Identity theft can take many forms, in addition to fake social media profiles. Email addresses and phone numbers can also take hostage. And uses by fraudsters. Today we will talk about how to tracing a spoofed phone number.
This practice called “spoofing” is an identity theft technique that allows you to send emails. Also, texts or makes calls under someone else’s identity.
Many pranksters use this method to entertain people. For example, on the radio, call an artist by posting the number of another celebrity. And borrowing their voice.
But it not only uses for making jokes. Some use this method for fraudulent activities.
Instead of displaying the actual telephone number of the fraudsters who call, the telephone display shows another number, a spoofed number. The problem is, sometimes these numbers belong to people. They then receive calls from victims who accuse them of communicating with them when the number owner has never made these calls.
More info on Tracing a spoofed phone number
When a phone number is the target of spoofing, fraudsters who make phishing calls communicate with their victims by making that phone number appear on display and not their own.
Conversely, those who receive a call from a spoofed number believe they are dealing with a local caller, which automatically makes the call more credible than if it came from a foreign number.
People believe what the ill-intentioned interlocutor is saying and follow their directions. In the vast majority of cases, we seek to obtain money, and a variety of strategies are used:
- It is said that there is an error in your tax return and that you have to reimburse an amount.
- You win a trip and must provide bank details to receive your prize.
- Offered bonuses for a reward program like Air Miles.
- Inherit a large sum and must make a transfer to prove your identity.
In short, you are dangling again, or you are threatened with a consequence to get your money! Also, it is tough to find the real culprit who took on another identity to communicate with you.
If you get these types of calls, you can ignore them. On the other hand, if your number is used to make these calls, you have a more embarrassing problem because unhappy victims will probably contact you thinking you are the culprit.
How to tracing a spoofed phone number?
If you believe your number is the target of spoofing, the Canadian Anti-Fraud Center recommends contacting your service provider immediately. That will be able to determine the real identity of the caller.
If the information has not yet been deleted from their database. You can only reveal this information to the authorities in the context of a judicial investigation.
Suppose it is impossible to stop using your phone number. As is unfortunately generally the case, your provider will undoubtedly offer you to change your phone number so that the spoofed one is no longer linked to you.
Phone number spoofing doesn’t leave a lot of choices. Either you change your number, or you keep getting calls from people. Who believes you have contacted them when you haven’t.
Besides, there is no natural way to protect yourself because the numbers are often spoofed at random. Even if you only give it to trusted contacts and use an antivirus, it could still be spoofed!
In the latest version of its operating system for iPhone and iPad, iOS8, Apple introduced an interesting feature from a privacy perspective. When scanning nearby Wi-Fi access points.
The source MAC address is regularly changed to a random address. That prevents the phone from issuing a unique identifier that you can use for tracking purposes. In theory, this is good news for privacy, limiting the ability to track a device. However, is it that easy?
To find out, let’s ask two questions to assess the effectiveness of this technique:
- is the implementation of iOS efficient?
- is the technique itself sufficient to prevent a phone from being traced?
We will see that this is far from the case: the implementation of iOS8 works in a minimal number of cases. If anonymizing the MAC address avoids trivial identification, several other slightly more subtle methods can achieve the same result.
But before we get into the technical details, let’s take the time to detail what issues tracking phones can pose. Indeed, privacy issues are not always unanimous. It is necessary to define them well to understand them.
- Problems posed
Let’s start by defining the concept of tracing, then see what kind of attackers we are dealing with, and finally, let’s detail the problems posed by these attacks.
Tracing, or tracking in English, refers to any activity aimed at combining different sources of information on the presence of one or more entities (such as individuals) to obtain a trace of mobility (physical or websites visited). For example, on the web, trying to reconstruct a visitor’s “itinerary” on the different pages constitutes a tracing method. The same goes for an advertising agency that seeks to obtain a list of sites visited by users to target them better.
In the case which concerns us, tracing refers to the fact of detecting the presence of devices. And of recording this detection to reconstruct a trace of mobility in time.
Or space (different visits over a given time or reconstruction routes).
The reasons for wanting to track physical devices are multiple and more or less noble. It can be to try to detect suspicious activity, to spy on particular individuals. Or to obtain statistics on the people visiting a place. (physical analytics).
