This morning while sitting in my office, I received a telephone call from a presidential campaign seeking a donation. I found this interesting because I have yet to donate to any presidential candidate this year. While I was more than happy to donate some money to the campaign, a thought came into my head while dealing with the guy on the phone – how do I know you’re really working for campaign X? It would be trivial for someone to say they were with a campaign, start calling people, and get a few credit cards here and there.
My first inclination was to check the caller ID on the call, then enter the number into Google and see if it came back with anything. Unfortunately, the caller ID was blocked. I thought about it and realized that someone with a moderate amount of skill and planning, of which it seems most scammers have neither, could get an account at SpoofCard and make their call seem as though it was indeed coming from the campaign. Thus, I could not use this obvious piece of information as verification of the mans identity.
I realized that if they had my name and phone number they must have had other information on me too. I asked the gentleman on the phone where my information was obtained from, and he informed me that it was from a list of donors to a previous round of presidential campaigns. If that was the case, then they should have information such as my address on file also. Sure enough, they had my old address from 2004 on file. While this was enough to convince me that the man was most likely affiliated with a real political campaign it wasn’t enough to convince me to donate money over the phone. A nefarious individual could still look up information about past addresses and then figure out which one would have been valid at the time. However, this is a lot of work for a relatively small probability of payoff.
I volunteered to donate money over the internet, and the man was very against the option, replying that is possible to process the transaction over the phone in under a minute – that’s funny, on a high speed connection I can find a candidate’s web page and donate money in under a minute. Anyway, after some going back and forth I informed the marketer that he had succeeded in reminding me that I had been planning to donate money (it was even in my copy of thinking rock), but I couldn’t do it online because it didn’t feel secure.
So, for anyone who reads this, what actions can a campaign take to make sure that a recipients of marketing calls know they’re legitimately calling from the campaign? Absent of political beliefs, what credentials would a person over the phone have to communicate to you to get you to donate?