UK's 070 numbers in e-mail lottery scams

Criminals running e-mail lottery scams are exploiting 070 personal numbers in the UK to defraud internet users.

Criminals running e-mail lottery scams are exploiting 070 personal numbers in the UK to defraud internet users.

Internet security firm Sophos said that the general availability of 070 numbers made them a perfect tool for cybercriminals looking for financial gain.

E-mail lottery scams typically claim that recipients have been selected to receive a large cash prize, and that the fortune can be collected once the victim has revealed confidential information, including their bank details.

To persuade recipients that the non-existent lottery win is genuine, the e-mails often contain a contact phone number.

Sophos said that the UK's 070 numbers are the second most commonly used phone numbers in such scams. US-based phone numbers top the list.

Known as "personal numbers", 070 numbers look like mobile phone numbers but can easily be redirected to any number anywhere in the world. In addition, 070 numbers can be acquired for free, as callers pay higher charges to use them.

This means that anyone can quickly and cheaply acquire multiple 070 numbers, which redirect or divert to the same mobile phone or landline.

Graham Cluley, senior technology consultant at Sophos, said, "Internet scammers are scooping up these free 070 personal phone numbers, redirecting them overseas, and posing as British lottery officials.

"They can easily cycle through a bunch of these 'throw-away' numbers, using them to con innocent victims into revealing confidential information that can then be used to empty bank accounts and commit identity theft."

One recent e-mail scam claimed to be a communication from the United Nations working with the World Bank, and indicated that $17.5m (£9.2m) was ready to be released into the recipient's bank account.

"With 070 numbers, callers have no way - short of persuading the 070 service provider to tell them - to determine where their call ends up," said Cluley.

More information:

Spam and phishihg attacks grow more sophisticated

Customer data law would hit e-business, say banks

Comment on this article:

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.