How Not to Become a Victim of a Scam

From time to time we get phone calls we don’t necessarily want, most of the time we know they are unsolicited spam calls. But we all know that the phone company and even the bank have our phone numbers, so there is always a chance they could call you. As a business owner, I get the odd call from the bank asking me to fill out a satisfaction survey over the phone and I also have had BT call me in the past. So how can we tell the difference between a real call and a phishing scam call?

To be able to tell the difference we need to understand both what a scammer could know and what the company could know about you and your account.

  • The company that calls you should know who you are and all of your account details.
  • A bad scam caller will know nothing about you
  • A normal scam caller that calls you should know who you are but not all of your account details
  • The best scam callers will know who you are and all of your account details.

As you can see not all scam callers will be the same, some know nothing and some know everything.

How can a scammer know so much about your account with a company? Well, it all starts with a little bit of information. The best way to explain it is to tell you how I would pick a target to scam.

In the past I would pick a target by using physical information I know about an individual and making phone calls to find out account numbers a little bit at a time. But now I would do it completely differently and it would start on the dark web. Going to a well known dark web marketplace you can purchase hacked password files. Once I have found and accessed somebody’s email address, I would start from there and work out what accounts they have. I would use all the information from their accounts to build a picture of who I’m going to be scamming.

Once I’m armed with all their information I would ring them up and the conversation would go something like this.

Hello, may I talk to Mr Jones…

Hello, Mr Jones, my name is David I am one of the management team from BT…

Before I continue can you please confirm this is your account number 1234d4321…

You can find it on the top of your last bill or on the online portal…

That’s fantastic before we continue Mr Jones, I need to ask you a security question. Your last bill came to £34 could you please tell me the exact amount it came to.

That’s correct…

The reason I’m calling is that we have been overcharging your account for the last 24 months by £7.86 each month…

We would like to offer our sincere apologises and we would like to fully refund you the full amount to your visa debit card ending in 4570…

This is quite a believable story and you can end up falling into this trap. Before you know it, I would have you giving me your card details.

In summary, the best way to defend yourself against scam callers would be to ring the company back with a phone number you already have from your records. But above all, if you’re ever in doubt ask for some help.

Hello