back to article TalkTalk scam-scammers still scam-scamming

TalkTalk customers are still being targeted by scammers, following a series of data breaches at the company. In the last four years, TalkTalk has had to admit to four different breaches of data, two directly from the company itself and two others from partners here and in India. Most notorious was its attack in October last …

  1. Pascal Monett Silver badge

    "the respondent purporting to be a TalkTalk representative hung up"

    Apparently, the 56% drop in profits is still not enough for TalkTalk personnel to get the finger out and start redressing the company's image by actually being useful.

    Or even polite.

    1. Don't say no

      Re: "the respondent purporting to be a TalkTalk representative hung up"

      Talking to 'Jo', a supervisor, on another matter I mentioned having received a number of such calls. She immediately gave me the 'speil' about such calls. Having worked in the field myself (which she didn't know) she said everything which I would have advised.

      For those whose phones show the caller's number it will appear to be a UK one but there is no such exchange code. I then did a 1471 and got the caller's number (abroad with an unlisted country code close to but not that that for Bermuda). Having got that number I simply googled it and it was listed as a scammer working not only Talktalk but also PPI and a few others.

      Jo told me that Talktalk wants all those those numbers.

  2. TheProf


    'Diane Jackson got in touch with The Register......

    she gave the caller remote access......'

    Savvy enough to contact ElReg, but not savvy enough.

    1. VinceH

      Re: Hmm

      Exactly what I was thinking - especially given that scams along these lines have been reported before, and this incident was only a few days ago.

    2. tmTM

      Re: Hmm

      Perhaps after the Talk Talk scam attempt she did some reading online and found all the articles on El Reg??

      or she was just monstrously tired.

      This morning I gave the dog my cereal and walked off with his food bowl, sleep deprivation - very bad!

      1. Captain Scarlet

        Re: Hmm

        Or perhaps a Youtuber capturing the exploits of such callers in an attempt to annoy them and become internet famous

      2. Martin Summers

        Re: Hmm

        Are you suggesting the dog took advantage of your sleep deprived state and scammed you out of your breakfast? Be afraid!

    3. Anonymous Coward
      Anonymous Coward

      Re: Hmm

      What as that got to do with being scammed, these scamming b#@$£ r $ are good at what they do especially if you are not savvy enough as you put it well I ain't savvy enough because i fell for it last week told me my router was corrupted and they wanted to fix it but needed access to my computer so unfortunately I let them in and after i woke up a bit afterwards i called TT to ask if they had just phoned me they said no so I went to the bank and found that they had wiped my account out and also replied for a loan, we all aren't as savvy as some people and their actions have caused me a lot of stress.But what i can't understand is how they got my number as it was supposed to be ex-directory and only an handfull of people have my house number.

  3. Geoff Johnson

    I think you should have a warning here.

    Something about never giving unexpected callers access to your computer.

    I know most Reg readers would know this, but maybe casual Googlers will land on this page too.

    1. Anonymous Coward
      Anonymous Coward

      Re: I think you should have a warning here.

      never giving unexpected callers access to your computer

      But this is a confidence trick, and warnings are only so much help.

      Due to TalkTalk's serial blunders, the malicious caller has sufficient detail to gain the full confidence of many victims, and there is an apparent reason for the call. Due to TalkTalk's miserable business practices, customers expect to talk about their contracts or connections with foreign nationals via ratty VOIP connections. And due to Microsoft's blunders, home users are too-readily able to give remote access to the confidence trickster.

    2. AndrueC Silver badge

      Re: I think you should have a warning here.

      Something about never giving unexpected callers access to your computer.

      Or best of all: Never give unexpected callers the time of day.

      1. Doctor Syntax Silver badge

        Re: I think you should have a warning here.

        "Never give unexpected callers the time of day."

        No, I give them as much time as they're willing to take. Whilst they're hanging on "a moment" they're not scamming anyone else. I don't get too many; I'm convinced there are "don't bother calling" lists in circulation.

