• Welcome to this forum . We are a worldwide group with a common interest in Birmingham and its history. While here, please follow a few simple rules. We ask that you respect other members, thank those who have helped you and please keep your contributions on-topic with the thread.

    We do hope you enjoy your visit. BHF Admin Team

Scams: telephone, email, texts 2023, 2024

I read over the weekend that the Times science editor recently received a scam Royal Mail text explaining that a delivery had failed and clicked on it (when his mind was elsewhere), and when asked for the small delivery fee, paid it. This is what happened when he was in the process of reporting it to his bank some hours later:

I opened the app for my bank, Starling, and checked that there was nothing suspicious. There wasn’t. Then I went to the online chat on my phone app to tell them what I had done. I can still see the conversation now.

“Hello,” I said at 4.50pm on the app. “I think I’ve given a scam site my bank details.”
“Hi Thomas,” came the response 15 minutes later. “You’re through to Peter. Thanks for waiting today!”

A few minutes later, my conversation with Peter on the app stopped abruptly. The reason why is that Matt phoned.

“Hello,” he said, “I’m calling from Starling.” I picked up the call and said: “I was just on the chat.” Matt said: “We know. The hackers have access to your app and your phone.
“Can you see a pending transaction for £224?” he asked. I could, it had just popped up — awaiting my approval. “We think it is suspicious,” he said. It was indeed. I thanked him for calling, and said I felt very silly. He chuckled and said there was no need.

Then I had a niggle. “How do I know you’re not the scammer?” I asked. After all, they had my phone number. He said I was right to ask. “Let’s go through the security questions,” he said.

“Can you tell me my recent transactions?” I said.
“Not until the questions,” he replied.

So we did the dance, him saying bits of my address, me completing it. Fine, he said, you’re verified.

He had called me, he said, because the hackers had access to everything on my phone. Starling Bank needed to upgrade the app. Matt said I should change my email password because the hackers had it. When the call was over, he said, I should contact my other bank. I said “****”. He told me not to swear.

Still, though, I had a slight niggle. What he was saying didn’t make sense to me. Even if, as he said, the hackers had full access to my phone, they wouldn’t be able to just log into my banking apps — they required a thumb print. He brushed aside my worries. I didn’t understand the sophistication of the attack, he said. I checked his number, at his insistence. It was Starling’s. By this stage we had been speaking for 15 minutes. He said it was imperative I upgraded my security.

“The hackers are in your bank app now,” he said. He was calm, but authoritative. “We need to send an authentication notification under an alias. It will come from ‘Warehouse Utilities’.” When I clicked on this, he said, it would upgrade the app without the hackers knowing, and kick them out.

I didn’t really understand. I took the phone from my ear, and opened the Starling app. The notification popped up: “Warehouse Utilities”. I also saw that it required I approve a £1,000 transaction. You need to understand, I’m panicked. I’m worried I’ve compromised all my bank accounts, and all my work. Matt has warned me that the hackers could have got access to the work wi-fi. Still, my stupidity has limits. I’m not clicking on that. I said: “I’ll call you back immediately on this number.”

“There is a long wait and we can’t guarantee your funds if you do that,” he said. “They may clear you out.”
“That makes no sense, just block transactions,” I said. For the first time, he sounded flustered.
Then I asked: “What were we saying just now on the online chat?”
He said: “You were asking to verify this call.”
I wasn’t. I hung up.

Here is my attempt to reverse engineer what happened. It was, I believe, a total coincidence that the moment I realised my mistake and was on the bank’s online chat was the moment Matt called. Everything that came after was planned. His goal throughout was to sound calm and professional, while making me increasingly flustered. So much so that I didn’t notice that he was “verifying” me more than I was verifying him. He had my “security details” because — I’d autofilled my address on the “Royal Mail” page. Part of the verification involved me telling him my bank balance “to confirm it’s you”. So he knew how much I was good for. There were nice touches too. He could ad-lib — telling me not to swear was genius. This man was clever. He had options in life, but the tragedy is he chose this. Ultimately though, in this instance, his labour was for naught. I didn’t click. Instead I rang Starling — the number of which he had spoofed — and it sorted it all. After seeing how it worked, it seems obviously laughable that the bank would use an approach like his.

So what is the moral of my tale? I wonder how I would react reading this about someone else. Probably I would find the mechanism intriguing. Maybe I would warn elderly neighbours. Smugly I wouldn’t consider it an issue for me though. And yet. In that moment, when I thought someone was in all my bank accounts, all my emails, thinking the whole office might have been compromised by my idiocy? Well, I can see why people may, in a moment of madness, click.
A lesson to us all.
I was given a sound piece of advice concerning this type of situation. If alarm bells are going wild take a few moments to calm down before doing anything.

