Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.mobile.android > #146914 > unrolled thread
| Started by | Java Jive <java@evij.com.invalid> |
|---|---|
| First post | 2025-03-03 12:27 +0000 |
| Last post | 2025-03-15 08:48 -0400 |
| Articles | 20 on this page of 123 — 14 participants |
Back to article view | Back to comp.mobile.android
"'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-03 12:27 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-03 10:47 -0500
Re: "'Scammers stole £40k after EDF gave out my number" David Rance <david@SPAMOFF.invalid> - 2025-03-03 17:13 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-03 17:33 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Rance <david@SPAMOFF.invalid> - 2025-03-03 18:20 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-03 15:54 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 17:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-03 17:38 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-03 14:04 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 19:28 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:36 +0100
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:35 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-03 17:35 -0500
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-04 02:49 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-04 08:07 +0000
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-03 22:58 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-04 02:50 +0100
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-03 21:23 -0700
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-04 06:43 +0000
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-04 09:22 -0700
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-04 16:40 +0000
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-04 10:21 -0700
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-04 18:37 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-04 14:46 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-03 21:38 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-03 17:31 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-04 08:13 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-04 08:09 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-04 16:22 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-04 21:09 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-04 19:43 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-05 05:34 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 08:22 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-05 16:15 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 09:44 +0100
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-05 13:15 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 08:47 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 14:27 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 10:42 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 16:51 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 17:21 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 12:37 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-05 18:03 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 16:00 -0500
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 22:07 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-06 15:42 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-06 19:28 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 18:23 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 16:01 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 21:03 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 18:40 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 18:02 +0100
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-05 21:04 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 08:12 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 13:29 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 17:38 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 17:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 21:44 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 18:45 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 13:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 13:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-05 14:57 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-05 14:10 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-05 16:26 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 14:33 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-05 21:08 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-03 19:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 19:43 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:40 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 21:26 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:38 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 20:54 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-04 07:19 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:31 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Brian Gregory <void-invalid-dead-dontuse@email.invalid> - 2025-03-06 01:56 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-06 13:54 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Tweed <usenet.tweed@gmail.com> - 2025-03-06 14:57 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-06 11:09 -0500
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-06 11:17 -0700
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-07 09:12 -0500
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-07 09:35 -0700
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-06 18:24 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-06 19:36 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-07 09:17 -0500
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-07 16:16 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-08 10:30 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Brian Gregory <void-invalid-dead-dontuse@email.invalid> - 2025-03-06 16:37 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-06 19:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-07 07:37 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-07 10:46 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-07 13:24 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-07 09:38 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-07 15:35 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-07 15:46 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-14 18:49 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-15 09:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-15 11:46 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-15 08:35 -0400
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-15 17:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-15 19:27 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-15 23:30 -0400
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-16 05:01 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-16 08:47 -0400
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-16 13:47 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-16 15:13 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-16 16:04 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-16 18:00 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-17 08:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-17 13:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-17 14:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-17 18:44 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-20 10:42 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-20 12:48 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-20 13:18 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-20 13:27 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-20 14:28 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-20 16:02 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-20 13:00 -0400
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-16 11:54 -0400
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-16 16:09 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-16 19:23 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-16 23:10 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-15 08:48 -0400
Page 4 of 7 — ← Prev page 1 2 3 [4] 5 6 7 Next page →
| From | Frank Slootweg <this@ddress.is.invalid> |
|---|---|
| Date | 2025-03-05 13:25 +0000 |
| Message-ID | <vq9m13.2jc.1@ID-201911.user.individual.net> |
| In reply to | #146968 |
Chris <ithinkiam@gmail.com> wrote: [...] > Fortunately, the victim has had his 40k refunded. Do you have a reference - with details - for that? I.e. who accepted responsibility for which fault(s)?
[toc] | [prev] | [next] | [standalone]
| From | "Carlos E.R." <robin_listas@es.invalid> |
|---|---|
| Date | 2025-03-05 14:57 +0100 |
| Message-ID | <or1m9lxa3d.ln2@Telcontar.valinor> |
| In reply to | #146983 |
On 2025-03-05 14:25, Frank Slootweg wrote: > Chris <ithinkiam@gmail.com> wrote: > [...] >> Fortunately, the victim has had his 40k refunded. > > Do you have a reference - with details - for that? I.e. who accepted > responsibility for which fault(s)? Quote: «National Savings and Investments said it had refunded him the money taken from his account.» And that's the £40000, because earlier it reads (quote): «Worse news was to come, when he learned his National Savings and Investments password had been changed. "After an hour of talking to different people there, they said, 'You've actually taken out a very large amount of premium bonds, over £40,000'," said Stephen.» -- Cheers, Carlos.
