washingtonpost.com  > Technology > Special Reports > Telecom

Quick Quotes

New Tricks Fool Caller ID

Some See Potentially Dangerous Abuse

By Mike Musgrove
Washington Post Staff Writer
Saturday, October 30, 2004; Page E01

It wasn't long after caller ID became popular that some people signed up for telephone services to block their number from being displayed. Now comes another trick: Companies are marketing systems to help callers fool telephone identification services into thinking they are someone else entirely.

The Web-based systems allow callers to spoof their identity by taking on the name and number of another legitimate caller. A company calling itself Camophone says its Privacy Guard service will handle the spoofing on a call-by-call basis for as little as $5. Another, Star38, said it is marketing its software only to law enforcement agencies. At least one other start-up plans to release its version soon.

The systems have hit a nerve among consumers who fear that such tools could give stalkers and debt-collection agencies an insidious new weapon. When Star38 launched in September, it decision to market to debt-collection companies generated so much anger among consumers that the small firm quickly changed its sales tactics. Star38 now says that approach was "flawed."

Camophone was content to let word of mouth circulate on the Internet until the widely followed news site Slashdot drew attention to an article about its product on SecurityFocus, a computer security news site owned by Symantec Corp., maker of the Norton line of computer safety software.

The Camophone Web site is registered to a third-party Web hosting firm in New Jersey called Registerfly.com, which keeps the identities of its customers confidential on the grounds that this protects its users from identity theft, unsolicited commercial e-mail and telemarketing calls.

A Camophone representative, who called (spoofing a reporter's number) in response to an e-mail query and declined to give his name to avoid harassment, said he recognized that some people might abuse the system. But, he said, our "intention with the service is not to allow anybody to do anything illegal. Our intention was to allow people to protect their privacy."

In a world where consumers have finally gotten some relief from annoying telemarketer calls, thanks to the Federal Trade Commission's Do Not Call Registry, technology that tampers with caller ID could mean a new avenue for scammers and tricky sales tactics.

"This right here would probably be a stalker's dream," said Michael Brown, who works for a telecommunications company in Franklin, Tenn. For the past week or two, Brown has used the Web service to play jokes on his friends and family (he called a Post reporter using the faked number 666-666-6666 yesterday). Though he's used the ruse only for his amusement, Brown said it was easy to think of "so many scams you could try with this thing."

Marketing associations were quick to condemn the use of caller ID-altering products for marketing purposes. Patricia Kachura, vice president of ethics and consumer affairs at the Direct Marketing Association, said that using technology to mask a marketer's identity is illegal under the Telemarketing Sales Rule, which is enforced by the Federal Trade Commission, and the Telephone Consumer Protection Act, which is enforced by the Federal Communications Commission.

The exception is that it is legal for a business to transmit a different number for display on caller ID as long as the number belongs to the marketer's company. In other words, it is legal for salespeople to make a call from their personal line and have the call show up as coming from their company's main number.

Jim Reynolds, chief analyst at Star38, based in Wilmington, Del., said that making his company's technology available only to law enforcement agencies is "the right approach."

"We don't see the advantage of making this type of technology available to the masses," he said. "This is a potentially dangerous technology and it has to be handled properly. You can't have a sophomoric approach."

Dave Schroeder, a systems administrator at the University of Wisconsin, said he visited Camophone's Web site because he was curious to see if it actually works. In many cases, he has found that the text associated with the number in the caller ID system does not always transmit when he makes a call. He called a Post reporter using a return number belonging to a "George W. Bush" in Pennsylvania, but only the digits of the number appeared on the caller ID.

In any case, the service's novelty value may be running thin for Schroeder. "You can only call so many of your co-workers before they start to get irritated," he said.


© 2004 The Washington Post Company