Phone calls are used for a significant amount of communications and present a large target for attack. Caller identification (also referred to as caller ID) features that display an originating phone number in callee's device are prone to spoofing. For example, caller ID spoofing is commonly used by attackers to imitate a call agent of an enterprise (e.g., bank) and call the enterprise customers. A customer may have saved the enterprise phone number in a contact list or may otherwise recognize the enterprise phone number. Receiving a phone call from a known phone number, the customer may believe that the attacker is indeed a call agent of the enterprise. The attacker may then use social engineering to obtain other personal private information from the customer such as credit card information, social security number, and address.
Conventional technology does not provide an indication to the user whether a phone number of an incoming call is spoofed. As customers do not generally recognize enterprise call agents by voice or other attributes, the customers and enterprises remain vulnerable to these spoofing attacks.