Europol urges coordinated EU action against caller ID spoofing

EU-level standards, stronger cross-border coordination and clearer rules are being urged to combat caller ID spoofing, as Europol warns that fragmented defences leave hundreds of millions vulnerable to increasingly sophisticated phone and SMS fraud.
Europol confirmed that a $50,000 reward for Qilin ransomware members circulating on Telegram is a scam, highlighting ongoing disinformation in cybercrime circles.

Europol calls for a Europe-wide response to caller ID spoofing, which criminals use to impersonate trusted numbers and commit fraud. The practice causes significant harm, with an estimated €850 million lost yearly.

Organised networks now run ‘spoofing as a service’, impersonating banks, authorities or family members, and even staging so-called swatting incidents by making false emergency calls from a victim’s address. Operating across borders, these groups exploit jurisdictional gaps to avoid detection and prosecution.

A Europol survey across 23 countries found major obstacles to implementing anti-spoofing measures, leaving around 400 million vulnerable to these scams.

Law enforcement said weak cooperation with telecom operators, fragmented rules and limited technical tools to identify and block spoofed traffic hinder an adequate response.

Europol has put forward several priorities, including setting up EU-wide technical standards to verify caller IDs and trace fraudulent calls, stronger cross-border cooperation among authorities and industry, and regulatory convergence to enable lawful tracing.

The proposals, aligned with the ProtectEU strategy, aim to harden networks while anticipating evolving scammers’ tactics such as SIM-based scams, anonymous prepaid services and smishing (fraud via fake text messages).

Brussels has begun a phishing awareness campaign alongside enforcement to help users spot and report scams.

Would you like to learn more about AI, tech and digital diplomacyIf so, ask our Diplo chatbot!