Fraudsters Impersonating Tesco in New Phone Scam, Police Warn

Cyber Security News

Police in Wales have issued a warning to residents about a new phone scam, in which fraudsters are impersonating supermarket giant Tesco.

Victims have reported receiving an automated call telling them that an order with Tesco has been placed and that £350 will be debited from their account. The automated message goes on to say “if this is not the right amount, please press 1 to go through to our fraud team.”

When worried victims press 1, they are put through to a scammer, who attempts to gain as many personal details as possible from them, including their bank details. The police warned that the scammers are highly sophisticated and will sound genuine. They advised: “If you receive a call like this, it’s best to hang up and either check your Tesco online account yourself, or call Tesco directly from a number you have obtained.”

The scam comes amid ongoing COVID-19 lockdown restrictions, a period which has seen a huge rise in online grocery shopping and click and collect services. Overall, the shift to online services and the economic and health uncertainties of the past year has led to fraudsters ramping up attempted scams. According to data from Barclays, impersonation was the joint highest form of scam (29%).

Commenting on the story, Ray Walsh, digital privacy expert at ProPrivacy, said: “These scams rely on clever scripts to convince people that they are being defrauded, so that worried victims hand over sensitive personal data, including their bank details.

“We remind everyone never to provide their personal information or payment details to anybody who calls them out of the blue, even if they claim to be from a huge brand like Tesco. If you have an order placed with Tesco and you receive a call like this which concerns you, hang up and make an inquiry with Tesco directly to check on the status of your delivery.

“According to some reports, the scammers may even attempt to convince the victim to install remote access software onto their PC to allow them to help remove malware that permitted the fake fraud to occur. Anybody who falls for this will be allowing cyber-criminals direct access to their PC so that they can install software designed to steal their data.”