Despite all the security risks and the annoying calls, I like the idea of
anonimity or pseudo anonymous CID for phone calls. I think anyone should have
the right to call anonymous and for that matter should be able to set CID to
000... I take phone anonymity as web surfing anonymity. You don't want the web
server to know your "name". It's fine if they know your IP but again they can't
get your Name through your IP because the phone company won't release it to
just anyone without a court order. However, phOshing is a totally different
subject and of course just like phIshing you have to take the calls from the
banks with a grain of salt or learn a lesson :) And I don't think it is
IMPOSSIBLE to track down people with fake CID. Just like tracing IP to a
physical land line. It's a question of law more than personal preference. But,
you can opt for do-not-call-list here:
https://www.lnnte-dncl.gc.ca/insnum-regnum-eng. -Bruce> From: [EMAIL
PROTECTED]> To: [email protected]> Date: Thu, 30 Oct 2008 15:52:47 -0400>
Subject: [on-asterisk] RE: [Bulk] [on-asterisk] RE illegal to fake CID> > > I
am surprised nobody has tried to phish on inbound call basis. Call a bank>
customer, leave an official sounding automated message with a local DID or>
toll-free number for the customer to call back. > > Once they call back, just
patch them through to the standard bank IVR line> and skim DTMF for account
number and phone banking password. Not exactly> sure how much damage you can do
with this info, but if you record the call> you could probably get all other
relevant info from security questions posed> by the bank CSR...> > The attack
could work on mail-> inbound call or e-mail -> inbound call> basis. > > Just
bounce the number through a set of DIDs in several countries, and you> cover
your tracks or at least make it complicated for law enforcement to> track you
down. Use disposable credit cards to pay the bills and presto...> you are
invisible. > > But maybe I'm just more evil than the average bear :) > > > > >
-----Original Message-----> From: Alan Cohen [mailto:[EMAIL PROTECTED] > Sent:
Thursday, October 30, 2008 2:27 PM> To: Asterisk User Group> Subject: [Bulk]
[on-asterisk] RE illegal to fake CID> > FYI: I recently was contacted by The TD
Bank Fraud Prevention Dept --> except it wasn't TD who called me: it was a
fraudster. He was very> slick. He covered all the bases including his callerID
which reported> the real number for the Bank Fraud Prevention Dept> >
Sincerely,> > Alan Cohen> email:[EMAIL PROTECTED]> website:
http://perimeter911.com> voice: 416-781-2524> > >
---------------------------------------------------------------------> To
unsubscribe, e-mail: [EMAIL PROTECTED]> For additional commands, e-mail: [EMAIL
PROTECTED]>
_________________________________________________________________
