There are many telephone scams out there and you need to keep your guard up! If you’ve not been reporting in communication with a company then you’re more likely to be cautious as the call is “out of the blue” – but things can go wrong if your guard is down because you recently got off the phone to that company.
A client of mine was recently subject to just such a situation as they’d not long been on the phone to a broadband supplier complaining about the speed of the broadband that they were receiving. A couple of hours later they received a phone call from an ‘engineer’ purporting to be from the same company and that they were investigating the problem! The ‘engineer’ identified themselves with a company employee ID and gave them a telephone number – these were all part of the scam!
As part of the ‘diagnostic process’ they obtained remote control of the computer and then proceeded to run all kinds of test (in the foreground!). Unknown to my client the scammers were running other things in the background which they couldn’t see. Following some questioning they asked the client to log in to their bank account to see if the ‘problem’ was now resolved. Whilst the client was distracted, they started transferring monies out of the account and as the link was still logged in this was not a problem for them.
The client then started to become very suspicious (they couldn’t see that the web browser was still open) and they hung up the phone (unfortunately, they didn’t break the connection that the computer had to the internet!) and called the number that they’d been given. Not surprisingly the person who answered the phone confirmed the company employee ID and the ‘engineers’ name. A short while later the ‘engineer’ called back and continued ‘running diagnostics’ whilst suggesting that the client ‘deal with other things’ as the process would take some time. When the client returned to the machine there was a message from the ‘engineer’ on the screen saying that all the tests had now been completed and that the system was okay! What the ‘engineer’ had actually done was to corrupt the way that the computer used the internet so that the client couldn’t access their bank accounts and see what had occurred.
There are a few morals to this story, beside the fact that “They really are out to get you!” :-
- If you didn’t make the phone call then you really don’t know who the person calling is.
- If you call the number that you’ve been given, use a different phone to the one that you received the call on.
- You should never give somebody else access to your machine via any form of remote control, unless you know them well enough that you’d give them your bank cards, bank details and security codes (passwords/pins etc).
Action Fraud: https://www.actionfraud.police.uk/