Phone Cloning

I’ve had a couple calls in the last few weeks where Officers in the field had been investigating a case where a call was received and the number shown in the Caller ID was for a cellphone. Contacting the owner of the cellphone showed that they had no knowledge of the phone call and indeed the call records from the provider showed no calls.

Immediately people start saying the phone was cloned. Now, while cloning a phone is possible it involves physical access to the phoen to re-program the EEPROM and network sniffing. I like to apply the principle of Occam’s Razor to situations-“All things being equal, the simplest solution tends to be the best one.”

This was indeed the case on a call I recently received. I believe the below link is how the suspect called what he thought was an underage female using someone else’s number.

http://www.spooftel.com/

We’ll be following up on the suspect’s computer to see if the web history shows details.

There are other sites that do the same thing out there. I’d thought I’d share this with everyone.

Mike

Advertisements

2 comments

  1. Todd Young

    These incidents sound like simple “Caller ID spoofing”. There a many vendor on the web offering this service for a fee – google it

  2. Nitin Kushwaha

    Hmm!!

    Good for pointing it out,

    this is known in the hacking community , for carrying out Social Engineering Attacks against Human Nature,

    also covered by Ed Skoudis in SANS Incident Handling class.

    Thanks for bringing up this info again.

    only bad thing is it is been used nowadays for Notorius and Unethical purpose.

    Thanks

    Nitin Kushwaha
    CHFI.CEH.ITIL.SCSCSA.CIW-SA.MCSE.MCSA