/ Money, Technology

FFA UK: beware of ‘number spoofing’ fraudsters

Mobile phone

You’d think you could trust your phone’s caller display, but fraudsters have found a way to spoof your bank’s number. Here’s Katy Worobec of Financial Fraud Action UK to fill you in on ‘number spoofing’.

It all starts with a phone call. It’s the bank: there’s been fraud on your account and they just need you to confirm some details.

You’re understandably panicked, but the caller reassures you that as long as you do exactly what they say, the problem will be solved. Just look at the caller ID display – it’s the same number as your bank, so the call must be genuine, right? Wrong.

Watch out for number spoofing

It’s a new twist on a scenario that we hear about all too regularly. You may have heard about a phone scam in which a fraudster calls you pretending to be your bank. They then try to convince you into handing over personal details or even into transferring cash straight into the criminal’s bank account.

Now fraudsters are using a new trick to con people into thinking the request is genuine, and it’s vital that you don’t fall for it.

It’s called ‘number spoofing’. It’s a piece of technology that enables someone to alter the number that appears on your phone’s caller ID display so that it mimics another phone number.

Mimicking your bank’s phone number

The technology has been around for a while, but only recently have we seen fraudsters trying to use it to trick their victims.

They mimic the phone number of your bank and then ask you to check it while you’re on the phone in an attempt to convince you the call is genuine.

But it’s a scam. Your bank would never point you towards the phone number displayed to validate a call.

And your bank would never call you and ask for your four digit PIN or your full online or telephone banking password. They would also never ask you to transfer money to a new account for fraud reasons, even if they say it’s in your name. Anyone asking you to do so is a fraudster.

Can you spot a phone scam?

How confident are you that you’d be able to spot a fraudulent phone call? Our research shows us that over a third of people find it hard to tell the difference between a scam call and a legitimate one.

What about your family and friends? Do you think they could fall victim to a phone fraudster? We need everyone to spread the word about phone scams and number spoofing so that they don’t get caught out.

Which? Conversation provides guest spots to external contributors. This post is from Katy Worobec, Director of Financial Fraud Action UK. All opinions expressed here are Katy’s own, not necessarily those of Which?.


Number spoofing as been happening for years, It’s only just now that some fraudsters are using it in the manner.

It’s a shame that phone companies don’t care about who they connect to the general public.

And will it catch me out. Nope a snow balls catch in hell.

“We need everyone to spread the word about phone scams and number spoofing so that they don’t get caught out.” Why not fine phone companies each time they connect call from a spoofed number, I think you’ll find they soon find ways to prevent it happening.


william wrote: “Why not fine phone companies each time they connect call from a spoofed number”,

Completely agree. Technically, I’d say it’s already illegal. Doesn’t the Wireless & Telegraphy Act cover telephone communications? I’m pretty sure that under the Act it’s illegal to transmit misleading information.

But then again , if that were true, politicians wouldn’t be able to use the telephone ……..


Whenever my bank phones me, their number is unavailable. If this becomes the norm and a well-known practice for all banks whereby bank customers don’t expect to see their bank’s number, then it will look suspicious whenever the fraudsters spoof their caller ID.


If I receive a call from a bank or other company I deal with I assume it is fraudulent and say that I will call them. So far all the calls have been genuine but one of these days I will probably be glad I’ve been cautious.


If I receive a call from my bank, I thank them, hang up and go round to the bank, which is fortunately near where I live. Like Wavechange, I prefer to assume the call may be fraudulent, so I don’t take the risk of giving any information over the phone.


Some of the spoofed numbers I get are not exactly well thought out – they don’t even start with a zero!
I even had 99999999….. must answer that one, it’s probably the Fire Brigade.

Why do all our numbers still start with a zero?


bib 1 – they don’t all start with 0. Zero starts the area code number, but local numbers start with a non-zero digit. That is my understanding.


malcolm r:

I think you’re right.

I don’t know if this is always true but the normal format is 01234 123456 where:
01234 is a sort of area code and always has a leading zero
123456 is the local number.

If you’re on the same area code, you can dial just the local number from your landline as, I guess, the exchange doesn’t have to switch to ‘long-distance’ (whoops, that shows my age ….).

But I believe caller-id always displays the full 01234 123456 number even if it originates from your own exchange.