/ Technology

Have you been called by a ‘BT technical support’ phone scam?

3377
Profile photo of George Martin George Martin Conversation Editor
Comments 3377

Has the ‘Microsoft technical support’ phone scam evolved? Is it now the ‘BT technical support’ scam? We’ve heard from people who’ve been called… and we want to see whether there are more of you out there.

02/09/2019: BT technical department call

We continue to receive large numbers of reports of scammers impersonating BT’s ‘technical department’ in order to gain access to victims’ PCs and/or extort money from them:

Featured Comment
Diane says:
10 May 2019
Called today from a very convincing lady at 8.42am advising from BT Technical Support - phone number 07880 600109 - I advised her that I was not switching my computer on, she advised that my Internet would be terminated within 48 hours if I did not update my Internet Connection! She advised that she was from BT and this was not a SCAM Call, I advised that I would contact BT direct and speak to their technical team, and indeed if this was not a SCAM chances are I would be speaking directly to her again! - She did not like this reply so then proceeded to try and convince me to carry out with her instructions - I refused! Eventually she gave up and I hung up!
See full comment

It would appear that this call is similar in nature to the Visa ‘fraud department’ scam, which has also been plaguing people across the country.

Thanks to you and your frequent comments here on Which? Conversation we’re well aware of the scam and are able to warn others. We’ll also be making BT aware of the volume of comments we’ve been receiving.

As always, if you’re worried about these calls or fear that you may well have fallen for a scam, our guide to phone scams can advise on what you need to do.

These calls can also be reported to Action Fraud online or by phone on 0300 123 2040.

Have you received this scam call? If so, let us know in the comments and help others avoid falling into its trap.

Original convo 22/11/2013

Remember the Microsoft support scam? It starts with a nuisance call, but can end with your PC being compromised and a dent in your bank account.

An unsolicited caller claims to be working for Microsoft’s support team, they ask to remotely access your PC, they ‘prove’ that your computer’s infected with viruses, and they offer to fix it for a fee.

The thing is, they’re not from Microsoft and your computer may be virus free. And even if your PC was infected, you could get it in ship shape condition with free antivirus software.

Hundreds of you have told us that you’ve been subject to this scam. Microsoft’s own survey found that one in five people in the UK have been called by one of these scam callers. Of those who fell victim to the scam, the average amount lost was  £745.

The ‘BT technical support’ scam

We’ve now received reports that the scam has changed, or at least that it’s evolved to be a call from ‘BT’s support team’.

One Which? member told us he thought he was speaking to someone from BT – he was then tricked into paying the best part of £400 to remove viruses from his PC.

Our Twitter follower Brian experienced something similar. He was called by someone claiming to work for BT’s Wi-Fi team. They told him there were problems with the broadband connection in his area and that they needed remote access to his computer to fix it. This took control away from Brian, his computer shut down and now he can’t start it up.

So we want to hear from you – have you been called by someone claiming to be from BT’s support team? Did they remotely access your computer? Share your experiences in the comments below.

Advice on technical support scams

Oh, and some advice for you if you’re called by one of these scammers, whether they purport to be from BT, Microsoft or another company. A caller does not know whether your PC is infected with viruses. Do not ever let a caller remotely access your PC – this hands them the keys to your personal data. And never hand over your bank details to an unsolicited caller.

If you think you’ve been a victim, run a virus scan, alert your bank and contact Action Fraud to report the scam.

One final thing you can do to help call time on scams is sign our stop nuisance calls peitition.

Comments
3377
Caroline says:
11 July 2021

The latest trick they are trying when they they know a person’s email address as well as their telephone number. They call the number, then, when you ask for proof of who they say they are, i.e. by asking them to give you your BT account number, they go into my BT, put in your email address and click on forgotten password. This triggers BT to email a PIN. This is standard security procedure and there is nothing to distinguish this security generated PIN from a password reset PIN. Once they have the PIN, they can then get into your BT account (and, if course your emails) and tell you your account number, convincing you they are genuine.

I have no idea how long BT have known about this, but I am currently fighting them to get this changed, so, at the very least, the PIN email makes it clear that it is a security check, or password change or whatever. So far I’ve been told they are “in the process of changing it” and that it is “highlighted”!

I was lucky, I didn’t lose any money, but this could be happening to many, many people every day. Disgusting that BT don’t sort it immediately.

0
Vote up  |  Vote down
Share
ReportReply
alfa says:
11 July 2021

Hi Caroline, I am trying to understand this.

Surely scammers would only have access to your pin if they also had access to your email address on your computer or phone.

