Latest BT scam calls use Anydesk freeware

Following recent TBB posts regarding fraudulent phone calls �from BT� our community groups have notified three scams based on the Anydesk remote computer freeware and targeting BT BB and phone customers during the past 10 days.

In each case the subscribers, all elderly people, received a phone call from callers with Indian accents, claiming to be 'BT Support' and warning of malware on their computer. 'BT support' would fix this provided the subscriber clicked their link to install Anydesk. 'Support' assured them that this action would ensure their safety particularly if they used internet banking � you can guess the rest. Fortunately our friends remembered our warnings and disconnected before malware could be installed, but the experience has been upsetting for them.

What's really nasty is that all three subscribers had recently received genuine emails from the genuine BT, advising that their email database may have been hacked and warning that all passwords should be changed. Of course nobody would suggest that there could be any connection between the many BT scams from India and BT's call centre and data processing units in India.

How do you click a link on a phone call?

Sorry, I should have spelled this out: "Support" instructs the victim to go to his/her computer and tells them how to download Anydesk, after which presumably the scammer gets to work. I don't know exact details but I'm told that Anydesk is aware of the scam and has placed a warning on their download site.

Our group members are told (1) banks NEVER ring you up (2) BT NEVER ring you up (3) Microsoft NEVER ring you up. This simple warning seems to have paid off.

Well cold calling is just one method these scammers use
The have things like fake popups that will give a free number to call, they claim to be Microsoft certified technicians , and once remotely connected to a victims PC they will run several windows commands. like net stat and built-in utilities like event viewer ,Ms config etc and basically lie about things , in a bid to get you to by one of their service plans , & of course grabbing all card details there are many videos on youtube where people have a virtual machine and will ring these numbers of known scammers from the fake popups , and pretend to know nothing about their PC, (act dumb) and waist their time, Recently the police in India raided some scamming call centres and made some arrests , the tip of a very big iceburg

Fake pop up alert from a scam company
Virus total report for pop up ,( clean)

I used to get loads of those "Microsoft Scams" but as soon as I hear "your machine is infected" I respond with, "No you not from Microsoft and your certainly not getting my credit card details" and they either just hang up of say a few bad words and then hang up.

What people need to realise about the Microsoft Scams is that Microsoft would never have your phone number, so just treat them as a scam and just hang up.

Its the same with the PPI, Accident, Survey or the "Congratulations you have won ..." scams, just say that your not interested and hang up, never and I say never give them any more information.

Its the same sort with most of the surveys you get on the streets.

Paul

I followed one of these through obviously knowing what was happening. My machine had just been formatted. For my own joke I had a file on my desktop called "bank passwords.txt" to see if they opened it.

They asked me to download some remote access software

They remoted into my pc & opened up event viewer. They told me these were all the errors my pc was accumulating and needed to be fixed before my computer broke.

They sent me to go into my online banking. I logged in but disconnected their remote software as I did so.

When he came back he remoted into my Santander and initiated a transfer to a U.K. Bank account.

He said we are only taking £6 but quickly typed £600 and hit next. He said the zeros were the pennies. He then said I would receive a text and to enter the code and they would take £6 to fix my pc. Had I been stupid I would have been £600 down if I had entered the two factor code.

So that's what they do, try to get a few hundred out of you. As you've entered the second factor I don't think you'd get the money back.

Edited by ukhardy07 (Sun 23-Oct-16 13:09:50)

In reply to a post by Malwaremike:

Our group members are told (1) banks NEVER ring you up (2) BT NEVER ring you up (3) Microsoft NEVER ring you up. This simple warning seems to have paid off.

Whilst this is a good warning unfortunately, as far as 1) & 2) go, this is simply not true!!

I've certainly lost count of the number of times the Bank has tried to contact me (unexpected Call, from a "Number Withheld") & they get very shirty when I refuse to give them any information whatsoever!!

Obviously all I do is inform them that I will separately call into the Bank (on a separate Telephone) to establish what the issue is. If they like they can give me a Reference or Contact Name - invariably they will say that they won't provide that until I've "cleared-security"!

On one occasion, the Bank Official concerned actually had the cheek to write on my A/C Notes that I had REFUSED to comply with the Bank]s Security Procedures!!

Strangely enough, when challenged, they could NOT supply a copy of the cited Security Procedures that required the Customer to supply any form of Security Responses to an Unknown Person who was UNABLE to verify that they were a legitimate Bank Official!

In reply to a post by Malwaremike:

I don't know exact details but I'm told that Anydesk is aware of the scam and has placed a warning on their download site.

I couldn't find anything (about this specific warning) on the Anydesk Web-Site - if it is there, it is certainly not obvious!!

