BBC Journalist records conversation with phishing scammer
Text scammers managed to scam a BBC journalist with a “failed delivery” text phishing scam, and then tried to follow it up with a “bank security” telephone phishing scam.
But by now the journalist had caught on and recorded the conversation. It demonstrates just how convincing – and malicious – these scammers can be.
The video below from the BBC shows the latter part of this scam and how it played out, but first lets quickly summarise what scam is being executed here.
The scam is what we call the double phish scam. It’s two phishing scams, back to back, for maximum damage to the victim and maximum profit for the scammer.
Step 1 – The SMS Phish: A generic SMS scam is sent out to tens of thousands of people. The aim of the text is to get recipients to click a link and fill in personal details about themselves on a spoof website. In this case it’s a prolific missed delivery text scam that claims the recipient needs to click a link to rearrange a missed delivery.
Step 2 – The Telephone Phish: This is crux of the scam. The victim has already given up their personal information in the first step of the scam. And now the scammer can use that information to initiate a targeted phishing scam (known as spear-phishing.) The scammer knows the victim’s information and will use that against them to make them appear legitimate. In this case the scammer claims to be from the victim’s bank security team and will “confirm” the victim’s information to “prove” they are genuine.
Sponsored Content. Continued below...
The aim of the second part of the scam is typically to either trick the victim into installing malware or convincing them to move their money into a “safe bank account” which is actually a bank account belonging to scammers.
This is the same scam that we recently wrote about that tricked a couple in Frome in the UK into handing over thousands of life savings.
Watch this video, below from the BBC where the journalist has already fallen for the first step outlined above and filled in his details on a spoof website. We recommend watching this right until the end and we have some further analysis below.
You can see during the conversation with the scammer that the scammer attempts to make himself appear legitimate by “verifying his identity”. He does this by parroting the journalist’s personal details that only the journalist’s bank would supposedly know.
However the scammers actually got this information from the first step of the scam.
Sponsored Content. Continued below...
It’s an alarming demonstration as to how convincing these scammers can be – and the end of the video highlights just how malicious and immoral they really are, and what lengths they’ll take to make people pay up. Even if it means threatening them with physical harm.
Don’t fall for this scam. Don’t click on links in unexpected text messages and understand that couriers do not demand payments via text messages.
And if your bank calls out of the blue, hang up the phone. You can always call them back up using the contact information on your paperwork or on their website and they can then tell you if the call was legitimate or a scam. And at least this way you’ll know for sure its your bank you’re really talking to.
Keep up-to-date with all the latest cybersecurity threats and our tips to stay safe online. Follow us on Facebook, Instagram and Twitter.
Continued below...
Thanks for reading! But before you go… as part of our latest series of articles on how to earn a little extra cash using the Internet (without getting scammed) we have been looking into how you can earn gift vouchers (like Amazon vouchers) using reward-per-action websites such as SwagBucks. If you are interested we even have our own sign-up code to get you started. Want to learn more? We discuss it here. (Or you can just sign-up here and use code Nonsense70SB when registering.)
Become a Facebook Supporter. For 0.99p (~$1.30) a month you can become a Facebook fan, meaning you get an optional Supporter Badge when you comment on our Facebook posts, as well as discounts on our merchandise. You can subscribe here (cancel anytime.)
