Top Up Pay Bill

Understanding the Threats of CLI Spoofing and Vishing

Tuesday, May 21, 2024 by Melita

Understanding the Threats of CLI Spoofing and Vishing
In our increasingly connected world, telephone communication remains a crucial part of our daily interactions. However, this dependence also opens up opportunities for fraudsters to exploit unsuspecting individuals through tactics such as CLI (Caller Line Identification) spoofing and vishing. Here’s a breakdown of what these terms mean, along with some simple actions you can take.  Being aware and better prepared means you’re less likely to fall victim to these scams.

What is CLI Spoofing?

CLI spoofing occurs when a scammer alters the caller ID to make it appear that the call is coming from a different number – often one that you recognise and trust, such as a local bank, a government agency, or a well-known company. This trick is meant to convince you to answer the phone and trust the caller. The aim is often to persuade you to divulge personal information or financial details under false pretences.

  • Never give out personal information, passwords or financial details over the phone.
  • Genuine companies will not ask for this information over the phone.

What is Vishing?

Vishing involves scammers using fake identities and urgent language to manipulate someone into revealing sensitive information. They might pose as representatives from credible organisations, claiming there’s an urgent issue that requires immediate action, such as a problem with your bank account or a supposed virus on your computer. The ultimate goal is to gain access to your financial accounts or personal data.

  • Always ask yourself if the call is credible. If in doubt, end the call.
  • If you think the call might be credible, end the call then call back to the number you have for the organisation, or is available on their website.
  • Even if the caller says it’s urgent, don’t give out personal information, passwords or financial details over the phone.

Keeping informed about the risks of CLI spoofing and vishing is crucial. By understanding these threats and being aware of the measures in place, you can better protect yourself from becoming a victim of telecommunication fraud. Always remember to verify suspicious calls and report anything you know is a scam.


Protecting you from scammers

From 1st November 2024, we’ll be taking action to help prevent scam calls received from abroad but showing a Maltese number as Caller ID, in line with Malta Communications Authority (MCA) guidelines.

These blocks may affect the ability of end-users to receive certain phone calls where the Caller ID is a Maltese number starting with ‘1’, ‘2’, or ‘8’. Whilst calls from mobile numbers (i.e. a Maltese number starting with ‘7’ or ‘9’) will not be impacted, there may be an impact on certain scenarios that involve ‘call forwarding’, or on calls placed by callers making use of overseas telephony providers that are not authorised to provide services in Malta.

Here’s what you need to know:

Call Blocking

We may need to block certain calls to fight scams:

Calls Forwarded to Malta

Calls from Maltese numbers starting with ‘1’, ‘2’, or ‘8’ towards foreign numbers that are then forwarded to a Maltese number.

Calls from Maltese numbers starting with ‘1’, ‘2’, or ‘8’ towards outbound roamers where the calls are late forwarded to a Maltese number. The term ‘outbound roamers’ refers to subscribers assigned Maltese numbers starting with ‘7’ or ‘9’ who are roaming whilst outside Malta (e.g. Maltese tourists abroad).

If you consider that this may have an impact on your experience with forwarded calls, it is advisable to consider using alternative communications arrangements or channels. For instance, the call blocking measure will not have an impact where the calling party number is from the mobile ranges ‘7’ or ‘9’. Reach out to Melita should you need any further assistance.

Calls from Unauthorised Services

Calls from Maltese numbers starting with ‘1’, ‘2’, or ‘8’ made through internet-based or cloud-based services of providers not authorised with the MCA. Use the Check Facility for Authorised Service Providers to verify your exposure to this blocking measure.

Check Facility for Authorised Service

If you use online or cloud-based phone services with a Maltese number starting with ‘1’, ‘2’, or ‘8’, check if your service provider is authorised with the MCA.

  1. Dial (+356) 2400 2400 from this online or cloud-based phone service to check if the corresponding service provider is authorised.
  2. If your service provider is authorised with the MCA you should hear a voice announcement confirming that the phone call was made through an authorised service provider.

If you don’t hear such a voice confirmation, contact your service provider.

The MCA verification service is available from 4 June, 2024. For full details, read the MCA update here