The method carried out at a security application (e.g. at a telephone device) includes: activating a security process during an active telephone call to a user received at a first call identifier; accessing registered user service providers to obtain contact details of a registered service provider purporting to be the origin of the active telephone call; sending a query to the obtained contact details of the registered service provider, wherein the query includes the first call identifier; and receiving a returned query result confirming or denying that the telephone call is from the registered service provider. Embodiments of the invention include a method for verifying a telephone caller origin carried out at a service provider server, comprising: receiving a query at a service provider requesting verification that an active call is genuine call from or on behalf of the service provider, wherein the query includes a first call identifier of the number at which the call was received; checking active call logs to ascertain if there is a current call to the first call identifier from or on behalf of the service provider; returning a query result confirming or denying that the call is from the registered service provider.
展开▼