wnd's weblog

July 2017
Mo Tu We Th Fr Sa Su
26 27 28 29 30 1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31 1 2 3 4 5 6

International phone call scams are very much real

31 July 2017 14:27:04 misc

tl;dr: I lost my "yes scam" virginity.

In 19 July 2017 I received an unexpected phone call. By means unknown to me, my phone displayed not only the number (+442079460873) but also word "London". Because of reasons, I typically answer these calls. I did answer the call.

I was greeted by a woman who spoke reasonably good English, but her pronunciation wasn't exactly the best I've heard. I could not identify the dialect, but my suspicions pointed towards east. The caller first wanted to confirm she was speaking with a person with my name, yes? "That would be me." The call centre noise in the background was rather annoying. She then continued to introduce herself as a researcher at CTAM in London. It took a couple of pardon-mes and sorries to actually make the abbreviation out. The company was supposedly doing an economy research on European households. "Could you answer some questions, please?"

I can't remember the details on how the call then proceeded, but the questions where mostly meaningless, and the data should've been readily available in most EU countries. "Do you own an apartment, yes or no?" "Do you have a mortgage, yes or no?" Some of the questions were utterly irrelevant. "Is this your personal phone, yes or no?". As is typical for me, I answered nearly all questions with proper sentences such as "I do" or "I have", or "it is". Repeating the yes-or-no part started to sound a little fishy at some point. I am certain I slipped some direct "yesses" a few times.

Not all the questions were like that, though. She was also interested in my income bracket, my profession, and my thoughts on how the recent efects in Europe have affected my financial security. For whatever reason, she wasn't happy with "software engineer", so she had to settle with "a programmer". Obviously she'd also like to have my email. I provided her with a GMail address that I only use for irrelevant stuff.

After seven minutes of her time and my holiday being closer to its end, she thanked and ended the call. I did a quick internet search with the phone number and ended up reading an article by national news agency about strange international phone calls. The recommended action was obviously not to answer the calls. The article did not speculate what the attack vector for the calls was. Reading about the fishing for yesses, I grew a little nervous. The few yes answers I'd given worried me, but eventually managed to put the thought aside. Should it become necessary, I'd have a recording of the call. Except I didn't. The latest software update to my phone meant the recording application was no longer functioning. Oh dear.

On 27th my phone beeped again. A call from a secret number. I left my workstation and went to one of our meeting rooms, and answered the call. By now I'd replaced the recording application. At the other end of the line there was a voice of a man. A voice that spoke good (British, or close enough) English. Good English by my standards, at least. I've tried my best to preserve the original mistakes in both of our language. Like with the previous caller, I could hear a call centre in the background. However, the background noise was much less of an annoyance.

Caller: Hi there I'm looking for Tommi [unintelligible] - sorry - [yet another attempt].

Me, thinking: Sigh, here we go again.

Me That would be me.

Caller: Aha, excuse my pronounciation there, Tommi.

Caller: It's Mike Rose here, I'm one of the senior account executives over Tokai National Partners in Toronto. I understand you was contacted a week or so ago by one of our research partners who called you on behalf of CTAM, yes?

Me: I believe so.

Caller: Sorry, sorry could you please repeat that there, Tommi?

Me: I believe so.

Caller: Ok, I'm, I think, uh, the reason I'm calling you back today is just to introduce myself and my company and I'd just like to tender out some information just so you can verify who we are and what we do there, okay Tommi?

Me: I honestly didn't get that.

Me: Uh, sorry?

Caller: Yes, well, as I say, I'm one senior account executives here at TNP, and what we do here is we isolate companies who are trading on overseas markets. These have been overlooked [unintelligible, the values] and they are very rarely offered to European professionals such as yourself.

Me: "Professionals such as yourself". Aww, that is so sweet of you.

Caller: Tommi I have here you're programmer, yes?

Me: I think that's what I said the last time, but I --

Caller: Ok --

Me: -- at this point I just have to say that from what I remember from the last call I find these calls more or less very suspicious and I'd rather not continue the call.

Caller: Oh! Ok, suspicious you say there, Tommi. Why, Christ's sake. My company is Tokai National Partners, we are very well in the Bloomberg [unintelligible] Finance [unintelligible] -- do you have a computer in front of you there Tommi?

