Caller ID is a boon to anyone who wants to avoid telemarketers, hostile ex-es, or other examples of what the group No Doubt called "telephonic invasion." ("It's all your fault/I screen my phone calls," they sang in the 1995 hit Spiderwebs.) It's also a helpful tool for busy people who simply want to know if a call is urgent or can be returned later. But scammers have discovered that this useful feature can be used deceptively, in ways that can cost you if you're not careful.

Consider this scenario, which happened to a reader of the Savannah (Georgia) Morning News. You get a call from your gas company, saying that your gas will be shut off unless you immediately make up for a past due bill by credit card. You're very cautious about giving out your credit card number, and it sounds like a scam to you. Except that - the caller ID on your phone tells you that this is, in fact, a call from your gas company. Or is it?  The consumer who got this call was a victim of caller ID spoofing: A con where the scammer made someone else's caller ID appear on the consumers' caller ID service.

There are sometimes good reasons for a caller to hide behind this kind of electronic mask. For example, domestic violence shelters may need to use an ID number in order for their calls to be received, yet may have good reasons not to reveal their true phone number. Far too often, though, fake caller IDs are used by bad actors to get money from consumers, steal consumers' identities, or stalk or harass.  Many consumers have complained to the FCC about callers seeking consumers' financial or other confidential information by purporting to be the consumers' credit card companies, while there are other reports of con artists masquerading as government officials or banks to get identity or financial information from consumers.

Last December, Congress took action against malicious caller ID spoofing by passing the Truth in Caller ID Act, which directed the FCC to develop new rules to prohibit caller ID spoofing done with intent to commit fraud, steal something of value, or otherwise cause harm. Today [JUNE 22], we are releasing these rules, which provide for substantial financial penalties against anyone in the United States who violates this law. We believe our rules will take an important step toward thwarting these scammers and protecting consumers.

Consumers should follow these steps to avoid falling victim to malicious caller ID spoofing:

  • Don't give out personal information in response to an incoming call. Identity thieves are clever - they often pose as representatives of banks, credit card companies, creditors, or government agencies to get people to reveal their account numbers, Social Security numbers, mother's maiden names, passwords and other identifying information.
  • If you get an inquiry from a company or government agency seeking personal information, don't provide it.  Instead, hang up and call the phone number on your account statement, in the phone book, or on the company or agency’s website to find out if they actually need the information requested in the call you received.

Please let the FCC know about ID spoofers by calling 1-888-CALL-FCC or going to fcc.gov/complaints.  And comment on this blog post if you want to share your experience.

Here is a link to the press release; here is a link to the report to Congress.