Feeds

Disconnection phone scam targets UK consumers

BT and Ofcom warn over nascent con

SANS - Survey on application security programs

Scammers posing as representatives of phone service providers, such as BT, are calling up UK subscribers in an attempt to trick prospective marks into handing over credit card or bank details under threat of disconnection.

Plausibility is added to the scam by a trick designed to fool people into thinking that their line has been temporarily cut off, ostensibly under the control of the person calling them.

This happens after fraudsters are challenged to establish their identity as a representative of a telecoms carrier. In response, con men tell their prospective victims to hang up a phone and attempt to try phoning someone, claiming the line will be disconnected to prevent this. This supposedly establishes that conmen are calling on official business.

In reality, the fraudster stays on the line with the mute button on. Because the person who initiates a call is the one to terminate it, a prospective mark is left unable to make a phone call, or even obtain a dial tone.

The fraudster is able to hear the failed attempts to make a call. When these stop he is able to cut off the first call and immediately call back. To those unaware of the telephone system, particularly elderly or vulnerable people, this might easily be taken as establishing that someone is representing a service provider.

The next step comes with an attempt to trick victims into handing over debit or credit card details needed to settle a supposed debt.

Reg reader Alex forwarded details of the scam, which was unsuccessfully attempted against his friend, a Virgin Media customer. The fraudster, who posed as a BT representative, unsuccessfully insisted immediate payment of £31 was still due to BT, warning that reconnection at a later date would cost £118. The fraudster gave a 0800 number that (unsurprisingly) turned out to be bogus, though similar to the genuine number of BT Business.

El Reg contacted BT media reps who confirmed that they were aware of the scam, which has been occurring at a "fairly low level" across the country for the last two months or so. The attempted fraud targets customers of a range of telecoms providers, not just BT.

Customers with any doubts about who they might be speaking to about their account are advised to contact BT directly, using the phone number supplied on their bill.

BT security is liaising with a number of local police forces over the scam. In a copy of a statement already circulated to police, BT explained:

Fraudsters, pretending to be from various phone companies, have been calling people on the pretence that there is an outstanding bill and threatening to disconnect their line immediately if they do not pay the bill straight away.

The fraudsters have been pretending to "cut off" the customer. Worried about having their line cut off, some people have been persuaded into giving the fraudsters their bank account details.

The police are investigating and BT Security is looking into incidents where the fraudsters have claimed to be from BT.

Whilst BT does have debt handling procedures which may involve calling customers, BT never carries out disconnections during the call by way of proof.

We advise customers never to give out any banking details over the phone unless they are absolutely certain who they are dealing with.

If there is any doubt at all, a BT employee will be able to give the customer their employee ID number and an 0800 number to call, where the customer can check that they are who they say they are. The customer can also check their identity by calling 0800 800 150.

West Midlands police are leading an investigation into the fraud.

Conmen are also posing as telecom regulator Ofcom, again with the aim of fleecing the unwary. Ofcom posted a warning about the scam on its website on Thursday which can be found here.

In the example cited by Ofcom, fraudsters claim a consumer’s telephone line needs a digital upgrade. Targets are told they need to pay £6 within ten days to avoid the supposed risk of disconnection. As with the BT impersonation scenario, a fraudster will stay on the line to prevent outbound calls being made as a ruse designed to trick prospective marks into believing the bogus story. ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story

Whitepapers

Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.