/ Money

Scam warning: BT Brexit phishing email

This phishing email, disguising itself as from ‘BT’, has a Brexit twist. It’s a scam designed to steal your personal data. Here’s exactly what it looks like.

From Netflix to EE and even the Euromillions winners, just when you think you’ve seen it all in the world of phishing emails one will appear with yet another twist.

We know that BT is an attractive brand for scammers to impersonate. Our dicussion on the ‘BT technical support’ phone scam has received more than 3,000 comments since it appeared in 2013.

With Brexit having dominated the news agenda for three years, scammers have seen an opportunity to combine it with the well-known brand in an attempt to extort customer information.

Phishing with a Brexit twist

This fake BT email takes advantage of the UK’s departure from the European Union by imploring the recipient to accept new terms and conditions related to the General Data Protection Regulation (GDPR).

Much like the other phishing scams we’ve seen lately, clicking through will take you to a fake website where you’ll be instructed to enter sensitive information, almost certainly including your payment details.

This isn’t the first time scammers have attempted this, with other efforts being reported on BT’s community forums earlier this year. However, this is the first we’ve spotted with the updated branding.

Our advice on dealing with phishing scams remains the same; check for the telltale signs, such as spelling errors and suspicious-looking email domains.

If you’re not sure, speak directly with the company it’s purporting to be from via its official channels. Do not click through on any links.

BT’s response

We made BT aware of this Brexit phishing email. A spokesperson said:

“BT takes the security of its customers’ accounts very seriously. We proactively warn our customers to be on their guard against scams. This can include fraudsters using a BT bill and account number.

Our scams website has information about the latest scams and how customers can protect themselves, or call us. Recent articles have included phishing, identity theft, courier fraud, pensions and doorstep scams.

BT works closely with all its partners to close down fake BT websites and we proactively lookout for phishing sites which we monitor and take down quickly.

Last year alone we closed down over 10,000 rogue websites. We are also working across the industry to help prevent scams and phishing emails.

We will never ask for personal information, including bank details unexpectedly and will never send customers an email with an attachment”

BT also says that if a customer is suspicious about emails, or uncomfortable about what’s being asked, it always recommend they:

⚠ Log in to their My BT account, check account details are up to date and check their bill

⚠ Call its automated phone service to check their balance on 0800 443 311

⚠ Forward the suspicious email to phishing@bt.com then delete it

We would also echo its advice to shred any paper bills and be wary of unexpected calls. Even if someone quotes your BT account number, you should not trust them with your personal information.

If you think you may have been scammed, contact your bank immediately and follow our guide to getting your money back. You should also report the incident to Action Fraud.

Have you received this BT Brexit scam? Have you seen other phishing emails referring to Brexit or other current affairs? If so, let us know about them and help warn others.

Comments

If scammers ever decide to hire an ex-English language teacher we’re all doomed…

Don’t give them ideas!

I’m not sure we can trust even legitimate companies to know the difference between effected and affected!

I once bought a packet of nuts that was labelled: “Your statutory rights are not effected”. Oh yes they are.

This comment was removed at the request of the user

Brian Kidd says:
5 December 2019

Hello. I “up graded” my net connection with BT in Dec 2017. I have been getting a text message ever since asking me to take a survey as to how “We did”.Three questions are on there way.( They have never arrived) To stop the messaged text “stop”. Nothing happens. I have spoken to customer service personnel in about 3 locations. One person said the text number wasn’t BT’s! I have written to the “Director of Communications” in London about the problem. There was a flurry of phone calls to me promising to halt these annoying messages. I am still getting them even now! It says a lot about a communications company that cannot trace the source of it’s own messages; does it not.
Brian Kidd. Sandwich Kent.

This comment was removed at the request of the user

If companies were banned from including clickable links in emails then it would be obvious that any email containing a link could be malicious. If there is a need to contact a customer by email then simply ask them to log into their account or contact the company as soon as possible, but not include the contact details in the email.

Clickable links are useful for password resets.

