I have recently read about attacks using Caller ID spoofing technology. Criminals used it to impersonate bank or police employees and asked to install malware or transfer money to a given account. A person receiving a call could see a bank phone number. So if you had a bank number in your phone book or are using apps like Google Phone that display the name of a caller linked to a phone number in their database, you could think this is a real bank employee calling you.
When surfing online, I can verify identity of a web site thanks to SSL.
I've read introducing similar verification for caller ID is hard:
But still, I wonder if there is any promise of such technology? Or any research on that?
The one thing I've heard about is Google Verified Calls solution for companies, so their customers can trust calls received from them. However:
- it is present only in some countries
- only for companies that joined that platform
- little is known how Google verifies business phone number