Story telling from Australia
The story of the garden disaster will have to wait because something more urgent came up. My phone was hacked. Then my bank account.
Here’s how it happened.
Around 2pm on Sunday afternoon hackers took over my mobile phone number. I was at an engagement party so I didn’t notice the phone switch to ‘SOS only’. I’ve seen that happen when coverage is poor, so even if I had noticed I doubt I would have reacted. Maybe the signal wasn’t great in the hotel, maybe the phone provider had an outage, who knows. As it was, my phone was in my bag and I was at a party.
When I got home around 6.30pm I noticed the unusual ‘SOS only’ message. I switched off the phone, switched it on again and assumed Telstra had a problem. A niggling doubt made me ring them from the landline.
‘There seems to be something wrong with my mobile phone.’
I gave her my name, address and date of birth for verification.
‘Yes, you replaced the SIM.’
‘No I didn’t.’
‘You rang this afternoon.’
Had Clyde rung Telstra? Had they confused his number with mine? He was at a birthday dinner in the Blue Mountains and I was loath to interrupt him for something so trivial.
‘I didn’t ring. It wasn’t me.’
It turned out it wasn’t so trivial. Someone pretending to be me had rung, twice (the second time to ask for an upgraded phone) and they knew my name, address and date of birth. That was all they needed to take over my phone. Telstra blocked the number, advised me to go into a store with ID and I was left without a phone.
Then for some reason the landline stopped working, an unrelated problem that spooked me big time, so I went online to send Clyde a message and found an email from the bank.
We’ve noticed some unusual activity on your account…
Several thousand dollars had disappeared from my savings account.
I’d been hacked.
Here’s how they do it. The weak spot is your mobile phone. If a hacker has your name, address, date of birth and mobile phone number they can call your provider and take over your SIM. Your phone number is now their phone number. My birthday isn’t listed on Facebook but it doesn’t take a genius to spot ‘Happy Birthday’. I don’t know how they guessed the year but if I were you I’d be deleting any ‘Happy 21st’ or ‘Happy 40th’.
At some point they must have stolen a piece of mail, probably my bank statement, which gave them all the details they needed to phone the bank, pretend to be me, and perhaps claim they’d forgotten how to access phone banking. (The bank is naturally cagey on the details.)
So the bank checks I’m legitimate by sending a code to my mobile phone, only my mobile number now belongs to a hacker and Bingo! They’re into my account.
It’s that easy.
Here’s what you can do to protect yourself.
Ask for an additional level of security on your phone. Set a password and tell your provider that any significant changes like porting your number will need your date of birth and that password.
If your computer doesn’t already have it, add anti-virus software, keep it updated, and use it regularly.
Even when the bank has changed your cards and your password, investigated the fraud and added extra security, double check the personal details they hold for you. After my account had been cleared to use, I discovered the hackers had left their mark. They’d changed the mailing address for my statements and the bank hadn’t picked up on it. The address was a unit where lots of people come and go and mail is intermittently collected. My mail!
It’s not as bad as it sounds. No-one got hurt. Banks are insured. The money will come back and it was no bad thing to add extra security and change all my passwords. I’ve asked for online statements from now on and I’ll also be letting the passport office and driving licence know in case they try to get copies made. And I told the police.
If you’ve been hacked and you’ve got any tips on what to do, please share them.