We remember to lock our house and car before leaving them, but how security conscious are we when it comes to locking our mobile phones?
Take a minute to stop and think about what’s on your phone and what you use it for… SMS, emails, photos, personal memos, internet browsing, social networking, storing passwords. Now imagine if overnight all of that information disappeared, your bank balance vanished, and suddenly you were left with a bad credit rating and mountains of paperwork to re-establish your identity. This is a real threat – and actually happened to “Steve” (not his real name) a couple of months ago.
Steve was using his mobile phone to access Facebook on the train when his news feed stopped loading. He checked his internet settings and looked at his coverage, but everything looked fine, so dismissing it as an intermittent fault he didn’t think anything more of it… until his wife called him on his desk phone asking him why he wasn’t responding to an urgent SMS. Steve called his service provider for help and was told that their records showed he’d switched his phone number to another carrier that very morning – which explained why his phone’s SIM would no longer work.
Later that day, when Steve checked his internet banking, he discovered that the cash he had saved for his overseas holiday had been withdrawn from his account. When he contacted his bank, he was told that their records indicated he had authorised the transaction via a security code sent via SMS to his mobile.
This was when alarm bells started ringing in Steve’s head!
Steve immediately contacted his local police and an investigation was launched. It was determined that Steve had been the victim of identity fraud using unauthorised SIM porting. The crooks had obtained pieces of Steve’s identity information over time, and the last piece of the puzzle they needed was his mobile number. Once the crooks had this, they were able to set up their scam with precision timing: firstly porting his SIM card to another telco provider, applying to transfer funds from Steve’s account to their bank account, and then using the security ‘two factor authentication code’ sent via SMS by his bank to deceptively authorise the money transfer… all done without ever tipping off Steve because the crime was committed during the time his mobile service was ported and before he had time to raise any concerns.
As fraud victim stories go, Steve’s tale isn’t unusual. Steve thought he was doing all the right things to protect himself from scammers. But it just goes to show, although most people don’t fall victim, ID fraud can happen to anyone.
10 Tips To Keep Your Identity Secure & Avoid SIM Porting:
- Be suspicious of anyone who asks for your personal information – including your mobile number. Scammers are willing to collect pieces of your personal information over time.
- If you receive an unsolicited phone call out of the blue, always ask for the name of the caller and who they represent; and try to record their telephone number.
- Don’t share your personal information, credit card or online account details over the phone, unless you made the call and trust the phone number dialled is legitimate.
- If you’re not sure that the person on the other end of the phone is legitimate, just hang up and call the organisation back using their official contact details.
- Don’t respond to text messages or missed calls that come from numbers you don’t recognise.
- Regularly check your credit card and bank statements for any unauthorised transactions – this may be the first sign someone has stolen your identity.
- Choose a strong password, change it regularly, and don’t share it with anyone! Consider installing a (trusted) app to keep your passwords and PINs secure.
- Report a lost or stolen wallet to your local police, and put a notification service on your credit file.
- Before you dispose of your old phone or computer, make sure you’ve wiped your personal information. Second-hand devices can be lucrative sources of information for cyber criminals.
- Shred old paper documents that contain your personal information and secure letterboxes. Even cyber criminals will rifle through bins in order to steal your identity.
What To Do If You Have Been Scammed:
- Contact your bank or credit union immediately so they can investigate the suspect transaction, suspend your account and take appropriate action.
- If you have been scammed of money, report the crime to the local police.
- Report ID fraud scams to SCAMwatch or call 1300 795 995.
If You Think You Have Received A Telstra / Bigpond-branded Scam, You Can:
- Check our registry of known Telstra and BigPond scams.
- Report incidents of ‘Telstra Impersonation’ scams to Telstra via our Report Misuse of Service webform.