When you go to a social gathering where everyone is wearing handwritten name tags, has it ever occurred to you that the name on their badge might not actually be theirs? You probably have considered that, for example, the person wearing a badge that says "HELLO MY NAME IS... Acme Corp" probably doesn't have that name on their birth certificate, but if it says "HELLO MY NAME IS... Stef Hopkins" you should treat it with the same amount of skepticism. Their name might actually be Stephanie, or something completely different like Priscilla Smith.
The same is true for other technologies that we sometimes trust to give us information. Just because technology has told us who the message or incoming call is from doesn't mean that the technology is accurate. It's displaying the name tag it has been given.
Why you can't trust Caller IDMost phones default to showing their actual phone number in the Caller ID field on mobile phones and phones with displays, but the number can be changed. That's for two legitimate reasons:
- Sometimes companies or individuals want their calls to be returned to another number (such as a company main number or switchboard)
- Some phones aren't phones at all, but a set of headphones connected to the internet, or one of many phones on a switchboard. Therefore it may not have a callback phone number. Just because it doesn't have a source phone number doesn't mean your phone company won't put the call through.
Caller ID is easily fooled, with just a little more knowledge than it takes to handwrite a name tag.
Why you can't trust the From field on emailDuring the setup of your email program, you are prompted to enter a username, a password, an email address, and your full name. Most people never give this a second thought, but if you're providing a username and password, why couldn't the email address and full user name be grabbed from the account? That's because just like Caller ID, there are legitimate reasons for the displayed email address and name to be different from the real source email address:
- The account may not have an email address, or be sending an email from a web form tool, so the preferred From address would be a customer service alias or the email address of the tool's developer.
- The sender may prefer that all email comes from a company alias and not expose their direct address.
Just because someone received a virus or a scam email from your email address does not necessarily mean that the virus has ever been able to send from your computer or your account.
Someone your nametag on the floor and decided to put it on.