When caller ID first arrived on the scene it seemed like a godsend to many people: Now you could easily identify who was on the line and ignore unwanted calls, whether from telemarketers, an ex-boyfriend or an unfriendly collection agency.
But as often happens, unscrupulous individuals soon began manipulating the technology to defraud people by pretending to be someone else. Their scheme is called “caller ID spoofing” and disturbingly, it’s perfectly legal in many cases.
Here’s how caller ID spoofing works and what precautions you should take to avoid being victimized:
For a very low cost, businesses and individuals can use widely available caller ID spoofing software to generate calls that alter the telephone number and/or name which appear on the recipient’s caller ID screen.
Police, private investigators and collection agencies have used legal spoofing services for many years. Others who might have a legitimate reason to hide their identity when making a call include domestic violence victims and doctors returning patient calls who don’t wish to release their private telephone numbers.
Beyond that, the lines of legality begin to blur. The Truth in Caller ID Act of 2009 prohibits anyone from transmitting misleading or inaccurate caller ID information with the intent to defraud, cause harm or wrongfully obtain anything of value. Violators can be penalized up to $10,000 for each infraction. Unfortunately, such penalties haven’t dissuaded many scammers.
One common scam involves spoofers pretending to represent a bank, government agency, insurer, credit card company or other organization with which you do business. They count on you being reassured after recognizing the company’s name on your screen.
Under the pretext of warning about an urgent situation (breached account, late payment, pending insurance claim, missed jury duty summons, etc.), the spoofer will try to coax you into revealing personal or account information, supposedly to verify their records.
Often these are robocalls, where a recorded voice asks you to stay on the line to speak to a representative or call another number for more information. Do not. If you suspect the call might possibly be genuine, contact the company yourself at the toll-free number found on your card, account statement or the company’s website.
You should never reveal your full Social Security number, mother’s maiden name, credit card number, passwords or other private information over the phone unless you initiated the call yourself. Someone possessing such information could use it to gain access to your existing accounts to withdraw or transfer money, raise credit limits or snoop around your recent activity, among other intrusions.
ID thieves also can use your personal information to open new credit accounts (e.g., credit cards, mortgage or car loan), create a new identity or even obtain a job fraudulently. Often, you won’t even realize something’s wrong until a collection agency — or the IRS — starts hounding you for unpaid bills or taxes.
Another common caller ID spoof involves hacking into someone’s voice mail account. Many cellphone users never bother to set up passwords on their voice mailboxes. And, since many voicemail systems grant access to callers phoning from their own number, a hacker could easily spoof your number and gain access to your messages.
Bottom line: You wouldn’t give your personal information to a stranger on the street. Take the same level of precaution with strangers on the phone — or online.
Jason Alderman directs Visa’s financial education programs. Follow him on Twitter at PracticalMoney.