Europe’s phone networks are drowning in fake calls

Caller ID spoofing has become one of Europe’s most persistent enablers of cyber fraud. A new position paper from Europol warns that manipulated phone identities now drive much of the continent’s financial and social engineering crime, making it difficult for law enforcement to track perpetrators. The agency estimates global losses at around EUR 850 million a year, with phone and text-based fraud accounting for roughly two thirds of reported scam cases.

A network flooded with fake calls

By using Voice over IP services or dedicated apps, attackers can make calls appear to come from trusted sources such as banks, government agencies, or even family members. The goal is to build credibility long enough to steal money or data.

One example came from Finland, where telecom operator Elisa reported that before new anti-spoofing measures were introduced, up to 90% of incoming calls from abroad on weekdays were fraudulent. Most appeared to come from local Finnish numbers, timed to reach users during office hours. The case showed how easily a national network can become saturated with deceptive traffic, disrupting not just individuals but also business operations.

Law enforcement struggles to keep up

Attackers use caller ID spoofing to impersonate legitimate organizations in tech support scams, trick victims into transferring money, or stage false emergency calls known as “swatting.” These crimes often cross borders, allowing organized groups to operate from countries where they face little risk of prosecution.

Criminals exploit jurisdictional differences to stay ahead of national authorities. Some even run “spoofing-as-a-service” operations that rent out the tools needed to impersonate trusted entities. Such services make it easier for smaller groups or individual scammers to launch convincing campaigns with minimal technical skill.

The imbalance between how easily spoofing can be done and how difficult it is to trace continues to frustrate investigators. The agency argues that this situation is no longer sustainable for European public safety.

Gaps in coordination and policy

Europol gathered input from 23 EU member states and found widespread obstacles to anti-spoofing efforts. Law enforcement agencies cited weak collaboration with telecom operators and regulators, limited resources, and unclear mandates. The findings reflect conditions affecting about 400 million people who remain exposed to spoofing-related scams.

Investigators said they often lack direct contacts at telecom firms and struggle to get the technical data needed to trace calls. Regulatory frameworks differ between countries, limiting the ability to conduct cross-border inquiries. In some cases, operators hesitate to share information because legal responsibilities are unclear.

Building a unified European response

The paper calls for EU-wide technical standards to identify and block spoofed calls and proposes a neutral international traceback system to track calls across networks.

At the policy level, member states are urged to align their legal frameworks so that investigators know who can issue traceback requests and what data can be shared. Definitions of legitimate versus illegitimate spoofing would help telecom providers understand when to block traffic and when to allow it. While some countries are testing authentication systems such as STIR/SHAKEN, a single model may not fit every legal or privacy context in Europe.

The transnational nature of spoofing attacks requires seamless information sharing and coordinated action among internet service providers, telecom operators, law enforcement, and regulators.

Beyond caller ID

Even as spoofing defences improve, Europol warns that criminals are shifting tactics. SIM-based scams, anonymous prepaid services, and callback frauds continue to evolve. The agency suggests that telecom operators apply stronger “Know Your Customer” and “Know Your Transaction” checks to verify identities and detect misuse of network resources.

Smishing, or SMS phishing, remains a continuing risk that will need ongoing updates to filtering and detection methods.

Aligning with the EU’s security strategy

The recommendations align with the European Commission’s ProtectEU strategy, which aims to strengthen the Union’s capacity to fight organized crime and protect citizens online and offline. Europol identifies caller ID spoofing as a key enabler of cyber-enabled fraud and calls for its mitigation to be treated as a shared European priority.

Fraudsters will continue to exploit trust in communication systems until those systems are rebuilt on verified identities and consistent oversight. Achieving that will depend on cooperation between public authorities, telecom providers, and the wider cybersecurity community.