Company

Caller ID spoofing – when callers use a bogus number

Call ID spoofing is a scam in which fraudsters pretend to be employees of the police, a bank or of large companies on the phone. The aim is to persuade the caller to hand over account data or to pay money. Unfortunately, technical aids do not help against this scam.

How does caller ID spoofing work?

In caller ID spoofing, the phone display shows the number of a well-known business or a trustworthy institution such as a bank, a large mail-order merchant, or even the police. 

The scammers do not even have to be especially tech-savvy. Special apps can make a smartphone display a certain number when making a call. Seniors are not the only people at risk from this kind of scam. 

Scammers can be very persuasive on the phone. For example, they may state that the call recipient has been the victim of a fraud attempt, and that an account reconciliation is necessary to protect them from further attacks. Or that attachment proceedings have been initiated that could be remedied by a quick money transfer. 

Regrettably, many people are blindsided by this, and out of concern they fall for this scam.

Here is how to respond if you are targeted by caller ID spoofing

  • If you are asked to disclose sensitive or private information, don’t do it, not even to enter a PIN using the keypad.
  • Whenever a caller requests personal or banking data, PINs, TANs, or access data, there is reason for suspicion. 
  • Ask the caller for their name, the official name of the business, and their availability. Often the conversation will end at this point. 
  • If the caller wants you to install remote maintenance software on your computer because of a technical problem, refuse. 
  • It is perfectly possible that a call center may want to synchronize data with you on behalf of a major company. However, you will never be asked to disclose sensitive information or to transfer payments for unpaid bills. If you are suspicious, call the company on a hotline number listed on its website toverify the request. Do not use the number shown on your phone.
  • Generally, you should avoid having conversations in public involving the exchange of sensitive data, because in doing so you needlessly supply scammers with material for such attacks.

Further reading

FAQ