I received two text messages on my mobile, both timed at 17:40, supposedly from BT giving the same, unrequested, 4 digit PIN code and stating it was good for one use only.
At 17:41 I received an email on my home PC, also from BT, identifying my account correctly, giving a different 4 digit PIN code.
I have confirmed with BT Tech Support that there is no activity, orders or other requests associated with the account.
Presumably it's a scam of some sort, but how does it work?
Solved! Go to Solution.
It's a scam.
The scammer tries to access your account and state that they have forgotten password and go through this process. This causes a PIN to be sent to your mobile or email address.
Normally the scammers calls you shortly before they initiate the "forgotten password". When they call they state they are from BT and that there is a problem with your account. To confirm that they are BT they tell you they will send a PIN to your mobile.
Lo and behold a PIN arrives on your mobile while the scammer is still on the phone. (They have initiated the forgotten password) He/she asks you to confirm the PIN. If you believe you are speaking to BT you happily give them the PIN.
They now have the keys to the kingdom. They can enter your account and change the password which locks you out while they search through your account and email accounts via your MyBT to establish what other accounts you may use the same user name to access.
They can then access other accounts such as banks that you may have because they can change the passwords with any notification of a change being emailed to your email account which they now control.
BT will NEVER cold call you regarding a problem with your account.
Thanks. I'd figured it was a scam, just wasn't sure how it worked.
Gets me how these people get hold of the User Names.
You have probably used your user name on lots of web sites and it may have been harvested from there.
Use this checker to see if your username/email address has been the subject of a data breach at any time.