Scams like these

[jakeseven7]

Neighbour has had a big one:

- SIM cloned / then ported away
- Email hacked
- Accounts (cash) hacked and 2 drained
- New credit cards opened in name and loaded up to limit

This was scary because they are a 30 something person, who works in…. You guessed it, cybersecurity….!

Very very tight on what they put on the net and very careful in general.

Can happen to anyone.

 

[MARTINE]

Neighbour has had a big one:

- SIM cloned / then ported away
- Email hacked
- Accounts (cash) hacked and 2 drained
- New credit cards opened in name and loaded up to limit

This was scary because they are a 30 something person, who works in…. You guessed it, cybersecurity….!

Very very tight on what they put on the net and very careful in general.

Can happen to anyone.

OMG that is dreadful. I am nowhere near as IT Savvy as your neighbor. If appropriate - is there anything they can identify as to how it happened.? As a cautionary tale for us. This is frightening

 

[whughes3]

Neighbour has had a big one:

- SIM cloned / then ported away
- Email hacked
- Accounts (cash) hacked and 2 drained
- New credit cards opened in name and loaded up to limit

This was scary because they are a 30 something person, who works in…. You guessed it, cybersecurity….!

Very very tight on what they put on the net and very careful in general.

Can happen to anyone.

If this person is relying on a phone for 2FA security they are not all that tech-savvy. Security tokens, hard or soft, are a much better choice.

 

[jakeseven7]

If this person is relying on a phone for 2FA security they are not all that tech-savvy. Security tokens, hard or soft, are a much better choice.

No one said they were and they aren’t.

And for many people and institutions those are not even on offer, which I agree with you clearly shows the level of care most major institutions have in this area…

 

[prozac]

No one said they were and they aren’t.

And for many people and institutions those are not even on offer, which I agree with you clearly shows the level of care most major institutions have in this area…

I had a Euro bank account which relied on a little device, guess a token machine, into which you would input the random number displayed online. In turn it would generate a new number and this would be typed online and access granted. I am still puzzled as to how this works.
Bendigo Bank use a token system you access via their mobile app.

 

[jakeseven7]

OMG that is dreadful. I am nowhere near as IT Savvy as your neighbor. If appropriate - is there anything they can identify as to how it happened.? As a cautionary tale for us. This is frightening

They are trying to pin it down, don’t know for sure but, there was an overseas trip that involved having to disclose passport information out for visas etc, so possible breach there.

 

[tdimdad]

I had a Euro bank account which relied on a little device, guess a token machine, into which you would input the random number displayed online. In turn it would generate a new number and this would be typed online and access granted. I am still puzzled as to how this works.
Bendigo Bank use a token system you access via their mobile app.

RSA SecurID, or similar. HSBC Australia used to have those, as well, but they've also started to favour mobile app-based codes.
The token generators are great from the security viewpoint and it also distributes the risk of device breakdowns (if your phone gets damaged, you can be severely stuck for a while with access to bank accounts, etc).

 

[tdimdad]

No numbers on the front face of the card, its on the reverse, where the magnetic strip is.
...
If you need to use the chip and pin, the numbers face down, ie, shop person won't see the numbers.
Its up to you if you want to insert and pin, or tap and go (no pin) under $100.

I was thinking of these kinds of payment terminals where the chip & pin happens by inserting the card vertically, front towards you and the card's backside towards the cashier. Hence the question of how much of the card number would be visible to the cashier at that moment?

Some countries have a lot lower limit for tap & go payments and you'll end up doing the physical card read more often than in Australia. A well-designed card and reader would keep the critical data points (last half of your card number and the CCV) secure in these interactions, too.

 

[AustraliaPoochie]

Never seen a card reader as in pix like that.
Don't think a lot of Aussie stores use that sort of EFTPOS reader.
Most of the ones I use regularly, EFTPOS machines that is, do not have the chip to the side.
In my stores, or the stores I go to, the chip reader is either on screen, on a bit above it, and below the digi keypad, is a slot to insert the card, esp if its an account transaction card, ie the former maestro one, ie, non mastercard/non visa label on it.
Then, now they have a system called Square, which is a tablet that has a card chip reader on it/inside it, too.
To bring this back to anti scam measures, I feel more confidence about using cards in Aust than in (eg), Thailand, if I ever wanted to visit Thailand or Indonesia or Malaysia, I would do the local cash, or bring along USD and change it when I arrive, granted the forex rate can be bad too, or "crooked".
===
Coles tap and go without a pin is still $200, wow, meaning to need to keep an eye on card if lost, ie, need to contact bank asap.
===
And know your bank's phone number to memory.
===
The ones I am most used to is the Ingenico brand of EFTPOS machines, with 3 button near the screen type.

