Phishing

BBC Journalist records conversation with phishing scammer

In 2021, cyber crooks managed to scam a BBC journalist with a “failed delivery” text phishing scam which we’ve warned our readers about numerous times. However, when the same cyber crooks tried to scam him again by claiming to be from his bank, the journalist caught on and recorded his conversation with the scammers.

The recorded conversation demonstrates just how convincing, persistent and [finally] malicious these scammers can be.

Scammers will often target previous victims of their scams for two reasons. Firstly, the scammer knows the victim is already vulnerable to being scammed because they’ve already been successfully targeted. Secondly, because the scammers will already have obtained some personal information from the victim from the first scam, allowing them to orchestrate a targeted phishing scam, also known as spear-phishing, which have a better success rate.

In this case, the BBC Journalist, Jon Ironmonger, had fallen for the classic “failed delivery attempt” text scam, which falsely claims the victim has to visit a webpage to pay for a missed delivery to be redelivered. These scams steal the victim’s personal data and payment details.

This provides scammers with the ability to steal from the victim, but also offers them the chance to follow up with another scam. In this case the scammers pretend to be from the victim’s bank, claiming that [ironically] scammers are attempting to hack into the victims account, and the scammer – while pretending to be from the victim’s bank – needs the victim to move their money into a “safe bank account”.

Of course there is no safe bank account, and the scammer is simply trying to persuade the victim to move their money straight into the scammer’s own bank account.

In this case below, the scammer claims to be from the victim’s bank security team and will “confirm” the victim’s information to “prove” they are genuine. However this is just information the crooks gleaned from the first scam.


Sponsored Content. Continued below...




This is the same scam that we recently wrote about that tricked a couple in Frome in the UK into handing over thousands of life savings.

Watch this video, below from the BBC where the journalist has already fallen for the first step outlined above and filled in his details on a spoof website. We recommend watching this right until the end and we have some further analysis below.

You can see during the conversation with the scammer that the scammer attempts to make himself appear legitimate by “verifying his identity”. He does this by parroting the journalist’s personal details that only the journalist’s bank would supposedly know.

However the scammers actually got this information from the first step of the scam.


Sponsored Content. Continued below...




It’s an alarming demonstration as to how convincing these scammers can be – and the end of the video highlights just how malicious and immoral they really are, and what lengths they’ll take to make people pay up. Even if it means threatening them with physical harm.

Don’t fall for this scam. Don’t click on links in unexpected text messages and understand that couriers do not demand payments via text messages.

And if your bank calls out of the blue, hang up the phone. You can always call them back up using the contact information on your paperwork or on their website and they can then tell you if the call was legitimate or a scam. And at least this way you’ll know for sure its your bank you’re really talking to.

Share
Published by
Craig Haley