Call spoofing: how scammers are using your number for fake calls
First things first: we’re spending a lot of time and effort developing and progressively rolling out system capabilities that can detect and block scam calls before they reach our customers.
These systems aim to block calls originated from off network sources that have suspicious calling patterns or that spoof or use unassigned numbers to gain credibility when dialling their victims on our network.
If you have been the victim of a call spoofing scam, you can report the scam call to us via our website.
What is call spoofing?
Call spoofing is where a phone scammer will falsify the calling number to trick a user into picking up or making a call look more legitimate.
It’s a global problem, and it’s unfortunately on the rise over the last few years.
Spoofing occurs when a scammer originates calls, usually via “robocalling” technology, with fake caller IDs i.e. the scammers are using technology to originate calls with legitimate Australian numbers included as the caller ID.
Telstra has strict controls that helps prevent the possibility of caller ID spoofing from arising internally within our own network. However spoofing can still occur with calls that reach our customers when originating from outside of our network.
Scammers know that people are more likely to pick up the phone to a number that looks legitimate, rather than one that appears as private, blocked, or from overseas.
Scammers may also call you from spoofed numbers that are “adjacent” to yours. It’s a social engineering tactic designed to increase the chances you’ll pick up the phone. It’s a new type of spoofing that uses your so-called ‘number neighbours’ against you.
For example, if your number is 0400 000 000, they may call you from 0400 000 001 to increase the chances you’ll pick up.
And some people have called by what looks their own number. If you have experienced this, the scammer has spoofed your number and by chance has called you as a potential victim, so that it looks like you are calling yourself.
Rest assured we are working on solutions to prevent as much spoofing as possible.
Related: Getting strange ‘missed call' SMS messages? Here’s how to avoid the Flubot.
What happens if you pick up a spoofed call?
Once the target picks up the phone, an automated message will play, often demanding money and threatening fake consequences if there’s a failure to pay. We’ve noticed phone scammers recently impersonating government departments like Services Australia or Border Force; Amazon; eBay and sometimes even Telstra or NBN Co.
Some call spoofing attacks even connect you to a real person whose job it is to extract cash from you under false pretences.
Whether personalised or automated, the scammers often apply time pressure and the threat of sanctions or penalties if you fail to pay while on the call.
They may also be after other identifying information to use in other fraudulent activities, so it’s important you don’t give out any of your personal information while on a call and if you suspect it is a scam call, hang up immediately.
Call spoofing may use real people’s phone numbers to execute an attack. This can lead to difficult conversations when the victim calls or texts the number back and reaches a legitimate service whose owner has no idea their number is being used in a scam ring.
Here is how you can spot scam calls when they come in.
How can I tell if my number is being used for call spoofing?
If your number has been spoofed by a scammer, you’ll often find out right away.
If a victim were to redial the number they were scammed from, they would reach the rightful owner.
If that owner is you, a barrage of unexpected abuse might come your way . Someone might even just call you out of the blue to ask why you tried to scam them or demand to know why you’re harassing them.
That’s a good indicator your number has been used in a spoofing scam.
How can I stop my number being spoofed?
There’s no silver bullet to stop call spoofing, but there are ways you can mitigate the calls coming into your device.
Both Apple iOS and Google Android devices have built-in systems that protect against scam calls from spoofed numbers.
For iOS devices
You can use a setting in the Phone app called ‘Silence Unknown Callers’. This effectively ignores phone numbers that aren’t in your Contacts list or Recent Calls log and instead sends them to voicemail, leaving their call attempt in your Recents list.
Here’s how to turn it on:
- Ensure your iOS device is running iOS 13 or later
- Go to Settings
- Tap Phone
- Scroll down and tap Silence Unknown Callers
- Flick the switch to On
For Android devices
You can use a similar setting called Spam and Call Screen. This warns you about callers that may be potential spam callers.
Here’s how to turn it on:
- Ensure your Android device is running Android 6.0 or later
- Open the Phone app
- Tap More Options, then go to Settings
- Tap Spam and Call Screen
- Turn the setting on or off.
Google also recommends turning on a setting in the same app called 'Filter suspected Spam Calls', This prevents scam callers ringing your device, and instead drops it into your call history silently.
Third party apps
There are also a number of third-party apps you can use to help block incoming scam and unknown calls, but there’s no real way to block your number from being used by scammers to perpetrate scams.
For that, you can simply set a voicemail message that says you are aware your number may have been used in this way, so that unknown callers can hear it when they attempt to dial you back.
Related: How to block your caller ID
What is Telstra doing about call spoofing and fake calls?
We know that scam calls are a problem, and want to make sure that our customers aren’t being preyed upon by scammers multiple times a day.
We’re actively blocking scam calls at a network level, meaning that these sorts of calls won’t be able to reach your device. On average, we’re now blocking around 13 million scam calls per month.
It’s part of our Cleaner Pipes initiative where we are working to reduce the harm of phishing, malware, ransomware and other scams across our networks both online and through voice and SMS.
We are doing all of this to protect our customers and their livelihoods because we know that we can have a significant impact by taking proactive action at a network level.
If you have been the victim of a call spoofing scam, you can report the scam call to us via our website.