[toc] | [prev] | [next] | [standalone]
| From | Theo <theom+news@chiark.greenend.org.uk> |
|---|---|
| Date | 2025-03-05 14:10 +0000 |
| Message-ID | <YFe*ABH8z@news.chiark.greenend.org.uk> |
| In reply to | #146986 |
In comp.mobile.android Carlos E.R. <robin_listas@es.invalid> wrote: > On 2025-03-05 14:25, Frank Slootweg wrote: > > Chris <ithinkiam@gmail.com> wrote: > > [...] > >> Fortunately, the victim has had his 40k refunded. > > > > Do you have a reference - with details - for that? I.e. who accepted > > responsibility for which fault(s)? > > Quote: «National Savings and Investments said it had refunded him the > money taken from his account.» > > And that's the £40000, because earlier it reads (quote): > > «Worse news was to come, when he learned his National Savings and > Investments password had been changed. > > "After an hour of talking to different people there, they said, 'You've > actually taken out a very large amount of premium bonds, over £40,000'," > said Stephen.» What I don't understand is how that's a fraud vector. NS&I premium bonds (a kind of government-backed savings account with 'interest' generated by a lottery-style algorithm, with certain tax advantages because they count as a lottery not savings) used to be paper things that you could 'hold'. But nowadays it's all electronic - it's a savings account in your name effectively. So if he did buy £40k of premium bonds, I don't know how the fraudster would have cashed that out - unless there's some flaw in the PB system? Theo
[toc] | [prev] | [next] | [standalone]
| From | Chris <ithinkiam@gmail.com> |
|---|---|
| Date | 2025-03-05 16:26 +0000 |
| Message-ID | <vq9tvn$2g7f3$1@dont-email.me> |
| In reply to | #146987 |
Theo <theom+news@chiark.greenend.org.uk> wrote: > In comp.mobile.android Carlos E.R. <robin_listas@es.invalid> wrote: >> On 2025-03-05 14:25, Frank Slootweg wrote: >>> Chris <ithinkiam@gmail.com> wrote: >>> [...] >>>> Fortunately, the victim has had his 40k refunded. >>> >>> Do you have a reference - with details - for that? I.e. who accepted >>> responsibility for which fault(s)? >> >> Quote: «National Savings and Investments said it had refunded him the >> money taken from his account.» >> >> And that's the £40000, because earlier it reads (quote): >> >> «Worse news was to come, when he learned his National Savings and >> Investments password had been changed. >> >> "After an hour of talking to different people there, they said, 'You've >> actually taken out a very large amount of premium bonds, over £40,000'," >> said Stephen.» > > What I don't understand is how that's a fraud vector. NS&I premium bonds > (a kind of government-backed savings account with 'interest' generated by a > lottery-style algorithm, with certain tax advantages because they count as a > lottery not savings) used to be paper things that you could 'hold'. But > nowadays it's all electronic - it's a savings account in your name > effectively. So if he did buy £40k of premium bonds, I don't know how the > fraudster would have cashed that out - unless there's some flaw in the PB > system? Yeah, I'm not sure how it worked either. I had some PBs until recently and you can only withdraw to a designated bank account and it takes a couple of days. They do use 2FA, but it was only enforced (relatively) recently so if the victim hadn't logged in for a while it might not have been set up. So given it took 48 hours for him to realise he'd been compromised and he only had email authentication set up, then the thief could have had time to change the bank details and then withdrawn the PBs.
[toc] | [prev] | [next] | [standalone]
| From | Frank Slootweg <this@ddress.is.invalid> |
|---|---|
| Date | 2025-03-05 14:33 +0000 |
| Message-ID | <vq9qs1.16p4.1@ID-201911.user.individual.net> |
| In reply to | #146986 |
Carlos E.R. <robin_listas@es.invalid> wrote: > On 2025-03-05 14:25, Frank Slootweg wrote: > > Chris <ithinkiam@gmail.com> wrote: > > [...] > >> Fortunately, the victim has had his 40k refunded. > > > > Do you have a reference - with details - for that? I.e. who accepted > > responsibility for which fault(s)? > > Quote: «National Savings and Investments said it had refunded him the > money taken from his account.» > > And that's the £40000, because earlier it reads (quote): > > «Worse news was to come, when he learned his National Savings and > Investments password had been changed. > > "After an hour of talking to different people there, they said, 'You've > actually taken out a very large amount of premium bonds, over £40,000'," > said Stephen.» Thanks for that! I apparently overlooked the first quote. I only saw the £50 "goodwill gesture" from EDF, which was a clear insult and so was the £125 "goodwill gesture" from O2 Virgin Media.
