Phishing phone call

mattyg · 2026-05-29T14:14:34+0100

Just had a phishing phone call on my mobile claiming to be from PLEO, They knew my login email and obviously my mobile number.

They said there was a login attempt from Paris and that the person logging in has admin access now. And i need to go through some checks to get the account back. So i told them to ring me back in 15 mins, That was enough time for me to log into PLEO and check.
Nothing odd in there and no login attempts

So, how did they get the correct info and what are my next steps.

Ta

Diddums · 2026-05-29T14:16:40+0100

You been haxxored bro

joey1211 · 2026-05-29T14:24:19+0100

Are your contact details (the email and mobile number referenced above) posted together online anywhere?

mattyg · 2026-05-29T14:26:51+0100

joey1211 said:
Are your contact details (the email and mobile number referenced above) posted together online anywhere?

Not that i know of. Its my private number and i get enough calls i dont want any unsolicited ones too.

mattyg · 2026-05-29T14:32:48+0100

I got a notification from experian about details being found online and from youvebeen pawned a few months ago.

I started to change some passwords but I've 100's so its a big job. Some early ones that dont get used anymore may have have the same passwords but for the last few years theyve all been lastpass suggested passwords of a decent length

aaronyuri · 2026-05-29T14:38:48+0100

Find company directors from companies house.
Cross reference that info with illegally obtained contact details or purchased goldmine-style DBs.
Block dial them and phishing attempt those that answer.

I am quite ashamed to say that I used to support businesses that did similar shady practices like this in the past.

Kenai · 2026-05-29T14:42:32+0100

https://haveibeenpwned.com/ probably worth a check

Jim99 · 2026-05-29T15:05:33+0100

I've had one like that for a niche financial app I use. What caught me by surprise was that it's sufficiently niche that I wouldn't expect someone to just chance it by ringing random phone numbers.

My suspicion for things like this is that a customer support agent somewhere has sold customer details to supplement their income, but you'd never be able to prove it. That would explain how they know the correct email, phone number and can relate it to a service that you're actually using.

mattyg · 2026-05-29T15:30:45+0100

Jim99 said:
I've had one like that for a niche financial app I use. What caught me by surprise was that it's sufficiently niche that I wouldn't expect someone to just chance it by ringing random phone numbers.

My suspicion for things like this is that a customer support agent somewhere has sold customer details to supplement their income, but you'd never be able to prove it. That would explain how they know the correct email, phone number and can relate it to a service that you're actually using.

That's exactly what I believe happened a few years back with o2... twice our account got compromised and we put extra security in place after the first. But they still managed a sim swap... both times delivery of items were in Essex. O2's fraud team got involved but I never got an update so I suspect it was an inside job