Submitted by BasedSweet t3_10opq9o in technology
Greggers42 t1_j6hqlf6 wrote
Reply to comment by crank1000 in FCC Threatens to Disconnect Twilio for Illegal Robocalls by BasedSweet
Our company has 800 employees and half can be fooled by spoof attempts were the email being spoofed is “<corporate persons first initial and last name>@gmail.com” where our domain email is completely missing and replaced with a gmail account. When we explain what phishing is, we get replies like, “but they said they were this person. Here, I’ll forward you the email so you can read it!” 🤦🏼♂️
Spoofing doesn’t have to be good, it just has to work.
okvrdz t1_j6i0ivw wrote
Granted that the email spoof is true, crank100 was asking about the tracing of the CEO’s number. Which is what the previous user mentioned as tracing it back to Twilio. That question remains unanswered AFAIK.
Greggers42 t1_j6i6ew5 wrote
Most companies don’t hand out CEO’s cellphone. So a late night text that ID’s itself as your boss and ask for info is not hard and doesn’t require the amount of suggested work earlier post have given regarding changing the caller ID, etc. Not saying that’s what happened, but having seen this done as well, and amaze me people fell for it, I can see this being an option.
okvrdz t1_j6i7m8b wrote
Yes those are all clues on how to detect a possible spoof text. Yet, what some of us want to know is how tracing back a spoofed number that displays a valid existing number, results in determining that the text originated from Twilo. How does it make that distinction?
Greggers42 t1_j6i8o3b wrote
The poster has corrected it to say there were two numbers. Which seems more sus to me but I’ll give the benefit. Personally, I’ve heard the term spoofed number to apply to any number being used in a spoof attempt. Not necessarily the actual number, so that was where I was going with the forgiveness of the explanation.
WhatTheZuck420 t1_j6hxfkc wrote
>Spoofing doesn’t have to be good, it just has to work.
correct. spoofing is what they are doing
being spoofed is what your employees are doing
typing t1_j6hydh9 wrote
I thought just the CEO was being spoofed, or the real/fake employee. The target employees are being phished.
Viewing a single comment thread. View all comments