NoddKD
 
I listened to a recent BBC programme about the psychology of a fraud, and it brought back unwelcome memories of how I was duped by an ‘authorised push payment’ fraudster a couple of years ago. At the time, this type of fraud was I think, not so widespread as now. I got away lightly, since I lost no money, but that was only because of my own ineptitude in following his instructions! The feeling of utter stupidity still haunts me though. I had always thought of myself as pretty sharp, and when hearing about people falling victim to fraudsters, thought that they were not too bright, and that this couldn’t possibly happen to me.

The program is part of the ‘File on 4’ strand, and is well worth a listen.
 
I received another message last night.

Royal Mail: Your package has arrived at the warehouse but cannot be delivered due to incomplete address details please open the link to view ..... Royal Mail wishes you a great day!

How fortunate that my package albeit having an incomplete address, did somehow include my mobile number! I won't be clicking that link, nice of "Royal Mail" to wish me a great day though! ;)

Here are some online scams that the real Royal Mail have suggested we watch out for:

 
Some calls can be genuine but how do you know? Yesterday I had a phone call 'This is an urgent call about your gas bill. Press any key to hear the message.' I just put the phone down. However, later I did go online to pay my gas bill. Before you ask I do not authorise a direct debit on my gas bill since British Gas doubled my monthly payment while my gas account had a large credit balance.
 
Some calls can be genuine but how do you know? Yesterday I had a phone call 'This is an urgent call about your gas bill. Press any key to hear the message.' I just put the phone down. However, later I did go online to pay my gas bill. Before you ask I do not authorise a direct debit on my gas bill since British Gas doubled my monthly payment while my gas account had a large credit balance.
Yes, the best policy is 100% to phone the company direct and to leave the possible scam unanswered. That way you have responded to the call, if it was actually a legitimate one.
 
unusual for me to post on this thread as i have really had reason to do so but i got an email from my bank today and most of you will know you can read the first part without opening it which i will not be doing as i cant recall ever having emails from my bank..what i can read says

"winter scams find our how you can keep your money safer replies to this email are not"

so how do i know that this is not a scam...will not be finding out

lyn
 
unusual for me to post on this thread as i have really had reason to do so but i got an email from my bank today and most of you will know you can read the first part without opening it which i will not be doing as i cant recall ever having emails from my bank..what i can read says

"winter scams find our how you can keep your money safer replies to this email are not"

so how do i know that this is not a scam...will not be finding out

lyn
Lyn, you could check with your bank by telephone, to see if they have e-mailed you (assuming they have your e-mail address to do so), but as Mike has suggested, better safe than sorry, particularly if you rarely if at all, receive e-mails from your bank.
 
Back in 2008 I had a landline call in the middle of a Sunday afternoon from someone who said " Hi this is the Natwest security team, could you answer a few security questions? " I responded with a laugh and hung up.
Picking up some groceries from Lidl on the way home from work the following day my debit card wouldn't work at the till.
The woman serving me said " Yeah the payment machine has been playing up all day so probably our fault not yours". Leaving
my shopping there I headed to Tesco, only to have the same problem.

The following day I rang the Natwest to report a problem with the card to be told my card had been cancelled because I hadn't
responded with answers to their call on Sunday!!

Needless to say the account was moved to another Bank shortly after, who have never called me.
 
Lyn, you could check with your bank by telephone, to see if they have e-mailed you (assuming they have your e-mail address to do so), but as Mike has suggested, better safe than sorry, particularly if you rarely if at all, receive e-mails from your bank.
thanks john

lyn
 
Hi everyone, really need help on this one.
Yesterday morning had an Email from a friend I have known for about 30 years telling me he had had an op. and couldn't get out. He had tried getting an Amazon gift card for a friend but for some reason his credit card was not working. He asked if I could get a £100 gift card and send details n to him. I was surprised at the time and told my wife, and although we could not understand it replied that, because of problems I had with Amazon before I don't deal with them anymore. I then had a reply saying I could get one from Tescos etc and then scratch the back, take a photo and email it to him. I told him that because I have the shakes I can no longer take photos. I then had several more emails from him in which he was quite persistent, so much so I wondered if he had had a mental breakdown. I had about six Emails from him.
It then suddenly occurred to me that this was a scam. I didn't have his phone No. and after ringing several friends managed to ring him. It was a scam and my friend had had calls all day long even from America, Africa, and the far East, from people who had received various messages asking them to do the same.
What I need help with please is what I need to do, and how to do it. I am now 92 so would ask please that it is explained in simple terms Also who to report it to, and how. I know a few weeks ago I saw a programme on BBC one morning about scams and people reporting them but of course didn't take much notice thinking perhaps "It will never happen to me" Foolish man!!!
From experience I know I shall receive helpful replies so thank everyone in advance.
By the way, in the last one it gave details of the Amazon site where I could purchase it from, and more importantly an Email address supposedly for the woman to whom it was going. Do you think this would be of benefit to the authorities in tracing the culprits?
 
