Scam callers will be blocked from displaying obviously fake caller IDs to potential victims under tough new rules.
The new measure aims to tackle the problem of 'number-spoofing' scams, in which scammers display fake numbers or text message shortnames to mask their true identity.
Loopholes in the current technology and regulation mean scam victims can receive, for example, calls that appear to come from the genuine helpline of their bank, or texts which display a bank's name.
Almost 45 million people were targeted by scam calls and texts in the summer of 2021, according to Ofcom.
When you receive a call, you might assume that the number displayed on your phone's caller ID is genuine. Sadly that's not the case - your phone can lie to you.
It's shockingly simple to do because calls and texts placed online (using widely available software) allow you to present any number or text message shortname you wish.
The same software also allows you to send thousands or even millions of calls and texts in one go.
It's a useful option for legitimate organisations such as banks, large retailers and GP surgeries. For example, banks sometimes call customers from a non-dialable number, so opt to present a different caller ID in case customers want to call them back.
But in the hands of fraudsters, the software can be used to send vast numbers of scam calls or texts which appear to come from a legitimate source.
Victims, lulled into a false sense of security, are then persuaded to part with valuable details such as passwords and card details.
In 2019, Ofcom launched a scheme called 'do not originate' (DNO), which is aimed at protecting phone numbers from some of the most spoofed organisations such as banks, HMRC and insurers.
Put simply, DNO applies to numbers from which no outbound calls are ever made. So if a bank prints a customer service number on the back of its debit cards, but never actually dials customers from that number, it could enrol that number in 'do not originate'.
The scheme is an instruction to phone networks. It informs them that no legitimate outbound calls are ever made from the number, and therefore calls appearing to be from this number should always be blocked.
However, today's announcement goes much further than DNO, which is a voluntary initiative.
Ofcom is now proposing a rule change that will require UK phone networks to block some spoofed calls. These include calls from numbers which:
Phone companies will also be expected to perform more stringent 'know your customer' checks on business customers, to prevent fraudsters from using their services.
Ofcom says these could involve 'checking the Companies House register, fraud risk databases and the FCA's Financial Services Register to uncover information that may indicate a high risk of misuse by the customer seeking to use phone numbers.'
Taken together, the measures - if implemented - would block more scam calls from getting through to customers. They would come into effect in early 2023.
However, a more thorough process to 'authenticate' calls won't be possible until the entire UK landline phone network has moved from copper wiring to a digital system, in 2025.
The announcement was welcomed by Which? Director of Policy and Advocacy, Rocio Concha, who said:
'Consumers are being bombarded every day with scams, and exploiting weaknesses in the telecoms network has been one way that fraudsters have tricked victims out of significant sums of money, so it's good to see the regulator taking action to crack down on this type of fraud.
'Companies should be doing more checks on business customers, and as fraudsters are constantly evolving their tactics, it's important that Ofcom and industry leaders continue to work together on proactive network level solutions that prevent fraudulent activity.
Consumers should also remain vigilant about the threat of scams. Anyone can sign up to Which?'s scam alerts service for regular updates on the latest tactics being used by fraudsters.