Nicky H. is the victim of a tech support scam in which £34,000 (US$45,000) was stolen from her bank account by someone impersonating a BT Internet employee over the phone. Nicky is 58 years old and has been a primary school teacher for more than 25 years. In 2015, she suffered a stroke that made it difficult for her to deal with numbers and dates. The money she had saved and was subsequently stolen was meant for her children: to pay for her daughters‘ university tuition and put a downpayment on a house.
„I was in pieces – it was so much money that was not just mine, but my parent’s legacy that I was saving for my children,“ Nicky says. „I felt like choices were taken away from me and was very stressed for a long time. I felt stupid and frustrated, especially with the bank as I had mentioned how I was vulnerable, but nothing was done about it.“
Tech support scams are not uncommon these days. Microsoft is the most commonly impersonated company, but the UK has seen a rise in complaints filed by BT Internet customers as of late.
BT tech support scam plagues UK customers
Landline telephone service seem to be the largest target. A survey of nearly 4,000 UK residents commissioned by Comparitech showed that more than one in three respondents who have landlines received a call from someone whom they know or suspect is impersonating a BT representative:
Likewise, the frequency of people searching for the keywords „BT scam“ on Google rose significantly over the past couple years:
BT Internet customers in the UK should be on the lookout for similar scams. In one of many related forum threads on BT’s website, 349 people posted complaints about scams closely resembling Nicky’s call. Those complaints date from August 2016 to present day, showing just how persistent the problem is. Here’s a few quotes to give you an idea:
- “A real problem here. I have been speaking to BT for some weeks now about a BT TV problem and have received hoax calls from the same number. 3 yesterday and 4 so far today.”
- “This definitly is ramping up. Interestingly they knew I was the account holder and not hubby. So far, I’ve had 7 calls since 11am this morning. It’s now 2.30. I’m disabled and currently am on my own as hubby is gone for a few days to a funeral so I feel very vulnerable.”
- Without thinking I agreed. Yes I know I am stupid. Anyway to cut a long story short they managed to get me to install bleep on one of our laptops. And daft thing was I kept questioning they were not really BT. They are quite clever and say hinge to make them appear genuine.”
- “Despite being a sensible informed person I have been scammed today by someone purporting to be from BT HQ. […] They told me that BT had been hacked by a massive problem and they were resolving it for their customers by ringing them individually and talking them through the ‚fix‘ and hadn’t gone public to avoid adverse publicity.”
- “I found it the night we realised my mum had been scammed out of her life savings after phoning the BT Indian call centre herself with a genuine complaint. She was sure someone must have passed on her details on from there because the scammer who wiped her account knew all about the details of her complaint.”
Perhaps the most troubling pattern in these complaints is that the scammers know the names and phone numbers of BT Internet account holders. Many targeted customers suspect that BT Internet has shared or leaked their contact details.
Many of the scams entail an overpayment scheme, in which the scammer tells the customer that they are entitled to a refund or compensation. The scammer purposefully transfers too much money into the customer’s account and then asks for the excess payment to be refunded. After the customer refunds the money, the original transfer is cancelled, or it was just transferred out of another of the victim’s own account.
Although this was not the case with Nicky, many of the scams are initiated by robocalls claiming to be from BT. The robot claims the user’s internet service will be cut off if they don’t call back. This tactic ensures the scammers have hot leads and don’t waste as much time cold calling.
Many of the complaints report that scammers attempted to get victims to install remote desktop software such as TeamViewer on their device.
In the UK, 50 percent of all phone calls are spam, according to Truecaller, and 18 percent of all spam calls are scams. UK telecom watchdog Ofcom reports that six percent of all nuisance calls in the UK are “computer support” related, and people over the age of 55 are significantly more likely to pick up than those under 55 (PDF).
Nicky’s story is a cautionary tale for everyone, but particularly for people who didn’t grow up with the internet. Unfortunately, older generations are less likely to be informed about scams such as these while at the same time being more frequently targeted.