Types of attackers
Several attacker profiles are possible with any security threat, ranging from script-kiddie to organized State. We only consider attackers targeting an individual here and therefore ignore massive attacks such as business-to-business, state-against-state, state-against-business, etc. We can then list the following potential attackers:
- The individual alone carrying out a passive and occasional listening to the network. At most, the user will detect the presence of devices whose characteristics they already know (telephone of an acquaintance identified by their MAC address, for example).
- The company wishing to trace its users. The management team, private space, or a company may wish to trace its customers or employees. That can range from collecting statistical data on attendance at different places to tracing the attendance times of specific individuals. It is necessary to be able to protect oneself from the most questionable practices. This type of attacker has a view over time of the individuals traced. And infrastructure is allowing the collection of information at different points.
- The unique individual taking control of a company’s collection systems. This one could divulge the logs for mercantile ends or to increase its reputation. In the absence of sufficient anonymization of the data, it would then be possible for anyone to know the presence of another person at a given place and at a given time.
- The data storage service. Some tracking services store the collected data in the “cloud,” in other words, with intermediaries who offer storage as a service. Anonymization is not always perfect, which can be a privacy issue. The storage service can also take advantage of this access to the data to exploit it for its profit.
- The organized state gathering information with a view to intelligence or surveillance of its citizens. This attacker can have many collection points located all over the country. And combine the information collected with other types of information collection. For an attacker of this type, the MAC address of a phone will be much more valuable than other identifiers (such as the person’s name) since you can use it to cross different sources of information. For example, many Android applications retrieve the MAC address of the device to have a unique phone identifier.
- If we assume that the State is in a passive listening position between the telephone and the application server. (control of telephone antennas, core network routers, etc.). It will link the person detected in a public place and his account on a mobile application. The MAC address is also one of the selectors in the NSA surveillance infrastructure .
These different attackers do not necessarily have legitimate use of the system. It is not acceptable to keep details of the hours of the presence of its employees. For a store to detect the recurring presence of its customers or for a State to monitor its citizens. The potential problems are numerous and ideal.
It would be for each user to have technical solutions to evade detection of the systems at will.
The interesting question is that of the conditions of using the system’s data. These are users trace by default. Or do they have to agree to this first? In the case of the tracking systems used by stores, the standard is that of the opt-out system. Users tracked by default. But can ask not to be.
Now that the problem posed let us detail its technical constituents. Let’s see each of the techniques that allow you to identify only a device, and therefore to be able to trace it.
The most trivial solution is to look at the source MAC address of the frames sent over Wi-Fi by phone. As discussed in a previous article , a smartphone with Wi-Fi enabled will regularly send frames called “probe requests.” The function of these is to ask the surrounding access points to indicate their presence.
By indicating the name of the network to which they give access (SSID). Even if the telephone already associates with an access point (cf. figure 1). An associated telephone will also emit frames during its usual traffic, which you can easily retrieve with a Wi-Fi card in monitor mode.
FAQ on Tracing a spoofed phone number
How do you rot someone’s number?
Enter the intimate perimeter (less than 45 cm) of your interlocutors, but without completely sticking them. Be tactile, always with a soft hand. When speaking with someone, regularly take their gaze away to fix a spot on their face, as if there is a stain or abnormal growth.
How to embarrass her best friend?
Look crazy to annoy your friends. Lick your food during a meal. It is a great way to disgust and annoy your friends. Put on a show by loudly licking food off your plate during lunch in class.
How to provoke people?
Pissing off strangers. Speak loudly in public. It has long been verified that someone who speaks loudly in public is annoying no matter where you are. You can talk loudly on the bus, on an airplane, or especially in a cafe when people around you are trying to work.
How do you tell your best friend that you don’t want to lose her?
My best friend knows that for nothing in the world, I would like to lose you. You mean a lot to me. Even if I write you a super long text, know that above all that I love you and that you will always be my best friend. See, you’re the kind of girl I don’t want to lose, who is dear to me.
Conclusion on Tracing a spoofed phone number
This system is unsatisfactory for reasons of privacy. Still, it has the merit of being centralized: in the United States, a single website exists to refuse to be traced by various existing commercial systems . However, you should note that the CNIL recommends explicit consent from users to be able to keep non-anonymized information outside the period of visiting the place where such a system is set up