> - How can a spam caller call me with a source phone number that does not exist?
The same way they make a call with any source number. The two source numbers in a call (ANI and CallerID which don't need to be the same) have historically been not required and not validated. See stir/shaken for a modern effort to change this. Coming soon to a carrier near you; maybe.
Being able to set the source number enables many useful things as well as some spam/harassment/fraud uses. It requires a lot or coordination to allow the former and restrict the latter.
TLDR: don't trust caller id. Don't call people back unless you know the number/it's an expected call.
> - Shouldn't my mobile phone network verify that the caller - which was also inside their network - is a valid subscriber? Otherwise, how can they bill someone for this call?
Call billing records don't use caller id in the way you're thinking. If you pay for incoming calls, they're charged regardless of the source number, but it's recorded for informational purposes.
For outgoing calls, the call record is made closer to the source and is tied to the line that made the call, not the source number.
For intercarrier calls (which almost certainly the case here), the source carrier bills its customer and the interconnecting carriers count minutes on calls and settle up for net difference in flows (calling carrier pays, but interchange fees are going to zero among US carriers)
> - How does this kind of scam call work technically?
Get a phone account where you can set the caller id and calls are cheap; call a lot of people; successfully scam one or two; take the money and run.
Some voip accounts let you set caller id. Traditional primary rate interfaces (T1) usually do too.
To go further on this, the T1/DID allows you to set various numbers for the outgoing (for example, so that all calls from your company appear as "main company number", or all calls from support people come from the "support number"). The CallerID is very easy to replace with anything, but even the ANI can be replaced, and until recently, nobody verified anything at all.
And lots of "back end" things depend on this silliness - for example, some MVNO actually have TWO phone numbers associated with the phone: a VOIP "real number" and a secret "actual cell number" - Republic Wireless had this for sure. The VOIP number is what you'd give everyone, and they'd do routing weirdness to use Wifi whenever possible. The "real" cell number would go direct to the phone but not normally appear anywhere.
Yeah when I was on Republic Wireless I'd sometimes get calls from people who had called the "secret" number because it had been recycled. I used to get calls from the county clerk's office reminding me of my upcoming court dates and probation appointments. I called them back and said you must have a wrong number, they checked and of course had no record of my phone number on any of their records and could not understand why I was getting these calls, nor could they figure out who should have been getting them. Later I realized that someone must have had that "secret" number recently and it had been recycled into Republic's pool.
The same way they make a call with any source number. The two source numbers in a call (ANI and CallerID which don't need to be the same) have historically been not required and not validated. See stir/shaken for a modern effort to change this. Coming soon to a carrier near you; maybe.
Being able to set the source number enables many useful things as well as some spam/harassment/fraud uses. It requires a lot or coordination to allow the former and restrict the latter.
TLDR: don't trust caller id. Don't call people back unless you know the number/it's an expected call.
> - Shouldn't my mobile phone network verify that the caller - which was also inside their network - is a valid subscriber? Otherwise, how can they bill someone for this call?
Call billing records don't use caller id in the way you're thinking. If you pay for incoming calls, they're charged regardless of the source number, but it's recorded for informational purposes.
For outgoing calls, the call record is made closer to the source and is tied to the line that made the call, not the source number.
For intercarrier calls (which almost certainly the case here), the source carrier bills its customer and the interconnecting carriers count minutes on calls and settle up for net difference in flows (calling carrier pays, but interchange fees are going to zero among US carriers)
> - How does this kind of scam call work technically?
Get a phone account where you can set the caller id and calls are cheap; call a lot of people; successfully scam one or two; take the money and run.
Some voip accounts let you set caller id. Traditional primary rate interfaces (T1) usually do too.