How to spot the scam
BT is well aware of scam calls such as these and even has a page on its website dedicated to raising awareness and reporting scams. Unlike scammers, BT says it will never do the following:
- Tell you your router or IP address has been hacked
- Tell you your broadband has been hacked
- Threaten to disconnect your service unless you make an immediate payment
- Call to tell you about a problem with your computer
- Call and ask for remote access to your computer or other device
- Ask for you PIN or online banking password
- Ask you to transfer money via PayPal or money transfer sites
- Send someone to your home to collect money
- Ask for payment info over email or live chat
Update April 1, 2019: BT responded to Comparitech’s questions in an email with a few basic safety guidelines:
- „We’ll never call a customer to ask for remote access to their computer or ask for personal information, including bank details unexpectedly and we’ll never call from an ‘unknown’ number. If you’re suspicious, or uncomfortable about what’s being asked, we always recommend that you hang up the phone, and call the customer service number of the company that is supposedly asking for access to your computer or your personal information. If we’re getting in touch about your bill, it will usually be from either 0800 328 9393 or 0800 028 5085.“
- „Our advice is that customers should never share their BT account number with anyone and always shred bills. Be wary of calls or emails you’re not expecting. Even if someone quotes your BT account number, you shouldn’t trust them with your personal information.“
- „BT takes the security of its customers’ accounts very seriously. We proactively warn our customers to be on their guard against scams. Fraudsters use various methods to obtain your personal or financial details with the ultimate aim of stealing from you. This can include trying to use your BT bill and account number.“
Don’t trust unsolicited calls
Nicky’s story is fairly typical of a tech support scam. She first received a phone call to her landline from someone claiming to work for her internet provider, BT. The caller said he needed to help her sort out some „dangerous issues“ with her internet connection. Nicky had been had been getting a lot of spam on her BT email account, so she assumed the problem was related. The caller said he would help her clear the spam. She says she felt relief that she could finally talk to a person about the irritating problem. The scammer told her the “errors on the line” were critical.
A trained eye can already see red flags in this situation. Rarely, if ever, will a company’s tech support initiate contact with a customer. Internet service providers, like BT, are usually inundated with inbound customer service requests, so initiating outreach is not their modus operandi. The same goes for pretty much any tech company. Microsoft is one of the most frequently impersonated companies.
What to do
If you receive an unsolicited call or email from a tech support representative from any company, hang up and don’t respond. It’s probably a scam. If you’re uncertain as to whether the caller could be legitimate, you can look up the official contact information of the company by Googling it. If it’s an ISP, as with Nicky, check for a phone number on the monthly bill. Once you have contact info that you know is legitimate, give the company a call or forward them the email to ask whether the original caller or sender can be trusted.
Never install software that you aren’t familiar with
In order to fix Nicky’s „problem,“ the scammer instructed her to download and install TeamViewer on her iPad. TeamViewer is free remote access software that enables someone to remotely take control of another computer as if it were their own. TeamViewer has many legitimate uses, including actual tech support, but in this case the scammer used it to hijack the computer.
Nicky tells Comparitech that the scammer first visited shopping sites to „clear things up.“ Nicky was a little uneasy and asked if what they were doing was safe. The scammer ensured her that it would help prevent spam in the future. The scammer showed her popup screens that looked like running programs to reassure her that what they were doing was having a positive effect.
Genuine tech support staff actually do use TeamViewer and other software in order to remotely take control of users‘ devices and fix problems. However, everyone should be extremely skeptical whenever anyone asks that you install any kind of software on your device. The risk of malware is too high. Remote access software like TeamViewer in particular can be very dangerous in the wrong hands.
Tech support staff who lawfully use remote access software should never access any accounts other than those of their company. As soon as the scammer started going into shopping accounts, the connection should have been terminated.
Nicky couldn’t remember specific details of the popups she mentioned, but these were most likely just for show.
What to do
Never download or install anything onto your devices at the behest of an unsolicited email or phone call. If you do so and realize it too late, stop the program running, uninstall it, and immediately take steps to scan for and remove malware.
If you reach out to official tech support and they tell you to install TeamViewer or a similar remote access software, ask if you can perform the actions yourself, instead. If you insist on installing it, be sure to uninstall it immediately after the session. If you spot the remote user doing anything suspicious, immediately terminate the connection.
Never give up private information
After her shopping accounts, the scammer told Nicky the last thing to do was to sort out her „extremely vulnerable“ online banking. He claimed that the banking issue was the main cause of all her problems. Nicky hung up, but the scammer called back and persisted, saying her situation was dangerous and that he was trying to help her. Nicky relented and allowed the hacker to log into her online bank account. The scammer said he needed to do a „dummy run“ and transfer a small amount of money to ensure it was working. When Nicky received an alert on her phone, the scammer instructed her to confirm it, assuring her no money was being moved. After checking her account on another device, no money appeared to be leaving her account.
