A new law targeting Caller ID spoofing hopes to close the gaps that continue to leave people and their bank accounts vulnerable to Caller ID scams over different communications platforms.
The Spoofing Prevention Act of 2016, proposed by Sen. Deb Fischer, R-Neb. and Bill Nelson, D-Fla., is an amendment to the Communications Act of 1934, the Telephone Consumer Protection Act of 1991, and the Truth in Caller ID Act of 2009. The bill would prohibit impostors from spoofing their Caller IDs through text messages, Internet Protocol-enabled voice services, and oversea calls.
Nelson said the goal of the new legislation is to help protect consumers and give authorities more leverage to prevent and stop Caller ID scams.
“Far too many Americans are still being ripped off by scammers using spoofing technology. This bill should help turn the tide and better enable consumers and law enforcement to stay ahead of the fraudsters.”
The bill is focused on helping individuals protect themselves against criminals impersonating banks and other businesses in an attempt to get someone’s personal information and financial details.
When an individual receives a spoofed call, they often assume the name or entity in the Caller ID is the person on the other end of the line. This is not always the case. Consumers should never assume their bank is calling them, and should be especially weary if the bank rep asks for personal or financial data.
In its 2016 Identity Fraud Study, Javelin Strategy & Research found that crooks stole $15 billion from over 13 million U.S. fraud victims in 2015. While large data breaches expose personal and financial data that criminals can use to socially engineer banks and businesses, a key part of getting unsuspecting individuals or contact center agents to divulge confidential information is by spoofing their Caller ID.
Legislation like the Spoofing Prevention Act of 2016 can raise awareness and help protect consumers from Caller ID spoofing attacks. However, targeting an individual’s personal information is only the first step in identity fraud schemes. In order to gain access to a someone’s personal account, criminals then turn their focus to banks and businesses, which must have defenses that effectively combat such scams.
Telephone authentication methods like the TRUSTID® Physical Caller Authentication solution that don’t rely on sensitive customer data are critical to identifying spoofed Caller IDs early in the process to successfully stop these scams before they happen.
Using telephone network forensics that proactively identify spoofed Caller IDs while the phone is still ringing, TRUSTID provides real-time credentials on the devices making the inbound call to a contact center. Whether the call has been identified as good or high risk, banks can take immediate action before the call is picked up.
If the business chooses to block the spoofed call, it doesn’t get routed to the IVR system or to an operator, thereby removing the opportunity for the caller to socially engineer a telephone agent. If the caller is verified as a legitimate customer, they are instantly routed to a telephone rep, who can then begin addressing their needs without interrogating them.
So, whether it’s through new legislation or innovative authentication tools that aren’t susceptible to evolving spoofing scams, creating stronger laws and defenses to stop Caller ID spoofing against individuals or businesses is a step in the right direction.