Path: ...!2.eu.feeder.erje.net!3.eu.feeder.erje.net!feeder.erje.net!feeds.news.ox.ac.uk!news.ox.ac.uk!nntp-feed.chiark.greenend.org.uk!ewrotcd!.POSTED.chiark.greenend.org.uk!not-for-mail From: Theo Newsgroups: comp.mobile.android,uk.telecom.mobile Subject: Re: "'Scammers stole =?UTF-8?Q?=C2=A340k?= after EDF gave out my number" Date: 16 Mar 2025 15:13:02 +0000 (GMT) Organization: University of Cambridge, England Message-ID: References: Injection-Info: chiark.greenend.org.uk; posting-host="chiark.greenend.org.uk:93.93.131.173"; logging-data="3158"; mail-complaints-to="abuse@chiark.greenend.org.uk" User-Agent: tin/1.8.3-20070201 ("Scotasay") (UNIX) (Linux/5.10.0-28-amd64 (x86_64)) Originator: theom@chiark.greenend.org.uk ([93.93.131.173]) Bytes: 2511 Lines: 21 In uk.telecom.mobile Java Jive wrote: > It makes perfect sense, what you are claiming makes no sense, and shows > that you have lost the chronological sequence of events. For one thing, > the use of the word 'had' implies that the hack was already in place at > the time of scammer's phone call, otherwise they would have said > something like "... and hacked ..." or "... used it to hack ..." or "... > and went on to hack ...". Further, if you reread the original report in > its entirety, how would he have persuaded EDF to give up the victim's > mobile number without personal identifying information that came from > access to his emails? Next, how would he have been able to confirm the > request for a replacement SIM without being able to reply to the > confirmatory email? When I've had to do a SIM swap (some time ago) it was all done on security questions, there was no confirmatory email. I don't think the mobile networks required an email address, and if you're on PAYG they still don't. I think there is not enough information to be clear about the sequencing, especially since emails and mobile are provided by the same company. Theo