Scam Interceptors programme that's been on BBC1 at 10am recently

Murmansk
Murmansk Posts: 1,104 Forumite
Part of the Furniture 500 Posts Name Dropper
Many of you may have seen this programme but for those that aren't aware of it they have a set of ethical hackers who hack into a call centre in Calcutta and they are able to see various different scams actually going on.

The most common one seems to be where people get an automated message claiming to be from Amazon saying they've been charged £79.99 for Amazon Prime and to press 2 if they don't want to be charged. Pressing 2 puts them through to the scammers who install remote access software and get them to fill in a form on the screen. The victim fills in the form and enters £79.99 but it's set up to take it as £7,999 so the scammers then tell them they need to pay back the overpaid refund amount.

Anyway, most of the people who inhabit this forum are probably very scam-aware but, although the programme is a bit repetitive, it's probably targeted at the people who are most likely to fall victim and perhaps who are most likely to watch daytime TV too so I hope it's successful.

My question relates to how they manage to hack into these scams because I'd have thought it was technically illegal? Have they perhaps got some permission from the authorities to do it for a good reason or maybe all the technical stuff is done in India, where presumably the law is different, and then it's "beamed" to the UK where they're not actually doing the hacking but just watching a feed?

Comments

  • Neil_Jones
    Neil_Jones Posts: 9,515 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    edited 22 April 2022 at 10:22AM
    Ethical hacking (or penetration testing) is the exploitation of an IT system with the permission of its owner to determine its vulnerabilities and weak points.  That's the key difference between ethical hacking and the more commonly heard hacking.

    Its not illegal if you give them permission to do so.  Anybody who cares enough about their setup will invite it to be hacked ethnically, as the same procedures will apply "in the wild" as it were.

    Bit like car insurance with ability to drive other cars "with the owner's permission".  With it, you're covered.  But if you nick it, you aren't (though I suspect if you're going round nicking cars and think your insurance is covering you, you have more serious issues).
  • Murmansk said:

    My question relates to how they manage to hack into these scams because I'd have thought it was technically illegal? Have they perhaps got some permission from the authorities to do it for a good reason or maybe all the technical stuff is done in India, where presumably the law is different, and then it's "beamed" to the UK where they're not actually doing the hacking but just watching a feed?
    The legality around "hacking" also involves intent and outcome. If a hacker does so with malicious intent and commits criminal actions such as changing data / obtaining money etc then absolutely it is illegal.

    Many of these ethical hackers are simply obtaining access through insecure systems that are already wide open to access, just needs a bit of specialist knowledge.

    There is a whole industry around ethical hacking, people are doing it daily against systems around the world with the intent of finding vulnerabilities that can be fixed to prevent criminals taking advantage of them, this work is completely legal.

    Some people earn a lot of money doing this with something called "bug bounties" whereby the discovery of a major flaw will be reported to a software company who will pay the hacker a reward for finding it.

    Many companies pay ethical hackers to find those vulnerabilities, something called penetration testing.
  • GDB2222
    GDB2222 Posts: 25,964 Forumite
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    I can’t see anything in the Computer Misuse Act 1990 about intent or outcomes.

    1Unauthorised access to computer material.(1)A person is guilty of an offence if—(a)he causes a computer to perform any function with intent to secure access to any program or data held in any computer [F1, or to enable any such access to be secured] ;(b)the access he intends to secure [F2, or to enable to be secured,] is unauthorised; and(c)he knows at the time when he causes the computer to perform the function that that is the case.
    No reliance should be placed on the above! Absolutely none, do you hear?
  • GDB2222
    GDB2222 Posts: 25,964 Forumite
    Part of the Furniture 10,000 Posts Photogenic Name Dropper
    edited 22 April 2022 at 11:26AM

    Having said that, I don’t think that it’s in the public interest to prosecute the people in that programme, even if it’s a crime.
    No reliance should be placed on the above! Absolutely none, do you hear?
  • RumRat
    RumRat Posts: 4,969 Forumite
    Part of the Furniture 1,000 Posts Name Dropper Photogenic
    edited 22 April 2022 at 1:17PM
    Who's going to make the complaint??? You hack a hacker and he's not going to be saying anything as well as law not covering the country the hacker resides in.
    There are a couple of guys on YouTube that actually hack the call centres cctv and watch their reactions as he frustrates their scams. Much more satisfying and amusing than the programme currently on TV.
    Drinking Rum before 10am makes you
    A PIRATE
    Not an Alcoholic...!
  • Cornucopia
    Cornucopia Posts: 16,435 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    edited 22 April 2022 at 10:28PM
    Jim Browning is astonishingly good - his technical expertise and his empathy for victims.

    https://www.youtube.com/watch?v=mPpuUnQ6cac
  • k_man
    k_man Posts: 1,636 Forumite
    1,000 Posts Second Anniversary Name Dropper
    Ethical hacking (or penetration testing) is the exploitation of an IT system with the permission of its owner to determine its vulnerabilities and weak points.  That's the key difference between ethical hacking and the more commonly heard hacking.

    Its not illegal if you give them permission to do so.  Anybody who cares enough about their setup will invite it to be hacked ethnically, as the same procedures will apply "in the wild" as it were.

    Bit like car insurance with ability to drive other cars "with the owner's permission".  With it, you're covered.  But if you nick it, you aren't (though I suspect if you're going round nicking cars and think your insurance is covering you, you have more serious issues).
    Not sure how that relates to the OP?
    Unless you are suggesting the scam call centre gave the BBC permission.
  • k_man
    k_man Posts: 1,636 Forumite
    1,000 Posts Second Anniversary Name Dropper
    Jim Browning is astonishing good - his technical expertise and his empathy for victims.

    https://www.youtube.com/watch?v=mPpuUnQ6cac
    'Jim Browning' was interviewed on a recent edition of Scam Interceptors.
  • Murmansk
    Murmansk Posts: 1,104 Forumite
    Part of the Furniture 500 Posts Name Dropper
    Not sure how that relates to the OP?
    Unless you are suggesting the scam call centre gave the BBC permission.
    That's what I thought!
  • TELLIT01
    TELLIT01 Posts: 17,771 Forumite
    Tenth Anniversary 10,000 Posts Name Dropper PPI Party Pooper
    I did watch a couple of episodes and agree they quickly became repetitive, inevitably really.  What concerned me was that if ethical hackers can gain access to systems as easily as they seemed to, it's obviously just as easy for the bad guys to do the same thing.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 349.8K Banking & Borrowing
  • 252.6K Reduce Debt & Boost Income
  • 453K Spending & Discounts
  • 242.8K Work, Benefits & Business
  • 619.6K Mortgages, Homes & Bills
  • 176.4K Life & Family
  • 255.7K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 15.1K Coronavirus Support Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.