Scam of the Week – BT customers targeted with phone phishing scam
UK broadband users are being urged to be vigilant after a rise in phone scams from fraudsters claiming to be from ‘BT Openreach’.
Victims have reported receiving phone calls informing them that the company has detected slow broadband speeds in their area. In order to fix the problem, they are asked to log into their computer and download specialist software to help improve the speed.
The ‘specialist software’ is nothing more than a ruse to get the user to download malware or keylogging software that will record and monitor every single keystroke they make. The hackers can then gain access to their login details, passwords and sensitive financial information.
Openreach confirmed the scam on social media and advised customers that: “Openreach would never contact you directly, nor would we ask for personal details or remote access to your router." It also advised anyone who has received a call to hang up immediately and to report the incident to Action Fraud.
There has been a massive rise in these types of scams and a recent survey fromComparitech found that one in three UK landlines has been targeted by scammers impersonating BT. It also found that one victim had £34,000 cleared out of their bank account.
Clearly, it’s become a lucrative business and the crooks are using every tool at their disposal to make their scams seem as convincing as possible.
One of the main ways they will make their call appear genuine is by using a tactic known as ‘number spoofing’. Using sophisticated technology, the fraudsters can alter the phone number from which they're calling from so that it matches the official telephone number of the victim’s telecoms provider or bank.
Another tactic is to play background noise, so it sounds like the call is being made from a call centre or busy office environment. The ultimate aim is to create a sense of urgency to pressurise the victim into taking immediate action.
Despite the increasing sophistication of these scams, there are a number of ways you can protect yourself:
- Be wary of phone calls from unknown numbers – If a call comes out of the blue from a number you’re not familiar with, then treat the call as suspicious.
- Never give out personal information over the phone – Legitimate organisations will never ask you to give out personal information such as a password, pin, activation codes or bank account details over the phone.
- Hang up – If you’re feeling intimidated or harassed by a call then don’t be afraid to hang up immediately.
- Ring the organisation directly – If you think the phone call is a scam then hang up the phone and ring the organisation directly. Source the official number yourself and never call back using the number the caller has given you.
- Call blocking device – If you’re getting pestered with calls from unknown numbers, it may be wise to invest in a call blocking device to filter out unwanted calls.
If you’re looking to start a phishing awareness campaign or would like more information on how to protect yourself online, get in touch to find out how we can help. MetaPhish has been specifically designed to protect businesses from phishing and ransomware attacks and provides the first line of defence in combatting cyber crime.