A New Variation on an Old Scam

[Chris CrewParticipant @chriscrew66644]

The majority of us must have had by now the, “Amazon Prime has just charged £*** to your credit card, press 1 if this is not you” (or words to that effect) scam by now.

I have just had a variation on that scam, as usual a recorded message received via the land-line, but this time it was, “Thankyou for booking tickets with EMR from St. Pancras to Edinburgh, £*** has been charged to your credit card…blah…blah etc.”.

Now as we all know here that EMR doesn’t even run from St. Pancras to Edinburgh and the new wording of an old scam is risible but I wonder how many people actually do still fall for this garbage?

Actually, it has just occurred to me that I renewed my Senior Railcard online earlier today, so I am now wondering if this is just a coincidence or if the Railcard site has been hacked?

[Chris Crew]

On 2 August 2024 at 12:54 Chris Crew Said:

 

… I wonder how many people actually do still fall for this garbage?

Actually, it has just occurred to me that I renewed my Senior Railcard online earlier today, so I am now wondering if this is just a coincidence or if the Railcard site has been hacked?

Coincidence, but it’s one of the ways these scams work.   If it had immediately struck you that your railcard had just been renewed, you might have jumped to the wrong conclusion.  Easy not to fall for garbage that doesn’t fit reality, but people tend to knee-jerk when the information seems to make sense.

If it seems real check your bank-account for untoward transactions, and report to the bank if anything is amiss.  Don’t engage with the caller.

Dave

[JAParticipant @ja]

Easily ignored, I use two different banks.

However I get one every two or so days on my landline. I have twice done a trace back of the calling number only to find it is a very local number.

JA

[bernard towersParticipant @bernardtowers37738]

No its routed thru a local number, you are right to trust no one

[Chris CrewParticipant @chriscrew66644]

I have no idea how calls are routed these days but suspect the landline number is now just a field in a packet of data. I spent all my working life in the telecoms industry (never with BT) on everything from installing and commissioning Strowger exchanges through to running jumpers in green roadside cabinets but now just what’s in the buildings they still call exchanges is anyone’s guess. There might be an increasingly irrelevant copper MDF, a remnant of System X left and a few MSANs serving obsolescent FTTC lines but beyond that, who knows? Once upon a time telephone numbers related to the local exchange the lines were connected to, the local exchange was connected to a Group Switching Centre which defined the geographical area which in turn was connected to a Main Switching Centre that handled the switching between areas (and yes, I know it was a bit different in the Director areas). But now the ‘call’, especially for those whose lines have been converted to fibre, could go anywhere before it reaches the desired destination. I doubt that I would understand the new network serving what is left of landlines anymore than I would understand the mobile phone network even if somebody explained it to me in words of one syllable. BTW, I only ever went up a pole once at the age of 63 and that was enough for me!

[Martin ConnellyParticipant @martinconnelly55370]

I do not answer calls from unknown numbers and let them go to answerphone. These calls regarding unauthorised use or unusual transactions usually start before the recorded message ends so you know it is just a bot doing the calling. Secondly no bank is going to give out information like that without being sure that they have the correct customer on the phone first and they would also confirm the account it was for because you may have multiple accounts across multiple banks. And finally my bank has been told that my preferred method of contact is email first, followed by messaging.

Martin C

[Chris Crew]

On Chris Crew Said:

I have no idea how calls are routed these days but suspect the landline number is now just a field in a packet of data. …

Correct.

I’m fairly sure all the old exchanges worked by telephone numbers have gone, and the whole system apart from the copper connection to the customer is now digital.

Exchanges are effectively giant internet hubs, predominantly handling streaming traffic like video, with telephony very much a sideline. Everything is sent and received in packets with network addresses.  Telephone numbers are just data that can be modified if you have the right equipment – not difficult!

