Tuesday, 31 July 2018

Another scam

I got a phone call. Apparently, my IP address is about to be changed! So I called them back.

I spoke to "Kevin Sharp". He had the usual difficult accent, and he asked my if I had Team Viewer installed (that's a commonly use Remote Access tool). No, I hadn't.So he talked me though accessing which is a very crude copy of a BT site.

I told him that my computer rebooted.

There was a conversation in Urdu in the background, and I was transferred to "Mike Morris".
Mike told me a whole selection of lies. First, he talked my through discovering one of Google's IP addresses, and told me that was my IP address. Then he told me that I've been hacked, and that someone tried to steal £904 from my account, but he's stopped that. He told me that this was because someone at my local Tesco was stealing my debit card number. But they now have a camera there, so they'll catch him soon.

Then he sent me to the fake BT site, and told me to click on a link there that would install a RAT (RemotePC.exe).  I told him I clicked on it and my computer rebooted. "It's been rebooting a lot recently, is this the virus?" I asked, innocently. He confirmed that it was.

More Urdu in the background. How stupid they must think we are. And they're probably right, they wouldn't be doing this is it didn't work, at least sometimes.

Then I panicked, and told him that I need to talk to my bank, to block my account, but he said he's already done it. I said I still felt that I needed to talk to my bank, and he offered to transfer the call to my bank. "Oh yes," I said eagerly, keen to find out how well they'd be able to impersonate my bank. But he didn't do that, and continued with his standard script. He wants me to visit my local Tesco. I have no idea why. He wants me to take my mobile phone with me when I go. I told him I don't have a mobile phone. "Are you sure?" he asked. I told him that it's possible that I hav a mobile phone that I don't know about. I think that piece of sarcasm flew over his head.

He asked for my address, so I gave him the address of someone who had spammed me a while ago. And he asked for my debit card number, and I gave him a 16 digit number to play with.

Then I told him I was very worried about all this, and I was going to talk to my bank,. and I hung up on him. That's so that when he tries to run the card, he isn't surprised that it fails.

Then I reported him to:

1) The Telephone preference service
2) Webnode abuse
3) BT Openreach

I'll give it an hour or two, then call him back. They don't get away that easily!

... later ...

I got an email back from webnode

" Webnode team, please check the content of the below-mentioned domain name. It looks like


Realtime Register Abuse Dept. "

One look at that site and they'll kill it, it's a very obviousd scam. A small victory :-)

No comments:

Post a Comment