SIM Fraud or “SIM-Jacking”
Bluetone has become increasingly aware of a worrying type of SIM fraud known as “SIM-Jacking” which we are keen to keep our customers informed about and hopefully help to protect them against!
The fraud basically involves the criminals hijacking the victim’s phone number and reactivating it on another SIM. Once the fraudster has access to the phone, they then have a way in to the user’s email, social media or even mobile banking apps through intercepting the two-factor authentication system that these institutions frequently use. The frightening aspect of this type of crime is that the information the criminals need to garner, such as date of birth, is often easily available, for example on social media and with just a little bit of digging can be used to convince a sales rep on the other end of the phone that they are a genuine customer. With so many of us now using mobile banking this really is a fraud we need to be wise to or we could find ourselves seriously out of pocket.
The best form of defence against this crime is vigilance. If your phone starts acting strangely or goes down suddenly and your are unable to make calls, send texts or use data, then either phone us here at Bluetone if you are a customer, or contact your network as soon as you can. Things to look out for include SMS messages or emails prior to a swap taking place. If you didn’t request this, then report it immediately. If you suspect a SIM swap has taken place then you should contact your bank immediately, so they can put any preventative measures in place.
O2 Fraudulent “Smishing SMS”
O2 recently reported to us that a number of customers received a “smishing” text message on the 16th October purporting to be from O2. The messages suggests the customer is required to update their billing information. There is a website in the message that redirects the customer to a fake O2 website. O2 did not send these fraudulent messages but they are very convincing and look like their sites.
The message reads: “O2: We are unable to process your latest bill. In order to avoid fees, update your billing information via:”
A full investigation is ongoing & they are in the process of removing the fraudulent websites & domain name, identifying and blocking the sender of the SMS.
If you believe you may have disclosed personal data you can report it to Action Fraud at: https://www.actionfraud.police.uk/report_phishing
If you believe a crime or fraud has occurred due to this incident you can report it to Action Fraud at: https://www.actionfraud.police.uk/reporting-fraud-and cyber-crime
A password reset is always a good precautionary measure if to take if you have entered any personal details.
We take our customer’s security very seriously and will endeavour to inform of any fraud, scam or other security breach we become aware of.