Phone Spoofing 101 March 27 2018 There’s a pretty good chance that you, or someone you know, has been the victim of a phone spoofing attack. Phone spoofing occurs when a caller intentionally disguises themselves as another person or company to deliberately trick you into providing valuable information, so that it can be used for fraudulent activity. It is difficult to determine when you are receiving a spoofed phone call. The caller ID feature lets you know who is calling, so you can avoid answering unwanted phone calls. This feature, caller ID, becomes the attack mechanism for “spoofers.” Instead of dialing from a random number with no known caller ID name the spoofers use a program to display the number as one from a bank, insurance company, or even the local police. It’s at this point where you answer the call, and paired with a persuasive and deceptive caller, might feel inclined to provide information. So what can you do if you think you are being spoofed on a phone call? The FCC has four simple tips to prevent you from being spoofed. NEVER give out personal information such as passwords, account numbers or your SSN, in response to unexpected or suspicious calls When receiving an inquiry from someone suspiciously representing a company seeking personal information, hang up and call the number given in a phone book, company website or an account statement Use caution if you are being pressured for information immediately Set a password for your voicemail. Some voicemail services are preset to allow access if you call in from your own phone number. A hacker could spoof your number and gain access to your voicemail if you do not set a password on your phone Spoofers target both personal information and corporate information. Don’t think you’re safe just because you received a call at work. Protecting your information and remaining diligent in today’s digital world is not easy, but if you continue to remain cautious of the calls you receive, you decrease the probability of getting your personal information hacked. Check out this link from KCCI on how hackers pretended to work for the U.S. Immigration Office to steal personal information and commit identity theft.