Don’t Believe Caller ID
Or the From address on an email.
Got a phone call from 802 760 xxxx the other day. My number is 802 760 yyyy. “A neighbor,” I thought, even though I didn’t recognize the specific number and it had no name associated with it. I answered. It was a scam. Didn’t stay on long enough to know precisely which scam and wasn’t close to revealing any identifying information or sending money in order to free my lottery winnings.
It’s unlikely this call originated in Stowe even though that’s where 802 760 xxxx numbers are. With voice over IP services like Vonage, you can actually buy a number anywhere; we used to have one in the UK so our daughter,who lived there, could call us cheaply. But this wasn’t a number designed to be called. This was a SPOOFED number, a number inserted into the data stream by the computer that was making the call.
In the old days of the hard-wired phone network, the phone company’s switch figured out what number a call came from because it knew which pair of wires the call came in on. That was then; this is now. All bulk calls including legit ones are placed by computers which tell the phone company computer the caller’s phone number. It’s no surprise that computers can be programmed to lie. The new thing is to have the fake phone number have the same area code and even the same exchange as the called number in hope that you’ll pick up and let yourself be scammed.
Similarly it’s easy to create an email which looks like it came from you. Scammers get hold of millions of emails with carelessly many people on the “to:” and “cc:” lists, usually from failure to use “bcc:” properly to hide email addresses. The scammers create new email, which usually pretend to be from the sender of an innocent email the scammers have possession of to each of the listed recipients of the innocent email. The subject is something generic like “Hey, look at this” or “wow, made me think of you.” The email either has a toxic attachment or an evil link. Open either at your peril. You can’t believe an email is from a friend just because it says it is. Sometimes these “spearing” emails are sent from an infected computer whose address book is being used; but usually they are just created from carelessly long address lists not put in the BCC field.
I don’t open attachments or follow links in emails unless I know that I know whom the email is coming from. If the email is from my friend, for example, and it has text that says the picture reminds me of you falling out of the sailboat on our last trip and I did fall out of a sailboat, then I assume it’s safe (if maybe not pleasant) to look at the picture. If I’m not sure, I write to the alleged sender FORWARDING the suspicious email and typing the address or entering it from my address book, NEVER, NEVER, NEVER by replying because a fake email will have the reply go back to the scammer, who will then reply “Yes, it’s real,” pretending still to be your friend.
We live in a dangerous cyberworld. Be skeptical and careful.
Comments