background image of corn

SecureOnline Banking

How Bad Actors Use ID Spoofing

Many wonder how bad actors are able to use so many different numbers? The bad actor opens the application (web or mobile) of the spoofing provider. They enter the number they wish to call, followed by the number they wish to display. When they press “send” or “call,” the call is sent through a VoIP service. The outbound caller ID is changed, and the call is connected to the desired destination phone number.

Best Practices | Preventing ID Spoofing requires ongoing maintenance to be successful

Don’t rely on caller ID to verify who’s calling. It can be nearly impossible to tell whether the caller ID information is real. Here are a few tips for handling these calls:

  • If you get a call and you do not recognise the phone number, do not answer the phone. If you mistakenly answered, hang up – but do not threaten and antagonize the bad actor as this result in more targeted attacks.  Please remember: Microsoft and/or government employees won’t call out of the blue to request money or account information for services.
  • Don’t give out - or confirm - your personal or financial information to someone who calls.
  • Don’t wire money or send money using a reloadable card. In fact, never pay someone who calls out of the blue, even if the name or number on the caller ID looks legit.
  • Feeling pressured to act immediately? Do not send money - hang up. That’s a sure sign of a scam.