Sinister fraud schemes leave Optus customer losing $10,000: ‘My identity has been trashed’
By
Seia Ibanez
- Replies 3
Our personal and financial security is more vulnerable than ever in the digital age.
The story of Andrew Ryder, a Townsville business owner and army veteran, served as a reminder of how quickly and devastatingly fraudsters can strike, leaving even the most diligent among us reeling from the loss.
Ryder's ordeal began on 19 March with a seemingly innocuous text message from his telecommunications provider, Optus, informing him that a request to transfer his phone number to a new SIM card was being processed.
‘I called Optus, they wanted me to identify myself on the phone and I'm thinking, “I'm not sure if I'm talking to the scammers or Optus at this stage,”’ Ryder said.
This was the first step in a sophisticated scam known as SIM-swap fraud, which allows criminals to hijack a victim's mobile phone number and, by extension, their digital identity.
By impersonating the victim, the fraudster contacts the phone provider to activate a new SIM card linked to the victim's phone number.
For Ryder, the consequences were swift and severe.
Within 24 hours of the fraudulent SIM swap, and before he could make it to his local Optus branch, he discovered that $10,000 had vanished from his bank account and lost access to his email, Google, and Facebook accounts.
‘I contacted my banks and asked them to shut my account, and they investigated it, and said there appears to be $10,000 taken out,’ Ryder said.
‘I've had a credit line opened against my name [and] I've lost access to my email accounts, my Google account and my Facebook account.’
‘The money was from my rainy-day account, so I consider myself fortunate there, but my digital identity has been completely trashed.’
The thief had called the bank, impersonating Ryder, and provided a security code sent to the newly activated SIM to authorise the transaction.
The bank also asked the person what Ryder did in the army, which took them 20 seconds to answer.
‘That's easily found online. You just have to Google my name, and that information comes up, so that should have been an alarm for them, but it wasn't,’ Ryder said.
Optus stated it has protections against SIM-swap and phone porting fraud, but these measures can be circumvented when passwords and personal information are stolen.
‘Our customer care experts acted quickly when made aware of this issue, and the customer has now regained control of their mobile number,’ a spokesperson said.
The bank, initially reluctant to reimburse the stolen funds, eventually did so after inquiries.
‘We have reimbursed Mr Ryder and reassured him that we have taken appropriate steps to ensure his funds are not at risk,’ a spokesperson said.
Despite new rules introduced in mid-2020 requiring telecommunications companies to use multifactor ID authentication, Ryder's phone number was illegally ported.
The Australian Communications and Media Authority (ACMA) stated that mobile porting fraud has dropped by 95 per cent due to these rules.
‘There is no indication these types of scams are rising, however, in some cases, scammers may still be able to defraud someone where they have stolen a person's identity,’ the spokesperson said.
Ryder's bank records showed that his phone number was moved from Optus to ETEL, a small phone provided in Sydney that uses the Optus network.
ETEL mentioned that they sent a special code via text message to ensure that the person trying to switch their phone number actually had the phone with them.
‘The person initiating the port would require direct access to a SIM card with that phone number already on it,’ a spokesperson said.
‘For someone to gain access to the SIM, the handset would have to be stolen, or someone may have done a SIM swap at the original provider.’
The Telecommunications Industry Ombudsman advised telcos to stay alert to the increasing risk of fraud and scams.
In a similar story, another Optus customer woke up to the reality that his bank accounts and credit card had been compromised while he was on holiday.
He later confirmed that his number was illegally ported. You can read more about the story here.
If you think you've been scammed, report it to Scamwatch. If you're worried the scammer has your financial details, contact your bank immediately.
You can visit our Scam Watch forum to stay updated on the latest tricks scammers use to deceive people out of their money and sensitive details.
Have you or someone you know been affected by a similar scam? Share them with us in the comments below.
The story of Andrew Ryder, a Townsville business owner and army veteran, served as a reminder of how quickly and devastatingly fraudsters can strike, leaving even the most diligent among us reeling from the loss.
Ryder's ordeal began on 19 March with a seemingly innocuous text message from his telecommunications provider, Optus, informing him that a request to transfer his phone number to a new SIM card was being processed.
‘I called Optus, they wanted me to identify myself on the phone and I'm thinking, “I'm not sure if I'm talking to the scammers or Optus at this stage,”’ Ryder said.
This was the first step in a sophisticated scam known as SIM-swap fraud, which allows criminals to hijack a victim's mobile phone number and, by extension, their digital identity.
By impersonating the victim, the fraudster contacts the phone provider to activate a new SIM card linked to the victim's phone number.
For Ryder, the consequences were swift and severe.
Within 24 hours of the fraudulent SIM swap, and before he could make it to his local Optus branch, he discovered that $10,000 had vanished from his bank account and lost access to his email, Google, and Facebook accounts.
‘I contacted my banks and asked them to shut my account, and they investigated it, and said there appears to be $10,000 taken out,’ Ryder said.
‘I've had a credit line opened against my name [and] I've lost access to my email accounts, my Google account and my Facebook account.’
‘The money was from my rainy-day account, so I consider myself fortunate there, but my digital identity has been completely trashed.’
The thief had called the bank, impersonating Ryder, and provided a security code sent to the newly activated SIM to authorise the transaction.
The bank also asked the person what Ryder did in the army, which took them 20 seconds to answer.
‘That's easily found online. You just have to Google my name, and that information comes up, so that should have been an alarm for them, but it wasn't,’ Ryder said.
Optus stated it has protections against SIM-swap and phone porting fraud, but these measures can be circumvented when passwords and personal information are stolen.
‘Our customer care experts acted quickly when made aware of this issue, and the customer has now regained control of their mobile number,’ a spokesperson said.
The bank, initially reluctant to reimburse the stolen funds, eventually did so after inquiries.
‘We have reimbursed Mr Ryder and reassured him that we have taken appropriate steps to ensure his funds are not at risk,’ a spokesperson said.
Despite new rules introduced in mid-2020 requiring telecommunications companies to use multifactor ID authentication, Ryder's phone number was illegally ported.
The Australian Communications and Media Authority (ACMA) stated that mobile porting fraud has dropped by 95 per cent due to these rules.
‘There is no indication these types of scams are rising, however, in some cases, scammers may still be able to defraud someone where they have stolen a person's identity,’ the spokesperson said.
Ryder's bank records showed that his phone number was moved from Optus to ETEL, a small phone provided in Sydney that uses the Optus network.
ETEL mentioned that they sent a special code via text message to ensure that the person trying to switch their phone number actually had the phone with them.
‘The person initiating the port would require direct access to a SIM card with that phone number already on it,’ a spokesperson said.
‘For someone to gain access to the SIM, the handset would have to be stolen, or someone may have done a SIM swap at the original provider.’
The Telecommunications Industry Ombudsman advised telcos to stay alert to the increasing risk of fraud and scams.
In a similar story, another Optus customer woke up to the reality that his bank accounts and credit card had been compromised while he was on holiday.
He later confirmed that his number was illegally ported. You can read more about the story here.
If you think you've been scammed, report it to Scamwatch. If you're worried the scammer has your financial details, contact your bank immediately.
Key Takeaways
- A Townsville business owner lost $10,000 and his digital identity due to a phone porting and SIM-swap scam.
- The fraudster transferred the victim's phone number to another device, gaining access to his personal accounts.
- Despite new multifactor ID authentication rules, the illegal phone porting occurred, though overall incidents have dropped by 95 per cent since the rules were introduced.
- After initially refusing, the victim's bank agreed to reimburse the stolen funds, and Optus helped the victim regain control of his mobile number.
Have you or someone you know been affected by a similar scam? Share them with us in the comments below.