      2. William 3 Bronze badge

        Re: I think you should have a warning here.

        You're right about not giving scammers the time of day.

        I had one of those "Hi, I'm calling from Microsoft" chaps from India today.

        I've read so many stories about them I was hoping to get one myself to toy with the chap.

        Finally when one called me today, I just laughed at the chap and said "goodbye".

        That felt better than some long protracted pissing contests with someone who ultimately wouldn't give a shit.

        1. Anonymous Coward
          Anonymous Coward

          Re: I think you should have a warning here.

          "You're right about not giving scammers the time of day.

          I had one of those "Hi, I'm calling from Microsoft" chaps from India today.

          I've read so many stories about them I was hoping to get one myself to toy with the chap.

          Finally when one called me today, I just laughed at the chap and said "goodbye"."

          On caller's number display it is easy to spot scammers so I have a choice of replies such as

          Vaere so god og snakke landsmol in various languages (try google translate)

          (All perfectly good replies but the scammers are pig ignorant and cut the line

    3. paulf

      Re: I think you should have a warning here.

      "Something about never giving unexpected callers access to your computer."

      True but when the legit callers do this kind of thing how are we supposed to tell the difference?

      On phone calls with the bank, they want all manner of personal information to prove I am definitely who I am. That's all well and good when I call them, but when I get an incoming call I have no means to verify they are who they say they are but I'm still expected to prove my identity.

      Companies all do this - call the customer and expect them to prove their identity yet they called the customer on details given by the customer. Point out how silly this is and they just mumble "Data protection, innit".

      I refuse to hand out personal information on incoming calls. It causes no end of problems trying to get back to someone on a published number and running the gauntlet of call centre droids who want to know what it's about first and wondering why they can't help me with the problem but if I never give out the info there is no risk I can give it to a very well executed scammer's confidence trick. Unfortunately it's a war of attrition - I need to be lucky every time, the scammers only need to be lucky once. Until the big companies/banks realise they need a secure way of calling the customer that doesn't encourage us to hand over identifiable personal information educating people not to trust random incoming calls will be VERY difficult.

  4. 2fast748

    My wife nearly gave one of these scammers access to her laptop a couple of months ago, it was only our daughter crying that stopped it happening. They then phoned back 3 times a day for 2 weeks trying the same trick. It prompted us to take up TTs offer of free CLI. The calls have now died off but I really must move away from TT as they are a truly awful company.

    Why haven't the ICO come down like a ton of bricks on TT? Has anybody ever been prosecuted over this (either TT or the scammers?)

    1. Anonymous Coward
      Anonymous Coward

      Why haven't the ICO come down like a ton of bricks on TT?

      The investigation is continuing. Whilst a financial penalty seems probable, the highest the ICO can impose is half a million quid. That's small beer for big companies, and TalkTalk will have already provisioned for that. I would guess that lobbying by large, evil data processors (primarily Google, Facebook et al rather than people like TT) ensured that the UK's weak and corrupt politicians set the maximum penalties at a level that might worry an SME, but could be paid out of the coffee budget by those large corporations.

      As for prosecutions, what do you think?

      1. mark 120

        It's only half a million quid right now, but the replacement for the DPA (the EU General Data Privacy Regulation) allows for 4% of global turnover or 20 million Euros, whichever is higher. It might actrually result in companies taking their data security a bit more seriously in future.

        1. Alan Brown Silver badge

          "the replacement for the DPA (the EU General Data Privacy Regulation) allows for 4% of global turnover or 20 million Euros, whichever is higher."

          Except the companies will argue that this is damaging or they don't have the money, so the ICO won't enforce it.

          On a similar vein, emulating the TCPA's statutory per-call damages plus right of consumer action and joint liability for caller/hirer would put a large dent in the illegal sales calls made in the UK.

          The ICO and Ofcom are _both_ notably silent when this is raised, or try to claim that it would result in the courts being overwhelmed in a tsunami of claims. (really? If it's that bad then why are there so few actions and so few entities being fined?)

    2. Alan Brown Silver badge

      "It prompted us to take up TTs offer of free CLI."

      What makes you think they can't manipulate that?

      CLI is trivial to spoof if the origin is VOIP or ISDN

  5. Tom Silitis

    They're still at it

    I was contacted 4 times in a day. They called me yesterday, and I tried to ascertain what data they had on me. They could only give me name and address. They couldn't confirm my account number, or any other details. They couldn't even tell if I was a customer of TT or TT Business. This suggests that they are working off an old data set, one with few details (I was a TT customer ages ago, but moved to TT Business to get a fixed IP).

    At one point, they told me all ISP helplines go to the same number. They finally hung up when I told them I had called the police to trace their number (which I didn't - I tried that before, and the police said they couldn't help until a crime had been committed)

    1. Known Hero

      Re: They're still at it

      Nah mate, I think that is actually Talk Talk.

      Was going to use joke icon then thought about it .........

  6. corestore

    "Jackson requested to cancel her contract due to her lack of trust in the company, but was told she'd need to pay £247 to leave early. "Despite it being an 18-month contract which I began in 2013 and have not since renewed."

    I hate it when it gets difficult to tell the fake scammers from the real scammers...

    1. Alan Brown Silver badge

      "I hate it when it gets difficult to tell the fake scammers from the real scammers..."

      Especially as automatic contract lockin rollover has been illegal since before 2013 and the maximum contract duration for a new signup is 2 years.

      If this was a claim genuinely made by TalkTalk then Ofcom needs to get involved.

  7. Anonymous Coward
    Anonymous Coward

    Just guessing

    Could be coincidence they said talk talk, my dad got similar calls from someone claiming to be from BT last week, on the face of it most people probably have some sort of BT connection even if by a third party. Sadly the caller did not know there is no BT in Hull, thus my dad has never ever had any type of service or connection from them. He didn't give them access but they continued to call each day so he rang me to check. Never give anyone at all remote access to your pc.

    1. Mr Flibble

      Re: Just guessing

      Or if you do give them access, make sure that it's to a sacrificial Windows installation. If you can fake a bank account login (false details etc.) when they ask, so much the better.

  8. adam payne

    "A TalkTalk spokesperson has contacted us to say: “We are sorry to hear Ms Jackson has been contacted by a phone scammer. TalkTalk looks at these situations on a case by case basis, but unfortunately phone and email scams (where customers are persuaded to provide criminals with information which is then used to steal from them) are a serious and growing problem affecting consumers and companies across the UK, not just TalkTalk."

    Well you washed your hands of that one quite well.

    1. Mark 85

      Yep, they danced and dodged around that issue. I'm not a TT customer nor can I be as I'm in the States. It would look like either our companies are following yours or vice versa or maybe they're just sharing how to ignore customers and rip them off.

  9. This post has been deleted by its author

  10. hatti

    Leaky Bucket

    Seems Baroness Harding was not too bothered about this article then

  11. JohnMurray

    If they really wanted to gain access/details then they'd have someone call who:

    Couldn't speak understandable English.

    Read from a script, and gets confused when questioned then goes back a few steps to start again.

    Had no idea what data plan you are on, or its cost.

    Just like all contact with talkcrap....

  12. Msitekkie

    I was contacted twice the day after I switched to Fibre

    I upgraded to fibre on 23rd May and the next day I had 2 of these scam calls (both with number witheld). When I asked for their name & number to check the calls were genuine, they put the phone down.

    I contacted TalkTalk who added "Anonymous Caller Reject" to my account for free.

  13. A Ghost

    It's happening again

    They stop for a while, give it a few months even.

    Then it starts up again. They will never stop. They sell your mug punter details to other firms who give you a crack.

    The most despicable part of all this is the fact that harding and tt have taken no responsibility whatsoever and have deeply insulted their customers.

    I've written at great length about these operations, but suffice to say, some of them do use intimidating tactics. They speak in an extremely authoritative tone and use a very dominant manner, speaking down to you, telling you how it is and how it's going to be, and what it is you are going to do, or else they won't be very happy with you, and you wouldn't want to make them angry, because, well, you wouldn't like them when their angry...

    These ones are my favourite, coz it gives me carte blanche to really rip on them, sparing no horses and sending them into an apoplectic rage where they then insult my mother, my sister, my children. One of them laughed at me and told me he had 'fucked' my sister. Gave me a chuckle, as I don't have a sister. I told him when he tries that one again, to say that he 'fucked' the mark's mother, coz, logic, you know, everyone has a mother, but not everyone has a sister - it would up his success rate in the numbers game. He hung up.

    It stops for a while, but it never stops. Not until you change your name/address/phone number. Once they have your name and number, as they do with me, it never ever stops. Been going on years since tt sold my details back then.

    I'm up for a bit of aggro with these chumps (see my previous detailed post about keeping them going for several hours, while I researched their MO and setup), but some one who is just going about their business and someone that is not used to high-pressure sales techniques, wouldn't be mentally prepared for this. So it works.

    There is a reason they operate out of massive call centres with literally hundreds of them on the phone at one time. This is a big industry, and it will only get worse.

    The fact that scum like harding and tt have all but blamed the victims on this one shows that they need to be punished. And punished hard. It is only ill health that has stopped me changing to a more expensive service (there are no cheaper ones afaik).

    Really, if you are looking for an isp. Do NOT choose tt. Your details WILL be stolen. And once out there, the genie does not go back in to the bottle.

    Personally, I would like to see them all strung up.

    Oh, and I have greater animosity and ill-will towards harding than I do the poor souls that get the full force of my tongue when they try this shit on. I don't think the scammers are evil per se, just probably caught between a rock and a hard place and trying to feed their family. I don't know. I do know, however, that harding is the very personification of evil itself. Up there with google and microsoft in my book, and we all know, it just does not get any more 'evil' than that.

    She'll keep her fucking job, get a fucking bonus at the end of it, and all in the mean time, she will just keep on fucking insulting her paying customers, coz she knows she has the only kind of protection that matters - big government who spy on us and our naked children in their bedrooms.

    Dystopia much?

    What does it take to show people that any hope for the future of humanity is non-existent at this point?

    Yes, it's happening again. And it will only keep on happening. For ever!

    1. Alan Brown Silver badge

      Re: It's happening again

      "Then it starts up again. They will never stop. They sell your mug punter details to other firms who give you a crack."

      Ask your provider for another number. When they wn't give you one (TT refused), switch to a provider who cares. (I did) and leave the toxic number with the old one.

      After that, get yourself a 070 followme number from one of the various sellers and give _that_ out to businesses which insist on having your phone number. The £1.50/minute charge is a strong dissuader from scam calling. (I still get the occasional call, but the fact that they're paying to call me increases my amusement factor a little)

      1. leexgx

        Re: It's happening again

        could you imagine keeping a person on a call for 1 hour at £1.50 that be very amusing (assuming it was a scammer (only thing is not everyone is aware of the charges to none uk 070 numbers and most mobile operators don't warn you before connecting the call as well)

  14. This post has been deleted by its author

    1. A Ghost

      Re: They are losing data from their engineer booking systems

      This is exactly the problem.

      The people working for TT have figured out a nice little side-number where they can sell customer's details. They really are a right bunch of shit-heads, the ones I've had to deal with anyway. I've found them to be rude and insulting with a very strong line in passive-agressiveness (putting the phone down on you after a 3 hour wait, after being disconnected after waiting for 4 hours). What grown man would not be in tears at the end of that - having a whole day of his life robbed from him?

      So it is inherent and endemic and is being denied. They or rather 'she' is also doubling down with impunity. She needs to be given a jail sentence for this with hard time, just for her handling of the matter really, not even anything to do with accepting responsibility in a 'buck stops here' kind of fashion. For that, give her another 5 years on top, M'Lud!

      Ha, as if. She's fucking laughing at us all and just rubbing salt in to the wounds now. She's a sadist. I do believe she is enjoying herself and her wielding of extraordinary power.

      Talk Talk is corrupt from the ground up, to the top down. The workers on the front line have a constant ongoing scam, and the workers in management have a constant ongoing scam (looking at you dido baby). It's rotten to the core. But they get away with it.

      Sometimes I think they underestimate the level of anger felt against them personally, a bit like before, you know, the French Revolution.

      The people that man the phones in the call centre have a real fuck you arrogant attitude. Remember, they can cut you off at any time - 4 hours waiting or not, they will do it. What makes you think they don't sell your information as well?

      This is all conjecture on my part. I actually have no idea what has happened, as Dido Harding still hasn't given a non-obfuscatory answer. It could be Martians from Venus what done it for all I know. And there in lies the rub. The nut of the matter. And it is that very nut that harding can not grasp, as she otherwise swings us all around by our nuts, laughing and cackling like a witch.

      Talk Talk needs to be dismantled and taken apart, never to trade again. And those responsible put in prison. Those at the top that have failed to handle the matter. Those employees who sold the information. And those that use it to intimidate little old ladies into Ctrl-R'ing into Team Viewer.

      Just wtf is so outlandish about expecting this as an outcome? Everyone else has to obey the laws of the land. What makes these people above the law? Because they are above the law. And if that doesn't make your blood boil, well...

  15. Anonymous Coward
    Anonymous Coward

    They are losing data from their engineer booking systems

    There was an article on Radio 4's MoneyBox a few months back featuring scam calls where the scammer was able to tell the talk talk customer details of engineering visits that had only happened the previous day. Several examples were given and even though it was clear TalkTalk was leaking real time info from internal systems and customers were being scammed by use of this information TalkTalk washed their hands of it.

    it's pretty clear that Dido "Baroness of Winscombe" Harding hasn't got enough control over her company - there have been too many security breaches and it's time the buck stopped with her.

    1. I'm Brian and so's my wife

      Re: They are losing data from their engineer booking systems

      That is absolutely disgraceful! When TT suffered a hack last year I moved my parents to PlusNet. It's more expensive and they had a couple of minor teething problems, but I was far (far, far) happier dealing with UK-based staff.

      I'd never return to TT, nor would I recommend anyone choose them.

      1. Alan Brown Silver badge

        Re: They are losing data from their engineer booking systems

        "I moved my parents to PlusNet."

        Bearing in mind that Plusnet is simply a trading brand of BT, what makes you think their details will be any more secure than they've proven to be with BT (which is only slightly better than TT's levels of data leakage) ?

    2. Anonymous Coward
      Anonymous Coward

      Re: They are losing data from their engineer booking systems

      I can only assume this is true. While I've only seen it once or twice with BT, and it may be coincidence (random calls can happen at the same time etc). I have also seen with BT that after putting down the phone to their call centre, an hour or so later a scam call comes in.

      None before, none after. Such a correlation is rather worrying and suggests some call centres (the hardware)/engineers (the people) are leaking details.

  16. ted frater

    Well, from all thats been written above on the bad side of TT, its time I came in here and related my experience.

    My experience has been 1st class, perhaps ive been lucky,

    We were with Virgin since they started some11 yrs ago. Then they doubled their prices and we decided to try BT. This was sort of ok, till we needed to make some change a couple of yrs later. We had 2 copper pairs into our house to 2 seperate phones. both to the same exchange. Corfe Castle. some 5.9 km away. The average line speed was 3.5mbs on the BB line.

    Then we needed to drop this line no longer needed and asked BT to do this, and change the BBand to the remaining line. so qwe could keep our old no.They quoted us 1mbs!! down the same wires to the same exchange!! Also they wouldnt change the no over that I had for 40 yrs here to the remainimg line.

    Despite escalating it to the chairmans office in their HO london they were so institutionalised they were just as bad at dealing with India.

    We finally told them they were unfit for purpose and as we have a proper IT gurru in house, not me I may add, we chose TT. Well would you believe it!! They changed the no to a new one once we got a crime reference no, and the line speed went up to 5.6mbs!! So theres no question, BT deliberately throttle their BB ADSL unless you pay for infinity.

    This has now been in service for 2 yrs and no spam calls, , just a god steady connection.

    As a afterthought, the line speed from here to the exchange is 6mbs, as the signal to noise ratio is very good. Copper all the way, so my friendly BT engineers tells us.

    He suggested that he could just change over the wires in the exchange, but then it was too late.

    Its who you know some times. BT lost a 40 yr customer. Never to go near them again.

    I still have problems remembering our new no!!

    1. Anonymous Coward
      Anonymous Coward

      Being one of the few people who did not get their details hacked off TTs servers, is little help to those who did.

      "I've done fine in the lions den, I've not been eaten in all this time" is not much help for those currently being chased by lions, and may only be because you were not first! :(

  17. PeterM42

    Directly from Microsoft?????

    I strung along one of the "Microsoft here" people for 20 minutes once before telling him where to shove his computer. Great fun! DON'T MESS WITH PENSIONERS!!!! Especially retired IT ones. :) :)

  18. PeterM42

    I strung along one of the "Microsoft here" people for 20 minutes once before telling him where to shove his computer. Great fun! DON'T MESS WITH PENSIONERS!!!! Especially retired IT ones. :) :)

  19. Siskris

    Me too

    I've had two such calls this year despite having anonymous call rejection installed after I reported the first one. The scary thing is that they knew my account number. I refused to cooperate and demanded that they tell me which package I have until they hung up.

  20. Anonymous Coward
    Anonymous Coward

    Definitely a new leak at TalkTalk

    I've literally just walked back through the door after helping a friend de-louse his computer. He has TalkTalk phone and broadband and reported a fault with the phone about a week ago. The next day he gets a call claiming to be from TalkTalk and, significantly, referring to the fault logged the previous day.

    The scammer then claims the problem is actually with the computer, sets up remote access to the computer, opens the event log and claims this is evidence of problems. The scammer then proceeds to set up SysKey to encrypt the registry (essentially preventing use of the computer). At this point my friend smells a rat and turns off the computer and hangs up. I'm sure the next step would have been to try to extract money to unlock the computer.

    The key thing here is that the scammer knew he'd logged a fault with TalkTalk. There's no way that could be known from the previous breach; there's got to be an ongoing source within the call centre or someone with access to the fault tracking system.

    Luckily my friend is as annoyed as I am about this and I'm encouraging him to report this to the police and the ICO as well as a formal complaint to talktalk. Since another mutual friend is a solicitor who specialises in contract disputes we're looking forward to a good fight!

  21. JCA100

    TalkTalk Scam Phone Calls - July 2016

    Contacted twice this week by the 'TalkTalk Technical Department', reporting a fault with my router and requesting remote access to my laptop. They had access to my name, address, postcode and ex-directory telephone number all obtained through the recent TalkTalk breach of security. Reported to TalkTalk Security and the Commisioner for Information.

  22. NG

    Christmas 2017 - still going on

    My elderly parents were scammed out of £4k this week - someone very insistent claiming to be from TalkTalk tech support called three times a week for a month until they took him seriously.

    I presume they installed a keylogger at best and potentially something nastier in their mac. Now I have to find anything left after the local computer shop had a go at it, and said it's all fine, without saying what they had done...

    Interestingly Lloyds bank gave them their money back, so well done Lloyds.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon