cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
1,937 Views
Message 1 of 57

How to prevent malicious fault report and call divert

Go to solution

I'm looking for advise on how I can prevent someone maliciously reporting a fault on my landline and then having a divert setup to their mobile phone.

I ask because that's what happened to me last Wednesday (10th Jan).  Someone reported my landline as faulty and got BT to setup call divert to their mobile phone. They then used this to attempt to gain access to my Halifax online service, but fortunately Halifax spotted the suspicious activity and prevented it.

Log of events:

Date Time   Action
10/01/2024 16:34   Reported Fault : Problem : Landline - Cant make or receive calls : Reference number : VOL053-************
10/01/2024     Other products affected
Date 16:42   Text from BT about repair appointment on 19th January
10/01/2024 16:45   Text from Openreach about repair appointment on 19th January
10/01/2024 16:50   You've set up call divert : You've diverted your incoming calls to : 07********
10/01/2024 18:45   Text from Openreach about repair appointment
10/01/2024 19:08 00:00:32 Outgoing call to 07*******
10/01/2024 19:09 00:00:49 Outgoing call to 07*******
10/01/2024 19:09   Alert Text from Halifax
10/01/2024 19:10   Alert Text from Halifax
10/01/2024     Appointment Cancelled
10/01/2024     Fault fixed
10/01/2024 19:40   Call divert changed : You've stopped diverting your incoming calls to : 07********

 

So, my main question is how can I prevent this happening again?

But other questions remain:

  1. Why did BT allow this to happen? What checks do they carry out to ensure that a stranger isn't reporting a fault and diverting the calls?

  2. Will I have been charged for the call divert service, as it's not something that I currently include in my package.

  3. How was the hacker able to make two OUTGOING calls from my landline, I thought call divert only affected incoming calls?

  4. Who at BT do I write to about this? Halifax have advised me to put this in writing in an email it to BT, but I can't find an appropriate email address.

I have to say that I was shocked at how easy it is for someone to take-over my landline.

 

bt fault.jpg

 

0 Ratings
Reply
56 REPLIES 56
1,913 Views
Message 2 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

Hi @tarbat Thanks for posting and welcome to the community, I'm sorry this has happened and I'm glad your bank noticed the suspicious activity. I've removed the fault reference number and mobile from your post as it's not advisable to publically post this on the community, especially in light of what has recently happened.

 

When a divert is set up as part of a fault report high validation checks should be completed by the advisor who is handling the call. This is done via security validation questions or by sending a PIN to a contact number or email address that's already on your account. We can also password-protect an account, I would recommend that this is set up to add another layer of security to your BT account if it has not already been done. 

Call divert is free when a fault is reported but you may still have to pay for the diverted part of the call, is that related to the question about the outgoing calls as it's not possible to make a call from someone else's landline?

 

I would like to take a closer look at this for you and will send you a private message in a moment so you can contact the community moderation team with your details.

 

Thanks

Neil

1,908 Views
Message 3 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

Thanks for the quick response. I'll await the message.

Yes, this hacker was able to make TWO outgoing calls from my landline, or at least that's what appears on my usage page. These were definitely NOT made from my house, as we were in at the time and made no such calls. My Call Recording device confirms this.

 

1.jpg

0 Ratings
Reply
1,899 Views
Message 4 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

The 2 outgoing caalls you mention are to mobiles so i suspect they were calls being received then diverted to that mobile

1,887 Views
Message 5 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

@garybs29wrote:

The 2 outgoing caalls you mention are to mobiles so i suspect they were calls being received then diverted to that mobile


Thankyou, that makes sense. I'd been worrying about how someone could make outgoing calls. Presumably the Caller-ID would have appeared as my landline number at the receiving phone?  How can I find out who these two calls were from, just in case the callers have inadvertently talked to the hacker?

0 Ratings
Reply
1,877 Views
Message 6 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

Hello,

I'm just curious. In order to gain access to a bank account, you will need a lot more information than just the 'one time code' sent over mobile or landline, such as account number, sort code, name, that kind of thing.

So we can only assume that the 'hacker' had the account holder name, account number, sort code and home phone number? This doesn't sound like a random chancer. It sounds more like someone who has access to these details already, but just doesn't have access to the house to grab that phone call.

One would also assume that BT would run checks on the line supposedly faulty and found it not faulty before randomly diverting calls to random people's mobile numbers? If BT were to actually find the line faulty when it shouldn't have been, then someone needs access to the property to 'make it faulty' by loosening some wires.

It may be a bit Columbo, or Miss Marple, but… this sounds suspiciously like someone very familiar with the household who is desperately trying to get around the bank security some way to nab some cash that isn't theirs.

Pure speculation.

But… none of this sounds like the usual 'hoax' call trying to get information out of an unsuspecting householder. It sounds a lot more personal and targeted.

0 Ratings
Reply
1,876 Views
Message 7 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

Thinking aloud, when this hacker reported a fault and diverted all my calls, why wouldn't BT have:

  1. Called my landline to see if it was working?
    If they'd done that, I would have picked up the phone and talked to them, as the landline was working.
  2. Called my registered mobile number to verify?
  3. Texted to my registered mobile number to verify?
  4. Emailed to my registered email address to verify?
  5.  Etc.......................

I wonder what the Openreach engineer is going to make of this when he arrives on Friday to fix the reported fault?

0 Ratings
Reply
1,874 Views
Message 8 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

@wkirkmanwrote:

Hello,

I'm just curious. In order to gain access to a bank account, you will need a lot more information than just the 'one time code' sent over mobile or landline, such as account number, sort code, name, that kind of thing.


They didn't gain access. They attempted to register a new device on the bank's app, so that they could reset authentication data (name, password, memorable info, etc), and the bank stopped that because when they made a callback to my registered landline phone number,  it looked suspicious. The bank has confirmed that all the person knew was my USER-ID, which is easy to guess from my email address. So presumably I'm on a hacked list with my name and email address listed.

No actual fraud happened, but I had to go through lengthy phone calls with Halifax to get this sorted out, including new bank cards, etc.

None of that excuses BT allowing someone to set up an unauthorised call divert on my landline.

0 Ratings
Reply
1,872 Views
Message 9 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

@wkirkmanwrote:

One would also assume that BT would run checks on the line supposedly faulty and found it not faulty before randomly diverting calls to random people's mobile numbers? If BT were to actually find the line faulty when it shouldn't have been, then someone needs access to the property to 'make it faulty' by loosening some wires.


There was no fault on the line. I'm still puzzled as to why BT didn't verify this first. How would the hacker gain access to the wires, other than at the exchange. Our line is underground all the way to the back of our house, and I'd have seen someone tampering with wires there!

0 Ratings
Reply
1,761 Views
Message 10 of 57

Re: How to prevent malicious fault report and call divert

Go to solution

Not sure if MODS have seen my reply to their message, but the phone number you tried contacting me on is the HACKER’S phone number, not the contact number I provided. I do hope you haven’t actually spoken to the hacker instead of me 😞

0 Ratings
Reply