Using android advantage against it to do call spoofing

It will be an short article , 6.378 billion people in this planet use smart phone , to call someone or receive call , to browse facebook/social media , to do many smart thing. In the function of calling android always takes + as 0 , Example : Suppose a Phone Number Saved Your Phone As 01234567891 , But someoned called with the same last 10 digit number but the first one is + insted of 0 , In this situation android will show the name of the saved number , because in the first line of this article i mentioned android always takes 0 as + , its an security threat to every smartphone user if the don’t look at the incoming call number correctly , some time when the incoming call is not on full screen it will only show the name [ if saved].

In Bangladesh , Our Phone Number starts With 0 example: 01712345678 , it’s not the issue , at first i mentioned android always converts + to 0 , USA country code is +1 , If Someone wanna spoof someones number from your contact list , he just needs the number , then he can convert it to USA VOIP number to spoof call. Let Me Show You a P.O.C, For Better Understanding.

POC

Many Of online free calling app are available to spoof call using this function , if the smart phone user is not aware to look at the number before get spoofed or scammed . It’s an security issue for causing human error.

[This Is an Article based on research purpose , no application or software or program is specified to spoof call , and we do not promote call spoofing , if someone use this information to spoof call , Our Research team will be not responsible for any of his/her action.]

--

--

--

Security Researchers | Ctf Player | Web-Application Pen-tester | Programmer

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

BUILDING HOTEL MANAGEMENT SYSTEM IN DJANGO

Spring Boot + Kafka + Schema Registry

DatSetuSeSetupStep by step guide to install Atlassian Bamboo

Bamboo Systems Requirements — Source: https://confluence.atlassian.com/bamboo/bamboo-best-practice-system-requirements-388401

Testing Laravel authentication flow

Set up workflows with State Machine on Drupal Commerce 2.x

Working with unstructured Data in BigQuery

Avoid The Three Mistakes When Using a Map in Go

Learning about GIT

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Joy Ghosh

Joy Ghosh

Security Researchers | Ctf Player | Web-Application Pen-tester | Programmer

More from Medium

Hack the Box — Appointment

Mustacchio Walkthrough | Try Hack Me | Ally Petitt

Log4Shell Exploitation (CVE-2021–44228)

Vulnhub: basic pentesting 1 (Walkthrough)