Cold-call scammers appear to have accessed Virgin Media customer data to carry out a sophisticated phishing fraud, in a move which raises serious questions about the company’s data security measures and seems to mirror the major issues which have plagued TalkTalk.
Decision Marketing has been contacted by one reader, who wished to remain anonymous, who managed to prevent such a phishing attack earlier this week after being asked to hand over her bank details.
The caller, who appeared to be from an Indian contact centre, said he was phoning from Virgin Media about an upgrade. He had all the reader’s personal information, including her name and address, account number and details of the TV package she had signed up to, her last payment date and amount paid.
He then offered the reader “huge discounts” and asked if she paid by direct debit as this was the only way she would get the offer. However, our reader smelled a rat and asked the caller that, if he had all her details in front of him then he would know whether she paid by direct debit or not. The caller then said: “If you give me your bank details I will check.” Our reader then hung up the call, and reported the incident – along with the 0800 7555 111 number – to Action Fraud.
She told Decision Marketing: “Luckily I had my wits about me otherwise my bank account would have been compromised. I phoned Virgin Media about the issue but they did not seem that concerned, simply saying the caller had been a fraudster. The caller had all my details, how would they have got that information without accessing the Virgin database?”
Last year, the Information Commissioner’s Office hit TalkTalk with a £100,000 for exposing the records of 21,000 customers to fraudsters in an Indian call centre in 2014.
The ICO investigation into how customer details – names, addresses, phone numbers and account numbers – were compromised discovered that the issue lay with a TalkTalk portal through which customer information could be accessed by third-party contractors.
Earlier this month, the National Fraud Intelligence Bureau revealed it had received an increased number of complaints through Action Fraud from customers with package TV subscriptions being hit by scammers, including customers of Virgin Media, Sky and BT.
Victims are told their subscription needs to be renewed; that part or all, of their TV equipment has expired and they are due an upgrade. They are asked to confirm their bank details, or even provide scans of ID documents like passports, in order to claim these discounts.
Decision Marketing has contacted Virgin Media for comment, and the company has vowed to look into the incident.
TalkTalk fined £100,000 over India call centre failings
25 million UK adults in the dark over theft of their data
Stephen Fry on alert as toffs’ data is stolen from club
Uber faces long arm of the law over 64m data breach
Finance firms face sustained attack on their data vaults
FCA launches investigation into Equifax breach farce
Millions of Instagram users hit by major hack attack
Data breach at games giant CeX hits 2m customers
Data breaches ‘hit shares, sales and growth for years’