The new mobile phone scam – and how everyone is in danger
Scammers are using a simple trick to steal people’s mobile phone numbers and use them to access their personal data, including emails and bank accounts.
With basic information such as your account number and date of birth, fraudsters can move a mobile phone number to a different carrier. Given that a lot of important accounts use two-factor authentication via text message, this could give scammers control over someone’s digital world.
Adelaide couple Dea and Jamie have become one of the latest victims to an increasingly common crime known as fraudulent phone porting, also referred to as SIM-swapping.
Jamie said his phone suddenly lost all service on Friday, April 26. He initially dismissed it as a billing issue, but realised something was wrong when he checked his emails and found that his Gmail password had been changed.
He then checked his bank account.
“I was able to get in so the password hadn’t been changed but a fair sum of money had been taken from our joint wedding account,” he told Yahoo News Australia.
Seeing that $8,500 had been wiped off, the couple attempted to freeze their bank accounts on Dea’s phone.
“Being Friday night – and we were supposed to be at dinner – made it so hard,” said Dea. “We had to get in contact with so many people.”
These attacks are often conducted on Friday afternoons to give scammers maximum time to hack into victims’ accounts.
The couple said they were surprised by how little information was needed to port a number illegally.
“[Optus] didn’t really give me a good idea of how someone had done it, but we figured out that all you need to deal with customer support and pretend to be someone was the phone number, date of birth and their full name,” said Jamie.
“That’s information that can be quite accessible through data mining or social media. I just thought it was incredible really.”
Optus confirmed that it only requires a “mobile service number along with an account number or date of birth” to port a number to a new SIM, following the guidelines set by the Australian Communications and Media Authority.
While Jamie and Dea got their money back, Jamie was locked out of some of his accounts for 30 days. The couple also said they were “disgusted” by the lack of care from Optus throughout the ordeal.
In 2017, Sydney woman Deborah Brodie fell victim to illegal phone porting on the eve of the Queen’s birthday long weekend. Apart from having her iTunes and bank accounts hacked, she was also unable to get in touch with her business’s customers and clients for five days.
“This is a new scam that’s happening more and more,” Brodie told news.com.au. “Is it the phone companies that have to do better? I think it is.”