Skip to main content

A scary scam

I have just been subject to the most sophisticated scam attempt I've ever come across.

I had a call apparently from BT (my broadband provider) to say that my internet had been hacked. To confirm that it was really them, they sent an email and a text with a PIN.

There was admittedly something fishy about it. They weren't able to specify exactly what they meant by my account being hacked, and I was confused about the PIN aspect (more on that in a moment) - so I hung up and called BT myself. 

They confirmed that it wasn't them who had been in touch. It was, indeed, a scam. Not only was there not a problem, and they had not contacted me in the last 3 months, the BT operative also confirmed my suspicion about the PIN - the point of a PIN is for me to confirm who I am, not for them to prove who they are. Anyone can send you a PIN and ask you to read it back. BT won't do this when they contact you, only when you contact them.

However, it's easy to see how the text and email could help fool people. The text was apparently from the same number that BT use to send a confirmatory PIN. The wording of the text was almost (but not quite) identical to the BT message. And what I still find unnerving is that the scammers were able to link together my landline phone number, my mobile number (for the text) and the email address I use to log into my BT account.

Because of this linkage, one thing I did do was both change my password on the BT website and switch on two factor authentication (where it sends you a text or email to check it really is you) in case someone had got into their data.

I pride myself on not falling for scam calls. But this one was scarily convincing. Traditionally it's been said that phishing emails and scam calls may be deliberately poor so they are only believed by the most vulnerable. This was certainly not that kind of operation.

See all of Brian's online articles or subscribe to a weekly digest for free here


  1. There is a similar version in which the scammer contacts you saying your account on, say, Amazon has been abused (someone trying to buy an expensive item on it). They go on to say there's no problem as they have blocked the transaction and that all you need to do is confirm this by reading out the one-off PIN that Amazon will send you. They then trigger the PIN request from your Amazon account so the PIN seems to be genuine, but, of course, if you give them the PIN they can reset your account for their own access.


Post a Comment

Popular posts from this blog

Why I hate opera

If I'm honest, the title of this post is an exaggeration to make a point. I don't really hate opera. There are a couple of operas - notably Monteverdi's Incoranazione di Poppea and Purcell's Dido & Aeneas - that I quite like. But what I do find truly sickening is the reverence with which opera is treated, as if it were some particularly great art form. Nowhere was this more obvious than in ITV's recent gut-wrenchingly awful series Pop Star to Opera Star , where the likes of Alan Tichmarsh treated the real opera singers as if they were fragile pieces on Antiques Roadshow, and the music as if it were a gift of the gods. In my opinion - and I know not everyone agrees - opera is: Mediocre music Melodramatic plots Amateurishly hammy acting A forced and unpleasant singing style Ridiculously over-supported by public funds I won't even bother to go into any detail on the plots and the acting - this is just self-evident. But the other aspects need some ex

Is 5x3 the same as 3x5?

The Internet has gone mildly bonkers over a child in America who was marked down in a test because when asked to work out 5x3 by repeated addition he/she used 5+5+5 instead of 3+3+3+3+3. Those who support the teacher say that 5x3 means 'five lots of 3' where the complainants say that 'times' is commutative (reversible) so the distinction is meaningless as 5x3 and 3x5 are indistinguishable. It's certainly true that not all mathematical operations are commutative. I think we are all comfortable that 5-3 is not the same as 3-5.  However. This not true of multiplication (of numbers). And so if there is to be any distinction, it has to be in the use of English to interpret the 'x' sign. Unfortunately, even here there is no logical way of coming up with a definitive answer. I suspect most primary school teachers would expands 'times' as 'lots of' as mentioned above. So we get 5 x 3 as '5 lots of 3'. Unfortunately that only wor

Which idiot came up with percentage-based gradient signs

Rant warning: the contents of this post could sound like something produced by UKIP. I wish to make it clear that I do not in any way support or endorse that political party. In fact it gives me the creeps. Once upon a time, the signs for a steep hill on British roads displayed the gradient in a simple, easy-to-understand form. If the hill went up, say, one yard for every three yards forward it said '1 in 3'. Then some bureaucrat came along and decided that it would be a good idea to state the slope as a percentage. So now the sign for (say) a 1 in 10 slope says 10% (I think). That 'I think' is because the percentage-based slope is so unnatural. There are two ways we conventionally measure slopes. Either on X/Y coordiates (as in 1 in 4) or using degrees - say at a 15° angle. We don't measure them in percentages. It's easy to visualize a 1 in 3 slope, or a 30 degree angle. Much less obvious what a 33.333 recurring percent slope is. And what's a 100% slope