Me: I honestly am not. Besides what different would have it made? If I'd opened Google's company page would it have meant that you were a Google employee and worth my trust? Sigh.

Me: Not at the moment.

Caller: No? Aha. This is Tommi, I'm trying to give you some information to help out, for Christ's sake, this is a no-obligation call.

Caller: You did spoke to one of our research partners. Now, every couple of years we have a team of outside experts that go through our books and they conduct a complete assesment about our entire client base here, not just to isolate out clients who're receiving best returns, but also the clients who're the happiest with our style and approach and, that conduct business and... all we do then, we give those demographics to various research companies... who... and we say to them "go out and find owners, directors, managers, programmers, any professionals, who match these criterions."

Caller: Looking into your details here I can see you was recently contacted by one of our researcher partners in London. They called you on behalf of CTAM, and you completed a survey with him, yes?

Me: The caller was a she, but I suppose their register doesn't go that far.

Me: As I mentioned before. And yes, I am intentional avoiding saying certain words because I find this very suspicious.

Me: I've already given you my email address. If you wish to continue any further than that, please provide me the details over email and that's about it.

Caller: Of course, so, I mean I can provide the... I mean, I don't want no details from you other than an email address. I'm the one that wants to fend you details there, Tommi. So, I don't understand where this suspicion is aroused by. All I'm doing here is to start a chain of communications, and give you some information about my company, and also give you one of our latest recommendations. Like I said, there is no obligation whatsoever.

Caller: It's my job here is to give you 15 % off the work, ok? And then, 85 % of the work is on you. So, I wanna provide you with the information, our recommendation, to you to go away [edit: that can't be right], have a look, and to see if you want to come aboard [unintelligible, us?]. That's what we do here, that's my job here, as a senior account executive.

Caller: Now, Tommi, if you wish to see, some detail documentation on an investments opportunity, why Christ's sake, not just because myself, or someone like my company was to call you up and tell you so. But because you did your own research, your own [unintelligible, toutilions?], and you was confident in your own mind that you would profit from that situation. I take it then you would be open-minded into just taking the [unintelligible], look at it, yes?

Edit: Ogg recording, MP3 recording.

Me: Well, again, I find this suspicious and unless I receive some details over the email address I've already provided, I am going to finish this call right now.

Caller: Ok, you say you find this suspicious, Tommi. I'm just a bit baffled here. What suspicions are arising your concerns, what's you concern about at the moment?

Me: One word: scamming. And that's about it. --

Caller: (different voice in the background) hey!

Me: -- I am now closing --

Caller: (the same different voice in the background) hey!

Me: -- this call. Good bye and have a nice day.

Surprisingly enough, I haven't heard back from them. Anyway, I'm impressed by the operation they're running. Having a first-tier person to call me with basic stuff, and a "senior" person to make the follow-up call was impressive. What was even more impressive, was the latter's language. For all I know, he could've been native speaker. Also, I liked his accent.

While I was transcripting the call (and could finally, on most parts, make out what he said), I made some observations.

Part of me wishes I would've gone with the call, discovered how the scam works. I was a chicken right from the start. I'm new to scams over phone, and I know I easily miss things in phone calls, even in my native language. Actually, this also applies to face-to-face conversations with people I am not familiar with. That is why I prefer written communications with strangers. Even though I tried to keep it short, the guy still managed to take five minutes of my time. Hopefully that was all he managed to do...

I must admit that I feel much more at ease after this second call. Still, I hope this was the last one of its kind.


Post comment


Add 9 and 6 (required!):



1 August 2017 08:24:44: spav

Wow, just...wow. Well, at least you have now enough experience to deal with this type of things.

The side of things that is still unclear to me is: where do this type of companies obtain personal phone numbers and names?. Could it be "whois" data? Could it be data traded with 3rd party companies (telecomm, energy suppliers, etc)? If so, how to obtain a list of such companies that trade with your data?

Thanks for sharing, it is quite eye opening, I thought this type of scam was more email-directed, but I see now that it has taken a leap towards more personal -should I say "invasive"?- type of contact as direct phone calls.

1 August 2017 09:35:44: wnd

Data can be gathered from details readily available on the internet (such as whois database and this website), and from data leaks of random websites. Then there's the malware that makes an "offsite" backup of your address book, online or not. With modern web, Javascript from those pesky ads may also intercept details you enter on otherwise legit websites.