Leaving your personal details like your phone number, birthdate, address and contacts publicly available on social media or websites could lead to a scammer stealing your identity and your cash! Don’t think this would ever happen to you?
Last nights 7.30 Report on the ABC reported on two victims of this growing phone number porting scam, both victims caught up in this scam, are actually Telco Unionists. If it can happen to them, it can happen to anyone. Both of the victims mobile phone numbers and identities were stolen and then used to break into their bank accounts. One victims Facebook friends were also used to go guarantor for new bank accounts. The trauma to both victims has been immense due to the frustrations with trying to regain control of their accounts and to prevent it happening again.
“Porting phone numbers is a way scammers can assume someone’s identity. Once a scammer takes control of the victim’s phone, he or she may be able to access the victim’s bank accounts that are linked to the phone number.” Not only that, any 2 Step verification code security will be sent straight to the scammers phone via your stolen phone number after they have ported it across to a new provider.
Recently I helped a client who was the victim of the exact same scam. She had her mobile phone number ported over to a new telco by a scammer three times in order to hack into her bank accounts to steal money from her, much like one of the victims of this 7.30 Report story. My clients Telco even put an alert on her account after the second scam porting occurrence to warn customer service that she had previously been impersonated and scammed, and yet the very same Telco still allowed the scam porting to go through a third time! After the third time, the Telco then set up a secret pin on her account to try to prevent it happening again. She contacted me afterwards to help tighten up her online security and to find out how the scammer had got hold of her information in the first place. We found that her personal information used for the scam was unfortunately publicly available through her Facebook profile and also listed on a website that she had forgotten about.
Because this scam can net the scammer huge amounts of money, this scam will spread. Banks and Telcos will have to be far more vigilant with their security and so will customers. You may already know someone who has been a victim of this scam.
Recent “A Current Affair” Story on the scam featuring Leonie Smith “The Cyber Safety Lady”
It Will Never Happen To Me…
Many people live in the “It will never happen to me” universe where they think they are far too unimportant for a scammer to target. Don’t kid yourself…this scam is just too easy for a scammer to pull off, they don’t have to hack into your account if your personal identity information is publicly available through a website, through Facebook and Google. Even if you don’t have a lot of money to steal, these scammers are setting up loans, and stealing what money you do have using your credit cards and your accounts. At the very least, imagine the awful inconvenience of losing your phone number and then having to go through all the drama of getting it back or having to change it. Once a scammer knows your personal identity information it can be sold on to other scammers and you might have to spend a lot of time changing phone numbers, passwords and setting security, dealing with providers and banks to ensure that it doesn’t happen again.
What Can You Do To Avoid This Scam.
- When you ring your bank or your Telco what information do you have to give them in order to have your service changed over to another Telco? If you don’t have to provide a secret password or pin number you are at risk. Ask your bank and telco about having an extra security code that only you know, in order for any action to be taken on your accounts, after you have logged in with a password.
- Find out where your mobile number is listed online and have it removed. Especially Facebook, Twitter, websites other social media where it is linked to your name. Use contact forms or direct messaging services instead. It is no longer safe to have your mobile number listed publicly along side your name or business name. Searching online for your phone number alongside your name or business name will help you to find where your number is listed.
- Remove your birthdate from public view on online, especially social media sites like Facebook. Use a fake birthdate on social media sites to sign up.
- Don’t use real personal information for security questions, make up a best friends name or mothers maiden name…store it somewhere safe – offline!
- Use hard to crack passwords. A different one for every account.
- Use 2 step verification and log-in notifications on every account that allows it. Especially your bank accounts, Gmail, Paypal, Facebook, eBay, and iCloud.
- Make sure you have a lock on your letter box, and keep your home street address offline. Google it alongside your name to see if it is listed anywhere.
- Don’t list your family names online anywhere, hide or delete if you have connected them in your Facebook profile.
- Hide your friends list on Facebook from public and friends view, if a scammer can see your friends list they can then copy your Facebook profile to impersonate you, and then approach them as a fake you. Be careful never to accept a friend request from someone you are already Facebook friends with, it may be a duplicate.
- Search in Facebook for your name, has your account been duplicated?
- Make sure your computer has not been hacked. Run anti virus software or take to your local computer store.
- Always install new updates on your mobile devices and computers to patch any security issues.
It’s a LOT to implement if you haven’t been careful of your security so far, but will take far less time than trying to get your identity back, your money and your accounts and your phone number.
If you are a victim of this scam
The first you may know about it is if your phone suddenly loses it’s signal and shows as SOS available only. First contact your Telco, then your bank, your local police, www.scamwatch.gov.au and www.acorn.gov.au and change your passwords on your email account, your telephone account, Facebook, PayPal, eBay and your bank accounts if you can. If you haven’t already, then follow the above list to secure your accounts.
For help with Identity Fraud contact IDCare http://www.idcare.org
You should also contact The Australian Communications Consumer Action Network (ACCAN) who are collecting case studies. http://accan.org.au/about/contact
You can find out more about privacy and security settings from my “Keeping Kids Safe Online” or “Keeping You Safe Online Manual”. Has extensive privacy and security settings for the internet, step by step.
I’ve written before about why hiding your publicly available Facebook friends list is my No1 tip for Facebook safety Here:
Do you know anyone that has been a victim of this type of Number Porting Scam? What did they do?
Leonie Presents Cyber Safety Talks for schools, business, and community groups.