Scams are now the biggest problem for landline users, with criminals using cheap technology to exploit millions of people. In the worst cases, callers trick their victims into divulging bank details or even downloading software to take control of their computers.
The latest research from Ofcom found that one in four nuisance calls are thought to be scams, up from just 4% in 2017.
Which? members tell us they are deluged with scam calls – eight in 10 said that they’ve received what they believe to be scam calls, and a quarter are contacted by scammers more than once a week.
Here, we expose the tactics used and explain what you can do to fight back.
Cheap tech use to commit scams and fraud
Although call-blocking services and phones offer some respite from unwanted calls, the emergence of voice over internet protocol, or voip (the type of technology used to make calls over the internet) has been a boon for scammers, allowing them to do their dirty work on the cheap and more easily hide from authorities.
- Number spoofing Software that displays false caller-ID information allowing scammers to trick you into thinking that their number belongs to a legitimate business.
- Renting local numbers Legitimate services that allow businesses to rent a number in a selected local area are also exploited by criminals. For example, someone could rent a phone line for the London area and then target individuals who live in London to increase the chance that people will engage.
- Robocalls In July 2019, UK Finance issued a warning about a surge in calls targeting bank customers, with pre-recorded messages asking them to validate or block a request to transfer money before inviting them to ‘press one to speak to a fraud adviser’ – who is actually the scammer. An Amazon Prime renewal scam was also doing the rounds.
- Wangiri A scammer calls your number but immediately hangs up in the hope that you will call back and connect to a number charged at a premium rate.
- Remote-access programs Tech support scammers and fake engineers pretending to be from firms such as Amazon, BT and TalkTalk trick victims into installing this software to gain control of their devices. More on this below.
Remote-access programs used for scams
Once they have you on the phone, scammers are after something – whether it’s personal data to hack your accounts or to convince you to send them money. And, again, cheap tech is enabling them to do that, increasingly through the use of remote-access programs.
This software allows someone to access your computer over the internet, and is used by legitimate businesses – including the Which? Tech Support team and many IT support firms.
But a criminal, perhaps posing as a BT engineer or a technical adviser from Microsoft, might also request that you download and install these programs, claiming that they will ‘fix’ a spurious problem or ‘check your system’ for non-existent viruses.
Misuse of remote-access products is immediate grounds for account termination.
Remote-access brands TeamViewer and LogMeIn told us they monitor accounts for unlawful use and work with authorities to report any abuse, but are unable to impose limitations such as blocking access to particular sites.
However, another brand we spoke to, Zoho Assist, told us that if it were to receive a request to block specific websites – including online banking sites – it would be technically possible to implement.
In this video, we hear how a fraudster tricked Claire (not her real name) into downloading a remote-access program called TeamViewer, which ultimately led to him stealing £80,000 from her bank accounts.
Crackdown on phone scams and fraud
The priority must be to prevent malicious calls from getting through in the first place.
In collaboration with banks, Ofcom is gathering phone numbers that calls will never originate from – a good example is the number on the back of a bank card. This means that if these numbers are used, they must have been spoofed and can be blocked at network level. The intention is to add telephone numbers from other sectors later on.
Long term, the regulator wants to establish a database that networks can use to check whether calls are coming from where they’re purporting to, under an initiative known as Secure Telephony Identity Revisited.
This won’t be in place until 2022 at the earliest, though, and may be unable to authenticate non-UK phone numbers. Identifying and stopping the culprits may continue to prove beyond the authorities, especially when callers are located overseas.
So are more radical measures long overdue?
While there are sensible reasons for a caller to modify the caller ID (for example, a caller who wants to leave an 0800 number for you to call back), the risks of abuse seem to far outweigh any benefits.
If scammers have unlimited phone numbers at their disposal, whether based on un-allocated area codes or mimicking existing personal and business numbers, then they will keep coming out on top.