Fake Broadband and ISP Scams

Fake broadband and ISP scams involve people posing as representatives of your internet service provider — or as a telecoms regulator, infrastructure company, or broadband upgrade scheme — in order to extract money, personal data, or remote access to your computer and home network.

Broadband is now an essential household service, and most people receive periodic communications from their provider about contract renewals, speed upgrades, equipment replacements, or service changes. This familiar rhythm of contact creates a natural opening for scammers: an unexpected call about your broadband feels less unusual than a call about a product you rarely think about.

The scams operate across a spectrum of harm. At the lower end, callers charge for services — router replacements, speed upgrades, fibre connection fees — that are either free under your existing contract or do not exist. At the higher end, the scam is a vehicle for gaining remote access to your computer: the caller claims a technical problem has been detected on your line or router and that they need to help you fix it remotely. Once remote access software is installed, they can see your screen, steal banking credentials, install malware, or lock your device until a ransom is paid.

Some variants focus on contract manipulation: the caller claims your current contract is ending, that prices are rising, or that you will face a penalty unless you act immediately, then signs you up for a new contract at an inflated rate or with a different provider — sometimes one that does not exist as a licensed operator.

Data harvesting variants use the ISP context to request your account number, billing details, router admin credentials, or Wi-Fi password, framing these as necessary for an upgrade or fault diagnosis. Your router admin password and Wi-Fi credentials can give access to everything connected to your home network.

The most common entry point is a cold call claiming to be from your internet provider. The caller may state that your router has been flagged as having a problem, that your contract is up for renewal at a higher price unless you act now, that a national fibre upgrade is being rolled out to your area and requires your confirmation, or that your broadband speed has been underperforming and they want to fix it.

In the remote access variant, the call escalates quickly to a technical problem. The caller explains that the issue can only be fixed remotely and directs you to install a software tool — often a legitimate remote desktop application used for this purpose fraudulently. Once connected, they take control of your device, often opening your internet browser and directing you to fake banking or payment pages, harvesting credentials, or demonstrating alarming-looking 'errors' to justify a service or repair fee.

In the fee-for-upgrade variant, the caller creates urgency around fibre or speed upgrades that are either already included in your contract or do not exist as paid add-ons. A 'connection fee', 'priority installation charge', or 'router replacement cost' is requested by card payment or bank transfer.

In the contract manipulation variant, the caller creates urgency around a pending price rise or contract end, then signs you up — either to a different plan with the real provider at a higher rate, or to a fake provider entirely — while you believe you are simply renewing. You may not discover the change until your next bill arrives.

Smishing variants send a text claiming that your broadband service is due to be interrupted, or that a router upgrade is available, with a link to a convincing fake login page where your account credentials are harvested.

Broadband service is perceived as complex and technical by many customers. When a caller speaks with authority about router firmware, line speeds, or network diagnostics, it is difficult to evaluate whether the claims are genuine without technical knowledge. This creates an information asymmetry the scammer exploits.

The fear of losing internet access — particularly where a household depends on it for work, education, or healthcare — motivates quick compliance. The framing of 'we detected a problem' shifts the dynamic from a sales call to a service call, which most people respond to more readily.

Remote access tools are genuinely used by legitimate technical support teams, so being directed to install one does not immediately signal fraud. By the time the screen is being controlled by the scammer, the caller has already established a plausible service narrative.

A householder receives a call from someone claiming to be from their broadband provider's technical team, saying their router has been flagged as sending error signals to the network. The caller says a simple remote fix is needed and directs the householder to download a remote desktop tool. Once connected, the caller says they can see 'serious malware infections' on the computer and that a security package is needed to protect the router. They direct the householder to a payment page. The householder pays by card. The caller then opens the householder's internet banking in the background and initiates a transfer before the session is ended. The householder contacts their provider and discovers no fault had been detected on their line.

This is [ISP name] technical support. Our system has flagged an issue with your router that could be causing slow speeds. Can I help you fix it remotely?

Your broadband contract ends soon and the new rate will be [amount] per month. To lock in your current price, press 1 now.

We're rolling out full-fibre to your area this week. There's a one-off connection fee of [amount] — confirm today to keep your slot.

Your [ISP name] account has a pending security issue. Visit [fake link] to verify your details and restore full service.

IMPORTANT: Your router will be disconnected in 24 hours unless you update your account at [fake link].

Hi, this is [ISP name] — I need your Wi-Fi password and router model to complete the remote upgrade on your line.

Call your internet service provider on the number printed on your bill, on the back of your router documentation, or on their official website — which you should navigate to yourself rather than clicking any link in a message. Ask whether any issue has been flagged on your account or line, and whether any upgrade or renewal communication is expected.

Your provider will never ask you to install remote access software in response to an unsolicited call. If any caller directs you to do this, end the call immediately.

Never provide your router admin password, Wi-Fi password, or account login credentials to someone who calls you unsolicited. Genuine technical support from your provider is done through authenticated sessions initiated from your side.

For any contract renewal, log in to your account directly and manage changes through the official platform rather than agreeing changes verbally on a call you did not initiate.