Fraud Alert: Double-Sided Spoofing
It’s important to stay informed about the latest fraud schemes that could potentially impact your financial security. One such scheme is double-sided spoofing, a sophisticated fraud technique that targets financial institutions and their commercial clients. Here’s what you need to know to protect yourself or your business.
What is Double-Sided Spoofing?
Double-sided spoofing is a type of social engineering fraud where criminals disguise their identity by altering their phone number or email address to make it appear like they are contacting you from a trusted source, such as your bank or law enforcement. This technique tricks both the financial institution and its customers into providing sensitive information.
How Does Double-Sided Spoofing Work?
The fraud scheme typically unfolds in two steps:
Targeting the Customer: The fraudster contacts a commercial customer, pretending to be from the customer’s bank or law enforcement. Using social engineering tactics, they convince the customer to provide login credentials and additional security information.
Targeting the Bank: Armed with the customer’s information, the fraudster then contacts the bank, posing as the customer. They request a reset of the security token or other security measures, using the previously obtained information to answer security questions correctly. Once the token is reset, the fraudster gains access to the customer’s account and initiates unauthorized transactions to accounts they control, such as ACH credit and wire transfers.
How to Protect Yourself
While this fraud scheme is sophisticated, there are several steps you can take to protect yourself:
Verify Caller Identity: If you receive a call requesting sensitive information or changes to your account, verify the caller’s identity. Hang up and call your bank using a known, trusted number from their official website or your account statements.
Be Cautious with Information: Never provide login credentials, security codes or other sensitive information over the phone or email unless you are certain of the recipient’s identity.
Monitor Account Activity: Regularly check your account statements and transaction history for any unauthorized activity. Report any suspicious transactions to your bank immediately.
Use Strong Security Measures: Ensure your accounts are protected with strong, unique passwords and enable multi-factor authentication (MFA) where available.
Use Positive Pay: Cadence's ACH Positive Pay service reduces the risk of fraudulent ACH transaction activity. With ACH Positive Pay, any unauthorized or blocked transactions create exceptions that can be paid or returned.
Stay Informed: Stay current with the latest fraud alerts and security recommendations from your bank and trusted financial sources.
You can help safeguard your finances against double-sided spoofing and other fraud schemes by staying vigilant and following these protective measures. Remember, Cadence is always working hard to protect your accounts, but your awareness and proactive steps are crucial in the ongoing fight against fraud. To learn more fraud tips, visit the Cadence Bank Fraud & Security Center.
Sources:
https://www.nacha.org/news/rmag-fraud-alert-double-sided-spoofing
https://www.yahoo.com/news/being-spoofed-specific-type-scam-070001152.html
This article is provided as a free service to you and is for general informational purposes only. Cadence Bank makes no representations or warranties as to the accuracy, completeness or timeliness of the content in the article. The article is not intended to provide legal, accounting or tax advice and should not be relied upon for such purposes.
Feb 26, 2025
Personal Banking Services
