“BT” phone scam update

The long running “This is BT” telephone scam has reached new heights of sophistication.

We had a client in for help today who almost lost a lot of money, but thankfully caught on at the last minute and was able to freeze bank accounts before anything was taken.

This time it was the usual telephone call to begin with, claiming that the person called had a problem with their online security, their IP address had been “hacked” and the router compromised. A new router was allegedly en route, but in the meantime all of the security software on the (Windows based) computer had to be replaced with new and better versions in order to end the hacking.

The client then installed the perfectly legitimate TeamViewer remote access software, and the thieves then took control of the computer, removing all security software and then asking the client to access their online banking to process a “refund” from BT for the inconvience.

At this point our client became very suspicious, and ended the call, or so she thought. The scammers kept the line open, and when she called back to what she thought was a legitimate BT number was reconnected with them again (the call had never ended; it was merely muted by the robbers and a dialling tone played down the line), to the extent of a “press 1 for x, press 2 for y” system being the first thing she heard when “connected”.

She then asked them to disconnect the TeamViewer remote access while she logged in to her online banking to process the “refund”. They supposedly did, but we strongly suspect that the remote connection remained open in order to harvest the login details for the bank in question.

The “refund” was then processed, but was a far larger amount than had been previously stated on the telephone (the call was ongoing throughout the whole process, as well as the remote access) – several thousand pounds instead of the £200.00 promised. This appeared on the online banking summary screen, and when our client mentioned the amount the thieves then said that a mistake had been made in the amount of the “refund” and our client would have to repay the excess back to “BT”.

What had really happened is that the scammers had transferred our clients savings to her current account, then claimed that it was a mistaken “BT refund”, and were about to get her to transfer her savings and current account balance to them.

At this point our client became very suspicious, more so when the account details for the transfer were in an individual name and not a BT account, and thankfully was able to end the conversation and remote access to the computer before any money was taken.

The matter was reported to the PSNI, who have heard of at least £80,000 being stolen in this manner over the last two weeks. The bank account in question was also frozen, and all of the security settings will be changed before it is released.

The computer is currently with us to remove all of the remote access software planted on it and to have the security software reinstalled.

The scam has become very professional and sophisticated over recent months. The thieves now have a plausible answer for every question that the average computer user will put to them, and it seems now have a very clever means of having the money transferred to them by the account holder rather than stealing it directly. In a case like this the banks will wash their hands of the whole thing (not that they have been much help in our experience anyway) as the transfer was not done by a third party.

As we’ve said before, and will continue to shout from the rooftops, BT, Microsoft, Talk Talk or anyone else WILL NEVER, EVER, EVER contact you by telephone to advise you of a computer or telephone fault.

Anyone who claims to by from any of these – or any other – organisation is a liar and a thief, and the best thing you can do is to hang up without confirming any details.

July holidays

Its hard to believe that its holiday time again, and the weather is even being kind this year 🙂

We’re closing today (6th July) for a week as usual, and will be open again on Monday 16th.

Thanks to all who have been to see us and used our services in the first half of the year, hopefully we will see you again, just not too soon.

Yet more telephone scams…

Long post, but please read and share as widely as possible.

I’ve just had a client in with me in floods of tears. She received a call from “BT” on Friday evening past, told them she was busy, so they arranged to phone back on Saturday morning.

It was the usual “there is suspicious activity on your account” story on the Friday, so she emailed proper BT who told her that there were no problems. When the scammers called back, my client told them that she was very suspicious and that BT had told her that there were no issues with her account or broadband line.

Fake BT then said that the reply was from the residential side of BT, and they were the “high tech division”, and if she cared to call BT again on 150 the notes on the account would confirm this and she would be connected to the “right” people.

The thieves then gained access to her laptop, showed her the usual false errors, and also gained access – partly by having a plausible answer for everything – to her online banking, Amazon and email accounts. The whole process took several hours.

This has resulted in a very serious financial loss, as well as considerable distress and a lot of time in sorting it all out. The PSNI as well as her bank are involved, but as the money was transferred out of her account on Saturday past, and not noticed until yesterday, it is long gone.

The caller in this instance was polite, plausible, spoke fluent, clear English, and had a good answer for every question raised as to why they might be a thief. The lady in question is far from stupid, but now feels that she is as she has been badly scammed and a lot of money stolen.

The money taken is unlikely to be recovered, and the bank are taking the line that as access to the account was freely given, they are not responsible.

As we, the banks and the police have stated repeatedly and will continue to shout from the rooftops, BT, Microsoft, Talk Talk, O2 or anyone else will NEVER, EVER, EVER, EVER ring you to advise you of a problem with your computer. They have no access to your system unless you let them in, so if anyone ever contacts you regarding fraud, or PC problems, or broadband issues, put the phone down at once, and ring the police on 101 to report the call.

Please share widely and tell anyone who mightn’t see this but who may become a victim of this particularly nasty crime.

