Navigating the Risks of CLI Spoofing and Vishing in Business Communications

Tuesday, May 21, 2024 by Melita Business

In our digitally-driven era, telephone interactions continue to be integral to business operations. Yet, this reliance also creates vulnerabilities that fraudsters are keen to exploit, particularly through techniques like CLI (Caller Line Identification) spoofing and vishing. Understanding these threats and adopting preventative measures can significantly reduce the risk of falling prey to these deceptive strategies.

Understanding CLI Spoofing

CLI spoofing involves fraudsters manipulating the caller ID to appear as a familiar and trustworthy number, such as those belonging to reputable banks, government entities, or established companies. This deceit is designed to earn your trust, prompting you to engage with the call. The fraudster’s goal is typically to coax out sensitive information or financial details under deceptive pretenses.

Key Defences Against CLI Spoofing

  • Refrain from sharing personal, password, or financial information during phone calls.
  • Remember, legitimate organisations will never request sensitive data via telephone.

Decoding Vishing

Vishing is a tactic where scammers adopt false identities and create a sense of urgency to manipulate individuals into disclosing confidential information. They might impersonate officials from legitimate organizations, claiming that immediate action is required—such as addressing a supposed issue with a bank account or a computer virus. The primary objective here is to access your financial or personal data.

Strategies to Counter Vishing

  • Evaluate the legitimacy of every call. If unsure, promptly end the conversation.
  • If the call initially seems credible, hang up and dial a verified number for the organisation, typically found on their official website.
  • Resist the urge to share any personal or financial information over the phone, regardless of the purported urgency.

Staying vigilant about CLI spoofing and vishing is essential. By recognising these hazards and being informed about preventive actions, you can better shield yourself from telecommunication fraud. Always verify the authenticity of suspicious calls and report any recognised scams.


Proactive Measures to Safeguard Against Telecommunication Frauds

Protecting you from scammers

From 1st November 2024, we’ll be taking action to help prevent scam calls received from abroad but showing a Maltese number as Caller ID, in line with Malta Communications Authority (MCA) guidelines.

These blocks may affect the ability of end-users to receive certain phone calls where the Caller ID is a Maltese number starting with ‘1’, ‘2’, or ‘8’. Whilst calls from mobile numbers (i.e. a Maltese number starting with ‘7’ or ‘9’) will not be impacted, there may be an impact on certain scenarios that involve ‘call forwarding’, or on calls placed by callers making use of overseas telephony providers that are not authorised to provide services in Malta.

Here’s what you need to know:

Call Blocking

We may need to block certain calls to fight scams:

Calls Forwarded to Malta

Calls from Maltese numbers starting with ‘1’, ‘2’, or ‘8’ towards foreign numbers that are then forwarded to a Maltese number.

Calls from Maltese numbers starting with ‘1’, ‘2’, or ‘8’ towards outbound roamers where the calls are late forwarded to a Maltese number. The term ‘outbound roamers’ refers to subscribers assigned Maltese numbers starting with ‘7’ or ‘9’ who are roaming whilst outside Malta (e.g. Maltese tourists abroad). 

If you consider that this may have an impact on your experience with forwarded calls, it is advisable to consider using alternative communications arrangements or channels. For instance, the call blocking measure will not have an impact where the calling party number is from the mobile ranges ‘7’ or ‘9’. Reach out to Melita should you need any further assistance.

Calls from Unauthorised Services

Calls from Maltese numbers starting with ‘1’, ‘2’, or ‘8’ made through internet-based or cloud-based services of providers not authorised with the MCA. Use the Check Facility for Authorised Service Providers to verify your exposure to this blocking measure.

Check Facility for Authorised Service

If you use online or cloud-based phone services with a Maltese number starting with ‘1’, ‘2’, or ‘8’, check if your service provider is authorised with the MCA.

1. Dial (+356) 2400 2400 from this online or cloud-based phone service to check if the corresponding service provider is authorised.

2. If your service provider is authorised with the MCA you should hear a voice announcement confirming that the phone call was made through an authorised service provider.

If you don’t hear such a voice confirmation, contact your service provider.

The MCA verification service is available from 4 June, 2024. For full details, read the MCA update here

Melita Business

Melita Business

Chat With Us

Connecting you to a live agent...

There was a problem connecting you to a live agent