I’ve received an initial warning email from BT saying they’re going to replace my analogue phone with digital, no date yet.    It will move the analogue to digital conversion from the exchange to my phone. I’m hoping that they might replace the existing copper phone line with fibre, doubt it.  For cheapness, the new phone will probably use copper to the Green Box at the end of the road.  Two of those: the new one is fibre to the exchange, but the old one I believe is still copper.  No doubt It’s days are numbered, but changing it costs time and money!

Dave

 

 

 

[Chris CrewParticipant @chriscrew66644]

“I’ve received an initial warning email from BT saying they’re going to replace my analogue phone with digital, no date yet.    It will move the analogue to digital conversion from the exchange to my phone. I’m hoping that they might replace the existing copper phone line with fibre, doubt it.”

I think you will find that you will indeed have a fibre installed into your domestic premises. This is termed FTTP (fibre to the premises) as opposed to FTTC (fibre to the cabinet) which is what you are suspecting is going to happen. It sounds like you only have an ADSL (asynchronous digital subscriber line) line and router at the moment where the line is copper all the way back to the exchange and is jumpered across the MDF (main distribution frame) via an MSAN (media service access node) before it arrives at the narrow-band digital switching equipment which is more than likely to be legacy System X or Ericsson equipment. It is the MSAN that filters off he digital signal and is connected into the fibre/internet network. The line speed is very much dependent on the distance you are from the exchange in the case of an ADSL line and from the green FTTC roadside cabinet in the case of VDSL (very high speed digital subscriber line).

You will be supplied with a new fibre router and your present copper domestic network will, at that point, become redundant but all is not lost! You can either plug a new VOIP (voice over internet protocol) phone directly into the new router using an ethernet lead, or, via an RJ11 to BT connector adapter, plug your present analogue phone into the router’s analogue socket instead. However, if you have a domestic copper network which emanates from the BT master socket and runs to various sockets around your house, all you have to do is disconnect the old incoming copper wires from the back of it (usually terminals 2 & 5) and connect the two inner conductors of the RJ11 adapter lead to where the old wires once terminated. (cut the BT socket off the RJ11 adapter lead to expose the conductors). Your old copper network will then function exactly as it did before assuming you have opted to retain your landline number. Clearly, if you are  going to relinquish your land-line number your new router will just supply Wi-Fi to all your present devices or will provide an ethernet connection if you don’t.

If you are proposing to change provider when your new fibre line has been installed and you wish to retain your landline number, this will have to be ‘ported’ over to your new provider just as you have to do if you change your mobile phone service provider. There will probably be a small charge for this operation but you will then get free, or very much cheaper, calls to all national and international numbers depending on your calling plan.

You probably know all, or most, of this already but it may help others who may not be so well informed. Anyway, that’s how I understand it all to be as I took the opportunity to leave BT and its horrendous prices when a fibre line was installed into our home by an independent fibre broadband provider. The fibre uses existing BT infrastructure in the village and comes from the pole in parallel with the old copper pair which BT have not yet removed. I believe other fibre providers are installing their own infrastructure in certain areas which is not without controversy.

[Chris Crew]

On Chris Crew Said:

…
You probably know all, or most, of this already…

Not so, the update is most welcome, thanks.

Despite my IT career exposing me to packet-switching and digital long before the internet, and being able to keep reasonably abreast of futures until I retired, I’m quickly becoming out-of-date.   Lost all my mates who worked for the GPO/BT on POTS (Plain Ordinary Telephone System) and System X etc. and can’t ask my employers network experts either.  A nephew administers 4G and 5G networks, but his understanding of the technology is at Black Box level.  (An interesting contrast with POTS where his job was done by thousands of well-trained technicians working closely with the hardware.  Now the hardware is so reliable within a resilient design, that nephew doesn’t need to know how it works, only what it does. At the press of a button he reroutes millions of connections, so that some part of the underlying infrastructure can be updated,  all the work being done by small team.  All my ex-GPO mates were made redundant.)

The rate of change in Mechanical Engineering is incredibly slow, with a 1948 Myford still going strong 70 years later.  Don’t be fooled, that’s not typical of other engineering disciplines.   Digital technology switches to a new generation every 5 years or so.  Blink and you miss it!  The world isn’t slow moving or simple.

