Before we get into flour, we are going to try to roughly explain what spoofing consists of. In terms of security, spoofing refers to the use of techniques by which an attacker, usually with malicious uses, impersonates a different entity or person.
There are several types of spoofing depending on the technology used by the attacker, and these can be of different nature: IP Spoofing (IP spoofing), ARP Spoofing (IP-MAC spoofing), DNS Spoofing (domain name spoofing), Web Spoofing (impersonation of a real web page) and GPS Spoofing (It consists of tricking a GPS receiver by determining a position different from the real one).
In the case of Phone spoofing There are several "technical" terms that should be clear to understand what deception consists of:
IMSI (International Mobile Subscriber Identity or “International Mobile Subscriber Identity”), Is a unique identification code for each mobile phone device. It is usually integrated into the SIM card and is used to identify the subscriber's country, mobile network and telephone number.
ICCID (identification card of the integrated circuit or "Integrated Circuit Card ID”) Is the identifier of the SIM card. At any given time, the information on the SIM could be changed, but the SIM identifier would remain intact.
IMEI (International identity of mobile equipment or “International Mobile Equipment Identity”) Is a unique number that is used to identify any mobile phone. It is usually indicated behind the battery.
The IMSI grabber
Now that we have all the concepts clear, we can explain what the phishing or telephone “spoofing” consists of. The method used is known as the "IMSI capturer", and consists of using a fake telephone base station that is responsible for tricking mobile phones so that outgoing calls are made from your device. This allows an attacker to intercept his victim's communications, and it works even with encrypted calls.
And how does the IMSI grabber cheat your mobile phone? The concept is very simple: When you try to make a call, your phone looks for the strongest signal among the nearest telephone towers to route the call. At that moment the IMSI grabber comes into play emitting a stronger signal than the rest of the towers, so your phone "goes" with it.
Cris Paget demonstrating the use of an IMSI grabber (photo by Dave Bullock)This Spoofing method was made known some time ago by researcher Chris Paget, and requires a really low investment, around $ 1,500, compared to the hundreds of thousands that a professional telephone tower costs. In fact, most of that $ 1,500 goes to buying a laptop, so if the malicious hacker already has his own laptop, the investment is really poor. In Chris Paget's public demonstration in 2010, he managed to capture more than 30 mobiles in a few minutes.
Are there other methods to take control of someone else's phone?
The IMSI grabber may be the most sophisticated type of attack to intercept outside calls, but it is not the only one. The techniques most used by hackers are usually based on the use of malware that, once downloaded to the victim's Smartphone, make indiscriminate use of the device:
- Hacked versions of paid apps.
- Deceptive ads that force the user to download malicious apps.
As you can see, there are many open fronts from which we can be attacked, that is why it is important that we take extreme precautions when we install unofficial or pirated apps, but in any case, in the face of attacks like the one described above, the defenselessness on the part of the victim is manifest.
If you think you have been the subject of a scam of this type, do not hesitate to alert the local authorities, since all these activities are clearly criminal.
If you want to know more about protection against malware on mobile devices, do not hesitate to consult our article "Is it necessary to install antivirus on Android?"
