Hi guys, last night I was victim to a drunken prank call by on of my friends ). The call was made from one mobile to another, and the call appeared as 'withheld'. Anyways it got me thinking scout called ID related mobile phone forensics and cases related to stalking. I asume these kind of "attacks" are done using the old three digit code before dialling the victims phone number (141 is it?). Any way I was wondering how forensic investigatirs deal with this, I imagine it comes up slot. Does the phone technolgy work in such a way that the attackers number is withheld at the exchange or is does it arrive at the victims mobile phone and is simply just hidden. If this is the case wouldn't a phone investigation reveal the withheld number. And if it is not the case what would the investigator do? (perhaps request the call logs from the provider with some kind of warrent). I think it may be a cheeky little experiment for me and my friends Monday morning in the uni forensic lab, with the XACT bundle 😉 to pass some time before lectures.
error
Some standards that may interest you for your Uni project
- GSM0281 - Line Identification Supplementary Services
- GSM0296 - Name Identification Supplementary Service
"141" although used, you may also want to take into account
(i) The user may have profiled the handset or another person selected handset not to send CLI - thus "141" would not be keyed in before the dialled number. The "another person" scenario can occur when buying a second hand phone and the buyer doesn't look to see how the phone was previously profiled.
(ii) Spoof CLI number
(iii) Call from Internet
(iv) Call made through a company's private network telephone system
(v) International number and/or IWF does not present CLI
(vi) Call Diversion
(vii) Some handsets do not display "number withheld", for instance the Nokia 6303 displays simply "Call" and in the call history displays "(no number)". The called party wouldn't know which of the other events caused that to occur.