Or am I missing something?

0
Vote up  |  Vote down
Share
ReportReply
Caroline says:
11 July 2021

Sorry, was trying to précis a complicated process, but obviously shortened it too much. Basically, if you ‘phone BT, they take you through security. One item in this process is for them to send you specifically and instantly formulated PIN in an email or text. If you can read this PIN back to them, that verifies who you are, so the conversation can proceed.

However, such a PIN is also sent when you want to change your password. You put the PIN into the box on the “reset email” page and then you can change your password. The major flaw is that the email containing a password changing PIN is identical to the email containing the security PIN. There is absolutely no indication whatsoever as to why the PIN has been sent, for what purpose, i.e. for security check or password change.

In the case of the scam, the scammers had both my telephone number and email address, possibly from a charity website I help with, but who knows. So, while I was on the ‘phone and when I asked them to prove who they were by telling me my BT account number, they (I know now, but didn’t then!) opened up the “My BT” page on the BT website, put in my email address and clicked on “forgotten password”. This generated the emailed PIN sent to my email address. It is absolutely genuine and generated by BT, and comes from them. However, as the scammers said they were sending me a security PIN, it never occurred to me it could be a password change PIN, so when they asked me for the number, I gave it to them.

Once they had the PIN, they then put this into the appropriate box on the reset password page and hey presto, they could change my password to one of their own and get into my account. From there they could glean all kinds of information, including my account number. They can also get into my emails as well.

Of course, I didn’t know this, so as they were able to give me the information I asked for I assumed they were genuine.

It was a first line BT telephone answerer who told me this, so they have clearly known about this for some time, yet all they have done is “highlighted” the issue, so it can still happen to someone else. Hence my continuing to fight to get it changed immediately.

Hope this helps to clarify.

0
Vote up  |  Vote down
Share
ReportReply
alfa says:
11 July 2021

Thank you for your detailed explanation Caroline, now I understand.

I completely agree with you that BT should differentiate between the two PINs.

I never divulge personal or account information unless I instigate the call. On the rare occasions I have been called, I always call them back on a number I find from a trusted source making sure the line is clear first.

Have you got another email address you can use? If not, have a look at Proton Mail.

2
Vote up  |  Vote down
Share
ReportReply
DerekP says:
11 July 2021

Thanks Caroline, that confirms my understanding of your earlier post.

As you say, it was bad that BT knew about that hole in their system but had not remedied it.

1
Vote up  |  Vote down
Share
ReportReply
Caroline says:
11 July 2021

Thanks for the idea. Yes, I had thought of that, but as I don’t look at it that other one much, I’d have to try to remember to, otherwise messages could be sitting there for weeks!! Of course, I don’t know how they got my email address and ‘phone number together. It may not have been that. I was interested to read that BT had been hacked. Didn’t know that, so they could have got the info from there, or, indeed, just about anywhere! Insurance companies, shopping websites etc. anyone who sells on info.

At least I am aware, now!

I was interested to read that Matthew Paris had been deceived a couple of years ago, so if it can happen to him, I don’t feel so bad. I am, usually very aware, and can suss out a scam and/or spam email quickly, but they really got me with this one. Fortunately it only ended badly for them!

0
Vote up  |  Vote down
Share
ReportReply
DerekP says:
11 July 2021

Hi Caroline,

One way of getting email addresses is via data breeches, when companies are hacked and customer data is stolen.

You can use this website:-https://haveibeenpwned.com/ to see if your email address was compromised in any of several known data breeches.

0
Vote up  |  Vote down
Share
ReportReply
Caroline says:
11 July 2021

Thanks for that. Interesting. Of course in the scam I experienced, the scammers would have to know both email and telephone number, which are rarely together. My emails showed up in a couple of breaches, but both many years ago and neither had my home number.

0
Vote up  |  Vote down
Share
ReportReply
Caroline says:
12 July 2021

I did reply to this, but it seems to have disappeared! Thanks for this. Interesting. Nothing here that would give email and ‘phone no. together, but I will keep checking.

0
Vote up  |  Vote down
Share
ReportReply
Ian Dalling says:
19 July 2021

We have received these calls over a year or so despite blocking the number each time. It starts with an automated call always the same. It has occurred while we had a BT landline and continued when we switched to Virgin Media. We reported it to Virgin and it seemed to improve for a bit but now seems frequent again.

0
Vote up  |  Vote down
Share
ReportReply
Heidi says:
22 July 2021

Received a call today a young man with an Indian accent by the name of Alex stating he was calling from BT Technical – from a mobile phone 07858 681716. I didn’t give him the option of advising what is supposed to be not working within my home as hung up straight away.

