An example of a vishing call
Here’s how a fraudster may try and trick you into giving away your details over the phone.
[Phone call received]
Caller: Hi, could I speak to Mrs X please?
Caller: I’m calling from BT and would like to make you aware of a fault with your Broadband. We’ve noticed that your router is not working correctly, and would like to compensate you for the inconvenience.
Customer: How do I know you’re really from BT?
Caller: I can tell you that your name is Mrs X and you live at [address]
Customer: OK, what do you need to do?
Caller: First, to give you a refund, I need you to log-in to your Internet Bank. Then, I need you to go to a website, Teamviewer.com, and download some software, so that I can diagnose the problem
[break while the customer downloads the software – usually has to be coached through it]
Caller: Please open TeamViewer on your desktop and provide the ID and PIN that are displayed
[once the customer does this will grant remote access to the customer’s PC]
Customer: I don’t like you accessing my computer
Caller: That’s OK. I need to access your computer in order to give you your refund
[customer provides the information necessary]
Caller: your screen will go black while I’m running some checks. To give your refund, I need you to use your card reader.
Caller: please put in your card, then choose ‘sign’ and enter your PIN. Then, enter the reference number 12345678, press OK and enter 123456. Then please give me the code that’s displayed on the screen
[the first reference number is a destination account, the second number is the amount of the payment the criminal is going to send]
[customer uses the card reader]
Customer: the code is 1234 5678
[The caller will then proceed to authorise the fraudulent transaction using the provided authorisation code.
The caller may then proceed to say that the code did not work and will ask you for further codes. This is an attempt to authorise multiple payments out of your bank account.]