Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail From: Nick Finnigan Newsgroups: comp.mobile.android,uk.telecom.mobile Subject: =?UTF-8?Q?Re=3A_=22=27Scammers_stole_=C2=A340k_after_EDF_gave_out_m?= =?UTF-8?Q?y_number=22?= Date: Thu, 20 Mar 2025 10:42:21 +0000 Organization: A noiseless patient Spider Lines: 76 Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Injection-Date: Thu, 20 Mar 2025 11:42:25 +0100 (CET) Injection-Info: dont-email.me; posting-host="69e66de31527215d7963caeeb7267a26"; logging-data="1344009"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18/9DZdh0TXyEzYmlIEuQXs" User-Agent: Mozilla Thunderbird Cancel-Lock: sha1:F1cM0f4LrsgcpH4gqohSquozgGM= Content-Language: en-GB In-Reply-To: Bytes: 5265 On 17/03/2025 18:44, Java Jive wrote: > On 2025-03-17 14:53, Nick Finnigan wrote: >> On 17/03/2025 13:53, Java Jive wrote: >>> On 2025-03-17 08:53, Nick Finnigan wrote: >>>> On 16/03/2025 18:00, Theo wrote: >>>>> In uk.telecom.mobile Java Jive wrote: >>>>>> >>>>>> No, how would he have known the answers to the security questions to >>>>>> enable the SIM swap, and his emails were from Virgin Media, while the >>>>>> SIM was from O2.  Although not initially, my reading of the original >>>>>> article is now unambiguously that the email hack preceded the SIM swap >>>>>> and provided the initial personal information necessary to accomplish >>>>>> everything that followed. >>>>> >>>>> Virgin Media O2 are one company - VM and O2 merged June 2021.  I don't >>>>> know >>>>> whether they have merged customer accounts such that the same security >>>>> details are used for both.  In which case it may be that one set of >>>>> details >>>>> gives access to both mobile and emails. >>>> >>>> "If you've linked your Virgin Media and O2 details to create a new >>>> Virgin Media O2 ID, sign in with it here." >>>> >>>> https://accounts.o2.co.uk/signin >>> >>> But Theo's own transcription of events from the BBC Radio documentary >>> makes clear that he had not done so (first and last entries from this >>> excerpt): >> >>   That does not make it clear to me (he would still have an O2 password >> as well as a VM/O2 password). > > I disagree, your own quote shows that if it was a joint account for both, > he'd only have needed the one password, whereas the Theo's transcription > makes it plain that there were two. He would still have an O2 password, as well as a VM/02 password. (See the O2 website) >>> In brief: >>> - received a text from O2 (mobile operator) saying he'd changed his >>> password >>> - contacted O2 straight away and told SIM had been swapped >>> - told they'd stop that and send out a new SIM card, emailed to confirm >>> - next morning, email from EDF (energy supplier) asking for feedback on >>> recent contact with customer services >>> - called EDF, told they'd pass it on to the fraud section and get back >>> to him >>> - nothing happened for over a week >>> - called O2 again to make sure everything was stopped, put through to >>> fraud department >>> - just after received an email saying new SIM card had been sent out, >>> connected to a different number.  Queried with fraud department, said >>> didn't know, need to go to an O2 shop >>> - O2 shop couldn't do much as account had been stopped, couldn't look at it >>> - told them to check his emails >>> - contacted Virgin Media (ISP, merged with O2), told he'd changed his >>> password, had to go through changing password back again, told they'd >>> pass it to the fraud section >>> >>> It's difficult to deduce from this the exact ordering of events ... >>> >>> Because he had to contact VM to find out that he'd changed his email >> >>   'his password' may be 'his account password' rather than 'his email app >> password'. > > If it is 'his account password', then that completely supports my argument, > not yours, and 'his email app password' doesn't make any sense, perhaps you > mean 'his email password', but, unless he has multiple email addresses > under a single account with VM, of which there is no mention, why would he > need a separate email password? VM use the term 'email app password' (see their website).