We get a mostly Australian and some foreign (they are regular and last one started with a Japanese number +8111 about a month ago) . Australian numbers would work better as one is more likely to answer.
But are foreign or Australian caller ids initiated from overseas - I wouldn’t know but there are scammers everywhere including in Australia.
So in the case of Westpac number being spoofed, which is demonstrably not legitimate, why are those overseas calls not blocked now?
Because it is not illegal in the first place to use a spoofed number, the call itself is illegal once it is used to scam but not illegal if not used to scam. So scamming has to occur for the call to be illegal, an outcome that is only apparent after the call is made not while it is connecting to someone.
Spoofing as noted previously is not illegal because businesses may want only a single contact number to appear regardless of what actual numbers are used. Sometimes SMS come from a number shared by multiple businesses, it isn’t illegal unless the usage amounts to spamming or scamming. There is currently no obligation to stop spoofed numbers, if there was it would need to probably allow legitimate spoofing. Part of that would be to stop originating numbers that have no underlying linkage to Australian residency or business linkage to be allowed, right now however we sell numbers to anyone who wants one, and even those who don’t buy one are free to use a spoofed number because we don’t care if it is spoofed from here or overseas.
If a Telstra call centre in India as an example legitimately rang using a spoofed number, that would be a legal use of a spoofed number. If a non linked scam call centre rang the use of a spoofed number would be illegal, but we right now just don’t care that anywhere is using a spoofed number to appear as Australian. Those numbers that do look foreign are usually easy to discard if we are not expecting an overseas contact, harder to discard when it looks legitimate here as a number from Westpac or whomever , or that appears to us as an Australian contacting us.
None of this is perfect, however banning the use of numbers by ‘unconnected to Australia’ users would have an impact and also allow the use of filters that help stop overseas unlinked spoofed calls being allowed through.
And if this is applied to scam / spam text messages then it is a two-edged sword. Yes, it might cut down on the amount of rubbish being sent but, no, it means that universal surveillance may be occurring of the content of all text messages, which is not something to encourage.
And perhaps that indicates why this problem has not been fixed through technology i.e. not because it can’t be but because businesses want spoofing and their interests are being prioritised over the interests of scam victims.
In your particular example, there is also an obvious direct conflict of interest. Telstra benefits from spoofing but Telstra would be one of the major players in fixing this through technology.
I believe though that the pandemic has resulted in a fair number of call centres coming back on shore (Telstra included). So perhaps less of an issue right now. Strike while the iron is hot!
Even if spoofing was made illegal in Australia, it wouldn’t stop scammers spoofing numbers. It is unlikely that a scammer/criminal would think…‘I’ll stop spoofing because it is illegal but will continue to (illegally) scam consumers with non-spoofed numbers’. Unfortunately it won’t have any effect.
Until they develop robust (bulletproof) universal phone authentication/certification systems, spoofing will still occur. Any authentication/certification system will also need to be traceable to allow law enforcement to trace and prosecute those who use telecommunication systems for such purposes. Making it traceable may raise privacy issues for many as it means that any call will contain data which means the call is traceable.
Being an optimist, I look sooner rather than later a system being development and adopted universally. My pessimistic conscious voice suggests that it will be an uphill battle and not to hold my breath.
Only if you make it illegal. Making it illegal creates a problem to solve.
Ban it without making it illegal i.e. direct Australian telcos to end spoofing.
That way law enforcement time isn’t taken up tracing some two bit scammer in Russia, and whatever privacy erosions are threatened will not have to happen. Noone will be getting scammed due to spoofing. Of course some people will still get scammed anyway.
Since this would be Australia-only, Australian telcos should erase any CLI coming in from overseas and purporting to be Australian. All calls coming in from overseas must be identified either explicitly or implicitly as “overseas”. Of course the actual number explicitly identified as overseas may be fraudulent but that is beyond what I am attempting to solve. It doesn’t matter if someone claiming to be “Westpac” has a CLI that says they are calling from Sudan but they are actually calling from Russia.