After a lot of looking around, all I could find was this:-

Please be very careful when handing out your password or allowing a connection to your machine. Always double-check when a third party contacts you and demands your AnyDesk Address. We (AnyDesk Software) will never ask for your ID or password and legitimate companies will never contact you without you having initiated the communication first. In case you are seeking the help of a pc repair service, please make sure you know the vendor.

All this is indicating is that you should never give out the password, etc (assuming that you have intentionally loaded it) - it does NOT provide any warning about it being loaded by scammers!

Having said that, a victim of a scammer is unlikely to be even looking at the Anydesk Web-Site whilst in conversation with a scammer!!!

Having said that, a victim of a scammer is unlikely to be even looking at the Anydesk Web-Site whilst in conversation with a scammer!!!

If you have another look at my original post, this is exactly what happened. An elderly lady, already worried by a genuine BT warning to change her email password, next day received a call from a scammer purporting to be BT Support, agreed to download Anydesk and was shown a 'virus warning' inserted by the scammer. Fortunately she uses her BB for family purposes and has no financial info online, but she is very upset and says she feels violated. I post this simply as a heads-up to yet another scam variant.

Many older people (myself included) have difficulty understanding what to us is still new-fangled technology. After all, it's only five years or so since the smartphone came into general use. Hence our general warning, there is no point in trying to explain the multitude of scams to many seniors. Sorry you had trouble with your bank, so far our group has found the banks and utilities quite co-operative though we realise we are fortunate in this, other associations have difficulty. In fairness to BT, our association has found they act swiftly on faults reported on behalf of a subscriber registered with them as vulnerable.

In reply to a post by ukhardy07:

They sent me to go into my online banking. I logged in but disconnected their remote software as I did so.

When he came back he remoted into my Santander and initiated a transfer to a U.K. Bank account.

He said we are only taking £6 but quickly typed £600 and hit next. He said the zeros were the pennies. He then said I would receive a text and to enter the code and they would take £6 to fix my pc. Had I been stupid I would have been £600 down if I had entered the two factor code.

The last scammer who rang me tried this. I was surprised he only wanted £7 for 3 years "support", but eventually he took me to my bank's website. This time though, he got me to remote control HIS PC, and log in to my bank on HIS browser. He was most likely going to monitor my login on his PC so he could login himself later on. Or maybe try the "00 for pennies trick" you got.

I'm amazed you let him log in to your online bank account though, I terminated the call at the bank login screen.

In reply to a post by Malwaremike:

Our group members are told (1) banks NEVER ring you up This simple warning seems to have paid off.

Well as someone who does this on a daily basis, I can assure you are totally wrong..... I can only guess you have never had a security check or anything suspicious on your accounts.....

Of course if ANYONE, is ever unsure who it is calling, they should ring them back on a KNOWN number, not just one provided by the caller.
Also if possible using a different phone, in case it is a scammer.

Perhaps you would like to rephrase the information you provide to your group. If you don't believe me, talk to your bank and ask them if they will ever call you. If they say NO. Then ask them how they conduct security checks, to confirm with the customer if it's genuine or not....

In reply to a post by JohnR:

In reply to a post by Malwaremike:

Our group members are told (1) banks NEVER ring you up This simple warning seems to have paid off.

Well as someone who does this on a daily basis, I can assure you are totally wrong..... I can only guess you have never had a security check or anything suspicious on your accounts.....

Of course if ANYONE, is ever unsure who it is calling, they should ring them back on a KNOWN number, not just one provided by the caller.
Also if possible using a different phone, in case it is a scammer.

Perhaps you would like to rephrase the information you provide to your group. If you don't believe me, talk to your bank and ask them if they will ever call you. If they say NO. Then ask them how they conduct security checks, to confirm with the customer if it's genuine or not....

TOTALLY agree with you!!

However, I've literally lost count of the number of times that I've been contacted "out-of-the-blue" by Banks!

In my own experience, I've been amazed how these Bank Callers tend to get VERY ANNOYED when you want them to verify who they are!! They usually state that they will ONLY provide verification AFTER I've provided them with answers to Security Questions!!

On each occasion I've declined & stated that I will immediately call back in to their Customer Support (adding that I'll be using an alternative Telephone Number).

One Bank Caller told me that If I refused to immediately answer her Questions, she would close my Account!!

Another Bank Caller (different Bank) appeared to accept but, when I called back in, I discovered that she had added a note to my Account stating:- "Customer refuses to comply with Bank's Security Procedures"! When challenged, that Bank was unable to supply me with a copy of any Procedure that required myself to provide Security responses to unidentified/unknown Callers!!

In both cases, I made formal complaints, but the Banks simply tried to either "Whitewash the Complaint" or simply ignore/lose it!!