Dave

[Chris CrewParticipant @chriscrew66644]

I forgot to mention that if you have an old BT analogue phone that requires the capacitor contained in the BT master socket to filter off the AC ringing current you would have to connect the RJ11 adapter to a master socket anyway in order to get your old phone to ring. It would still work for outgoing calls and incoming calls would still arrive but you would not be alerted to the call. I think that more modern phones, and those that have a base station and multiple handsets, have the ringing filter built in so don’t require connection via master socket. Also, be aware that if you happen to have an ancient Loop Disconnect analogue phone which is a phone with a rotary dial to enter the numbers this will not work on the new system under any circumstances. Even some early push-button phones were LD only but the slightly later ones were dual standard and could be switched over to MF (multi-frequency) dialling. I can’t think that they are many rotary dial phones left out there but some people might have kept them as a bygone novelty and BT System X was designed to accept LD dialling but not for much longer, sadly.

[SillyOldDuffer]

On SillyOldDuffer Said

The rate of change in Mechanical Engineering is incredibly slow, with a 1948 Myford still going strong 70 years later.  Don’t be fooled, that’s not typical of other engineering disciplines.   Digital technology switches to a new generation every 5 years or so.  Blink and you miss it!  The world isn’t slow moving or simple.

Dave

Your 1948 Myford is not typical of Mechanical Engineering, only of model engineers who won’t buy Chinese equipment (like me). Machine shops completely changed during my working life from single machine tools to CNC work centres. The skill set of the workforce also changed from a semi-skill man who operated a capstan lathe ……… When I retired we were starting to use 3D printers to make parts from Inconel.

I am not sure what this has to do with scams.

JA

[JA]

On JA Said:

On SillyOldDuffer Said

The rate of change in Mechanical Engineering is incredibly slow, with a 1948 Myford still going strong 70 years later.  Don’t be fooled, that’s not typical of other engineering disciplines.   Digital technology switches to a new generation every 5 years or so.  Blink and you miss it!  The world isn’t slow moving or simple.

Dave

Your 1948 Myford is not typical of Mechanical Engineering, only of model engineers who won’t buy Chinese equipment (like me). Machine shops completely changed during my working life from single machine tools to CNC work centres. The skill set of the workforce also changed from a semi-skill man who operated a capstan lathe ……… When I retired we were starting to use 3D printers to make parts from Inconel.

I am not sure what this has to do with scams.

JA

Given lots of money and a set of drawings Myford could have built the mechanical part of a reasonable multi-axis CNC machine in 1948.  Unfortunately, they had no chance with the electronic and digital technology needed, at that time science fiction, beyond the technology of the day.

Electronic and Software Engineers gave us CNC, not Mechanical Engineers.

Good point about scams, the link is tenuous!

Dave

 

[Nicholas FarrParticipant @nicholasfarr14254]

I had one the other day, the ladies voice started on about my Sky account, which was out of luck straight away, as I don’t have an account or anything to do with Sky.

Regards Nick.

[dc1Participant @dc1]

I had £115 taken via Zettle (PayPal card reader) during the week. Paid to Bella of London. A ladies wear company. I don’t need ladies clothes and my wife is long gone.

After asking for a replacement card(going to take a week) i had to ring up and dispute the cancellation.

They said it was paid by Googke pay on my new phone numbar, an android phone. I did not even know google pay was active.

 

I checked an it was not. Nobody has this number as it is for me to phone out if my iphone does not work for any reason. I checked and google pay was not active and there was no transactions taken.

I think this is the same as the poster above said, people accessing data from suppliers that have had their data sold on.

[Nigel Graham 2Participant @nigelgraham2]

I tried a few weeks ago to buy two text-books from, or more accurately perhaps via, Amazon.

The web-site let me go through all the rigmarole and only then started waffling about an existing account on my e-post address.

Since I have never previously used Amazon, that cannot be correct.

