A new telephone phishing scam targeting Britain’s 8 million Sky subscribers seems to be doing the rounds.  No surprise there, you might think.  The way this one was played, though, suggests a security leak that either tracks back to the company itself or HM Revenue and Customs’ much-publicised data loss. 

How do I know?  Well the call came through on my office phone, which is registered in my maiden name.  The ‘sales’ person asked for me in my married name.  This was no common connection.  No one I do business with knows my married name.  In fact, I hardly ever use it at all, except to save my children embarrassment at school.    However, I have used that name on that phone number to call Sky to sort out equipment outages in the past.  I’ve also called HMRC with the same combination to discuss child benefit.  In both cases, though, the contact number I’ve given out has been the home telephone.  I’m aware that that wouldn’t have prevented them seeing the number I was actually phoning from using Caller ID but the worry wasn’t foremost in my mind.  Probably will be, in future. 

When the first call came in, then, my surprise was such that I actually took the cocktail stick I was chewing in lieu of the cigarettes I gave up 6 years ago out of my mouth.  I attempted to focus on what this unknown voice was saying.  The interchange which followed went something like this:       

            Woman:  ‘Hello, Mrs X, the warranty’s about to expire on your Sky box would you like to insure it for another year?  It means you get all repairs and servicing for free.’

            Me: Thinks… Inaccurate information AND bad grammar, there: I have more than one box.  There is no such thing as ‘for free’.  (Yes, I am one of those awful language pedants).

            Woman, still gabbling: ‘We can fix it up right now for you over the phone.  It’ll just cost £97… ’

            Me: ‘I don’t give credit card details out over the phone.’

            Woman:  ‘Oh.  If you’ve got your cheque book handy, the bank sort code and account number of  that’ll do.  It’s just like writing a cheque.’

            Me, hackles rising: ‘If Sky have got some offer on they can write to me.’

            Woman: ‘I’m afraid we can only make this offer over the phone.  This is a call centre.’

  I’d almost forgotten about this little episode when, yesterday, the phone rang and some woman using the same opening gambit started to speak.  This time I was ready for them.

             Me: ‘What company is this?’

            Woman:  ‘Digital Services.’

            Me:  ‘I haven’t time to discuss this now.  Give me your number and I’ll call back.’

            Woman: ‘It’s 08… ’  Deliberately closes phone.

The moral of this story, like that for all phishing scams, is don’t be fooled by the seeming familiarity of the information these people put forward.  That’s easier said than done, of course, if you’re busy and your mind’s on other things.  And I suspect we all tend to trust the phone more than email.  It’s more intimate, somehow. Which probably makes us all the more polite and willing to listen to would-be con merchants.  Instead of giving these (expletive deleted) a comfortable ride, I suggest a slightly more robust response.  Next time you unmask a telephone scammer, pause for a moment then shout: ‘Go Phish!’ in their ear. 

Still polite but more satisfying.