Everything You Need to Know About Caller ID Spoofing

“Spoof” is an interesting word, as it’s one that used to have more benign connotations, referring to humorous pranks or imitations, with the term commonly being used for genre spoofs (such as many of the works of Mel Brooks) in movies and television.

However, that terminology has largely fallen by the wayside in recent years (replaced, generally, by “parody”) in part because of the more sinister uses of the term being more commonly used .

Today, when you say the word spoof it will be understood almost universally to refer to some kind of scam or hoax – and that is primarily because the prevalence of caller ID has resulted in a meteoric rise of phone or caller ID spoofing: someone calling and pretending to be someone else.

What Exactly is “Spoofing”

For such a silly sounding word, spoofing has become a surprisingly serious headache for people and agencies around the world.

Caller ID spoofing is, simply put, any time someone calls using some sort of falsified number. Usually this number is dolled up somehow to look like a number you would trust. Most typically, a basic spoofing tactic is to change the caller ID number the scammer is calling from to appear to be from your area code.

To a lot of people, this instantly makes them relax their guard, at least slightly.

Some types of spoofing go even deeper, and mimic actual phone numbers. This could be the customer support number of your bank or credit card holder, a government agency like the IRS of the city hall of your town, or even a private citizen like one of your friends or family members.

Some of these things are more easily recognizable than others.

The main takeaway: don’t let your guard down just because a call comes from a familiar number. You can’t relax until you’ve somehow verified it’s legitimate.

How to Recognize a Spoofed Call

While the number often looks legitimate, once the call begins it can often be very easy to tell that a phone call isn’t quite right somehow.

Here are a few common variants:

The Robo-call

If you pick up the phone and hear a computerized voice immediately start talking, it is some sort of robo-call. Whether this call comes from a legitimate business (unlikely) or not, my best advice to you? Hang up the phone.

Even if it is some sort of legitimate call, if it’s not important enough for them to get a real person on the line for it, it’s probably not important enough to listen to.

Tip!

Keep an ear out for a variant of the robo-call: calls that are completely silent. These are usually lines that are waiting to hear a human voice on the other end, which tells them the line is live and they can begin playing the computerized playback.

Of course, if the call isn’t from a legitimate business you have even less reason to talk to them, and even a simple “hello” is enough for them to have something on you. You’ll start receiving more and more of these scam calls as they have verified that your number is active and that someone will pick up the phone when they call.

These are typically the ones that will just mimic your area code and call it a day, relying on your natural habit to pick up the phone and immediately greet the caller to help them.

The Bill Collector 

These people call claiming to be from a legitimate business and have the phone number to back it up. If you look at one of your bills or on the company’s website they’ll usually match.

These are probably the most dangerous type of spoofed call, but are thankfully less common than more “generic” calls you’ll receive from scammers. This is because generally speaking you’ll only start receiving these calls if your information has already been leaked to someone. They know you have an account with whatever business they’re impersonating, and are using that to directly target you specifically. 

These calls are, as a result, not usually scattershot calls and are going to sound a lot more convincing. They’ll get someone who sounds professional, reading from a script that is probably derived from a real customer service script modified for their own means.

While the most common form of this will be some kind of bill collection call (because in their logic, why not swing for the fences?) this could be any legitimate sounding business call.

Much of the time, these calls will try to solicit you for all sorts of personal information, in the guise of verifying your identity.

The scariest part is, calls that are legitimately from your bank or whoever you have an account with will often do the exact same. All of this sounds very reasonable.

That is why you should never, under any circumstances, trust an incoming call. That is the true danger of caller ID spoofing: it throws everything you might be willing to trust into question.

The Impostor

These are probably the least common call. They involve impersonating a specific person; a friend or family member of the victim.

Like the business related calls above, these are usually the result of someone already having some of the victim’s information.

In this case there is also usually an extra layer: they are aware, or at least suspect, the person they’re calling might be in some way impaired.

Either in terms of mental or physical ability, they are banking on the person being called being compromised in some way, through a condition like Alzheimer’s that impairs decision making or through partial or total deafness.

These types of conditions make it hard for the person being called to identify the caller, especially if they rely on captions and the like to make phone calls. Removing all tonal cues that the person is an impostor makes things very difficult.

If you are in such a position, you’ll need to be extra vigilant for scammers like this. Try not to engage with anyone you haven’t called yourself.

Likewise, if you know someone whose judgment is compromised, try to keep an eye out for them and make sure they aren’t taken in by such scams.

What to Do if your Receive a Spoofed Call

The best thing you can do? Just hang up.

Don’t ever try to bait a caller, or engage with them in any way. Doing so puts you on their list, and you’ll start receiving more and more calls of this nature.

Better yet, unless you recognize an exact phone number one of the best things you can do is just not pick up. Obviously, this is not a foolproof plan, as sometimes you’ll be awaiting a call from unfamiliar phone numbers, and sometimes as mentioned, you’ll receive a call that appears to be from a legitimate, real phone number, but it’s a good practice to get into.

If you do find yourself in the position of being obligated to pick up the phone for a call from an unfamiliar number (eg., you are waiting for a business call and either don’t know or can’t remember the exact phone number), take a moment to wait before saying anything. Crush that desire to reflexively say “Hello?” on picking up the phone.

If the person on the other end is real, they’ll engage first. This is, of course, not a way to ensure you’re not talking to a scammer but it does at least filter out many robo-calls (most of which only start their recording once you have indicated your presence). Some robo-calls start their playback no matter what, but it’s usually easy to recognize an automated message and let it play, then hang up without responding.

Once on the line with a real person, make sure to keep in mind that you can refuse any requests for information they throw at you.

While this might be mildly annoying for any real customer service representative you get on the phone with (telling them you’re not willing to talk), it’s better than being taken in by a very convincing scammer and giving up vital information like your password, security questions, account numbers, or even social security number.

Important Note:

Always keep in mind that you can tell someone you’re not comfortable giving them that information from an unsolicited call, then hang up and call back using a number you know is legitimate.

Alternatively, you can often just deal with whatever business you need to via the company’s website if it’s legitimate. Bill collection calls are a notable example of this.

It does not take much effort to tell someone who is asking to verify your identity for a bill payment “Hey, I’ll handle it online” and then politely give them your farewells and hang up on them. They have no ability to compel you to stay on the line, and even if it’s legitimate (and know it’s legitimate) there’s plenty of reasons you may be unwilling or unable to deal with that bill at the exact moment anyway.

Ultimately the best thing to keep in mind when you suspect you’ve been called from a spoofed number (which is something you should sadly always assume; it’s safer that way) is that no phone call from a business you have an account with is really that important.

They’ll try to make it sound vital and urgent, and sometimes the information they’re trying to get across (there’s a problem with your account, a bill is past due, etc.) is actually important, but nothing ever needs to be dealt with right that exact second.

Take your time, verify all the information presented, and handle it at your own pace. This alone will keep you safe from most types of scams.

Last Updated on