My bank found no untoward transactions, but I also discovered it is impossible to contact Amazon unless you have a so-called “account” with it – which I cannot have because it thinks I already have one.

Eventually I wrote to its UK head-office, using the address given by Companies House, almost exactly a month ago, explaining the situation and asking it to investigate and remove this spurious account. I also explained writing is the only way I can contact it, because all other approaches are blocked.

‘

To date I have had not even an acknowledgement.

No wonder it is so easy for criminals to move in on the customers of these huge US corporations when the companies cannot be bothered to deal with queries, complaints or what looks like suspicious activity.

I have of course no intention of using the firm again. I cannot trust it.

[duncan webster 1Participant @duncanwebster1]

Getting back closer to the start of this, I don’t believe the tech companies can’t do anything to stop the spoofing of phone numbers, there just isn’t any profit in it for them. It’s not them who are getting scammed, so they don’t care.

[Nigel Graham 2]

On Nigel Graham 2 Said:

I also discovered it is impossible to contact Amazon unless you have a so-called “account” with it – which I cannot have because it thinks I already have one.

I would have thought you could talk to Amazon more directly using the online chat and explain the problem. I’ve found them quite helpful on this side of the pond and they quickly pass you off to a supervisor for difficult/unusual issues. I would think all that’s required here is for Amazon to send you an email to confirm you are the owner of that address and then delete that account.

I doubt you’d have much luck using snail mail with any large corporation these days.

[Nigel Graham 2Participant @nigelgraham2]

No: Amazon gives no telephone number, e-mail address or postal address unless you “log in” with your password. If you don’t have this, tough.

I did find a possible number from elsewhere but it returned “Number unobtainable”.

I don’t think “snail mail” is the problem, but my letter quoted my ‘phone number and e-post address anyway.

The problem is that large companies, and even some small ones, will not return any contact unless made in particular ways for particular reasons in their rather than your favour, such as a purchase order. Even problems or technical queries can be deflected by the “FAQ” ruse.

Otherwise they just ignore you. I have been trying to obtain quotes for roof repairs to my home. The builders place glossy ads with phone numbers and/or e-mail address in local publications, but never reply.

..

What worries me is that the Amazon so-called “account” in my name has been placed falsely although I cannot think how a fraud attempt might work like that.

[Anonymous]

The only things I can think of Nigel is to:

– logon using that email address and use “forgot password” to change the existing password and then delete the account (or retain it).

– logon and repeatedly enter an incorrect password which should ultimately attract someone’s attention (if you use a password like AMAZON-TALK-TO-ME it might get some attention).

[Nigel Graham 2Participant @nigelgraham2]

Peter –

That failed, I am afraid. The temporary pass-word it sent expired so rapidly I could not use it!

Repeating a wrong password too often might result only in my being blocked, or even possibly reported as an attacker.

 

Am I, or Amazon, or both, the victims of some sort of fraud attempt here?

Since I had never previously used Amazon it could not have had a so-called “account” on my address.

 

[Nigel Graham 2]

On Nigel Graham 2 Said:

Peter –

That failed, I am afraid. The temporary pass-word it sent expired so rapidly I could not use it!

Repeating a wrong password too often might result only in my being blocked, or even possibly reported as an attacker.

 

Am I, or Amazon, or both, the victims of some sort of fraud attempt here?

Since I had never previously used Amazon it could not have had a so-called “account” on my address.

 

Then send another request to reset the password, this time look out for it and put in your new password, they don’t expire that quickly.

The reset reply should take no more than a few seconds, you usually don’t get a temp password but a link to put in your new password.

Youy can do as many password resets as you like.

Don’t make this any harder than it is.

something isn’t sounding right here???

[Nigel Graham 2Participant @nigelgraham2]

I could make it even easier by just giving up and vowing never to try to use these wretched Silicon Valley wonder-boys again…. but of course I can’t use them anyway as things stand!

Ironically I don’t recall ever having a false “Amazon” fraud attempt. Virtually all the criminal calls and e-messages have been pretending to be from either a bank I don’t use anyway, or Microsoft / “The Windows Corporation”.

