| Deutsch English Français Italiano |
|
<vq9tvn$2g7f3$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail From: Chris <ithinkiam@gmail.com> Newsgroups: uk.telecom.mobile,comp.mobile.android Subject: =?UTF-8?Q?Re:=20"'Scammers=20stole=20=C2=A340k=20after?= =?UTF-8?Q?=20EDF=20gave=20out=20my=20number"?= Date: Wed, 5 Mar 2025 16:26:31 -0000 (UTC) Organization: A noiseless patient Spider Lines: 42 Message-ID: <vq9tvn$2g7f3$1@dont-email.me> References: <vq478a$1a6p9$1@dont-email.me> <m2m70fF4cnfU1@mid.individual.net> <vq4ue1$1ejeg$1@dont-email.me> <vq57fp$1g6j2$1@dont-email.me> <vq5aic$1gnna$1@dont-email.me> <vq6cnr$1pn8s$1@dont-email.me> <vq6u0r$1skm6$1@dont-email.me> <vq7q5c$21s5q$1@dont-email.me> <vq9m13.2jc.1@ID-201911.user.individual.net> <or1m9lxa3d.ln2@Telcontar.valinor> <YFe*ABH8z@news.chiark.greenend.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Injection-Date: Wed, 05 Mar 2025 17:26:31 +0100 (CET) Injection-Info: dont-email.me; posting-host="bef1a6bff6196c298421df4079411404"; logging-data="2629091"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+/rRU7wPFebvWIPheeqKWXxLZCEVTX4DU=" User-Agent: NewsTap/5.5 (iPhone/iPod Touch) Cancel-Lock: sha1:dl+GH1vBaobvqSYPAVOP/Avn+kk= sha1:9YYajWN4tFxPQbm6VBl5GGtmCZU= Theo <theom+news@chiark.greenend.org.uk> wrote: > In comp.mobile.android Carlos E.R. <robin_listas@es.invalid> wrote: >> On 2025-03-05 14:25, Frank Slootweg wrote: >>> Chris <ithinkiam@gmail.com> wrote: >>> [...] >>>> Fortunately, the victim has had his 40k refunded. >>> >>> Do you have a reference - with details - for that? I.e. who accepted >>> responsibility for which fault(s)? >> >> Quote: «National Savings and Investments said it had refunded him the >> money taken from his account.» >> >> And that's the £40000, because earlier it reads (quote): >> >> «Worse news was to come, when he learned his National Savings and >> Investments password had been changed. >> >> "After an hour of talking to different people there, they said, 'You've >> actually taken out a very large amount of premium bonds, over £40,000'," >> said Stephen.» > > What I don't understand is how that's a fraud vector. NS&I premium bonds > (a kind of government-backed savings account with 'interest' generated by a > lottery-style algorithm, with certain tax advantages because they count as a > lottery not savings) used to be paper things that you could 'hold'. But > nowadays it's all electronic - it's a savings account in your name > effectively. So if he did buy £40k of premium bonds, I don't know how the > fraudster would have cashed that out - unless there's some flaw in the PB > system? Yeah, I'm not sure how it worked either. I had some PBs until recently and you can only withdraw to a designated bank account and it takes a couple of days. They do use 2FA, but it was only enforced (relatively) recently so if the victim hadn't logged in for a while it might not have been set up. So given it took 48 hours for him to realise he'd been compromised and he only had email authentication set up, then the thief could have had time to change the bank details and then withdrawn the PBs.