Spoofing, as Muller explains, involves identity theft attacks where the sender’s identity is falsified. To illustrate, he uses a simple analogy involving a letter, where it is easy to forge the sender’s name on the envelope. While impersonating an SMS sender is more complex, it’s possible, particularly through operators outside Europe who allow such practices.
“Let’s say, for example, you receive a call from a foreign number, and it says Luxembourg. You have no way of checking whether it’s real or not,” Muller says.
Recognising spoofing attempts can be challenging. Muller points to a recent major spoofing incident on LU-ALERT as an example. He emphasises key red flags, such as receiving messages purportedly from entities like the National Health Fund (CNS) via LU-ALERT, which is highly unusual, and encountering links leading to fake pages.
In such instances, Muller advises cross-verifying through alternative channels, such as consulting other reputable sources or directly contacting the alleged senders.
Protecting oneself from spoofing requires a critical mindset when assessing message validity. Muller stresses the importance of acknowledging the potential for criminal intent behind suspicious messages.
Trusting one’s instincts and investigating further when something seems amiss is crucial, as Muller advises, “As soon as your gut tells you, ‘Oh, that’s strange,’ then you know, okay, yes, there is something strange about this and then you look into it.”
Full report by RTL Télé (in Luxembourgish)
