Skip to content

Instantly share code, notes, and snippets.

@ivangabriele

ivangabriele/README.md

Last active January 21, 2026 04:26
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save ivangabriele/2148817450efd92eeca4088b903934a1 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save ivangabriele/2148817450efd92eeca4088b903934a1 to your computer and use it in GitHub Desktop.
Download ZIP
Phone Number Call Shielding Against Scammers
Raw
README.md

Phone Number Call Shielding Against Scammers

It's not mandatory but I recommend having 2 phone numbers in your life:

  • A private phone number that is only shared with your private circle and institutional parties (public administration, banks, etc). In short with organizations you're absolutely sure they would never share your phone with anyone else and that are (normally) less likely to be successfully hacked.
  • A public phone number for everything else (shops, apps registrations, etc). This phone number will be among data leaks at one point or another, likely multiple times within a few years.

This is why this setup focuses on protecting the voice part by at least helping you record vocal scams (which are far more dangerous than SMS ones). This is a life changer in terms of deterrence and in terms of legal proof if it ever comes to that.

Note

This strategy doesn't cover vocal scams using third-party app like WhatsApp, but a simple advice is: NEVER use third-party apps to communicate with anybody else than people you know (and even there, be extremely careful). Limit yourself to using the good old native phone calls for everybody and everything else.

This setup protects a public phone number against scam and impersonation calls by inserting a self-hosted IPBX that:

  1. Warns callers they are being recorded.
    This is not legally mandatory in some jurisdictions when done by an individual. But keep in mind that warning callers is an excellent way to instantly deter scammers. It's also more ethical.
  2. Requires explicit consent (DTMF key press).
    This is rarely legally mandatory in most democratic jurisdictions when done by an individual.
  3. Records the call server-side (a cheap VPS is largely enough).
  4. Only then forwards the call to the user (yourself).

SMS remains untouched on the mobile SIM, which is very useful to keep using SMS natively on your phone.

This is designed for personal use and legal clarity in most democratic countries.

🎯 Goals

  • Deter phone scams (crypto, impersonation, social engineering)
  • Keep Android and iOS stock (no root, no call-recording apps)
  • Preserve banking / administration compatibility
  • Keep full control (self-hosted, open-source)
  • Minimal cost and complexity

πŸ“‹ Prerequisites

  • A VPS or dedicated server (1 vCPU, 1 GB RAM minimum)
  • A SIP trunk / VoIP provider account with a DID (phone number)
  • A domain name (optional but recommended for TLS)
  • Basic Linux administration knowledge
  • A mobile operator that supports unconditional call forwarding

πŸ’° Estimated costs

Component Monthly cost
VPS (entry-level) €3–6
SIP trunk + DID €1–5
Total ~€5–10/month

Some VoIP providers charge per minute for inbound calls (typically €0.01–0.02/min), others offer flat-rate DIDs.

🧠 High-level architecture

flowchart TD
    A[Caller]
    B[Public mobile number]
    C[VoIP number]
    D["IPBX (FreePBX)"]
    E["Announcement: 'This call is recorded. Press 1 to continue.'"]
    F[Recording starts]
    G["SIP app (Linphone)"]
    H[User phone]

    A --> B
    B -->|Call forwarding| C
    C --> D
    D --> E
    E --> F
    F --> G
    G --> H
Loading
  • SMS stay on the SIM (not forwarded)
  • Private phone number is not involved at all

🧩 Components

1. Public mobile number

  • Existing number
  • Kept on SIM
  • Used for registrations, shops, exposure

2. Call forwarding

  • Enabled at the mobile operator level
  • Forwards calls to a VoIP number (DID)
  • SMS are not forwarded

3. VoIP / SIP trunk provider

You need a provider that offers:

  • An inbound DID (the number your mobile will forward to)
  • SIP trunk connectivity to your IPBX
  • Reasonable per-minute or flat-rate pricing

Examples of compatible providers:

Provider Region Notes
OVH Telecom EU Good pricing, French support
Twilio Global Pay-as-you-go, easy API
SIPGATE DE/UK Free tier available
Vonage Global Enterprise-grade
OnOff FR Virtual numbers, app-based

4. IPBX server

  • Software: FreePBX (based on Asterisk)
  • Hosted on a small VPS or dedicated server
  • Responsibilities:
    • Answer incoming calls
    • Play warning message
    • Collect DTMF consent
    • Record calls
    • Forward calls to the user

5. SIP client on phone

  • Example: Linphone
  • Receives calls via internet (Wi-Fi / 4G / 5G)
  • No interaction with Android telephony stack
  • No impact on banking apps

πŸ› οΈ Basic setup steps

Warning

This is a high-level overview. Refer to the official documentation for detailed instructions.

1. Deploy FreePBX

# On a fresh Debian/Ubuntu VPS
wget https://github.com/FreePBX/sng_freepbx_debian_install/raw/master/sng_freepbx_debian_install.sh
chmod +x sng_freepbx_debian_install.sh
./sng_freepbx_debian_install.sh

Or use the official FreePBX ISO for a turnkey installation.

2. Configure your SIP trunk

In FreePBX Admin β†’ Connectivity β†’ Trunks:

  • Add your provider's SIP credentials
  • Configure inbound routes to point to your IVR

3. Create the IVR (Interactive Voice Response)

In FreePBX Admin β†’ Applications β†’ IVR:

  • Create a new IVR
  • Upload or generate a warning message (e.g., "This call is recorded for security purposes. Press 1 to continue.")
  • Set option 1 to go to your extension
  • Set timeout/invalid destinations to hang up

4. Enable call recording

In FreePBX Admin β†’ Applications β†’ Extensions:

  • Edit your extension
  • Set "Inbound External Calls" recording to Force

5. Configure your mobile's call forwarding

On your mobile (or via operator portal):

# Unconditional forwarding (all calls)
**21*[VoIP DID number]#

# To disable
##21#

6. Install a SIP client

On your smartphone:

  • Install Linphone (iOS/Android)
  • Configure with your FreePBX extension credentials
  • Enable push notifications for reliability

βš–οΈ Legal note

Caution

Laws vary significantly by jurisdiction. Verify local regulations before implementing.

  • One-party consent is sometimes sufficient when you are part of the call
  • Explicit warning strengthens legal safety and deterrence
  • Recording is done server-side after consent
  • Publishing recordings is a separate legal matter

πŸ’‘ Why this works

  • Scammers are warned before the user speaks
  • Robocalls usually hang up immediately
  • Human scammers often disengage or reveal themselves
  • User gains psychological and legal upper hand
  • Proof is available if reporting is needed (e.g. 33700.fr)

πŸ§ͺ Testing checklist

  • Call public number from another phone
  • Verify warning message is played
  • Verify "press 1" is required
  • Verify call is recorded
  • Verify phone rings via SIP app
  • Verify no SMS behavior changed
  • Test on Wi-Fi and mobile data
  • Verify recordings are stored and accessible

🚧 Known limitations

  • Slight call setup delay (IVR)
  • Depends on mobile operator call forwarding behavior
  • SIP app requires data connectivity
  • Battery usage may increase with always-on SIP connection
  • Some operators charge for call forwarding

πŸ” What this setup avoids

  • Android call recording restrictions
  • Accessibility / overlay hacks
  • Custom ROMs
  • Bank app incompatibilities
  • B2B VoIP pricing

πŸ“š Resources

🀝 Contributing

Found an issue or have an improvement? Feel free to comment or fork this gist.

πŸ“„ License

This document is provided as-is for educational purposes. Use at your own risk.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment