Brits open doors for tech-enabled fraudsters because they 'don't want to seem rude' Brits are too polite to tell phone scammers to "get stuffed", "take a hike" or "sling yer 'ook" when they impersonate so-called "trusted organisations" such as banks. That's according to the trade association UK Finance, which found that the number of "impersonation scam cases" more than doubled in the first half of 2021 to 33 …
Had they included me in the survey the results would have changed dramatically. My record for keeping one of these parasites on the phone is almost 40 minutes as there was nothing good on TV and I had just finished a stressful day so need something to relax me...it worked a treat I felt great afterwards
Ah the great game, I especially making up accidents i've had for those bogus claims companies.
I used to do this with double glazing companies too, "windows!, yeah I do need some new ones as it happens, let me go and measure up and you can give me a rough quote" at which point i'd put the phone on the side and go about my day.
Spam through the door no problem, if they've provided a freepost envelope make sure you send that and some extra local takeaway menus back to them, also include the envelope that the whole thing came in too.
As we're all going to have to move to VoIP if we still want a landline equivalent, I'm thinking of setting up a virtual PBX. Then any scam calls will be met with "excuse me, my son is trying to put the cat in the dishwasher(*), can I put you on hold while I sort this out, won't be long" and then I'll see just how long they can stand hearing what the things(**) on the bus do or what Barney the Dinosaur thinks of them.
(*) Excuses will vary and be just on the possible side.
(**) Wheels, horn, etc
Why don't they fine operators that let scammers in on their networks?
This problem seems to be going on for years and there is no will to do anything about it.
I mean potential investigation can drag on, carry low cognitive load and there is always a get away card "we couldn't find perpetrators", so it is perfect to keep people busy.
all because people "don't want to seem rude."
Citation needed. I find this incredibly unlikely. "I'm going to steal your money, are you OK with that?" "Well, you've been so patient talking me through logging in to my bank account and setting up a new payee, you deserve some reward" ?!
Possibly we're all kinder and more trusting in the "COVID war" spirit. Possibly being forced online for everything has changed the demographic. Possibly the growth in the numbers and skills of fraudsters has overwhelmed the publics gradual awareness of security.
No, it's simply that "We're calling from (your bank / the IT Helpdesk), and you need to (transfer your money to this safe account as your bank account has been compromised / fill in this form with your login details to prevent your mailbox being deleted by tomorrow)" sadly takes in more people than you would think. The scammers don't actually say up front that they are going to steal your money or hijack your account…
We're all cynical B(OFH)s here, but sadly still far too many people are instinctively trusting and all too easily get taken in by something that sounds alarming and urgent, and, as long as the call/message is at least rudimentarily official sounding/looking, it all too often works.
I think I must be on some kind of blacklist because I don't seem to get them anymore.
It maybe because I've either tried to keep them on the phone for as long as possible, or alternatively saying things like "I've got a terminal illness, I don't need life cover", "my parents were on the plane shot down over the Ukraine so don't need a phone" or a good one when convinced the caller that I was a police officer investigating my violent death related to stock fraud, and why did this number (allegedly from a stockbroker or something similar that I couldn't get rid of) kept calling me.
Depending on how much time I have available, I either string them along for as long as possible, acting as THE dumbest user imaginable. Or, if time is short I either give them a blast of a personal attack alarm down the handset, or unload the vilest imaginable abuse at them. Honestly, I hold nothing back. It would make a '70s docker blush. It's so cathartic, especially if I'm having a crap day.
The advice included how to spot scams – and this belter of a top-tip, which read: "Don't click on any links… if you've received a suspicious message."
Much the same as an email from the bank warning about phishing emails and stuffed full of links to click. The trouble is that half marketing people completely lack the self-awareness to realise that their emails are indistinguishable from the phishing emails they're warning about and the other half probably see nothing wrong in clicking on aany link in any email they receive and sooner or later are going to let ransomware into their company.
