Here another of the many questions we receive from our free monthly Privacy Professor Tips awareness publication readers, LinkedIn connections, and our Data Security and Privacy with the Privacy Professor radio/podcast show listeners.
We provided a short answer to it within the January 2024 Tips. However, we wanted to expand upon that information within a blog post. Here is the question:
What are some ways to prevent being a victim of a caller spoofing someone legitimate?
Great and timely question.
Calls impersonating/spoofing others are becoming harder to spot as technology advances, and as artificial intelligence (AI) tools are able to audibly sound just like the legitimate person they are claiming to be. It makes it important for you (and your family, friends and customers) to keep awareness high.
Here are a few ways to keep from being fooled by a call impersonator:
-
Speak with your friends and family about this growing criminal trend, especially before any travel. Criminals spoofing callers often monitor social media to identify those who are traveling, who they see as perfect persons to impersonate to the friends and family members of those folks who they also see on social media.
-
Choose a “safe word” that you and your trusted family members and friends can ask for if they get a call from what could be an impersonator. Make the safe word unique, and don’t post it anywhere online, and nowhere else. Then, if you get a call from someone saying they are your mother or someone else you know, and it sounds exactly like the claimed person, you can ask the caller, “What is our safe word?” If they don’t answer with the safe word, it is likely a scammer trying to extort money from you.
-
Do not post your phone number anywhere online if at all possible.
-
If possible, do not post a recording that includes you talking online. Obviously, this is difficult if you are a public figure or professional speaker, in which case you need to be extra cautious when you get calls from strangers.
-
If you find someone else has posted audio or video with you in it without your consent, ask them to remove it, or ask them to at least block out the parts with you in it.
-
Consider mutually sharing each other's cell phone locations with a few trusted family members and/or friends with one of the many phone tracking services. You can use this to verify any claims, such as a caller saying that they have been kidnapped. If they indicate they are kidnapped and located in city X, but when you check the claimed victim’s location and you see they are actually in city Y, you will know this call is being spoofed.
-
Unless you are expecting a call from someone who is not already in your phone directory, do not answer calls from unknown numbers. Even, and especially, if it is from your area code. If it is something important from a legitimate business or individual, they will leave a voice mail, or will send you a text.
-
If a scammer or someone who you think may be a scammer, calls, hang up. Avoid saying anything, so if the call is a scammer gathering voice recordings for later use for this despicable kidnapping (or other) scam, they will not have a recording of your voice to train their AI for later criminal activities. If it was a legitimate caller, they can leave you a voice mail or call you back later.
-
If you do want to answer a call from an unrecognized number, use a voice changer so potential phone scammers will not record your actual voice to use in scams against others. See our updated privacy and security gifts list for more information on these, here.
-
Do not respond to any questions, especially those that can be answered with "Yes" or "No." Crooks are increasingly using voice recordings of these types of short answers within spoofed calls.
-
Be extremely careful about responding to any request for personal identifying information. Never give out personal data such as account numbers, Social Security numbers, mother's maiden names, passwords or other identifying information in response to unexpected calls or if you are at all suspicious. A good general rule of thumb is to not provide any type of personal data to unsolicited callers.
-
If you answer the phone and the caller or a recording asks you to hit a button to stop getting the calls, just hang up. Scammers often use this trick to identify potential targets to agreeing to things they don’t actually want to agree to.
-
If you get an inquiry from someone who says they represent a company or a government agency, hang up and call the phone number on your account statement, in the phone book, or on the company's or government agency's website to verify the authenticity of the request. You will usually get a written statement in the mail before you get a phone call from a legitimate source, particularly if the caller is asking for a payment.
-
Use extreme caution if you are being pressured for information immediately.
-
Remove as much of your personal details about yourself as possible from publicly-accessible online locations, and minimize what you put online. Cyber crooks will then not have such information, which they use to make their stories and claims more convincing.
-
Since AI-generated videos are also becoming increasingly used in crimes, try to notice what your loved ones are wearing (clothing, jewelry, etc.) each day, if possible. You can then notice if any purported videos of them are shown, whether or not what they are wearing matches what you know they wore that day, or even if it is something they even own.
-
If you have a voice mail account with your phone service, be sure to set a password for it. Some voicemail services are preset to allow access if you call in from your own phone number. A hacker could spoof your home phone number and gain access to your voice mail if you do not set a password.
Do you have more suggestions to add to our list? Let us know!
In December 2019, the US Government Accountability Office (GAO) put together an informative report, “Fake Caller ID Scheme: Information on Federal Agencies’ Efforts to Enforce Laws, Educate the Public, and Support Technical Initiatives.” See it for additional tips, stats and information.