Post Content

Data Privacy Series: Spoofing

 

What is Spoofing?

Spoofing is a general term for tricking or deceiving. In the context of consumer data privacy, spoofing usually refers to email or caller ID spoofing. Spoofing is closely related to phishing and is sometimes used synonymously.

How Can You Defend Against Email Spoofing?

Email spoofing occurs when a data thief emails the victim asking for personal information such as a username and password or personal information. The email is designed to look official, often using forged headers and a disguised sender’s address. Alternatively, some data thieves use spoofing to disguise emails as from friends, promoting a limited offer requiring personal information and immediate action. Disclosing such information makes you vulnerable to identity theft, risking fraudulent debt and credit disaster. With this in mind, there are several ways you can protect yourself against spoofers.

  • Look for spelling errors. Spoofers often change small details of website and domain names to appear official. For example, a spoofer may use a disguised sending address like “customerservice@wallmart.com” instead of “customerservice@walmart.com” or a disguised website link of “www.paypals.com/signin” instead of “www.paypal.com/signin.”
  • Check that the email is personalized. Spoofers often address emails generally, using greetings such as “Dear customer,” “Dear valued XYZ customer,” or “Dear XYZ user.” Nearly all major businesses have adopted policies requiring the use of personalized information in official emails. For example, an official bank email will usually include your name and the last four digits of your account number. Be cautious if you receive an email addressed generally asking for personal information.
  • Look for threats. Spoofers usually create a sense of urgency with their emails. They may state that an account is overdrawn or indicate impending legal trouble using implicitly threatening language. If you believe the danger could be legitimate, contact the business directly rather than by replying to the threatening email.    
  • Double check email addresses and links. Almost all email programs allow users to check email addresses and links. When you hover your mouse over the text of an email address or link, a pop up should appear indicating the true location of the email or link. If the pop up location does not match the text of the email or link, it may be a spoof email.
  • Trust your spam filters. Spam filters are designed to detect and block emails sent from abnormal or faulty addresses. If you see that an apparently important message has been filtered as spam, check it carefully to ensure it is not a spoof email.
  • If you have any doubts, contact the business directly. If you have any doubts that the email or link is not from the business, contact the business directly using the accurate information you have.

What is Caller ID Spoofing?

Caller ID spoofing occurs when the spoofer disguises their caller ID number as another number (or even your own number) to gain access to personal information. For example, a spoofer may call with their number disguised as that of a bank and ask their victim to verify account information. Many spoofers are currently using this strategy to pose as the Internal Revenue Service threatening legal action, fines, or jail. Other spoofers monopolize on an event, such as scammers pretending to be home improvement contractors that call around asking if people’s roofs were damaged in a recent storm. If this happens, the “contractors” may make a show of assessing damages, then ask for money up front, and disappear. Review information on our website on home improvement for steps on finding a contractor and other important information.

How Can You Defend Against Caller ID Spoofing?

  • Do not give out personal information to someone who has called you. If someone calls asking for important financial or personal information, ask for their contact information and ask to call back.
  • Use an online search engine to reverse-lookup their phone number. Use the information you are given to check online whether the phone number is associated with any known scams.
  • Do not trust caller ID. Unfortunately, caller ID is easily manipulated by spoofers, making it an unreliable source for identifying callers.
  • If you have any doubts, contact the source directly. Just as with email spoofing, if you have any doubts that the call is not from a legitimate source, contact the source directly using the accurate information you have obtained from a neutral source.

Visit the Office of Consumer Affairs and Business Regulation website for more information about Identity Theft and scams. If you have questions, contact the Consumer Information Hotline at 617-973-8787 or email us.

Written By:

Recent Posts

Protect Yourself Against Scams this Tax Season posted on Mar 18

Protect Yourself Against Scams this Tax Season

Tax Day is quickly approaching, and this year more Americans are planning on filing their taxes online, according to McAfee’s 2021 Consumer Security Mindset Report. Filing taxes electronically is a more convenient and efficient process but may open you up to scammers hoping to steal   …Continue Reading Protect Yourself Against Scams this Tax Season

Buy Here: My Local MA Promotes Patronizing Businesses Close to Home posted on Mar 11

Buy Here: My Local MA Promotes Patronizing Businesses Close to Home

There is no place like home. Or in this case, there is no better place to shop than close to home. Keeping small businesses in the Commonwealth alive and running has never been safer, easier, or more important. The My Local MA initiative, championed by   …Continue Reading Buy Here: My Local MA Promotes Patronizing Businesses Close to Home

National Consumer Protection Week 2021 posted on Mar 1

National Consumer Protection Week 2021

An informed consumer is an empowered consumer. Whether making cost-effective decisions or ones that help you avoid scammers, navigating the financial landscape can be overwhelming. But we are on your side – that’s why the Office of Consumer Affairs and Business Regulation (OCABR) is proud   …Continue Reading National Consumer Protection Week 2021