We have helped and advised people in the past who were scammed out of thousands of pounds because they were called by fraudsters who were able to convince the victims they were calling from TalkTalk themselves.
The criminals likely gained their information from the TalkTalk cyber-hack and had enough details to be able to trick victims in to thinking they were the real deal, with names, addresses, numbers and even account info.
The fraudsters are still at it; with plenty of targets to choose from thanks to the huge TalkTalk data protection breach.
One of the easiest ways they’re tricking people is off the back of broadband problems. The fraudsters knew that some customers had outstanding technical fault issues and preyed on them by contacting the victims and posing as TalkTalk who were calling to “resolve” the issues.
Based on first-hand accounts from victims we have helped, fraudsters are using a variety of methods to trick people in to handing over enough information to scam them out of thousands of pounds.
We know one of the tricks they’re using – one that isn’t exactly new but works well when the fraudsters are able to pass themselves off as TalkTalk staff resolving genuine issues – is by accessing your computer. They ask for remote access to help resolve a genuine issue.
Sounds OK, right?
No, it’s not. You should never (to be on the safe side) allow someone to have remote access to your PC.
What they were doing was pretending to have resolved the issue and advising they were happy to pay compensation to the victim. They then ask the victim to check their account without them realising they’re still logged on their machine. They can use technology to then know what the victim has put in as their login credentials for online banking.
But that’s not all…
We have spoken to several people who were then victims of a bigger scam. The fraudsters transferred the victim’s own money into a current account from a savings account and made this out to be the “compensation” they were owed, but what they were doing was actually increasing the amount and passing it off as a denuine mistake, and then asking the victim to transfer the increased amount back in to their account.
For Example: Say a victim is told they’re owed £50.00 in compensation, but on their online account they suddenly see £5,000.00. The fraudsters – still posing as TalkTalk staff – apologise and confirm they accidentally put too many zeros on the end. They then ask for the money to be returned (less the £50.00, of course). But the £5,000.00 was transferred from the victim’s own savings account without them realising, and if the victim hasn’t clocked what’s happening, there is a good chance they’ll transfer £4,950.00 of their own money back to the scammers.
To some, it simply looks like a transaction and not a transfer between accounts…
This has happened!
Its happened, and it’ll happen again and again and all off the back of fraudsters gaining just a little bit of information from a huge cyber-hack.
The lesson here is that no hack can be too small.
When people think that its not such a worry to have had their name and address leaked by a company, think again. If a fraudster knows you’re a customer of that company, and perhaps got the leaked information from a database logging particular complaints, they have enough to try and scam you. And they will…