...when an unexpected call from a REAL company sounds completely suspicious. I had that earlier this year with $PENSION_COMPANY
I'd had an arranged online meeting to discuss pension arrangements with $COMPANY_PERSON1 which all went ok. $COMPANY_PERSON1 didn't indicate that I would be getting a follow-up call regarding how the meeting went.
Then, a few days later, I had a call on my mobile phone with the number withheld (alarm bell 1 goes off) from someone (let's call her $COMPANY_PERSON2) who claimed to be from $PENSION_COMPANY. She wanted to talk to me about my "recent contact" (very vague - alarm bell 2 goes off) with the company. She then asked me to provide answers to security questions. I refused and asked her to prove that she really was from $PENSION_COMPANY and why was she calling from a withheld number when this is now extremely frowned upon if not actually illegal now. I thought it reasonable to ask her to provide me with either one of my policy numbers or some digits (and their positions) from one of those numbers. She refused saying it was personal information and, after getting in a bit of a strop about my refusal to do what SHE wanted, in the end hung up on me.
I immediately contacted $COMPANY_PERSON1 and told her about my experience. She agreed that it sounded very suspicious and asked if I wanted to officially report it, which I agreed to. She took the full details and said I would be hearing from someone in a few days.
A few days later I received a call from $COMPANY_PERSON3 from a number that was associated with $PENSION_COMPANY and, as he had details about the "rogue" call and other things that only someone from the $PENSION_COMPANY should have possessed, I was happy to talk to him. He apologised as it turned out that the "rogue" call HAD come from someone employed by $PENSION_COMPANY who was working from home but hadn't done as she should have and routed the call via $PENSION_COMPANY's normal phone network. We spent some time discussing ways in which $PENSION_COMPANY could improve their ability to prove their own identity when asked for it (mainly the same as I'd asked $COMPANY_PERSON2 to do, which he thought was a reasonable way of going about things).
Then he asked, "Is £75 compensation for all the hassle ok?" Having not expected anything of the sort, I readily agreed. This was duly paid into my bank account a few days later and, also around the same time, I received a package containing a written apology along with 2 bottles of wine and a box of chocolates!
So, I think the lesson there is, if you complain properly, you can actually get good results and a proper company will learn from its mistakes. I do wonder, though, what sort of reprimand $COMPANY_PERSON2 got!
This post has been deleted by its author
The banks started this - I'm sure others remember being called by them out of the blue, for a genuine problem with a card transaction, say.
After exchanging "hellos" they'd then say "we now have to ask you some security questions".
To which I replied, something along the lines of "no chance, you called me, remember?"
"ah yes, but we have to ...."
"No you don't, get lost and I'll call you back later".
So I was a bit more awake than some, perhaps, back then - but they set expectations that banks will call you about problems with your account. So people believe the scammers who call today. They just didn't think about what they were doing when they started calling people about things like this.
So I blame the banks' stupidity a lot - and I understand why people get taken in now. Oh well.
Now this happened to the mother of a friend of mine.
She got a call from "her bank" asking her to logon so they could stop a fraudulent transaction. So these scumbags then had a remote session on the computer with her logged in to the back and started emptying the accounts.
The daughter phoned me going bonkers about how we could sort it out. At that point she went of and turned the computer off. What really pissed me off was that the bank quite happily allowed £1000s of pounds to be transferred out with no question that it was out of sync with anything that had gone on previously. The mother is not savvy in these things and was bamboozled, just what these scumbags want. The banks allegedly have all sorts of monitoring and tracking in place to spot fraud but it does not work. These transactions are usually so out of place that they should be spotted automatically in seconds and frozen. But no, the banks continue to let it happen, the scum make the money and victims lose all their money. In this instance after pressing the bank very hard they agreed to refund the losses as there had been a "failure" in the process. How many don't get the money back.
This could easily be stopped in its tracks with a delay on any new payee and transfer so that it is held waiting for an interactive confirmation. Clearly it is not fool proof but the banks just make it too easy.
God help us when the £100 NFC limit is in. Since I started using contactless last year I have used my pin about 3 times for transactions below the limit. Ones above have been scarce as I have not been buying the same quantities of fuel etc.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
