Don't Spoof Me Bro

9 comments

cmplxty934.16yesterday4 min read

Hi fellow Hiveians,

Today I wanted to call out how complicated some of this shit is getting!

Don't Spoof Me Bro

The spoofing is getting fucking complicated.

Criminals have always been good at their craft. Thankfully not TOO good, because we'd be fucked otherwise. Unfortunately these days, there are far more ways for these little fuckers to try and get money out of people that's for sure!

A few weeks back, I got a call which isn't anything abnormal. Unless it's someone I have added to my phone, I NEVER pick them up. It's always some asshole advertising something, or some scam of some kind. If it's that important, they will leave a voicemail. This one did leave a voicemail, so I gave 'em the benefit of the doubt. Listening to the voicemail apparently my stuff got stolen somewhere. From someone who is pretty protective of my information, I was annoyed that one of these shitty companies I deal with had a lapse in their security.

One of the things that we need to get in the habit of, and be mindful for, is that when we get a voicemail, text or email saying there is a fraudulent transaction, NEVER EVER click on the link or go to the number they call from, or give you. Always go to the source!! Log into online banking, or call the company after looking the phone number up on the interwebs.

Sure enough, I logged in and there was no such transaction or fraudulent activity in my pending area. Peeved, I went back to the voicemail, listened to it again and then checked the number. Somehow these mother fuckers spoofed the number of the freaking bank! The phone number it came from was legit.. and how the fuck they got that to work is beyond me. Going back to how criminals are smart..

Fast forward to last week, my wife gets an email in a similar fashion from another avenue. There's a fraudulent charge on the account and we checked the sending email address. It was legit! I don't know how these sonsabitches are spoofing the phone numbers or real email addresses but they are.. sadly it's often times someone in the various downstream networks that gets compromised with these big organizations and that person is who ends up getting the information vulnerable.

We went back to my original strategy, logged into the online portal of the thing and thankfully there was no attempted charge, nor was there an alert. Typically if a fraud alert is legitimate, you'll get a phone call and the next time you log into the online portal for the service, you'll get a big pop-up warning there is fraud and we need to confirm the contents. Sometimes you can't even click off the thing until you satisfy it.

With knowing what I do for the technology side of things, and that it's only going to get more sophisticated, it's pretty crazy to think that so many millions of people are completely unaware of this type of thing. It's always prudent to do some basic security reviews every few months and see where we can come up with improvements! It doesn't need to be anything wild, but just small things like knowing if we get a frantic phone call, or see an email with what seems like real stuff, we have a process to check it's validity and authenticity. 9 times out of 10 it will be fake these days, which sucks!

What about you, have you encountered fake fraudulent calls or emails that looked closer to real? What was it? Let me know in the comments!