Feeds

Disconnection phone scam targets UK consumers

BT and Ofcom warn over nascent con

Protecting against web application threats using SSL

Scammers posing as representatives of phone service providers, such as BT, are calling up UK subscribers in an attempt to trick prospective marks into handing over credit card or bank details under threat of disconnection.

Plausibility is added to the scam by a trick designed to fool people into thinking that their line has been temporarily cut off, ostensibly under the control of the person calling them.

This happens after fraudsters are challenged to establish their identity as a representative of a telecoms carrier. In response, con men tell their prospective victims to hang up a phone and attempt to try phoning someone, claiming the line will be disconnected to prevent this. This supposedly establishes that conmen are calling on official business.

In reality, the fraudster stays on the line with the mute button on. Because the person who initiates a call is the one to terminate it, a prospective mark is left unable to make a phone call, or even obtain a dial tone.

The fraudster is able to hear the failed attempts to make a call. When these stop he is able to cut off the first call and immediately call back. To those unaware of the telephone system, particularly elderly or vulnerable people, this might easily be taken as establishing that someone is representing a service provider.

The next step comes with an attempt to trick victims into handing over debit or credit card details needed to settle a supposed debt.

Reg reader Alex forwarded details of the scam, which was unsuccessfully attempted against his friend, a Virgin Media customer. The fraudster, who posed as a BT representative, unsuccessfully insisted immediate payment of £31 was still due to BT, warning that reconnection at a later date would cost £118. The fraudster gave a 0800 number that (unsurprisingly) turned out to be bogus, though similar to the genuine number of BT Business.

El Reg contacted BT media reps who confirmed that they were aware of the scam, which has been occurring at a "fairly low level" across the country for the last two months or so. The attempted fraud targets customers of a range of telecoms providers, not just BT.

Customers with any doubts about who they might be speaking to about their account are advised to contact BT directly, using the phone number supplied on their bill.

BT security is liaising with a number of local police forces over the scam. In a copy of a statement already circulated to police, BT explained:

Fraudsters, pretending to be from various phone companies, have been calling people on the pretence that there is an outstanding bill and threatening to disconnect their line immediately if they do not pay the bill straight away.

The fraudsters have been pretending to "cut off" the customer. Worried about having their line cut off, some people have been persuaded into giving the fraudsters their bank account details.

The police are investigating and BT Security is looking into incidents where the fraudsters have claimed to be from BT.

Whilst BT does have debt handling procedures which may involve calling customers, BT never carries out disconnections during the call by way of proof.

We advise customers never to give out any banking details over the phone unless they are absolutely certain who they are dealing with.

If there is any doubt at all, a BT employee will be able to give the customer their employee ID number and an 0800 number to call, where the customer can check that they are who they say they are. The customer can also check their identity by calling 0800 800 150.

West Midlands police are leading an investigation into the fraud.

Conmen are also posing as telecom regulator Ofcom, again with the aim of fleecing the unwary. Ofcom posted a warning about the scam on its website on Thursday which can be found here.

In the example cited by Ofcom, fraudsters claim a consumer’s telephone line needs a digital upgrade. Targets are told they need to pay £6 within ten days to avoid the supposed risk of disconnection. As with the BT impersonation scenario, a fraudster will stay on the line to prevent outbound calls being made as a ruse designed to trick prospective marks into believing the bogus story. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Jihadi terrorists DIDN'T encrypt their comms 'cos of Snowden leaks
Intel bods' analysis concludes 'no significant change' after whistle was blown
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story

Whitepapers

Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.