Identity theft is not a new phenomenon, although it has only recently started to receive more attention. This is due to the media, which have been spreading fake telephone numbers of well-known people in our country on a large scale. The problem affects everyone, so it is important to be able to recognise identity theft and protect oneself effectively against it.

What is identity theft?

Fraudsters are becoming increasingly creative and attempts to steal personal data should no longer come as a surprise. We are all vulnerable to identity theft – what is it and why is it a growing threat?

Spoofing is a form of fraud that involves impersonating a person, company or institution in order to gain access to important information or the victim’s bank account.

In this article we focus on phone spoofing, but it is good to know that a similar term applies to IP spoofing, email spoofing or DNS spoofing. The consequences in any of these cases can be painful.

Identity theft and phishing

By definition, spoofing is similar to phishing. There is only one difference between the two, but it is an important one. Phishing involves impersonating someone else, whereas spoofing usually involves installing additional software after clicking on a link or button on a website.

How does identity theft work?

Phone spoofing involves pretending to be someone else’s phone number and calling them. There are two parties involved in this scam. One is the person pretending to be the imposter and the other is the person to whom the phone call is directed.

The aim of the attack is to trick a person into installing malware or accessing a bank account.

People who are not aware of the threat are easily fooled. After all, the number shown is from someone they trust.

Besides, the scammers have it easy. They do not have to break into the phone of the person they pretend to be. All they have to do is use one of the many services available online through wireless or fibre broadband connection.

We will not mention anyone by name, but basically all the services work on the same principles. We give you the number we pretend to be and the number we want you to call. You can use the voice editing function, add sound effects or record the call. All for a small fee.

Phone imitation

Similar possibilities exist with text messages from fake numbers, emails from fake accounts and phishing on WhatsApp.

How do fraudsters get telephone numbers?

Now comes the important question: how do they get victims’ numbers? Well, ultimately, because they do it directly from websites and contact forms. On all these sites, you will find a phone number or at least an email address. Let us not forget other sources and stolen public databases: from time to time we hear about similar scandals, such as the data leak from Facebook.

The law provides penalties for phone scammers, but it is not easy to track them down. Especially since some services let you pay anonymously to buy a false identity. Speech syntheses do not make it easy.

Don’t be fooled, widespread access to services only makes it easier for fraudsters to do their job.

How can we recognise and protect ourselves against identity theft?

If we are the recipient of a fake call, we have no way of detecting it. Many websites require a phone number or e-mail address to create an account. In theory, this information is not publicly available anywhere. In practice, we have problems if a database is exposed.

However, the best preventive measure is data protection. Yes, we cannot always avoid giving a telephone number, but if it is not necessary, you can leave it blank. We can also use different addresses and phone numbers, even if they are boring.

The most effective way to recognise identity theft and protect yourself is to be aware of the threat. Common sense never hurt anyone, so if something makes you suspicious, hang up the phone.

No trustworthy person will ask you for usernames and passwords, codes for installing additional software or for money transfers. These and similar situations should immediately raise the suspicion of identity theft.

Examples of telephone fraud

One of the best-known examples of identity theft is the attempt to pass oneself off as a bank. An unknown victim is called by a bank employee (a customer service telephone number is displayed on the screen) and is informed that a transfer of a certain amount has been made. The victim denies having ordered such a transfer and the scammer offers to quickly get a technician to help secure the account. The technician offers to install the software specified in the shop and then helps to change the password.

An attempt to impersonate the Central Statistics Office in order to gain access to sensitive data has also been widely reported. Some of you may have received a text message informing you that a parcel is on its way, but that you have to pay a certain amount to deliver it to the recipient. Or messages about taking out a loan and the possibility of cancelling it by clicking on the address.