The trick is to avoid unrequested ones.

This comment was removed at the request of the user

More likely they were random attacks, Duncan. How else could they know your email address? Which? guard those rather carefully.

Derek wrote: “Clickable links are useful for password resets.”

These may pose little danger because they are generally received within seconds after requesting a password reset, but an alternative might be to send a code to the user’s phone.

From safely sand-boxed computers, I always enjoy clicking on malware links, to see if I’ll be allowed to connect and, if so, what if anything then happens.

I did actually get a fake PayPal email earlier this week sent to my gmail account. I was allowed to see its text, complete with “interesting” link, but gmail advised its immediate reporting and deletion (or archival), so I won’t get to play with that link.

Sometimes, there are advantages in having an email address that is not easily guessable. For example, I bet John.Smith at gmail gets loads of spam but I doubt that JSb0037e72654 gets as many, if it even exists.

Quite often a password reset can require both a clickable link and, before that is sent out, a code to the user’s phone is used to verify the authenticity of the request.

That alone is a very good reason for setting some kind of PIN or password protection on mobile phones.

Where email accounts are needed to activate smart phones, it is by no means uncommon for owners to stay logged in but then forget their passwords. Then later on, if they ever need that password for some purpose, that can lead to a whole bundle of fun.

This comment was removed at the request of the user

Duncan, I think you are one of the most frequent posters on this site. Hence, is it not the case that all the emails you receive will be arriving not long after you have posted one or more comments on here?

Keith Moore says:
6 December 2019

If BT is so concerned about phishing and other scams , why does 1471 give a number and then say “the number you have dialled has not been recognised ……” if you press 3 to return the call ? This would seem to indicate that there is no check on people applying for a phone number ( and subsequently being allocated a number which is linked to a fraud ?) , and that BT is not really worried about its customers losing money whilst it continues to make money by dubious , or even devious , means .

This comment was removed at the request of the user

Never call back to unrecognised numbers, that is the fastest way to become a victim of a premium rate number scam. Some numbers can charge £6 immediately on answer, you would never be able to hang up fast enough to avoid the charge.

The reason that some numbers are “unrecognised” when you call back is that the number shown on your caller display screen is fake and has been spoofed.

There is a common misconception that Caller Display shows you the number of who is calling. IT DOES NOT. Caller display shows the number programmed by the caller that the caller wants you to call back on.

In the case of calls from ordinary domestic landlines and mobiles, this is usually also the number of the person that called. In the case of calls from outbound callcentres the number shown on screen is not that of the individual telephone line that called you but is instead the central inbound number for the company.

Scammers have usurped this technology to show you a fake phone number to hide their tracks as to who actually called. The number shown on screen might be a valid number that belongs to someone else (such as a well known business or organisation they are trying to impersonate) or, more usually, is a fake number with too many (or not enough) digits to be a valid number, or is a number in an area code that does not exist or with a prefix that hasn’t yet been allocated to anyone.

Caller Display can never be used to identify who is calling. The sooner people realise this, the less success the scammers will have.

Does dialling 1471 produce the same fake number?

I believe it does.

Tony I says:
6 December 2019

Last scam call I had quoted my telephone number ! My BT account number and BT ID.

AFAIAC. The last two items are not in the public domain.

So has BT been hacked and no one at BT is admitting or are the details of BT’s advertising mail shots being intercepted ?

Why the mail shot should have my BT ID and account number on it , I cannot fathom!! It’s a simple matter replacing characters with a few * stars to hide partially the detail.

Rgds

Scammers can spoof the phone number shown on Caller Display units when they call. They do this to hide their tracks. The number shown is merely a Presentation Number programmed by the caller.

It is a simple matter to program that to be the same as the number that is being called and to automatically amend it for each scam call made.

The question that should be being asked is why is your telephone provider letting such obviously fake calls through? This circumstance is very easy to detect and these calls should be being blocked within the telephone network itself.

There is also going the rounds by telephone an “Amazon Prime” scam trying to get you to pay £39.99″ so beware!