Phone numbers hijacked remotely. Gmail hacked. Logins & passwords stolen. Bank accounts breached and plundered…You need to know how to protect yourself. My posts will be a bit lighter the next few days as I rebuild computers, etc. This post is not about ‘ultralight hiking’ I know, but you are likely to be hiking a bit more ultralight than you would like if these guys succeed!
We have been comprehensively hacked (and money stolen – will be replaced by Commbank). First these people (began to) ‘Port’ our phones to their Sims without our awareness, knowledge or permission. Before this happened I received an SMS SecurityCode from Commsec which I hadn’t asked for. I rang and told Commsec but they were confident of their system. They were wrong, and had never had this happen to them before either! The person must already have had our login and password at Commsec before our phone/s was ported. That is it was probably obtained from my wife’s phone before it had finished ‘porting’. I wouldn’t have thought they could get data from her smart phone without having either her phone or Sim, but there you are. Then they hacked her Gmail account and changed the Password. They were able to take cash from a Commsec account I can only do transfers from, and from other bank accounts.
I now notice one’s phone (eg Chrome) stores history, passwords etc. And of course ‘Synch’ allows other security problems. You need to delete this stuff, logs emails etc. Telstra tells us there is a lot of this ‘porting’ fraud going on. All people need to know is your name and phone number. They will have acquired other people’s IDs from our phones. Sorry about that! They could get the same information from the phone book etc.
Neither Telstra, Commsec nor Commbank knows how they are doing this. We have up to date Norton on all our devices. I have changed our modem ID and Password. Shut down all computers and phones and am rebuilding one at a time. Am typing this from the first one I rebuilt. Complete reformat and new genuine windows plus new Norton, then update system scan etc, Nothing will be stored electronically in future.
Telstra tells me the crooks can do this again anytime they want. Bizarre you have to have two photo IDs to buy a phone/service but people can steal it electronically without ID. You would think Telstra etc would insist that ‘porting’ can only be done in a Telstra shop after you have shown your photo Ids and been confirmed…
BEWARE! (Pass this on). PS: It’s now happened to two (correction, three) of our friends too!
A friend has suggested this additional Password security solution https://www.troyhunt.com/only-secure-password-is-one-you-cant/ Do read this. It seems like good advice to me. Norton also has a ‘secure’ Login/Password storage vault system.
PS: (Nov 2016)
Google have now implemented 2/3 stage security for their accounts which you should implement to prevent these folk from taking over your Google accounts. We wrote to our MP and the Attorney General about the security implications of this ‘porting’. ‘Nothing to see here’ was their reply!
These thieves have been back into our Commbank accounts for some more money. This time they created a virtual credit card and were again able to take cardless cash out of two accounts. Commbank seem powerless to stop them or prevent it even though the thieves use credit cards to pay for txis to/from the ATMs!