| Deutsch English Français Italiano |
|
<vr99gp$8osv$1@dont-email.me> View for Bookmarking (what is this?) Look up another Usenet article |
Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail From: Java Jive <java@evij.com.invalid> Newsgroups: comp.mobile.android,uk.telecom.mobile Subject: =?UTF-8?Q?Re=3A_=22=27Scammers_stole_=C2=A340k_after_EDF_gave_out_m?= =?UTF-8?Q?y_number=22?= Date: Mon, 17 Mar 2025 13:53:27 +0000 Organization: A noiseless patient Spider Lines: 83 Message-ID: <vr99gp$8osv$1@dont-email.me> References: <vq478a$1a6p9$1@dont-email.me> <m2sdlgF2fjiU1@mid.individual.net> <vqc9e4$30gdm$1@dont-email.me> <m2u1avF9uqaU1@mid.individual.net> <vqcug0$345ts$1@dont-email.me> <vqes1l$3i7oj$1@dont-email.me> <vqf0ca$3j5oo$1@dont-email.me> <buh*n6r9z@news.chiark.greenend.org.uk> <vr3pav$3eto7$1@dont-email.me> <vr3s4m$3hdbg$1@dont-email.me> <vr4ere$eqk$1@dont-email.me> <vr5git$t0ll$1@dont-email.me> <vr6kqh$1t946$1@dont-email.me> <cuh*FQB9z@news.chiark.greenend.org.uk> <vr6src$23f7c$1@dont-email.me> <duh*2rC9z@news.chiark.greenend.org.uk> <vr8nul$3mi0m$1@dont-email.me> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Date: Mon, 17 Mar 2025 14:53:29 +0100 (CET) Injection-Info: dont-email.me; posting-host="71cbe85194c1d5475c730b06478bc22e"; logging-data="287647"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18SVZ149OPjSSAn9e4LwtwtMhiG1aBIY8s=" User-Agent: Mozilla Thunderbird Cancel-Lock: sha1:qsPpRiXMh2MdiwipXhkExGnr+Qk= Content-Language: en-GB In-Reply-To: <vr8nul$3mi0m$1@dont-email.me> Bytes: 5467 On 2025-03-17 08:53, Nick Finnigan wrote: > On 16/03/2025 18:00, Theo wrote: >> In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: >>> >>> No, how would he have known the answers to the security questions to >>> enable the SIM swap, and his emails were from Virgin Media, while the >>> SIM was from O2. Although not initially, my reading of the original >>> article is now unambiguously that the email hack preceded the SIM swap >>> and provided the initial personal information necessary to accomplish >>> everything that followed. >> >> Virgin Media O2 are one company - VM and O2 merged June 2021. I don't >> know >> whether they have merged customer accounts such that the same security >> details are used for both. In which case it may be that one set of >> details >> gives access to both mobile and emails. > > "If you've linked your Virgin Media and O2 details to create a new > Virgin Media O2 ID, sign in with it here." > > https://accounts.o2.co.uk/signin But Theo's own transcription of events from the BBC Radio documentary makes clear that he had not done so (first and last entries from this excerpt): In brief: - received a text from O2 (mobile operator) saying he'd changed his password - contacted O2 straight away and told SIM had been swapped - told they'd stop that and send out a new SIM card, emailed to confirm - next morning, email from EDF (energy supplier) asking for feedback on recent contact with customer services - called EDF, told they'd pass it on to the fraud section and get back to him - nothing happened for over a week - called O2 again to make sure everything was stopped, put through to fraud department - just after received an email saying new SIM card had been sent out, connected to a different number. Queried with fraud department, said didn't know, need to go to an O2 shop - O2 shop couldn't do much as account had been stopped, couldn't look at it - told them to check his emails - contacted Virgin Media (ISP, merged with O2), told he'd changed his password, had to go through changing password back again, told they'd pass it to the fraud section It's difficult to deduce from this the exact ordering of events ... Because he had to contact VM to find out that he'd changed his email password, rather than them contacting him at the time he did so, we can't tell when his email password was actually changed. Further, the scammer could have been reading his emails for a while before actually deciding that, as unfolding events began to suggest that the scam was in danger of being closed down, that it was time to change the password in an attempt to prolong it. Most probably his email account would have been compromised around the same time as all the other stages of the scam, yet "nothing happened for over a week" before he discovered it, and, in between, he received emails from both EDF and O2. However, I still think that some identifying personal information would have been necessary to enable the SIM swap, and most probably this came from the email hack occurring earlier. A search for "what is the minimum personal information required to be a victim of a SIM swap scam" using both DuckDuckGo and Google didn't yield anything definitive or that probably most of us didn't know already, but did yield preventative advice ... From the Met: https://www.met.police.uk/SysSiteAssets/media/downloads/force-content/met/campaigns/fraud/cyber-protect_protect-yourself-from-sim-swap-fraud.pdf From Which: https://www.which.co.uk/news/article/sim-swap-fraud-doubles-year-on-year-how-scammers-steal-your-phone-number-aB0TF1O6hUrv -- Fake news kills! I may be contacted via the contact address given on my website: www.macfh.co.uk