This is how you can protect yourself from spoofing attacks

“Spoofing” refers to the act of pretending to be someone else. For example, scammers manipulate telephone numbers or email addresses to establish trust and deceive their victims.
The term "spoofing" is derived from the verb "to spoof," which means to "imitate" or "fake." In this article, you'll learn how spoofing works, what warning signs you can recognize, and how you can effectively protect yourself.

How does phone spoofing work?

In telephone spoofing or call ID spoofing, scammers manipulate the phone number shown on your display. The fake caller ID creates the impression that the call is coming from a trusted source, such as your bank or a well-known company. This technique is used deliberately to build trust and get you to disclose personal information.

In many cases, the scammers pretend to be bank employees. They try to obtain confidential data such as one-time passwords (OTP) or login credentials. They often rely on psychological pressure and fear by claiming that unauthorized transfers or purchases have been made. Sometimes they even ask you to transfer your money to another account “for security reasons” because your own account is supposedly blocked. These statements are always a warning sign – reputable banks never ask you to take such measures over the phone.

The technology behind it primarily involves manipulating a caller ID. The scammers make your bank's real number or that of a well-known company appear on your display, even though the call actually comes from a different number. This makes the call appear legitimate, even though it is not.

Spoofing simply explained

In this video, you'll learn about spoofing, a popular method used by cybercriminals to fake identities and gain trust. Whether it's email spoofing, IP spoofing, or caller ID spoofing, we'll show you how spoofing works, how you can recognize it and how to protect yourself from it.
Watch video

Other types of spoofing

  • Email spoofing: Email spoofing involves falsifying the sender field of an email so that the message appears to come from a trusted address. The goal is to trick recipients into clicking on malicious links or disclosing confidential data. This method is often used in phishing attacks.
  • IP spoofing: IP spoofing means that the IP address in data packets is manipulated to conceal its true origin. Attackers use this technique to pose as a trustworthy system or to bypass security mechanisms, as is the case with DDoS attacks.
  • GPS spoofing: GPS spoofing involves falsifying location data so that devices or systems display an incorrect location. This method can be used to deceive navigation systems or bypass location-based security features.
  • Website/URL spoofing: Scammers create fake websites or links that look deceptively similar to real sites. The aim is to encourage users to enter login credentials or other sensitive information. Such links are often disseminated through phishing emails or SMS messages.
Your security comes first

Your security comes first

Our 24/7 Monitoring Team identifies possible fraud and protects your transactions.

Tips for protection against spoofing

If someone on the phone claims to be a BBVA employee and asks you to transfer money to another account or provide confidential information such as passwords or OTP codes, it is definitely not BBVA.
 
SMS messages from BBVA do not contain links. If you receive a message with a link – even if it appears in your BBVA SMS history – it is fake.
 
Further tips:
 
  • Never give out personal or bank details on websites that you have accessed via links in SMS or emails – and certainly not on your phone.
  • Do not reply to suspicious SMS and delete them immediately.
  • Be vigilant if you receive messages or calls that apply pressure or create panic.
  • Protect your devices with the latest antivirus and anti-malware software and perform scans on a regular basis.
  • Keep your operating system, browser and apps current.
  • Only download apps from official stores.

Fast help if fraud is suspected

In the event of fraud, we provide fast and efficient support through a fully digital process.
Report the case directly in the BBVA App or contact our Customer Service team at +49 69 58 996 454.
 
Please use only this official telephone number, which is also on our website.
 
You can reach our German-speaking team 24/7 and our English-speaking customer service team is available every day from 7 a.m. to 9 p.m.
 
You can also reach us by email: Kundenservice@bbva.de

Easily use your smartphone to activate or deactivate your card whenever you need to.

Others also found interesting