Make us your home page

Snooping and spoofing: Is your phone, bank and credit info safe?

For all of the palace intrigue recently about who in Rupert Murdoch's News Corp. kingdom knew what about phone hacking when, one fundamental question about the scandal has gone mostly unanswered: Just how vulnerable are everyday U.S. residents to similarly determined snoops?

The answer is, more than you might think.

AT&T, Sprint and T-Mobile do not require cell phone customers to use a password on their voice mail boxes, and plenty of people never bother to set one up. But if you don't, people using a service colloquially known as caller ID spoofing could disguise their phone as yours and get access to your messages. Voice mail systems often grant access to callers who appear to be phoning from their own number.

Meanwhile, as Edgar Dworsky, a consumer advocate who founded, discovered recently, someone with just a bit of personal information can also gain access to the automated phone systems for Bank of America and Chase credit card holders.

Once those systems recognize the phone number of the incoming call and those bits of personal information, they offer up the latest on the cardholder's debts, late payments and credit limits. Bank of America's computer will even list recent charges, including names of doctors and other businesses.

There are additional steps that the mobile phone companies and the card issuers could take to stop this sort of thing. The fact that many of them don't, however, makes this your problem to solve.

Spoofing is perfectly legal, up to a point. Commercial spoofing operations, which began offering services to individuals about seven years ago, are easy to find and cost $10 or so for 60 minutes of calling time. A Google search on "caller ID spoofing" leads to many providers with names like SpoofCard, whose slogan is "Be Who You Want to Be."

Registered users call an access number (or use a form on a website) and enter the phone number they are calling and the phone number they want to show up on the caller ID display of the person they are calling. Then the service puts the call through.

Late last year, President Obama signed the Truth in Caller ID Act, which prohibits knowingly using spoofing services to defraud, cause harm or wrongfully obtain anything of value. The fine is up to $10,000 for a single incident.

There are at least a few legitimate uses for caller ID spoofing. Domestic violence victims may not want anyone to know where they are calling from. Doctors use it to keep patients from pestering them later. Parents sometimes use the service if they have children who tend to ignore their calls.

Until banks start asking for a bit more information, you are on your own here. If you're in a personal or professional situation where someone might be interested in what you're spending and where, don't spend it on a Chase or Bank of America credit card.

Also, if you're in the habit of throwing out credit card receipts, shred them instead, since some of the data there can be useful to people looking to exploit the card issuers' automated systems.

As for your cell phone, if you're not a Verizon user, set up a voice mail password and use it, simple as that.

Snooping and spoofing: Is your phone, bank and credit info safe? 08/20/11 [Last modified: Friday, August 19, 2011 7:54pm]
Photo reprints | Article reprints

Copyright: For copyright information, please check with the distributor of this item, New York Times.

Join the discussion: Click to view comments, add yours

  1. Aramis Ayala defends her stance against death penalty: 'I did what I believe was proper'

    State Roundup

    TALLAHASSEE — Aramis Ayala, the elected Orlando prosecutor who refuses to seek the death penalty, defended her actions Wednesday as she faced a flurry of hostile questions from Florida Supreme Court justices.

    Orlando prosecutor Aramis Ayala, far right, said she was "very well pleased" with her lawyer's case. "I violated no laws." [STEVE BOUSQUET | Tampa Bay Times]
  2. Tampa Chamber of Commerce offers boost to black and Hispanic-owned businesses

    Economic Development

    TAMPA — There's a disconnect in Hillsborough County's minority business community.

    Gaston Meredith of Gaston's Culinary Services listens to LaKendria Robinson, Director of Minority Business Accelerator & Economic Inclusion during an information session at the Robert W. Saunders Library in Tampa on Tuesday.
[OCTAVIO JONES   |   Times]
  3. Wesley Chapel, Greater Pasco chambers of commerce merge


    LAND O'LAKES — Two chambers of commerce representing more than 850 business members from west Pasco to Wesley Chapel and New Tampa are merging into a single organization.

    Greater Wesley Chapel Chamber of Commerce President and CEO Hope Allen will lead the combined chambers of commerce announced Wednesday. The yet-to-be-named chamber will represent more than 850 businesses that currenlty are members of the Greater Pasco and Greater Wesley Chapel chambers.
[JAMES BORCHUCK   |   Times]
  4. Sign up for our new daily News at Noon email newsletter


    The Tampa Bay Times will soon launch a daily newsletter called News at Noon. You can make sure to be among the first to receive it by signing up now.

  5. Bitcoin, ransomware fraudster Anthony Murgio of Tampa sentenced to prison


    Tampa's Anthony Murgio, 33, was sentenced Tuesday to 5-1/2 years in prison for running a bitcoin exchange suspected of laundering money for a group of hackers who targeted publishing and financial firms as part of a complex securities fraud.

    Anthony Murgio of Tampa, 33, was sentenced Tuesday to 5 1/2 years in prison for running a Bitcoin exchange suspected of laundering money for a group of hackers who targeted publishing and financial firms as part of a complex securities fraud. [AP photo]