National Cyber Security Centre warns of mobile phone ‘upgrade’ scam

The security agency says that scammers are cold-calling people and getting verification codes to trigger bogus upgrades, which victims pay for

Ireland’s National Cyber Security Centre (NCSC) has issued a warning about a phone scam that tricks people into paying for fake upgrades.

The agency says it has “reports” of scammers cold-calling Irish people, pretending to be from mobile phone providers and promising upgrades.

While on the call, the scammer simultaneously uses the ‘forgot password’ feature on the mobile operator’s website, triggering a verification code to be sent to the victim’s phone.

The scammer then asks for the code, after which they get into the victim’s mobile provider account and order an upgrade to be sent to the victim’s house.

Days later, the scammer will call again and offer to refund the victim for the mistaken upgraded phone by collecting it from the victim’s property.

“Never share verification codes,” the NCSC said in a statement about the scam.

“No legitimate company will never ask for a one-time code or password over the phone. If someone claims to be from your mobile provider, hang up and call your provider directly using the official customer service number.”

The security agency also urged people to “regularly” check their accounts for unauthorised activity

or changes and to use strong, unique passwords.

“Avoid using easily guessed passwords and enable additional security features, such as two-factor authentication, if available,” it said in a statement.

Those who suspect they’ve been caught in the scam should immediately report it to the mobile operator and to the Gardai, the agency said.

They should also reset account passwords and contact their bank if a credit or debit card is part of their mobile operator setup.

Reporting on:independent.ie