Agree with you John. I've had trouble with Nationwide and they were really shirty when I refused to give them any information. Fortunately I was able to visit my branch and give them an earful about lax security.

In reply to a post by Malwaremike:

Having said that, a victim of a scammer is unlikely to be even looking at the Anydesk Web-Site whilst in conversation with a scammer!!!

If you have another look at my original post, this is exactly what happened. An elderly lady, already worried by a genuine BT warning to change her email password, next day received a call from a scammer purporting to be BT Support, agreed to download Anydesk and was shown a 'virus warning' inserted by the scammer.

Sorry, but I'm NOT certain what you are trying to say!!

I pointed out that anyone that is a victim of a scammer, would NOT have been directed to the "Warnings-Page" of "Anydesk" (they are taken directly to the download, which starts up WITHOUT going via any "Warnings-Page").

Hence, if they are NOT directed via the "Warnings-Page", then it is meaningless whatever Anydesk posts there!!

If Anydesk were genuinely concerned/aware of the problems, they would be directing people to their "Warnings-Page" BEFORE permitting a download!!

In reply to a post by Malwaremike:

Many older people (myself included) have difficulty understanding what to us is still new-fangled technology. After all, it's only five years or so since the smartphone came into general use. Hence our general warning, there is no point in trying to explain the multitude of scams to many seniors. Sorry you had trouble with your bank, so far our group has found the banks and utilities quite co-operative though we realise we are fortunate in this, other associations have difficulty. In fairness to BT, our association has found they act swiftly on faults reported on behalf of a subscriber registered with them as vulnerable.

Since I'm in the same age-bracket as yourself (grumpy, retired, old-git, etc), I fully understand/support your concerns etc.

However, as a generalisation, "Silver-Surfers" are NOT necessarily befuddled & stupid!!

They just need to be reminded that (despite the "put-downs") "Age-Matured" Cynicism is a very good strategy against simply hopping on the "latest-fad"!

I dropped the connection at the stage of logging in & then stayed on the phone, logged in... It was a Santander account which I have not used in around 6 years, it had a balance of 0.00 so not sure how he intended on sending 600 quid. The account is closed down now. All he would have seen was by balance at zero, my sort code and account number.

Ah right, that was a handy account to have then for testing the scammer.

I know your pain. Far too many people are more than happy to give their security details without question. I would far rather be questioned. But we can't say what we are calling about, till we know we are speaking to the customer... Double edged sword, that one.
TBH. If they want to callback, so much the better. If you see it from my point of view.

What the OP needs to be doing is updating his advise to
Banks will NEVER ask for your PIN, or ask you to move money to another account. Just hte same as the police will never call you about your bank account.

But they will ask for various details like parts of passwords, mother's maiden name etc - which may be useful as part of a concerted phishing drive.

I had it with a mobile phone company. They rang me because they wanted to sell me additional services. But, they wouldn't actually tell me what until I had given them my account password. I refused. They got very upset because if I refused then they couldn't sell me stuff - but didn't seem to understand they were ringing me and it was them wanting to sell something that I almost certainly didn't want.

They really couldn't understand why I wouldn't give them my details to allow them to talk to me so in the end I just told them I was hanging up.

No company should expect you to comply in any way with there security if they cold call you. They need to set up processes where they can first prove who they are if they are the initiating party before requiring you to prove who you are. Without this I will not deal with anyone that initiates contact.

With credit card payment issues that I have had these are now generally done by text and is a very simple process - it doesn't request additional verification and nor did the previous automated system by phone.

In reply to a post by ian72:

No company should expect you to comply in any way with there security if they cold call you. They need to set up processes where they can first prove who they are if they are the initiating party before requiring you to prove who you are. Without this I will not deal with anyone that initiates contact.

Wonder how you would feel if they simply gave your details to whoever picked up the phone....
We will allow customers to reverse security on us. But NOT with anything to do with their accounts.

In reply to a post by ian72:

With credit card payment issues that I have had these are now generally done by text and is a very simple process - it doesn't request additional verification and nor did the previous automated system by phone.

Different banks, different procedures or systems.

The classic bank scam phone calls I use to get I use say I am not with you as my bank provider I am with X Bank (X being a random bank) and then I just use to hang up on them.
Then a bout a few days to a week later guess what, I would get a phone call scam from (you guessed it) X Bank.

I use to tell them, do you think I am really that stupid, you might as well just give up due to I am not giving any information out over the phone.

Another classic one was when I received a phone call from my bank, asking if it was really me and to prove that I was me, like door number road and postcode along with x letter of password etc.

I told them why do you need this information, they said so that they know they are talking to the right person, I said well you phoned me so I am me.

