PAC Code Fraud attempt

mariposa687

A few days ago, I got a call from my network saying I had requested a PAC for my current number, but that I had called from a different phone. They refused to give the person who called the number. They did manage to clear security though which is worrying.



I asked for them to put some notes on my account and not to give out any information to anyone who called from another number. I changed my password and passwords on other accounts. I informed by bank of the attempt. 2 days later my phone went out of service - call to my network reveals the hacker has reported it lost. Managed to get the bar off my phone and working again.


My question is, what do they have to gain from reporting my phone as lost? Is it because they couldn't get the PAC code?



My network are concerned it is someone who knows me, and I am now too. It's a lot of effort to go and I would have thought a hacker would have moved on after they failed the I.D check

d123

mariposa687 wrote: »

A few days ago, I got a call from my network saying I had requested a PAC for my current number, but that I had called from a different phone. They refused to give the person who called the number. They did manage to clear security though which is worrying.



I asked for them to put some notes on my account and not to give out any information to anyone who called from another number. I changed my password and passwords on other accounts. I informed by bank of the attempt. 2 days later my phone went out of service - call to my network reveals the hacker has reported it lost. Managed to get the bar off my phone and working again.


My question is, what do they have to gain from reporting my phone as lost? Is it because they couldn't get the PAC code?



My network are concerned it is someone who knows me, and I am now too. It's a lot of effort to go and I would have thought a hacker would have moved on after they failed the I.D check

Sounds more personal than a hacker, having a problem with someone like a friend or family member?

Frozen_up_north

Phone networks have lousy security, there have been cases of fraudsters visiting phone shops to report their mobile/SIM lost and being able to obtain a replacement SIM, then use it freely at the original owners expense.


Three have terrible security, anyone who knows your date of birth and address can speak with Three C/S pretending to be you!

mariposa687

See, several people have said they think it's personal but I don't know who would do that and I don't know how I would find out. I've already written to my network to ask for a transcript of the conversation with the hacker but I doubt I will get it.

stragglebod

The purpose of sim card fraud is to hijack your phone number, and therefore capture 2 step verification text messages when the hacker attempts to reset passwords on your bank and other accounts.

d123

stragglebod wrote: »

The purpose of sim card fraud is to hijack your phone number, and therefore capture 2 step verification text messages when the hacker attempts to reset passwords on your bank and other accounts.

A lot of if’s in that.

If they know your name, number, and personal details
if they know who you Bank with
if they know you use online banking
if they know your bank uses OTP codes by SMS

PHK

d123 wrote: »

A lot of if’s in that.

If they know your name, number, and personal details
if they know who you Bank with
if they know you use online banking
if they know your bank uses OTP codes by SMS

SIM swap fraud is a thing. It takes advantage of people who don't keep themselves secure, banks who use 2FA and phone companies .

Thankfully, the phone companies and banks have tightened up processes. There's on big issue remaining and that's theft reporting. Phone companies are obliged to accept reports of stolen handsets from third parties who have a reason why the subscriber, is not present. (My brother is in hospital and his phone was stolen etc).

If a new card is issued it can be intercepted. I think we'll see much tighter security around SIMs in the future.

But people can also keep their information much more secure. Don't leave phones or purses/wallets lying around and keeping PCs secure seems obvious, but there are other more banal things to do.

Some could even be comical, if you're going out drinking and might fall asleep (or go back to a strangers) then don't take cards or other info with you.

https://www.theguardian.com/money/2016/apr/16/sim-swap-fraud-mobile-banking-fraudsters

d123

PHK wrote: »

SIM swap fraud is a thing. It takes advantage of people who don't keep themselves secure, banks who use 2FA and phone companies .

Thankfully, the phone companies and banks have tightened up processes. There's on big issue remaining and that's theft reporting. Phone companies are obliged to accept reports of stolen handsets from third parties who have a reason why the subscriber, is not present. (My brother is in hospital and his phone was stolen etc).

If a new card is issued it can be intercepted. I think we'll see much tighter security around SIMs in the future.

But people can also keep their information much more secure. Don't leave phones or purses/wallets lying around and keeping PCs secure seems obvious, but there are other more banal things to do.

Some could even be comical, if you're going out drinking and might fall asleep (or go back to a strangers) then don't take cards or other info with you.

https://www.theguardian.com/money/2016/apr/16/sim-swap-fraud-mobile-banking-fraudsters

Completely agree, but sim swap fraud is more likely to be connected to phishing or some other additional crime/action, it’s unlikely to be out of the blue as a stand-alone incident. The OP here sounds more like revenge or personal, why would a hacker go to the time and trouble to report the phone stolen which really just inconveniences the OP.