When caller ID first arrived on the scene it seemed like a godsend to many people: Now you could easily identify who was on the line and ignore unwanted calls, whether from telemarketers, an ex-boyfriend or an unfriendly collection agency.
But as often happens, unscrupulous individuals soon began manipulating the technology to defraud people by pretending to be someone else. Their scheme is called "caller ID spoofing" and disturbingly, it's perfectly legal in many cases.
Here's how caller ID spoofing works and what precautions you should take to avoid being victimized:
For a very low cost, businesses and individuals can use widely available caller ID spoofing software to generate calls which alter the telephone number and/or name that appear on the recipient's caller ID screen.
Police, private investigators and collection agencies have used legal spoofing services for many years. Others who might have a legitimate reason to hide their identity when making a call include domestic violence victims and doctors returning patient calls who don't wish to release their private telephone numbers.
Beyond that, the lines of legality begin to blur. The Truth in Caller ID Act of 2009 prohibits anyone from transmitting misleading or inaccurate caller ID information with the intent to defraud, cause harm or wrongfully obtain anything of value. Violators can be penalized up to $10,000 for each infraction. Unfortunately, such penalties haven't dissuaded many scammers.
One common caller ID scam involves spoofers pretending to represent a bank, government agency, insurer, credit card company or other organization with which you do business. They count on you being reassured after recognizing the company's name on your screen.
Under the pretext of warning about an urgent situation (breached account, late payment, pending insurance claim, missed jury duty summons, etc.), the spoofer will try to coax you into revealing personal or account information, supposedly to verify their records.
Often these are robocalls, where a recorded voice asks you to stay on the line to speak to a representative or call another number for more information. Do not. Probably thousands of other people are receiving the same message at the same time. If you suspect the call might possibly be genuine, contact the company yourself at the toll-free number found on your card, account statement or the company's website.
You should never reveal your full Social Security number, mother's maiden name, credit card number, passwords or other private information over the phone unless you initiated the call yourself. Someone possessing such information could use it to gain access to your existing accounts to withdraw or transfer money, raise credit limits or snoop around your recent activity, among other intrusions.
ID thieves also can use your personal information to open new credit accounts (e.g., credit cards, mortgage or car loan), create a new identity or even obtain a job fraudulently. Often, you won't even realize something's wrong until a collection agency -- or the IRS -- starts hounding you for unpaid bills or taxes.
Another common caller ID spoof involves hacking into someone's voice mail account. Many cellphone users never bother to set up passwords on their voice mailboxes (big mistake). And, since many voicemail systems grant access to callers phoning from their own number, a hacker could easily spoof your number and gain access to your messages. (You may recall this practice brought down the British tabloid News of the World in 2011.)
The increasing popularity of voice over Internet protocol (VoIP) phone services like Skype and Vonage also has increased caller ID spoofing activity. These services use computer addresses instead of actual phone numbers to connect via the Internet, so scammers can choose any available area code and phone number, making it even harder to determine who's who on your phone.