This went on for about 10 mins on the phone, I then said I tell you what, what's your password, where they replied, my what, I said your password, they then went to say why would you want my password, I said so I know its really you that I am talking to and laughed.

They sounded confused at that point, so I asked for their name and extension number and I will phone them back.

Ten mins later (looking for bank statement with phone number) I phone my bank asked for the extension and once I got through I asked for that person, and it was my bank and they told me that I was the only one that gave them that much of a hassle and that all they wanted to tell me was that my new replacement card was on its way and that I should receive it within 48 hours.

Then it dawned on my that I requested for a replacement card online.

LOL

Paul

There are other ways of dealing with things. They need to get their acts together so that if they are cold calling a customer they have procedures in place that don't require the customer to authenticate when they themselves have not proven who they are.

I am not saying they should give out my personal details. I'm saying that there are almost certainly better ways to do this. I have never had my bank ring and ask for my personal / account details before they will talk to me. Maybe my bank is just better at dealing with it?

And when it did happen from the mobile company I just refused to talk to them. I am not giving my password to a complete stranger that cannot prove to me who they are.

So the question is did they actually need to "authenticate" you if all they had to say was "your card is on it's way"? Is that personal data? Is the risk that someone would intercept the card higher than the risk of people giving out personal information to a cold caller?

In reply to a post by ian72:

So the question is did they actually need to "authenticate" you if all they had to say was "your card is on it's way"? Is that personal data? Is the risk that someone would intercept the card higher than the risk of people giving out personal information to a cold caller?

Well that's what I thought, but I will probably never know.

Paul

In reply to a post by ian72:

There are other ways of dealing with things. They need to get their acts together so that if they are cold calling a customer they have procedures in place that don't require the customer to authenticate when they themselves have not proven who they are.

It's a catch 22 situation.
Sadly the biggest problem, can be people simply not updating their details.
Perhaps with the onset of Voice ID, this will be less of a problem.

I'm surprised they didn't just send you an email or text.

Will there be a card PIN change as well, coming in a letter?

I had a call from the call centre of a well know CC company in India. They asked some security question which I refused to answer so they would not tell me the reason for the call. I did then ring the CC company using a number I know and found out that they had probably called because there was a large card holder not present transaction. I had had some heating oil delivered and had rung the oil company to pay and unusually they had offered to take a CC for no extra cost.

The CC company must have had problems with other customers, because now I just get a voicemail or similar telling me about the transaction.

In reply to a post by RobertoS:

I'm surprised they didn't just send you an email or text.

Will there be a card PIN change as well, coming in a letter?

They do now, as for the PIN change, its normally the same as the last card, only twice have I had a separate letter with a new PIN.

Paul

In reply to a post by Michael_Chare:

I had a call from the call centre of a well know CC company in India. They asked some security question which I refused to answer so they would not tell me the reason for the call. I did then ring the CC company using a number I know and found out that they had probably called because there was a large card holder not present transaction. I had had some heating oil delivered and had rung the oil company to pay and unusually they had offered to take a CC for no extra cost.

The CC company must have had problems with other customers, because now I just get a voicemail or similar telling me about the transaction.

Oh, well I have only had an issue when I brought a brand new Plasma TV back in the days when they cost few grand, that resulted in the CC company phoning the store where the sales person handed me the phone, but all I had to do is say my name, my address and how long I had had my account with them and that was it and then the transaction went through.

But that was due to I had never really used that CC on something that costly.

The sales guy said that happens all the time.

Paul

In reply to a post by JohnR:

We will allow customers to reverse security on us. But NOT with anything to do with their accounts.

Your's must be a unique Bank!

Previously I've tried to setup a Codeword that they could supply to me - they refused to answer until AFTER I cleared security!

I've also asked them to confirm the name of my "Named-Business-Manager" (located at my Branch). Again they refused to answer any questions until I had cleared security - further, they also said that (even if I did clear security) they wouldn't answer that question as it would "breach-the-DPA!

Just received a call about getting a refund for service that I paid for because the company was going out of business. The phone number 888 663 8929. The person had an India accent and keep trying to get me to go to anydesk and load the software. All my security warning came on when I tried the software. I did not allow the program access to my computer but this is a new scam on trying to say you are getting a refund for something you never had and using anydesk as the way to gain control of your desktop. They claim that the software only allows them to send you a form to fill out to get your refund. They also tried to tell me that it did not give them control of the computer and it was not the person who was calling that would send the form. As someone who uses remote desktop software I knew that yes it did give them full access to my computer. Just thought you might like to post so other people do not fall for the pitch about getting a refund for some odd software that you did not sign up to have.

Edited by deleted (Mon 25-Feb-19 17:21:08)