Every day people are tricked into giving out sensitive information to criminals. Don’t fall for a scammer’s tricks and risk losing your hard-earned money to spoofing. Learn how to distinguish these fake phone calls, shady text messages, and bogus websites known as spoofing.
What is Spoofing?
Spoofing is a scam in which criminals disguise their identity by deliberately changing a phone number, email address, or website to appear to be from a reputable source.
Neighbor spoofing is when a criminal makes their contact information seem like it’s coming from a local company, a government agency, or someone you may know and trust.
Common Spoofing Techniques
Spoofing can take on different forms, such as phone calls, text messages, emails, and websites. While the schemes vary in how they contact you, the goal is the same – gain access to your personal information to commit fraud.
Caller ID
This method occurs when a criminal changes the caller ID information to misrepresent themselves as a genuine person or company to get personal information from you. Attackers can also change the phone number they’re calling from to appear like it’s coming from a local number such as a company, financial institution, or even from someone that you may know.
Text Messages
Now that you’ve become familiar with the common methods of spoofing, it’s important to understand what next steps you can take to dodge this type of scam. While it can be difficult to recognize the identity of the person who’s contacting you, a good best practice is to exercise caution and think before you act. By following these helpful cues, you can avoid becoming the next victim of a spoofing attack. This technique is similar to caller ID spoofing except instead of receiving a phone call, a text message is sent. Scammers use fear, panic, urgency, and other persuasive tactics in their messages to get you to react immediately.
A common approach criminals will use is posing as your financial institution. An example of this is receiving an urgent message that your debit or credit card will be blocked immediately if you do not click on the provided link. The message typically contains a link directing you to a fake website containing malware or other harmful software. You should NEVER click on any unsolicited links in a text message.
Bogus Website
Creating bogus websites is another tactic used by fraudsters to deceive unsuspecting people. What may appear like a legitimate site, is in fact a copied version that can record your account information, login credentials, or other personal information. Criminals then use it to commit illegal and fraudulent activities such as identity theft. Some sites may even contain malware or other harmful software that can cause serious damage.
Phishing Emails
information to look like someone you know or a businessbusiness, you’re familiar with. They may change the display name or mimic a real email address in order to trick you into thinking that the email is from someone you know or trust. For example, a spoofed email address may use a zero (0) in place of the letter O, or substitute an uppercase I for a lower-case L. This is called a homograph attack or visual spoofing.
In most email spoofing attacks, the message will contain a link to a malicious website or will include infected attachments. If you receive a suspicious email, NEVER click on links or open attachments. Delete the email immediately.
What You Can Do to Dodge a Spoof
Now that you’ve become familiar with the common methods of spoofing, it’s important to understand what next steps you can take to dodge this type of scam. While it can be difficult to recognize the identity of the person who’s contacting you, a good best practice is to exercise caution and think before you act. By following these helpful cues, you can avoid becoming the next victim of a spoofing attack.
- Don't Get Fooled by Familiar Digits: Don't answer calls from unknown numbers, even if they look local. If you answer, hang up immediately and call the phone number on the company's website to verify the authenticity of the request.
- Verify Contact Information: Inspect the sender’s information to confirm that the message was generated from a legitimate source, but don’t click on any links or call the number on the text.
- Check for Spelling Errors: Keep an eye out for misspelled words and grammatical errors in text messages and emails. Spoofed messages often contain these types of mistakes.
- Never EVER Give Out Personal Information: Never share information such as account numbers, Social Security numbers, mother's maiden names, passwords, or other identifying information in response to unexpected calls, texts, or emails, or if you’re at all suspicious.
While spoofing attacks come in several different forms and can be difficult to recognize, one thing certainly is for sure – pause before you act even if you believe the inquiry could be real. Please remember, Peach State FCU nor any of our third-party vendors (i.e., Visa) will ever call, text, or email you asking you to disclose account or other personal information.
If you believe you were contacted by someone pretending to be from Peach State FCU or another legitimate agency, don’t respond and please contact us immediately at 855.889.4328, stop by your local branch, or email us at psfcu@peachstatefcu.org.
To learn more about fraud or scams, and ways you can further protect yourself, visit the Fraud Prevention section on our website.
