Spamming People using Dead VOIP Numbers..

So, Someone posted this to the Asterisk-Users list today, interesting because I myself have received a few calls from these toll frees, well, not these specific ones, but from ones with the exact same circumstances. This post got me to thinking, what if spammers are trolling all the SIP/IAX Providers websites that list out the VOIP DID Prefixes without username/password that are available, or are just reading off regular mailings from these companies. IE: Say you scan a few websites, and see that they have did's available in a bunch of prefixes, you simply call all the ones that are available with a wardialer and see which ones aren't dead, and which ones are. Then, use the dead ones in your outgoing CID spoof, which will lead back to the originating voip company, and not yourself. I'm not saying that's what these people are doing, but just something that I started thinking about when reading this guys post. I'm sure there are a plethora of ways they could be doing this, but interesting none the less. anyway, here's the post:

 

 

 

Hello all,

not sure this belongs here, but I'm wondering if anyone else has
received "phone spam" lately. Over the last eight weeks, I've received
over 60 calls to my toll-free numbers, originating from various fake
numbers in the 940 and 956 area codes. When I still *listened* to them,
they began with "for all your office needs go to smtmco.com."

Whenever I call the numbers back (based on caller id), I get one or two
rings, then a click, then dead air. That's also the reason I'm posting
this here -- these folks either have access to a large pool of numbers,
or to a list of "dead" numbers. The last six numbers (three today) are:
940.387.0483
956.982.1640
940.891.6197
956.554.7617
940.891.6099
956.421.3378

The 956 numbers are all SWBell exchanges, while the 940s are GTE/Verizon
exchanges. All calls came in through my toll-free numbers (which in
turn are hosted by vitelity/exgn).

The website referenced isn't loading, but registered to:

Registrant:
Sales Team
321 High School Rd NE, PMB 348
Suite D3
Bainbridge Island, Washington 98110
United States
(800) 921-0136 ; NS1.ORDERSHOPPER.COM

Ordershopper.com also seems a dead-end, as it's registered "by proxy",
as all good spammers do.

I have since established a greylisting function, which simply does the
zapateller and then prompts the caller to call back within ten minutes
to be put through. If the same caller (by ID) calls the same number
within those 10 minutes, he's put through to a person and whitelisted.
If the caller hangs up before hearing the message (during the SIT tone),
the numbers is marked for blacklisting. Outgoing calls are
automatically whitelisted, as are certain (local) area codes. This has
kept the phone silent for a couple of weeks, and afaik, no valid calls
were killed.

But the real question is -- has anyone else seen this?