Anyone that has worked with voice over IP knows that you can put pretty much anything in as the Caller ID for outgoing calls. Credit card companies typically require you to activate credit cards from the home phone listed with them.
In the 'good ole days' of POTS lines that had caller ID handled typically by the phone company, this was a pretty OK security measure. Today, not so much. I am surprised it is still used honestly.
I have only activated a few cards and I'm disturbed how automated the process is overall.
It would be very easy for someone doing identity theft to get the person's home phone number, hijack a VOIP installation or create one themselves, and spoof the credit card system's security by claiming to be calling from the house in question.
Maybe I am being over paranoid, but it just doesn't sit well with me.