Fun and games (not) with Windows 10 updates

Windows 10 turns 3 years old next month, and is very much a “Marmite” operating system  – you either love it, or hate it.

We’re not terribly keen on it, things which should be readily and easily available like the Control Panel are hidden away, Cortana is an intrusive PITA, and the seemingly constant, unavoidable updates really are a nuisance.

Since the last big bi-annual update (to version 1803) we seem to have done very little than reinstall printers and scanners, fix broken email accounts, and in more than a few cases reinstall Windows from scratch after the update fails over and over and eventually breaks the hard disk file system beyond repair.

This article from Which? magazine explains the Microsoft update strategy, and goes into some detail of what to do if things go wrong, although we’d recommend contacting us rather than Microsoft if things go wrong.

https://www.which.co.uk/news/2018/06/windows-10-update-pain-microsoft-must-do-more-for-consumers/

We would certainly agree that Microsoft need to do more to make the upgrade process a lot simpler and not just force updates onto users, and also can’t stress enough the need for a working, tested backup of your data.

Easter holidays

It’s hard to believe that Easter is on us already, or that this is the first post of 2018!

We’re open tomorrow morning until 12.00 or so, then off on Monday & Tuesday (the gates are closed anyway). We will be back at full pressure on Wednesday.

Please have a safe and happy Easter break, whatever you get up to, and don’t eat too much chocolate 🙂

Christmas 2017 holidays

We are going to close on Friday 22nd December at 12.00, and re-open on Tuesday 2nd January 2018.

Many thanks to everyone who has used our services in 2017, all being well we will see you again, just not too soon :).

Please have a happy, safe and warm Christmas and New Year.

Laptops, tablets & cold weather

Now that it appears winter is well and truly here, its not a good idea to leave laptops / tablets / phones anywhere that they can get really cold, such as in the boot of the car or on the back seat.

Very cold temperatures don’t agree with the screens fitted to most of these devices, also if they end up covered in condensation it doesn’t do them any good at all. Best to bring them into the house or office at night, and keep them somewhere away from the cold.

If you do end up with a very cold computer, let it warm up to room temperature before you use it. It will be slow and the screen may well be unresponsive for a while until it reaches a suitable temperature.

Interesting project

We had a phone call yesterday from a bloke looking for “dead” laptop batteries. We normally recycle these, but based on our conversation will now be keeping them for him.

He plans to convert a VW camper van to electrical power, and is using the good cells from laptop batteries to act as the power source. A laptop battery is made up of several smaller batteries connected in series to get to the required voltage, and normally only one or two of these fail.

The idea is to find the good ones and make them into a battery powerful enough to give 100 miles or so between charges.

As we love to make things, and recycle as much as possible, we were happy to help, and will be keeping all laptop batteries which come our way to aid in this project 🙂

New ransomware problem

We are receiving early reports of a new ransomware threat, similar to the “wannacry” outbreak which hit the NHS earlier this year.

This one is known as “Bad Rabbit” and follows the usual ransomware script of locking PCs, encrypting data, and demanding a payment within a short timeframe in order to release the un-encryption password. The initial cost is 0.05 Bitcoin (currently £220.00) although this appears to increase over time. It isn’t recommended to pay the ransom as there is a very good chance that the password will not be forthcoming.

The software seems to be spreading from infected Russian news media sites, and so far has only attacked large networks, but may well spread over time.

As usual, our advice is to have a definite backup in place, keep it seperate from you system when it isn’t in use, and install all updates and patches as they are released. If you do end up infected with ransomware or any other type of malware, turn your computer off at once and bring it to us. We can’t guarantee that we will save your data, but we can minimise the damage at the very least.

Spam emails and phone calls

It has now come to the point when it is almost impossible to tell a spam / malicious / phising email from the real thing (unless of course you don’t have an account etc with the company allegedly sending the email). The days of poorly photocopied headed paper and bad spelling are gone.

In recent days we’ve had four emails from BT (we don’t use them) enclosing our latest bill. All were for differing amounts, which wouldn’t be strange for BT, but on close examination the emails actually came from “btt.ru” which was well hidden in email information but incorrect for UK BT, who are “bt.com”. The “.ru” extension indicates a domain name registered in the Russian Federation.

Other regular contributors are “Apple”, “HMRC”, “Barclays”, “Santander”, “Lloyds Bank” and “Microsoft”.

The usual rule of thumb is to treat these emails with extreme suspicion, don’t click on any links contained in them, and also don’t open any attachments. Delete the email, and if possible block the senders domain. This will limit the amount of spam received for a short time until the spammers switch to using a different domain, when it all starts again.

Another problem are telephone calls from banks and other institutions who once they have called then want you to confirm your identity with them. I have a problem with this, as they have phoned me, asked for me by name, and then want my personal details without any confirmation of who they are.  There have been several frank exchanges of views over this.

Our advice is to treat all email, telephone or text communications with the utmost suspicion, and to delete or ignore anything you are even vaguely unsure of. Sadly it has come to this, but better to be safe than sorry.