Given the significant increase in cases of fraudulent use of numbering resources, ANCOM has identified and imposed a series of measures to limit a phenomenon known as"CLI Spoofing" -i.e. , manipulating the caller ID information to display a fake number for incoming calls. The implementation of these measures aims to significantly reduce the incidence of such cases.
Following an in-depth analysis and consultation with the main providers of electronic communications services and with the representatives of the Criminal Investigation Directorate of the General Inspectorate of the Romanian Police, ANCOM established that the blocking of calls initiated from outside the territory of Romania falsely displaying certain national numbers – mainly fixed telephony or national fixed and mobile numbers – that are incorrect or incomplete is the most feasible solution to fight this phenomenon.
Implementing this technical solution aims to significantly reduce the incidence of CLI Spoofing, in the case of scams by which a user is called on behalf of an official entity, including in situations where users' contact details have been obtained following interactions with deepfake materials generated with artificial intelligence (including generative AI).
The Authority draws attention to the fact that the application of technical measures alone cannot lead to the eradication of fraud cases, therefore users are encouraged to continue to exercise special caution and to take precautions in the event that they receive calls from suspicious phone numbers:
- to verify the identity of the caller;
- not to provide personal data over the phone (identification data, bank details, passwords, PINs, etc.);
- to update the software and applications on their phone constantly;
- to report these situations to the authorities.
Thus, the Authority issued decisions for electronic communications service providers that provide interconnection links with networks outside the national territory, imposing on them the obligation to block – starting with 7 July 2025 – calls originating outside the territory of Romania to national numbers and presenting as caller line identifier (NNP) either numbers from the National Numbering Plan (NNP), other than those in the domains 0Z = 06 or 0Z = 07, or numbers that have the country code of Romania (+ 40) but do not comply with the numbering resource structure provided by the Plan.
This measure is not applicable if providers can establish with certainty that NNP numbers are legitimately used as a calling line identifier, even though they are received via international routes. Thus legitimate calls can mainly be:
- Calls from NNP numbers to users of foreign mobile numbers roaming in Romania;
- Calls originating from NNP numbers to users located abroad (either to NNP numbers of users roaming in other countries, or to international numbers) that have activated the call forwarding to a national number function.
Calling Line Identification and "CLI Spoofing"
Calling Line Identification (CLI) is an essential feature of public electronic communications networks that allows to display the caller's number on the recipient's device before answering the call or to display the number or name that identify the sender of the messages.
This helps to improve security and convenience in the use of electronic communications services. By displaying the caller's number, recipients can decide whether or not to answer a call, filter out unwanted calls, and quickly identify the source of a communication. In the business environment, calling line identification optimizes the management of customer relationships, allowing the call-center department and companies to personalize interactions with their customers. This functionality also plays a critical role in emergency calls, making it easier to locate the caller.
Moreover, the functionality also poses significant risks, especially in the context of the increasing use of IP technologies. Manipulation or falsification of the calling line identification (CLI "Spoofing") is an increasingly common practice, used in fraud or unwanted calls made by automated means. The use of caller identification in IP networks introduces additional challenges regarding authentication and protection of the caller identity, as the displayed number can be incorrectly generated or changed while transiting various networks.
