We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
...I was in Berlin and received a few messages from Currensea, 2 of them containing a OTP code. As I hadn't instigated this I ignored it. A few weeks later 5 x £99.99 was spent in the UK using Applepay.
Well, personally I'd never ignore this. And many (not all unfortunately) SMS with OTP do say something like "If you aren't expecting this, please call us".
AFAIK, SMS aren't encrypted and, theoretically, can be intercepted. Don't know if this happens in practice - use google.
Also, there are PC programs, e.g. 'Phone Link' for Windows that allow you to link a PC to a smartphone and see your SMS (and photos). Any chance you have anything like this installed on your PC that somebody else has access to?
Regardless, complain formally to your bank, then escalate to FOS.
I've realised that the ability of some apps to "automatically" gather an OTP from your SMS feed and apply it to a response screen waiting for the code is perhaps not the finest bit of security sidestepping ever implemented.