“Telstra’s” call centre in India would say “overseas”. It’s not a dirty little secret any more that companies have outsourced to overseas call centres. There is no longer a need to hide the fact.
It would be nice if this could occur like it did for the old phone technology, but I understand that it isn’t yet possible for the new technology.
For what you are saying to occur, it would also require all international communications to be routed through a data processing entry point on arrival in Australia to ensure that phone calls are separated from other data, filtered and CLI removed. Something then needs to make a decision what happens to these calls - are they connected with no CLI or are they refused (which means Australia becomes a hermit state where calls to Australia can’t be made). So they will need to be connected, which may solve overseas spoofers, but not overseas scammer calls. It also assumes that spoofing only comes from overseas (which it doesn’t) and somehow those in Australia with spoofing technology can be found and it can be eradicated. 
I am clearly suggesting that they are NOT refused. If the CLI is obviously fraudulent (claiming to be Oz), it is erased. If the CLI is then or already empty, it is replaced with a generic “overseas”.
True. But the two measures together allow the Australian government to fix this problem, without relying on global agreement and future technology, the two measures being
The second item is not rocket science. You can already see it happening on my VoIP service. VoIP by definition does not have an A party (since there is no phone call, only internet data) so it is essentially mandatory to specify an A party number to be inserted.
I can configure in the web portal available from my VoIP service provider what A party number is transmitted as the call is passed from VoIP to the phone network but my VoIP service provider of course prevents me from selecting an A party number that I am not leasing from them.
The Australian government has massively excessive powers over tech companies, so they might as well use those powers to direct Australia telcos to end spoofing.
What evidence do you have of that?
I’m saying that one possible implementation of “Had a trial two years ago that stopped some scam [text messages]” would involve examining the content of all text messages. I did say “may be occurring”. I didn’t say “is occurring”.
I assume that, as we are at the end of the tax year, we can expect an increase next month of scammers trying to impersonate the ATO.
Enticing you via SMS and emails to click here to get your tax refund, or phone calls about your tax debt that needs dealing with.
So we have two ifs. If the trial was of text messages and if it was done by examining the content of those messages then we may have a problem.
Why add such speculation to this thread? If you want to talk about ways privacy may be compromised why not start your own thread instead, or take the trouble to find out the answer to the two ifs if you seriously think it is relevant to this thread.
As an aside, this will be coming to a location near ‘you’ one way or another. Perhaps best read as a prototype.
I have silenced all my 'unknown number’s. If they leave a message I will listen to it. If it is a genuine call I will call the number. It rarely is a genuine call and now 99% of the numbers are now blocked by me. I have in the past received a call from my bank, regarding a suspicious transaction. I was able to elicit enough information from the caller, and I called the person back. It turned out to be a genuine call. If I receive any SMS from my bank, I would call my known bank number back to verify the number or person. I have done that in the past too. So far, this has worked for me.
Since the capability to break the AES-256 encryption key within an actionable time period may still be decades away, our Utah facility is sized to store all encrypted (and thereby suspicious) data for safekeeping.
The assertion that “encrypted” implies “suspicious” is so so so sick.
I wonder how they will go decrypting the literally meaningless random packets that I intentionally transit the US so that the packets can be stored in Utah.
No matter how many exaflops you have at your disposal, if you can turn random data into something that is actually suspicious then you have a serious bug.
You may not have noticed. That site hosting the story is a parody site. They say so themselves. But a dead giveaway is that it is a .info one. 
Each NSA facility uses more electricity than most small and some mid-sized cities.
Do you think the capability is fake news or really just a parody even though the info site is? Sometimes parodies, such as The Shovel, increasingly are reporting the news before it happens and are questionably satire sites any more 
The vast computing power and data storage of the ‘No Such Agency’ is no more capable of decrypting something in a useful time-frame that has used something like 3DES or AES256 than my mobile is.
That may be the case, but if it is not we will likely never know.
My apologies for the OT ‘prototype’ remark, so best to leave it or take it to another relevant topic.
