One of my clients has 224 DIDs (phone numbers,) and roughly 100 of them are being spoofed at the moment. It started sometime yesterday, the operator phone for the client started receiving phone calls from people who had been called supposedly from their phone numbers.
The office this is in, the setup is the phone system has one outgoing caller ID, so when someone calls in and says “I got a call from 615-XXX-YYYY” and it’s not the main number, we know it didn’t come from there. It hit one of the numbers on the block that was not currently assigned and dropped to the operator.
Some random telespammer decided to use one of the blocks we control as their spoofed caller ID, picking a random number in that range each time, to claim was the phone number they were calling from. What’s resulted is a ton of people getting phone calls supposedly from my client, which resulted in an expense to get the phone company and phone systems support to verify that the phones were not hacked, and something else.
That something else is they’ve had a bunch of people calling up thinking that 1) client did it because caller ID said so, 2) that it’s somehow legal for them to threaten the person they called and harass them.
The people who have not violated several laws regarding threats to life and limb, or cursed out an innocent party, have indicated they’re on Verizon, Cricket & AT&T.
So yeah, great job there guys… also what idiot in this day and age gets a phone call/voicemail from a car warranty spammer and calls it back to argue and threaten the well being of someone who tells them they didn’t call?