0
Vote up  |  Vote down
Share
ReportReply
JIM GREENAWAY says:
31 July 2021

I’ve received so many of these fake calls. What I do is listen to the person, and ask them to send me the details of the fault in writing, with a name and contact number to whom I can respond to, they hang up every time. You should try it, it really works

JIM

0
Vote up  |  Vote down
Share
ReportReply
Alun says:
27 August 2021

Just had a “IDIOT SCAMMER”on the phone wanting to know if I had central heating or Gas central heating to which my answer was no he then persisted by saying yes I do and that’s when I put the phone down on him he then had the cheek to ring me back but this time I did not answer.
Bear in mind my house is 1500 years old and we have log fires

0
Vote up  |  Vote down
Share
ReportReply
Rod Laird says:
20 October 2021

BT Internet Technical Department. Called herself Rose Spencer. New who the phone line was registered to but nothing else. Offered to prove her name by telling me her Facebook account. My fail safe for these is saying that I am a Chief Inspector in the Met Police Fraud Squad and asking for the offices they work out of, their managers name, etc. They always put the phone down.

0
Vote up  |  Vote down
Share
ReportReply
John Ward says:
20 October 2021

Rod — Instead of fraudulently uttering falsehoods you could just put the phone down. The other party would soon reciprocate.

0
Vote up  |  Vote down
Share
ReportReply
Esther says:
26 October 2021

Caroline, thanks so much for posting this information. I had a call today from a lady with indian accent saying she was from bt and warning that my internet account was being compromised. I immediately thought it was a scam and was about to hung up when she said I should have received and email from bt. I said I couldn’t talk at that moment and that I would call bt later and hung up. I checked and I did in fact had an email from bt with a pin number, it looks completely genuine. I was convinced this was a scam but couldn’t figure out how they could send the email, now I understand!

0
Vote up  |  Vote down
Share
ReportReply
Linda Gamlin says:
11 November 2021

My friend of 84 has been caught by these people posing as BT personnel twice in two days. And on previous occasions, some years back. Every time he has turned on the computer and did what they told him to do. Every time he was convinced they were from BT – quite what they did to convince him I don’t know, because he doesn’t remember. It is all very well offering these various clever solutions to those who are able to think clearly, but plenty of elderly people are a little bemused by the modern world and very easily taken in. He always emerges from these events ‘wised up’, but it doesn’t last (it didn’t last 24 hours this time….) BT and the police should be taking a much more pro-active role in protecting people from these scammers. They are muggers, no different from those on the street. It really can’t be that difficult to do.

1
Vote up  |  Vote down
Share
ReportReply
Bev A says:
23 December 2021

just had a call from a local number from someone claiming to be from BT and saying we weren’t getting the proper internet service from them. I told them we aren’t with BT and put the phone down.

0
Vote up  |  Vote down
Share
ReportReply
James says:
5 January 2022

On Monday our BT internet malfunctioned. We have five devices, three android and two apple. The apple laptop and ipad would not connect to the internet. A page said “connected to hub-internet not available”. We spent the whole day trying to fix the problem thinking that it was an apple problem. Finally we went to the BT site on the android laptop and followed the diagnostic instructions. Everything fixed. The next morning there was a call on our land line. The caller knew the name of the account holder and began speaking about the IP address. We put the phone down. We submitted the scam report. Later we rang BT technical support who confirmed that no calls had been made by BT or BT Openreach and that the call was a scam. My question to BT was – had the scammers accessed my BT hub and caused the initial problem? If not it was a remarkable coincidence. More chance of winning the lottery! has anyone heard of something similar?

0
Vote up  |  Vote down
Share
ReportReply
wavechange says:
5 January 2022

Hi James – Have you ever changed the password on your wireless router or is it still using the default password?

Which? has advice on router security: https://www.which.co.uk/reviews/wi-fi-routers-and-extenders/article/wireless-routers-is-your-router-putting-your-security-at-risk-a0ZO37L0NTFT There is a facility to check whether your router should be upgraded on this page.

1
Vote up  |  Vote down
Share
ReportReply
Ian Martin Rossman says:
21 February 2022

Scam today re BT engineer calling :- IF you have another phone ring number they are phoning on.
YOU WILL GET NON OBTAINABLE , NUMBER NOT RECONISED. BLOW THEM A RASBERRY

0
Vote up  |  Vote down
Share
ReportReply
 

Related discussions