The hacker claimed, „We’re just putting a ceiling on the amount of money that could be taken from your account.“ In fact, £34k was stolen from her account in about a half dozen separate transactions.
During this episode, Nicky asked the scammer if she could speak to a supervisor from BT. The scammer was prepared and handed off the phone to an accomplice, who spoke quickly and gave her more reference codes.
At this point, it seems obvious that Nicky is being scammed, and judging by the fact that she hung up the phone mid-way, the thought had crossed her mind. So why did she hand over her bank account?
Successful scammers excel at social engineering, or manipulating people into divulging information. They have a couple go-to tactics to this end. First, recall that the scammer is posing as a trusted authority on a subject that Nicky is not well acquainted with. She is out of her comfort zone and therefore vulnerable. Nicky says the scammer even gave her fake codes and reference numbers to make the ruse seem more authentic.
Second, the scammer is creating a sense of urgency by calling her back right away and making her situation appear to be “dangerous” and “critical.” Creating a sense of urgency causes stress and fear, which rushes people into making bad decisions. „Even though it seems stupid now, they did everything in such a way that it made sense at the time,“ Nicky reflects.
What to do
It’s obvious that Nicky should have hung up the phone and not given up any information about her bank account. But it’s also important to realize the telltale tactics of a scammer so you know when one comes knocking. Fear, confusion, and a sense of urgency are red flags that make people desperate and vulnerable, and not the sort of feelings that good customer support staff should make you feel.
Companies can’t always keep you safe
After her stroke in 2015, Nicky informed her bank that she struggled with numbers, and the bank agreed to mark her condition on her file.
Half an hour after the two-and-a-half hour scam call ended, her bank called. Santander Bank asked if she intentionally made six transactions worth £34,000. Nicky replied no.
Santander was able to recover the money sent to international bank accounts, which are delayed, but not the money sent to British bank accounts. That includes all but £12,000, which was later recovered after filing a report with the ombudsman.
Nicky felt frustrated with her bank for not doing more to protect her in light of her condition. Still, she was one of the lucky ones. UK Finance reports thieves stole more than £354m from banking customers and small businesses through bank transfer scams in 2018, with only £83m ever recovered and returned to victims.
Soon after the incident, Santander’s online bank login page added a checkbox to make sure you’re not on the phone with someone trying to access your bank account. A nice afterthought, but it goes to show that banks and other companies can’t always keep you safe.
Less prepared, more frequently targeted
Whether or not your parents and grandparents are tech savvy, they are statistically more likely to be targeted by scams more frequently than younger generations. The elderly are viewed as easy targets by scammers who typically make contact either over the phone or by email.
The older you are, the more likely it is that you have a landline telephone, for which the phone number and name is often publicly available by default.
Scam victims are also unlikely to ask for help on their own—a 2016 study by the New York Office of Children and Family Services reports that only one in 45 cases are reported to authorities.
So this week, take some initiative and reach out to your parents and/or grandparents to have a 10-minute chat about scams that they might not be aware of. In addition to tech support scams, the elderly are often targets of medical insurance fraud, identity theft, and tax scams, among many others. The same advice applies to most, if not all, of these situations:
- Be wary of any unsolicited contact made over phone or email from someone you don’t know. In 2018, one in four calls made in the US were scams. Tech support will never reach out to you over the phone. Most tax authorities always sends mail first.
- If you’re not sure, hang up and search the company’s website on Google. Call or email them back through the official contact information listed there. You can ask them about the suspicious call or email.
- Never give out personal information over email. It is not a secure medium even if you trust the recipient. As for phone calls, never give out any information on a call that you didn’t initiate, and treat any requests for information with heavy skepticism.
- Never install any apps or download any files onto your device at the behest of a stranger on the phone.
- Know the warning signs and tactics that scammers use to manipulate people, such as instilling a sense of urgency.
All this sounds well and good, but in the heat of the moment, it can be difficult, especially for someone inexperienced with technology and the internet, to make a proper judgment call. That’s why it’s important to reach out to our parents and grandparents to let them know that you’re there as a resource if they run into trouble or have any questions.