. They wanted to remote
in and fix things for me ... (Ignore the fact I use a MacBook Pro or
an ASUS laptop with Debian).
This is a common scam scheme.

Try "windows scam call" at YouTube.

Whether CLI spoofing works depends on the provider and has not so much
to do with Asterisk. Asterisk makes it possible, but so does every
common SIP softphone or most other SIP device for that matter. If the
CLI you claim to own will get actually transmitted to the callee depends
on the provider you are using for termination and whether they allow you
to set an arbitrary CLI. It also depends on the routes that the call
travels through until it reaches the callee. If there's a "grey" route
on the path that overwrites your CLI, such as a GSM gateway, your CLI
won't make it to the callee. Nowadays you can find providers that allow
you set arbitrary CLIs on every corner.
Kevin Larsen
2014-08-26 15:04:23 UTC
Permalink
Post by Jeffrey Walton
I got a call from an overseas call center telling me about the
problems with the Windows machine I was using. They wanted to remote
in and fix things for me ... (Ignore the fact I use a MacBook Pro or
an ASUS laptop with Debian).
What I found curious was the caller's name was Asterisk, and the
it).
I'd like to read a little more about spoofing calls with Asterisk. Can
anyone provide a reference?
There really isn't much extra to read. Like the others have said, I can
set my caller id to be anything I want with Asterisk. Whether the
downstream carrier will accept it is another matter entirely. I work with
multiple carriers at my locations around the world and have found they
usually do one of three things.

1. Allow only the main number on the account as the outbound caller ID. I
hate this one as I may very well want my CID to not be the main number in
some cases.
2. Allow the CID to be any number I own through that carrier. This one is
preferable as it allows people to have their direct dial number show up as
their caller ID.
3. Allow the CID to be any number. This one is how you get spoofing to
work. The carriers themselves can still tell who actually sent the call,
but most people won't go through the hassle of tracking it down to get the
spoofers taken care of.

Additionally, some carriers will reject an outbound call from you if your
CID isn't set correctly, others will just silently reset it to your main
number in the background.

Loading...