Fraudsters targeting TalkTalk customers have used website-building company Wix to create fake pages to dupe their victims.
As part of the fraud, the criminals directed unwitting TalkTalk customers to a webpage where they were told they could claim a compensation payment by logging into their bank.
The webpage looks like a legitimate TalkTalk website, including the company’s logo along with those of major UK banks on a separate page. But in fact it is a fake site, used by the fraudsters to gain access to victims’ accounts.
Prior to visiting the fake TalkTalk site, victims have been tricked into installing a “remote access tool” called TeamViewer. This allows the fraudsters complete access to the customer’s computer.
Once the victim hits the fake TalkTalk site, they are encouraged to click on their bank’s logo and log in for their refund. But thanks to the remote access tool, the fraudsters are then able to take over the account (for the full story, click here).
Last month the Information Commissioner fined the UK telecomms provider £100,000 after it emerged tens of thousands of customers’ details had been unlawfully accessed by TalkTalk’s India call centre operator Wipro. Whistleblowers in India claim this information was then given to the fraud gang believed to be behind the fake websites.
As recently as June this year, TalkTalk customers were still complaining of getting scam calls linked to the group who set up the fake sites using Wix.
Shortly after I made contact with Wix, the site went offline. A spokesperson for the company said: “Any sites that someone believes violates our terms of service should be sent to firstname.lastname@example.org. As is our policy, we cannot comment on individual users.”
TalkTalk did not give a comment in time for publication.