We all receive strange calls now, and then, our phones light up and produce the familiar “Unknown Caller” notification. Other times, we may see a phone number starting with an area code, as close as the same city or as far as the other side of the world. Some of us experience surreal situations, like seeing our own phone numbers calling; this is a scammer’s trick called Reflection Spoofing.
Scammers can manipulate their phones to influence their target’s phone. Scammers have a wide variety of tools they can use to achieve their desired impact. “Unknown Caller” requires intercepting software to hide the actual ID, or they can dial *67 before calling. Not all scammers use complex tech to get what they want. However, even a simplistic *67 can disguise danger.
Increased scammer influence over the last decade has resulted in more people than ever practicing safer telecommunication. Where in the past, people handed out their phone numbers willy-nilly—today, the public tries to be reserved with identifying information. Subsequently, scammers try hard to trick the laity into answering their calls; the public must become ever-more proactive, aware, and informed about telephony threats.
The most proactive action a person can take when they receive a potential scam call is to start a mini-investigation. When scammers call their targets, they share information about themselves, even in cases of hidden or “Unknown Callers.” Hidden numbers can be revealed by dialing *69 on landlines and some cell phones.
The command shows the most-previous incoming call number (it will also call it automatically); unless you are a member of Verizon Wireless, which does not allow this feature for cell phones. Verizon Wireless not offering this feature is understandable—public phone numbers are a privacy concern.
Phone numbers are connected to much of someone’s private information; professional tools like reverse phone lookups can collect, harvest, and organize the available data for consumable reports. Reverse phone lookup tools can tell you more than the name of a number’s owner; they can give you the upper hand against scammers, dark web criminals, and ever-constant cybersecurity threats.
What is a Reverse Phone Lookup?
Reverse phone lookups work like specialized search engine results. Where a Google or Bing name search shows local and trending topic suggestions, reverse phone lookup tools will show various information related to the searched target. Many times, the results of one lookup tool lead to further investigations. For example, a scammer’s number revealing their name may prompt additional name or background checks.
For the proactive public, these tools can verify the legitimacy of a person’s purported identity. At the same time, a low-level, malicious scammer can use a phone number to find personalized information like associated numbers or locations. Scammers who use these tools don’t do so consistently—the tools often take a fee to expose “good” information. There are free options, but the legitimate ones are often limited by public access; paid-for, professional services access more data with better nuance.
How Does a Reverse Phone Lookup Work?
Reverse phone lookup tools function in the same way as a search engine or a background check. The tools are easy for anyone to use; the interested party enters a phone number into the toolbar, and the search begins.
The time it takes for this search should be nearly instant; it’s worth noting. Some bad-actor tool providers may create a fictional timer or loader that shows a long progress bar. These concocted measures increase the tool’s credibility and the likelihood of a sunk-cost fallacy faltering from users. Suppose the user spends enough time waiting for the search results and becomes unsatisfied (i.e., basic or wrong information). In that case, they may skip the refund process out of frustration and inadvertently give tool scammers some extra cash.
All reverse lookup tools, from phones to emails, work by cross-checking information. The tools take the given information and run a “scan” across the databases it has access to; scan results are cross-checked with available information from the internet and then compiled into the tool’s report. Public records are a common source of basic information. Those same records are the goal for scammers; they aim for specific data—and a lot of it.
Big-time cybercriminals are challenging to detect. They employ custom software and dark web database accesses that make them invisible to their prey until it’s too late. In comparison, the same low-level scammers that spoof phone numbers are less advanced and more reckless. Intelligent cybersecurity stops the present threat, but advanced security anticipates and enacts dynamic solutions for damage mitigation and defensive strategies.
What Information Can You Find in a Reverse Phone Lookup?
The data reported from a lookup tool depends on the databases available to the tool. Most public access databases include the name of the registered phone owner, the carrier, phone type, and associated locations. Some tools offer this information as a preliminary search to increase interactions, trust, and the overall chance of purchase of the detailed, full-service.
Why are Phone Numbers a Privacy Problem?
Phone numbers are a privacy problem because they are registered to a single individual. In cybercrime, number sequences are easier to verify than other pieces of information; other data, like names, have more variation and possible overlap. They are less useful than specific identifiers like numerical codes. A Social Security Number is another type of unique identifier.
Reverse phone lookup tools exemplify these privacy issues. Using a basic tool report, anyone can collect a lot of personal information quickly. Some of the easiest information to find includes:
- The name of the registered owner for the phone account, as well as other phone numbers related to the owner’s name, past or current.
- The names of the owner’s relatives and family, typically in complete form, with additional personal information about each.
- The past public addresses of the owner, including residential properties. Any business or commercial information may surface, too.
- These tools can also find criminal records. However, if a crime has been expunged, these tools won’t pick it up—only the courts can see it.
- Some cybercriminals will harvest information for specific accounts. They search for the answers to security questions, personal identifying information (i.e., personal bank or medical information), and hints to passwords or usernames.
How Does Your Phone Number Become Exposed?
There are many ways for your phone number to be exposed to bad actors. Not only do cybercriminals target them, but so do opportunistic marketers and localized service providers. Some of the most extensive information exposures have come from company data breaches, like the breach that decimated Yahoo in 2016. More than a billion accounts were exposed when the breach was initially found; that total eventually ballooned to all of Yahoo’s 3 billion accounts following a second breach.
A lot of hackers are casual, opportunistic actors. If a user paired their phone number to a social media account, for example, unknowingly made that information public, that may result in an admitted self-exposure—prey for the opportunistic. Scammers often attempt to create their opportunities; some advertise rewards for simple tasks. These tasks can be anything from completing a free trial to texting an answer to an online contest.
These types of scammers might use a reverse phone number lookup tool to get a name; use the name in a search tool to find owned email accounts; then email those accounts with further phishing opportunities. Some higher-level scammers can get access to the information saved by retailers, too; discount coupons and limited digital currency are significant draws of scammers.
When is it Wise to Share Your Phone Number?
Despite the risks we take with our numbers being exposed, there are some circumstances when we must share the information. Two-factor authentication options often require phone numbers for one-time token passwords and verification purposes; this does not mean that phone numbers are the only viable avenue for contacting someone. Companies increasingly offer verification services through multiple channels, giving their clients more flexibility and privacy.
Cybercriminals are always after personal information. Every day they work to develop more complex methods to gather valuable data from unsuspecting victims. Taking proactive steps before you have information exposed will be the biggest deciding factor in the outcome. Use a reverse phone lookup tool to see what information is out there, or use it to find the owner of that “Unknown Caller” that keeps calling.
David Lukić is an information privacy, security and compliance consultant at one of the main identity monitoring and protection services. The passion to make cyber security accessible and interesting has led David to join InfoCollective team since 2022.