ITU-T Focus Group Digital Financial Services
                                                      Recommendations







                Title of recommendation       Trusted Phone Number Spoofing
                Working Group                 Technology, Innovation and Competition

                Workstream                    Security
                Audience for recommendation   MNOs, regulators.





                MNOs and regulators should undertake active customer awareness campaigns to educate consumers about mali-
                cious messages, phishing, and spoofing attacks.


               Market participants and regulators should encourage consumers and victims of such attacks to report the
               mobile number of malicious attackers to MNOs. This can allow MNOs to send warning messages throughout
               their network and to ensure that such mobile numbers are permanently blocked from the system, as well as
               providing a means of investigating and prosecuting the perpetrators of these actions.
               MNOs should monitor incoming calls from interconnect carriers and undertake fake caller line ID analysis. A
               blacklist or whitelist of known bad (or good, respectively) caller line IDs, as well as other security mechanisms,
               should be implemented in order to mitigate the risks of attackers attempting to steal customer credentials.






















































                30