PadainFain
6th June 2011, 03:36 PM
I ought to post this on my blog but since that will get a readership of about 30 I figured this was a better place.
I've been working from home a lot lately and I've observed the latest phone-based scams in action. I want to provide help, probably not to anyone who reads here but to you families, as these scams are aimed at the less internet-savvy folks.
1. If you ever receive a call that starts, "Can I speak to Mr[s] X please?", never ever say "Oh yes, speaking!". The only thing you say is "Who is this?".
Many many companies can get hold of your number through a partner of a partner of a partner of a company that you once bought something from and accidentally forgot to tick the box that said "no marketing calls".
Under no circumstances should you identify yourself on the phone to anyone that you do not recognise.
2. If they are calling from a company that you have dealings with ...
... even then you must never divulge personal information. Remember that they called you and you need proof that they are who they say they are. Ask them simply what the call is about and then end the call. Now go find their number elsewhere, on their website for example, and call them back.
My bank regularly calls me about identity theft - they're paranoid about it. I do NOT answer their questions. I call them back on the number I know actually rings my bank and I sort it out.
3. Other unidentified calls.
Since I've been working at home I've realised quite how many unsolicited calls come through and the pattern is that they call from a 'group' so to speak that is so generic you might confuse it with something you bought into. I've had calls from "the IT support team", "The computer team", "The internet support helpdesk" and so on.
Never ever believe this. Ask them for their company name, their personal name and their manager's name. Heck, ask them what they had for breakfast if you feel like it - for security purposes obviously!
The latest scam I have come across is they call you up from one of these nondescript "IT support" Teams and they claim your PC is infected. They will in due course, if you agree, come around and "clean" your PC. They'll charge you an arm and a leg to do nothing useful.
More to the point they CANNOT know if your PC is infected. To do so would require information that only your ISP could know and which they would be breaking the law to pass on to anyone.
And here's another thing. If you put the phone down and check the last incoming call it will, in the UK, be 01234 56789. That means an international Skype call. Mostly it's from Indian call centres. Do you think your ISP or your Gas company or your whatever call you over Skype from India? No they don't. It's cheaper and easier for a real company to set up a VOIP connection to your country and then route over the normal PBX network to you from their Point of Presence - if they use alien call centres.
Want to do us all a favour? If you know a thing or two about what they're discussing... keep them on the line. The calls are costing them money. Talk in wonderment about how they are so clever to know these things. Reel them in with bafflement and then, just to keep it going, ask them what your MAC address is, or how they can be sure it wasn't someone else on your dynamic IP range? How did they map your apparently arbitrary IP address to your phone number? Could they check with their manager that they got the right number because you're not on the internet... etc etc ;)
Most importantly though. Please pass the message on to your less well internet-savvy relatives that they should never ever ever pass personal details over the phone to someone that called them. And under NO circumstances agree to have to someone come to them for an appointement based on such a call.
I've been working from home a lot lately and I've observed the latest phone-based scams in action. I want to provide help, probably not to anyone who reads here but to you families, as these scams are aimed at the less internet-savvy folks.
1. If you ever receive a call that starts, "Can I speak to Mr[s] X please?", never ever say "Oh yes, speaking!". The only thing you say is "Who is this?".
Many many companies can get hold of your number through a partner of a partner of a partner of a company that you once bought something from and accidentally forgot to tick the box that said "no marketing calls".
Under no circumstances should you identify yourself on the phone to anyone that you do not recognise.
2. If they are calling from a company that you have dealings with ...
... even then you must never divulge personal information. Remember that they called you and you need proof that they are who they say they are. Ask them simply what the call is about and then end the call. Now go find their number elsewhere, on their website for example, and call them back.
My bank regularly calls me about identity theft - they're paranoid about it. I do NOT answer their questions. I call them back on the number I know actually rings my bank and I sort it out.
3. Other unidentified calls.
Since I've been working at home I've realised quite how many unsolicited calls come through and the pattern is that they call from a 'group' so to speak that is so generic you might confuse it with something you bought into. I've had calls from "the IT support team", "The computer team", "The internet support helpdesk" and so on.
Never ever believe this. Ask them for their company name, their personal name and their manager's name. Heck, ask them what they had for breakfast if you feel like it - for security purposes obviously!
The latest scam I have come across is they call you up from one of these nondescript "IT support" Teams and they claim your PC is infected. They will in due course, if you agree, come around and "clean" your PC. They'll charge you an arm and a leg to do nothing useful.
More to the point they CANNOT know if your PC is infected. To do so would require information that only your ISP could know and which they would be breaking the law to pass on to anyone.
And here's another thing. If you put the phone down and check the last incoming call it will, in the UK, be 01234 56789. That means an international Skype call. Mostly it's from Indian call centres. Do you think your ISP or your Gas company or your whatever call you over Skype from India? No they don't. It's cheaper and easier for a real company to set up a VOIP connection to your country and then route over the normal PBX network to you from their Point of Presence - if they use alien call centres.
Want to do us all a favour? If you know a thing or two about what they're discussing... keep them on the line. The calls are costing them money. Talk in wonderment about how they are so clever to know these things. Reel them in with bafflement and then, just to keep it going, ask them what your MAC address is, or how they can be sure it wasn't someone else on your dynamic IP range? How did they map your apparently arbitrary IP address to your phone number? Could they check with their manager that they got the right number because you're not on the internet... etc etc ;)
Most importantly though. Please pass the message on to your less well internet-savvy relatives that they should never ever ever pass personal details over the phone to someone that called them. And under NO circumstances agree to have to someone come to them for an appointement based on such a call.