Making a difference when it comes to fraud prevention

Where Communication Professionals Go to Know

Ending CLI Spoofing, Once And For All

by | Sep 2, 2021 | News | 0 comments

Written by AB Handshake

CLI spoofing has been around for ages. This classic telecom fraud scheme is also one of the most common ones, used in typical fraud scenarios like one-ring scams, robocalls, and eventual phishing.

Simple caller ID schemes like this amount to billions of dollars in losses for telecom companies each year.

What Exactly is CLI spoofing?

With CLI spoofing, scammers manipulate a telephone network to provide information to falsify the information transmitted to the receiver’s caller ID (the A-number).

In this way, they disguise their identity and appear as if the incoming call is from a local number, a trusted brand or some other company.

The fraudsters then often use scripts to gather valuable personal information from the person taking the call, without the person being aware of what has happened.

Case Study – CLI Spoofing on the Rise in the European Union

CLI spoofing has skyrocketed in the European Union (EU) since this union introduced origin-based surcharges.

Origin-based pricing means that calls are charged based on the originating caller (CLI). If a call is placed to an EU country from outside the EU, a surcharge is added.

For example, a voice call to a mobile phone in Italy may hypothetically cost $0.004 per minute if the call is placed from a mobile phone in Poland, but will cost several times more if a person calls the same number from the USA.

In other words, the charges for termination to the same network from a European A-number differ greatly from that of a non-European A-number.

What’s more, blocking CLI spoofing in the EU is further complicated by GDPR data protection regulations, which have placed limits on the database queries that fraud management systems need to identify certain CLI spoofing scams.

Today, traditional fraud management systems still haven’t been able to stop this problem, once and for all.

Where Traditional Fraud Management Systems Fall Short

Since traditional fraud management systems are primarily reactive and rely on CDR uploads and after-the-fact analysis, some fraudulent calls always get through to their victims.

When fraud schemes succeed, someone pays for it. When significant fraud charges pile up on a client’s account, the operator chooses between forcing its client to pay and risk losing the client, or absorbing the loss themselves.

These losses are significant —  a survey of telecom service providers in 2019 revealed that the estimated costs of telecom fraud worldwide amounted to $28.3 billion in that year, alone.

A New Solution for CLI Spoofing

Fortunately, there has been a shift that has turned the fraud protection paradigm on its head.

This solution is based on the direct communication between both operators of a call, who are a part of a community of businesses who all use a common handshake to validate each and every call.

As a result, the participating telcos become “spoof-proof” and are able to put a stop CLI spoofing for all members of the community, entirely.

How it Works

The beauty of this method is in its simplicity. A scammer may manipulate the network to deliver an alternate A-number (caller ID) that is familiar to the recipient.

Usually, neither the originating nor the terminating operator would have any way to realize what had occurred.

However, with today’s technology, several other simple steps take place simultaneously (see the image below):

  • The originating operator initiates a verification request to the terminating operator.
  • The terminating switch sends the call-details to the terminating call registry.
  • The terminating operator tries to contact the owner of the spoofed range.
  • In the case of CLI spoofing, the terminating operator doesn’t receive verification.
  • The call also doesn’t get verified by the originating operator.

The call is then automatically identified as fraud in real-time and the system either blocks it or labels it as fraud, logging all the available details in a validated log that operators can later use to raise a complaint to the carriers.

Thanks to this simple technology, all parties win.

Only carriers and operators who are a part of the community can have their traffic verified. As a result, wholesale carriers and retail operators have an incentive to join this community to avoid exchanging traffic with outside operators whose traffic can’t be verified.

Customers enjoy spoof-free calls without annoyances and violations of their privacy.

It’s also a win for them.

The only losers in this scenario are the fraudsters, which is also a win for the telecom industry.


Submit a Comment


Contact Us

If you are interested in knowing more about membership, are a possible strategic partner wishing to collaborate, are looking at possible sponsorship opportunities or wanting to attend one of our events.  Please use a legitimate business email address when enquiring. Thank you.

Contact Us

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.