Lisbon, July 20, 2025 (Lusa) - Anacom reports that complaints about phone number hijacking associated with fraudulent calls and messages have more than doubled this year and is calling for changes to the law to stop these practices.
Lusa contacted the electronic communications regulator, and an official source revealed that in 2025 so far, the regulator has received around 70 complaints about these practices, “more than double those received during 2024 (around 30)”, adding that “around 75% of requests relating to spoofing were recorded in the second quarter”.This type of fraud attempt, known as “spoofing”, involves using telephone numbers assigned to real people, who are entirely unrelated to the fraud, to contact potential victims.
Using these numbers, the perpetrators pose as trusted companies, such as banks, payment platforms or operators, to deceive those who answer.
The electronic communications regulator said that in October 2024, it proposed to the previous government an amendment to the Electronic Communications Law to enable more effective action to combat the phenomenon. The proposal includes “the inclusion of a provision on combating abusive practices associated with the spoofing of numbers or alphanumeric identifiers appearing in the identification of the calling line or the sender of a message,” it explained.
Anacom said that if the regulator approved the change, it would "ensure verification of implementation and compliance with the resulting obligations for companies offering electronic communications services".
The regulator stressed that “spoofing” is “instrumental in the commission of other crimes (e.g. fraud, computer fraud, etc.)” and that, whenever user contacts indicate criminal activity, the regulator forwards the situation to the competent authorities.
To this end, it has been collaborating with the National Cybersecurity Centre, the Judicial Police, communications operators, the Bank of Portugal, and representatives from the banking sector. which is one of the most focused on in these schemes, to find technical solutions to mitigate the problem.
At the same time, evaluators assess mitigation measures, such as blocking international calls with manipulated identifiers or deploying call authentication systems similar to those implemented in other countries. However, “these initiatives result from actions under the respective national legislative frameworks and arise from a common obligation within the European Union,” Anacom explained.
Telecommunications operators, represented by Apritel, said they are “closely monitoring the proliferation of criminal activity involving the manipulation of message identifiers (spoofing)”.
The association points out that “this phenomenon stems from calls originating abroad, with manipulation of the caller ID, and, as such, operators cannot be held responsible for this activity”.
Nevertheless, it assures that operators “are working continuously to preserve the integrity and security of their networks and their customers’ communications”.
The fight against “spoofing” and all forms of fraud “is an issue that operators take seriously and to which they give top priority, so they are doing everything they can to promote the integrity of services and minimize the effects of any cases,” Apritel said.
To this end, Anacom set up a working group within its organisation “to strengthen cooperation between these entities and find the best possible solutions,” it adds.
Within the working group, Apritel argues that “we should systematically identify spoofing calls, such as calls originating abroad but with a national caller ID, anonymising or even blocking those calls when we detect telephone number spoofing”.
To this end, “we must comply with the legal framework in force and the existing technical constraints and find a platform of understanding between the members of the working group that will allow us to implement these mitigation measures as soon as possible”.
SCR/ADB // ADB.
Lusa