 

[Bundy Bear]

Just popped in the inbox this afternoon at work;

myGov rarelyseen26@gmail com removed a .

You have a new message in your myGov inbox.



You have receive your 2021, 2022 tax update, verify your claims via myGov link: atoservicee.cc to view.



Regards, myGov team.


I am surprised the spam filter didn't even pick it up.



Do not reply to this email.

 

[JohnK]

They are trying to pin it down, don’t know for sure but, there was an overseas trip that involved having to disclose passport information out for visas etc, so possible breach there.

Not sure I understand how they clone a sim card and hack into email without you knowing this is going on.

But I do agree this is scary and I think being labelled guilty and the onus on you to prove your innocence is all wrong.

 

[AustraliaPoochie]

Though we are told that chip credit card are the safest, I am sure that those Europeans who got caught in Qld a few weeks ago, in the high vis jersey top, people like that would have systems to ping/clone cards.
As are you, not sure how, but cloning cards is not new.
===
New fangled system now called Shimmers, like Skimmers.

 

[prozac]

Though we are told that chip credit card are the safest, I am sure that those Europeans who got caught in Qld a few weeks ago, in the high vis jersey top, people like that would have systems to ping/clone cards.
As are you, not sure how, but cloning cards is not new.

Romanians, they come over periodically and often get caught. I recall some caught on Sydney Northern Beaches 20 yrs ago. On the old machines that required you insert the card they attache something extra to the mouth of the machine. I think this is what they did with ATMs in Qld recently. Must be an industry that adds the the Romanian GDP.

 

[jakeseven7]

Not sure I understand how they clone a sim card and hack into email without you knowing this is going on.

But I do agree this is scary and I think being labelled guilty and the onus on you to prove your innocence is all wrong.

It didn’t happen all at once as far as I understand it. From memory the phone was the first thing that happened.

On your second point I agree - they were treated so poorly by the banks especially. ANZ were awful - on hold for hours and hours apparently. Commonwealth was apparently very argumentative.

I think it’s ripe for banking reform in this area - and better payment validation as well. Australian banking is a disgrace.

 

[OZDUCK]

Just before I retired we got a very interesting visit/talk from a US Secret Service agent about the various methods used in the US to skim card details at ATM's etc. Lots of photos showing how hard it could be to detect the devices. She was in W.A to liaise with the local police but came to Fremantle for the morning.

 

[AustraliaPoochie]

That AFP fellow mentioned they come on fake passports, but we all know how hard it is to get through smartgate, have to take off glasses, and that passports must be smart passports to use smartgate, and if not using smartgate, then the mug shot must match the person facing the ABF person.
Not saying the ABF people can't tell a fake passport, but really, is it so easy/it must be so easy for these scammers to match photo in passport, and person, and the passport is fake...
So to sum up, aye, there must be an industry in Europe, that first matches crims with passport photos, and also the passport chip.
If they can do that successfully, so they must be able to do anything, even close chip on credit cards in Aust.
===
Who knows, there might be home crims helping these "imports".
Bik***.

 

[VPS]

Just before I retired we got a very interesting visit/talk from a US Secret Service agent about the various methods used in the US to skim card details at ATM's etc. Lots of photos showing how hard it could be to detect the devices. She was in W.A to liaise with the local police but came to Fremantle for the morning.

And there is the story of the guy who dressed up as a security guard next to a deposit thingy (can't think of the right word but in the cash was king days). He just said the deposit is faulty and I'm here to take your deposits. He made a fortune

 

[JohnK]

I think it’s ripe for banking reform in this area - and better payment validation as well. Australian banking is a disgrace.

Reforms have to come quickly. I've now heard of the scenario you've described a few times and it can be extremely stressful.

How does an individual prove that their identity was stolen and they didn't borrow the money? Your life would pretty much go on hold while you tried to clear your name.

 

[Buzzard]

The joys of Facebook...
That page has whopping four followers, too. Very popular, indeed. What strikes here is the low level of effort to make it even look like a genuine JBH ad.

Funny how the ad shows as "sponsored"
What is sponsored in this scenario?
You can get FB jail time for making a comment yet FB seem to allow these scammers on marketplace.

 

[Forg]

Funny how the ad shows as "sponsored"
What is sponsored in this scenario?
You can get FB jail time for making a comment yet FB seem to allow these scammers on marketplace.

If you pointed it out to FaeceBook (is that possible?) they’d shut it down.
Bad Words can be searched-for in an automated way.