Why you can't trust Caller IDMost phones default to showing their actual phone number in the Caller ID field on mobile phones and phones with displays, but the number can be changed. That's for two legitimate reasons:
- Sometimes companies or individuals want their calls to be returned to another number (such as a company main number or switchboard)
- Some phones aren't phones at all, but a set of headphones connected to the internet, or one of many phones on a switchboard. Therefore it may not have a callback phone number. Just because it doesn't have a source phone number doesn't mean your phone company won't put the call through.
Caller ID is easily fooled, with just a little more knowledge than it takes to handwrite a name tag.
Why you can't trust the From field on emailDuring the setup of your email program, you are prompted to enter a username, a password, an email address, and your full name. Most people never give this a second thought, but if you're providing a username and password, why couldn't the email address and full user name be grabbed from the account? That's because just like Caller ID, there are legitimate reasons for the displayed email address and name to be different from the real source email address:
- The account may not have an email address, or be sending an email from a web form tool, so the preferred From address would be a customer service alias or the email address of the tool's developer.
- The sender may prefer that all email comes from a company alias and not expose their direct address.
Just because someone received a virus or a scam email from your email address does not necessarily mean that the virus has ever been able to send from your computer or your account.
Someone your nametag on the floor and decided to put it on.