Forum Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
RPendrigh
Beginner

on ‎12-12-2021 16h55

2,425 Views
Message 1 of 18

Phishing email received quotes part acc

Go to solution

Hello. If this is not the correct place for the enquiry please feel free to move it.

I received a legit looking email stating my direct debit is no longer active. It contains actual BT links but BT confirmed on call it was not sent by them.

Also checked BT account and bank account online and DD still active.

 

Issue is that mail correctly quotes last 4 digits of my BT account, which is concerning. Assuming this is all any scammer has but still an issue 

I have forwarded to phishing@bt com.

Has anyone else had this?

 

0 Ratings
17 REPLIES 17
Keith_Beddoe
Distinguished Sage
Distinguished Sage

‎12-12-2021 17h05 - edited ‎12-12-2021 17h06

2,418 Views
Message 2 of 18

Re: Phishing email received quotes part acc

Go to solution

@RPendrigh 

The spammer would have sent thousands of these emails, changing the last four digits each time, in the hope of catching someone out. There would only be a certain combination of those four digits.

Provided you did not click on any of the links, you should be fine.

0 Ratings
RPendrigh
Beginner

on ‎12-12-2021 17h30

2,392 Views
Message 4 of 18

Re: Phishing email received quotes part acc

Go to solution

Hello 

Thanks for the reply. Thinking about it you're probably right.

I had a similar attempt about 6 months ago but the account they quoted was completely wrong (they tried quoting the whole thing)

Still seems quite scary that the scammers randomly managed to get my email and part of the acc number right though. 

0 Ratings
Keith_Beddoe
Distinguished Sage
Distinguished Sage

‎12-12-2021 17h37 - edited ‎12-12-2021 17h39

2,388 Views
Message 5 of 18

Re: Phishing email received quotes part acc

Go to solution

@RPendrigh 

They could have "farmed" your email from anywhere you may have posted it, or one of your contacts has had their email account compromised and their contact list stolen.

Its easy to create scripts to send out thousands of emails from a open SMTP server.

0 Ratings
judex
Beginner

on ‎13-12-2021 11h21

2,343 Views
Message 6 of 18

Re: Phishing email received quotes part acc

Go to solution

Yes I've just had this too, today. How do spammers know my account number? I checked my DD and it's still working.

Jude

0 Ratings
Keith_Beddoe
Distinguished Sage
Distinguished Sage

‎13-12-2021 11h27 - edited ‎13-12-2021 11h29

2,339 Views
Message 7 of 18

Re: Phishing email received quotes part acc

Go to solution
@judex wrote:

Yes I've just had this too, today. How do spammers know my account number? I checked my DD and it's still working.

Jude

They do not need to know, all they do is to send out thousands of emails with different four digit numbers, and they are bound to catch someone out. And they would divulge their bank details.

 

0 Ratings
Adam_G
Aspiring Contributor

on ‎16-12-2021 13h10

2,312 Views
Message 8 of 18

Phishing Attempt - contained valid account data

Go to solution

I have raised this issue with the BT Data Protection team at the start of the week, but thus far they have failed to respond.

Over the weekend I got a Phish asking me to update my direct debit details for BT, there were some obvious issues highlighting it was a phish, including mentioning the wrong ISP in the text. However the concerning thing is they included the last four digits of an account number, normally you'd notice these don't match but in this case they were the last four digits of a BT account I had until 2019 and it was sent to the e-mail address registered for that account.

Anyone else had this?

BT/BT Mods can you check this is being investigated? Unless it was sheer fluke they guessed the number then there are only two places those numbers could have come from BT or my e-mail provider.

Concerning that there is a potential data leak here and yet no response from BT in four days.

Screen shot below - numbers removed from image.

BT_phish.jpg

0 Ratings
gg30340
Distinguished Sage
Distinguished Sage

on ‎16-12-2021 13h15

2,305 Views
Message 9 of 18

Re: Phishing Attempt - contained valid account data

Go to solution

Adam_G

I have moved you onto this thread to save having to repeat everything.

Adam_G
Aspiring Contributor

on ‎16-12-2021 14h10

2,279 Views
Message 10 of 18

Re: Phishing Attempt - contained valid account data

Go to solution

Thanks @gg30340 I'd not noticed this one.

So there are others who have had the same thing on the same day by the looks of it. 

Based on that I do not buy the phisher got lucky, so lets ignore getting a valid e-mail for a BT customer (mine is not a BT e-mail address) there is a 1 in 10,000 chance of getting one right, so getting multiple ones right in the same day is more than just chance/luck. 

So can we disregard the luck/chance and BT look into the fact that it looks like someone has got hold of this data from either their systems or an e-mail platform?