asterisk users - Aug 2014 - OT: Question on Caller ID (Spoofing calls with Asterisk)

I got a call from an overseas call center telling me about the
problems with the Windows machine I was using. They wanted to remote
in and fix things for me ... (Ignore the fact I use a MacBook Pro or
an ASUS laptop with Debian).

What I found curious was the caller's name was Asterisk, and the
caller's number was Asterisk at 10 or or Astrk at 10 similar. (I don't
recall the exact number, but it was malformed and it had an '@' in
it).

I'd like to read a little more about spoofing calls with Asterisk. Can
anyone provide a reference?

Thanks in advance.

Asterisk can set any Caller ID name and number you want with the CALLERID()
function.

Type 'core show function CALLERID()' on the Asterisk command line to get
the details.

Whether your trunk will convey the Caller ID you have set is another matter
- and entirely the choice of your outbound carrier.


On 26 August 2014 22:45, Jeffrey Walton <noloader at gmail.com> wrote:
> I got a call from an overseas call center telling me about the
> problems with the Windows machine I was using. They wanted to remote
> in and fix things for me ... (Ignore the fact I use a MacBook Pro or
> an ASUS laptop with Debian).
>
> What I found curious was the caller's name was Asterisk, and the
> caller's number was Asterisk at 10 or or Astrk at 10 similar. (I
don't
> recall the exact number, but it was malformed and it had an '@' in
> it).
>
> I'd like to read a little more about spoofing calls with Asterisk. Can
> anyone provide a reference?
>
> Thanks in advance.
>
> --
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> New to Asterisk? Join us for a live introductory webinar every Thurs:
>                http://www.asterisk.org/hello
>
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users
>


-- 
[image: Digium logo]
*David Duffett*
Digium, Inc. ? Director, Worldwide Asterisk Community
6 Landscape Close, Weston on the Green ? Bicester, Oxfordshire OX25 3SX ? UK
direct/fax: +1 256 428 6119 ? mobile: +44 7722 442236
twitter: dduffett ? linkedin: www.linkedin.com/in/davidduffett
Check us out at: http://digium.com ? http://asterisk.org
<http://www.asterisk.org/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20140826/dd20799d/attachment.html>

>> What I found curious was the caller's name was Asterisk
On our systems, if I don't assign a CID number to an inbound call that is
blocking it's CID, the default shown on the Polycom phones is Asterisk. 
I've set it up that any inbound call with no CID is assigned a 0 for the
phone number and Restricted as the CID name.

Doug

Am 26.08.2014 16:45, schrieb Jeffrey Walton:
> I got a call from an overseas call center telling me about the
> problems with the Windows machine I was using. They wanted to remote
> in and fix things for me ... (Ignore the fact I use a MacBook Pro or
> an ASUS laptop with Debian).
This is a common scam scheme.

Try "windows scam call" at YouTube.

Whether CLI spoofing works depends on the provider and has not so much 
to do with Asterisk. Asterisk makes it possible, but so does every 
common SIP softphone or most other SIP device for that matter. If the 
CLI you claim to own will get actually transmitted to the callee depends 
on the provider you are using for termination and whether they allow you 
to set an arbitrary CLI. It also depends on the routes that the call 
travels through until it reaches the callee. If there's a "grey"
route
on the path that overwrites your CLI, such as a GSM gateway, your CLI 
won't make it to the callee. Nowadays you can find providers that allow 
you set arbitrary CLIs on every corner.

> I got a call from an overseas call center telling me about the
> problems with the Windows machine I was using. They wanted to remote
> in and fix things for me ... (Ignore the fact I use a MacBook Pro or
> an ASUS laptop with Debian).
> 
> What I found curious was the caller's name was Asterisk, and the
> caller's number was Asterisk at 10 or or Astrk at 10 similar. (I
don't
> recall the exact number, but it was malformed and it had an '@' in
> it).
> 
> I'd like to read a little more about spoofing calls with Asterisk. Can
> anyone provide a reference?
There really isn't much extra to read. Like the others have said, I can 
set my caller id to be anything I want with Asterisk. Whether the 
downstream carrier will accept it is another matter entirely. I work with 
multiple carriers at my locations around the world and have found they 
usually do one of three things. 

1. Allow only the main number on the account as the outbound caller ID. I 
hate this one as I may very well want my CID to not be the main number in 
some cases.
2. Allow the CID to be any number I own through that carrier. This one is 
preferable as it allows people to have their direct dial number show up as 
their caller ID.
3. Allow the CID to be any number. This one is how you get spoofing to 
work. The carriers themselves can still tell who actually sent the call, 
but most people won't go through the hassle of tracking it down to get the 
spoofers taken care of.

Additionally, some carriers will reject an outbound call from you if your 
CID isn't set correctly, others will just silently reset it to your main 
number in the background.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.digium.com/pipermail/asterisk-users/attachments/20140826/b8e3fe50/attachment.html>