2019
Avoiding Sim-Swap Fraud
David Flowers / 0 Comments /Murray writes: Recently my daughter’s phone stopped working for no apparent reason. As she is using her phone a lot for work this was an immediate point of crisis. She investigated and was distressed to learn that she had been the victim of phone “sim-swap” deception. Although not yet well known, this is a growing type of fraud where the hoaxers, masquerading as you, convince your mobile phone company that you want to move your number to an alternative mobile provider. Once that is done the number is now in their control and they use your number to request internet banking re-set codes. Upsettingly, this also meant that anyone contacting her by phone or message was inadvertently communicating with the criminals.
Within an hour and a half of realising that her phone wasn’t working my daughter found that her bank accounts had been raided 24 times earlier that day. It later transpired that she had been a part of a systematic fraud involving multiple innocent customers at the same time.
If, like me, you are scratching your head thinking that it can’t be that simple, I’m afraid to say that it is. This event has exposed major weaknesses in the security systems operated by some mobile phone providers and banks. It turns out to be all too easy for the well informed cyber-criminal to gain access to your private information and money.
My daughter had done nothing wrong. She knows not to divulge her security or bank details or to pass on confidential information to anyone. So this is scary – she has simply been the victim of a profiling fraud which needs nothing more than access to a mobile number. Once they controlled that they had an open door into her bank accounts.
Avoiding cyber-crime by going back to cheque-books and local branch banking is nearly impossible these days (to do so would be inconvenient as many branches are closing and it has its own risks too). Nothing will immunise entirely against fraudsters but here are a dozen tips to reduce the risks of the most common types of cyber crime:
- Review the security on your mobile phone account (this is typically the weakest link). Most mobile providers offer enhanced security which includes PINs and passwords;
- Your email is also a potential weak link as it too can be used to re-set your security, so set up “two-step verification” on your email account (and social media platforms). This will prevent anyone logging in to these other than from a trusted device;
- Set up multiple levels of security on your telephone banking such as voice recognition or using a physical key such as a card reader – as well as passwords;
- Don’t do any telephone or internet banking in a public place;
- Don’t use a public WiFi for your internet banking;
- Re-visit your passwords to make them more secure. Rather than use variations of the same password or pin code for everything try using a password generation app. Apps such as Avast Passwords are free and very secure and can be used to generate and store all your passwords in one place (just be careful not to forget the app master password!);
- Never store passwords for internet banking and/or online shopping in your internet browser (you may have noticed that when you logon onto a site a pop-up asks you if you want to save the password);
- If you ever use a computer which isn’t yours for banking or shopping, always be sure to log off afterwards;
- Never respond to an email purporting to be from your bank asking you to log in (by all means login to your bank account – but not by replying to the email);
- Be wary of unusual emails from friends asking you to send money, or with attached invoices;
- Use a credit card for online shopping. The credit card company is obliged to provide you with protection if the goods are lost, stolen or damaged and/or if your card details are used fraudulently;
- When internet shopping only store basic information (ideally never ask the website to store your card details for future use).
No comments so far!
Leave a Comment