cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
1,165 Views
Message 51 of 57

Re: How to contact BT Fraud Team

Go to solution

When you get some answers do post here as I am sure a lot of us are interested in the answers. I didn't even know anyone could divert a call to their home on a landline to somewhere else until I read this. Presumably all those of us who work from home quite a bit since covid are also at risk that fraudsters could do the same con to get work calls diverted,

1,141 Views
Message 52 of 57

Re: How to contact BT Fraud Team

Go to solution

@Jane2018wrote:

When you get some answers do post here as I am sure a lot of us are interested in the answers.


I will do if I eventually get an explanation from BT.

0 Ratings
Reply
1,106 Views
Message 53 of 57

Re: How to contact BT Fraud Team

Go to solution

So, according to call from BT mod this morning, all the hacker needed was the Account Number to be able to report the fault online, and divert calls to their mobile. Shocking!

Since the hacker obviously still knows the account number, presumably they can repeat this hack whenever they want, so I’m now always at risk of this happening again. Not happy.

0 Ratings
Reply
1,077 Views
Message 54 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

Reading back through my transcript of the phone call from BT, their explanation is that:

  • Firstly, the hacker had the account number based on a previous hack on February 2022. I was never informed about this previous hack!!

  • Then when the hacker phoned BT on 10th January, because the hacker already had the account number, when the call was listened back, the advisor actually did go by the correct procedure.

  • And that was how he was able to get in and change the BT ID.

  • Asked for further clarification, it was explained to me that if they have the account number, they can get into your BT ID, and make changes in there.

I find this absolutely shocking. That BT just take the account number as adequate authentication of the person that then allows the hacker to divert all your phone calls.  SHOCKING!!

So, I'm now in the process of writing a formal complaint to BT (on paper!!).

0 Ratings
Reply
1,064 Views
Message 55 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

I'm wondering if what was described to me as the February 2022 hack, where my account number was hacked, actually refers to the 2021/2022 ongoing Lapsus$ threat group attacks, which was reported at the time as being targeted at BT?

0 Ratings
Reply
1,025 Views
Message 56 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

BT should change their authentication requirements to divert calls. If all that is needed is the one thing - account number - to divert all phone calls that is pretty poor security. Hackers could report faults and put up a divert. At the very least BT should allow all customers to log on and in an instant click a box to indicate they would not consent to call diversion under any circumstances.

941 Views
Message 57 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

So following a couple of further phone calls up to Executive Complaints level, it's been confirmed that simple knowledge of just the BT Account Number and Address is enough to get BT to divert your landline phone calls. I'm going to deadlock letter, and will then complaint to the Ombudsman Services - Communications

I remain SHOCKED at how little validation BT carry out to divert all landline calls.