Scam Targeting Mobile Phone Users

Freelance

Key Post author
Messages
764
Before I go any further, the moral of the story
  • Never ever give, call out or read back a One Time Code, Verification code, PIN code, PAN code.
  • If you call your bank (not the other way around) they may ask for two digits from your PIN number to identify you. Unless you are certain that you are speaking to your bank on a call which you initiated, or if you are in any way suspicious, do not proceed.
This scam is a variation on a theme, but it is an alluring trap that is easy to fall into. A friend of my was caught on Monday.

What actually happened:
As soon as the scammer called her, he entered her number on the Vodafone "forgot my password" screen which sent a code to her phone
He used the code which she received and read back to him to change her password, her address, and various other details
He ordered an iPhone 16 Pro on her account to be sent to her "new address"

Here is her perception of what happened:
She received a call on her mobile from the Vodafone Customer Loyalty team. Caller said that he had good news, and that she was entitled to a loyalty reward
Caller sent he needed to verify that he was talking to the account holder before proceeding, and sent a verification code to her phone
The verification code was grouped in her phone messages with prior messages from Vodafone (suggesting that all was in order) and at his request she read the verification code back to him
He kept chatting for a couple of minutes while he was organising her loyalty reward, in the course of which he called out her address for verification, and also some of her credit card details (I'm not sure what exactly)
He concluded that all was in order and that her loyalty reward was on its way to her, and that she might receive a few messages later but that she could safely ignore these
She went off full of the joys and thinking how great life is when the gods smile down on you

The Outcome
She received a call on Tuesday from the Vodafone fraud team
It took a considerable period of time for the call to proceed as the details they usually use to verify the caller (DOB, address etc) were not correct
Eventually the call progressed to the point where they verified that she had not requested aa phone upgrade and they confirmed that they were in a position to cancel the upgrade as the phone had not yet been despatched

The National Cyber Security Centre have issued an alert in relation to this scam. It contains a description of the scam, some useful pointers on how to protect yourself and what to do if you’re a victim

NCSC Advisory Upgrade Scam targeting Mobile Phone Users 09 December 2024

Also detailed here: https://www.rte.ie/news/ireland/2024/1209/1485540-cyber-scam/
And discussed with Adrian Weckler here: https://www.rte.ie/radio/podcasts/22469716-national-cyber-security-centre-warning-people-abou/

In Conclusion
The three lines above under What actually happened are generic and are not limited to phone upgrade scams, this technique could be used in many situations to access the likes of bank accounts, online store accounts etc.
 
How would the scammer know that she is a customer of Vodafone in the first place?
 
I got a scam call last week from an Asian-sounding guy claiming to be from Vodafone, from a Dublin number, offering me 30% off my bill. I played along, said i suppose you're going to look for a bank account? "no we just send you a 6 digit code". I asked him what my address was "oh we can't give you that for security reasons". I just told him I wasnt with Vodafone and he hung up.
My advice would be 1.dont answer any unknown calls. 2. Remove your name from any voicemail recordings & if you do answer the phone, don't give your name eg. "hello Luke speaking", because the scammer immediately used my name, as if he knew it was me
 
How would the scammer know that she is a customer of Vodafone in the first place?
Dial the number with a “5” immediately following the 08x prefix - the voicemail response and instructions are a giveaway. E.g. to test 087 1234567 dial 0875 1234567
 
Remove your name from any voicemail recordings & if you do answer the phone, don't give your name eg. "hello Luke speaking", because the scammer immediately used my name, as if he knew it was me
It's more likely they are using previous breach data to gather that. If you've had these details in any of LinkedIn, Twitter, Sony, Yahoo, Facebook, or many others when they were hacked your details are already circulating the dark web. Check Have I Been Pwned for instances of where your data has been compromised.
 
We've been here before

 
I watched a Channel 5 drama recently called Cold Call. While it is a fictional drama, it's based on real scams. They phished loads of information from the victim's elderly Mother. Names, DOB, address, phone number etc.

Just remind older people in your life, who may be more naive to this kind of thing, to not give out information over the phone. The caller can be very convincing and say they're doing a survey, census or anything like that.

They used this information to convince the victim they were from her bank.