What is Spoofing?
Spoofing is a common type of scam that can catch many people out. The term ‘spoofing’ refers to scammers pretending to be a trusted person or organization in order to get something from you – typically money, account details, or business information. This type of scam is particularly worrying because scammers can convincingly mimic a legitimate email address, phone number, or URL. As a result, many people fall victim to spoofing scams.
Below, you can learn more about the different types of spoofing, including phone spoofing, email spoofing, and website spoofing. Once you know more about this scam, you’ll have a much better chance of identifying it and therefore avoiding it in the future.
With phone spoofing, a scammer can change the phone number that appears on your screen so it looks like a trusted person or organization is calling you, such as your bank. For example, when you get a call, you might be thinking ‘is 08007613362 a real number?’, and since it’s a company’s legitimate phone number, you might think it’s safe to answer. However, just because the number looks right, this doesn’t mean that it hasn’t been spoofed, so you could end up talking to a scammer who’s trying to steal your money.
To avoid phone spoofing, it’s best to ignore unknown or suspicious calls. If you answer a call that’s meant to be from your bank or another organization but you don’t know if it’s been spoofed, you should hang up and contact them yourself.
Another common type of spoofing is email spoofing. Email spoofing is when a scammer forges their sender address so it looks like a legitimate company or someone you know is emailing you. In the email, the scammer will usually ask for money, ask for information (e.g., account details), or encourage you to click on a link. Links in these emails will usually contain malware or take you to a spoofed website (more on this below).
So, how do you know if an email is spoofed? Spoofed emails may contain grammatical errors, strange requests, suspicious links, and logos that look incorrect. You can turn on your spam filter to prevent most spoofed emails.
Website spoofing is often linked to email spoofing. The links in spoofed emails may take you to a spoofed website, which means the website looks legitimate and has the right URL but is actually fake. If you log into this spoofed website, then scammers can steal your information and potentially install malware on your device.
To avoid website spoofing, the first step is to not click on suspicious links in emails. If you do click on one of these links, then you might be able to tell that a website is spoofed if it isn’t secured. The URL should start with ‘https://’ for a website to be secure. Additionally, you should look at the contents of the page – are there any spelling mistakes, and do the logos look slightly wrong? These issues can tell you that a website is spoofed.
Spoofing can be very convincing, which is why so many people fall victim to these types of scams. Learn more about the different types of spoofing to protect yourself online.