‘

As the other day. The conversation went something like this (shortened):

YL, with busy call-centre aural background: “This is Microsoft. Your computer has been compromised.”

Me: “Which one?”

YL, thrown slightly: “How many do you have?”

Me: “Three”. Of the three one is purely a spare with (I think) an expired BIOS battery.

YL: “The one on the Internet.”

Me: “Two of them are, the other isn’t”.  Not true. Only one is.

YL quietly ended the call.

[Nicholas FarrParticipant @nicholasfarr14254]

Hi Nigel Graham 2, just create a new account using a different email address, there are free email addresses about if you don’t have another one to use, once you’ve created a new Amazon account, you should be able to contact their services to deal with the problem you have, alternatively just use your new account exclusively for Amazon. If you don’t know where they would send you a code to reset a password, it’s a waste of time using the forgot password tab, and trying to send a message via the forgot password tab, is not going to work, and it will get you nowhere, as there won’t be anyone there to read it.

Regards Nick.

[Howi]

On Howi Said:

On Nigel Graham 2 Said:

Peter –

That failed, I am afraid. The temporary pass-word it sent expired so rapidly I could not use it!

Repeating a wrong password too often might result only in my being blocked, or even possibly reported as an attacker.

 

Am I, or Amazon, or both, the victims of some sort of fraud attempt here?

Since I had never previously used Amazon it could not have had a so-called “account” on my address.

 

Then send another request to reset the password, this time look out for it and put in your new password, they don’t expire that quickly.

The reset reply should take no more than a few seconds, you usually don’t get a temp password but a link to put in your new password.

Youy can do as many password resets as you like.

Don’t make this any harder than it is.

something isn’t sounding right here???

I agree with Howi.    If an amazon account has been set up with Nigel’s email address, then Nigel can reset the password.  It’s important he does this because it will lock out the bad guy, if there is one, and allow Nigel to check the account details.  If someone else’s address and other details are on the account, then Nigel can report it using Amazon’s system.

For obvious security reasons, new passwords expire if the requester doesn’t apply them quickly.   Don’t ask for a new password and wander off!  Wait for it to arrive and follow the instructions immediately.

A likely explanation for this misadventure is that Nigel set up an Amazon account in the past, and forgot.  I’ve done the same myself!

Howi says ‘Don’t make this any harder than it is.’  I agree – when in Rome, do as the Romans do.  Try not to second-guess the system, because it causes faulty decision making.   For example the notion ‘Repeating a wrong password too often might result only in my being blocked, or even possibly reported as an attacker.‘  is wrong in this case:

• Nigel already is blocked in the sense that he can’t log in.   He has nothing to lose.
• Given that Nigel is suspicious of the account, and so far has failed to alert Amazon, it is to his advantage to be reported as an attacker, as a way of waking up the Amazon security team.

Nigel’s desire to jump Amazon’s system by writing to HQ rather than doing what’s asked could cause another problem.   His letter is wending it’s way through Amazon’s bureaucracy, and may eventually reach someone who kills the account.  If in the meantime Nigel activates the account following Howi’s advice, he will be hoist with his own petard!

Nick’s advice has legs too, but I’d keep it in reserve.  Having more than one account is liable to cause other confusions.

Dave

 

[SillyOldDuffer]

On SillyOldDuffer Said:

On Howi Said:

Then send another request to reset the password, this time look out for it and put in your new password, they don’t expire that quickly.

The reset reply should take no more than a few seconds, you usually don’t get a temp password but a link to put in your new password. […]

I agree with Howi.    If an amazon account has been set up with Nigel’s email address, then Nigel can reset the password.  It’s important he does this because it will lock out the bad guy, if there is one, and allow Nigel to check the account details.  If someone else’s address and other details are on the account, then Nigel can report it using Amazon’s system.

[…]

+1 for that ^^^

It is the easiest, and perhaps only, route for Nigel to repossess his eMail address

MichaelG.

[Author]

Posts