Hi everyone, really need help on this one.
Yesterday morning had an Email from a friend I have known for about 30 years telling me he had had an op. and couldn't get out. He had tried getting an Amazon gift card for a friend but for some reason his credit card was not working. He asked if I could get a £100 gift card and send details n to him. I was surprised at the time and told my wife, and although we could not understand it replied that, because of problems I had with Amazon before I don't deal with them anymore. I then had a reply saying I could get one from Tescos etc and then scratch the back, take a photo and email it to him. I told him that because I have the shakes I can no longer take photos. I then had several more emails from him in which he was quite persistent, so much so I wondered if he had had a mental breakdown. I had about six Emails from him.
It then suddenly occurred to me that this was a scam. I didn't have his phone No. and after ringing several friends managed to ring him. It was a scam and my friend had had calls all day long even from America, Africa, and the far East, from people who had received various messages asking them to do the same.
What I need help with please is what I need to do, and how to do it. I am now 92 so would ask please that it is explained in simple terms Also who to report it to, and how. I know a few weeks ago I saw a programme on BBC one morning about scams and people reporting them but of course didn't take much notice thinking perhaps "It will never happen to me" Foolish man!!!
From experience I know I shall receive helpful replies so thank everyone in advance.
By the way, in the last one it gave details of the Amazon site where I could purchase it from, and more importantly an Email address supposedly for the woman to whom it was going. Do you think this would be of benefit to the authorities in tracing the culprits?
This is a scam where the scammers have obtained access to a friends contact list, and your name is on that list. There are quite a few of these going around at the moment.

I had a similar one the other week as a text allegedly from my son.
 
I had one some years ago supposedly from the daughter of an old friend, who was in Thailand and claimed all her money had been stolen
 
Just to say thanks to all who responded to my request the other day. I reported it, sending copies of the Emails received and had a reply they had received it. I know it would be impossible for them to do it, but wouldn't it be nice to know if someone was found out and dealt with appropriately
 
Just had this warning from Waterstones, which is a good reminder during this "Black Friday" weekend. I bought some books from them online last week (I still didn't click below though...better safe than sorry) ;):

Dear Customer,

The massive popularity of Black Friday offers opens a door to online scammers, using the name of reputable brands to trick customers into fake offers.

Sadly the use of Waterstones is no exception, and we are aware of several social media scams currently exploiting our good name. These generally promote cheap books, often accompanied by a time-limited offer.

We are working hard to remove these fake websites. However, the following tips will help protect you and aid us in tackling this online menace:

Fake Internet Domains and Websites
  • Please make sure the website is legitimate. We do not have multiple website addresses: www.waterstones.com will always be the correct domain for purchases.
  • Scammers will try to make the site look like Waterstones. Keep an eye out for website addresses which add .uk, .store or other elements to the address above. These are not us.
False Urgency
  • Be vigilant of urgent, time-limited offers. Do not let the urgency of a limited offer make you act hastily and without checking the website address first.
Personal Information and Payment
  • We will never ask for your personal information via email.
  • We will never ask for an unexpected payment, or offer a refund you do not expect.
  • We will never ask you to make a payment to us outside of our website or App (i.e. via bank transfer, e-mailing credit card details).
If you have any queries toward the legitimacy of our emails or social posts, please use our contact form at https://www.waterstones.com/help/contact-us, or use our website’s live chat function at that address for further assistance.

We wish you safe and happy online shopping.

Waterstones
 
i had a email saying some one is trying to log on to my account so they have locked it untill i get in touch with them and change me password nothing has been bought or try'd to be bought.:(
 
I received another message last night.

Royal Mail: Your package has arrived at the warehouse but cannot be delivered due to incomplete address details please open the link to view ..... Royal Mail wishes you a great day!

How fortunate that my package albeit having an incomplete address, did somehow include my mobile number! I won't be clicking that link, nice of "Royal Mail" to wish me a great day though! ;)

Here are some online scams that the real Royal Mail have suggested we watch out for:

Royal Mail would not refer to their location as a “warehouse,” it’s a “sorting office.” Having read so far I would then have deleted the message. AC.
 
agree with you chunky....the clues are often there even before clicking on the full email...i always think that we must stop and think and ask the question...have i given this person or company my email address and if the answer is no then just ignore or report it...

lyn
 
Royal Mail would not refer to their location as a “warehouse,” it’s a “sorting office.” Having read so far I would then have deleted the message. AC.
I did and also reported it as Spam. It was clearly a scam, I just thought that I would highlight it as something that is currently being sent, should anyone else receive this or something like it.
 
Is this a record? I have had three emails today about packages being held by Royal Mail. Everyone was from a Gmail address which was a dead giveaway to start.
 
Nowadays you'll find a lot of the fake emails go to the junk folder straight off. This will increase as you list more as junk or report more for phishing. 3 in one day isn't much. Every so often the screen for such misses some and they show up in your inbox. This does seem to happen in clumps.
 
Back
Top