[toc] | [prev] | [next] | [standalone]
| From | "Carlos E.R." <robin_listas@es.invalid> |
|---|---|
| Date | 2025-03-05 21:08 +0100 |
| Message-ID | <ijnm9lxm9k.ln2@Telcontar.valinor> |
| In reply to | #146989 |
On 2025-03-05 15:33, Frank Slootweg wrote: > Carlos E.R. <robin_listas@es.invalid> wrote: >> On 2025-03-05 14:25, Frank Slootweg wrote: >>> Chris <ithinkiam@gmail.com> wrote: >>> [...] >>>> Fortunately, the victim has had his 40k refunded. >>> >>> Do you have a reference - with details - for that? I.e. who accepted >>> responsibility for which fault(s)? >> >> Quote: «National Savings and Investments said it had refunded him the >> money taken from his account.» >> >> And that's the £40000, because earlier it reads (quote): >> >> «Worse news was to come, when he learned his National Savings and >> Investments password had been changed. >> >> "After an hour of talking to different people there, they said, 'You've >> actually taken out a very large amount of premium bonds, over £40,000'," >> said Stephen.» > > Thanks for that! I apparently overlooked the first quote. I only saw > the £50 "goodwill gesture" from EDF, which was a clear insult and so was > the £125 "goodwill gesture" from O2 Virgin Media. The article has the information not in order, spread all over the text. The refund line is very near the end. -- Cheers, Carlos.
[toc] | [prev] | [next] | [standalone]
| From | Chris <ithinkiam@gmail.com> |
|---|---|
| Date | 2025-03-03 19:25 +0000 |
| Message-ID | <vq4vo3$1er4v$1@dont-email.me> |
| In reply to | #146919 |
Andy Burns <usenet@andyburns.uk> wrote: > Java Jive wrote: > >> "Scammers stole £40k after EDF gave out my number" > > Clearly EDF shouldn't go about giving out customer information, but I > ought to be able to paint my mobile number in 1ft high letters on the > side of my house and not have my SIM "swapped" You can. But if you /also/ add your full name and email address, then all bets are off. > All UK networks should take extra security measures, such as writing to > customers at known address to confirm such a drastic action. I'd be stupendously annoyed at any company giving my phone number to anyone including myself. Why would I legitimately ever need to be told my own mobile number?
[toc] | [prev] | [next] | [standalone]
| From | Andy Burns <usenet@andyburns.uk> |
|---|---|
| Date | 2025-03-03 19:43 +0000 |
| Message-ID | <m2mf3oF5im1U1@mid.individual.net> |
| In reply to | #146924 |
Chris wrote: > Why would I legitimately ever need to be told my own > mobile number? But why is knowing my mobile number sufficient to rip off my mobile account? I'd say hundreds of people know my mobile number ...
[toc] | [prev] | [next] | [standalone]
| From | "Carlos E.R." <robin_listas@es.invalid> |
|---|---|
| Date | 2025-03-03 21:40 +0100 |
| Message-ID | <omgh9lxofo.ln2@Telcontar.valinor> |
| In reply to | #146926 |
On 2025-03-03 20:43, Andy Burns wrote: > Chris wrote: > >> Why would I legitimately ever need to be told my own >> mobile number? > > But why is knowing my mobile number sufficient to rip off my mobile > account? I'd say hundreds of people know my mobile number ... They managed to did a SIM swap. For this they needed to trick some agency that duplicates SIMs into thinking it is really you who requests the duplicate SIM. -- Cheers, Carlos.
[toc] | [prev] | [next] | [standalone]
| From | Andy Burns <usenet@andyburns.uk> |
|---|---|
| Date | 2025-03-03 21:26 +0000 |
| Message-ID | <m2ml43F68k5U2@mid.individual.net> |
| In reply to | #146932 |
"Carlos E.R." wrote: > They managed to did a SIM swap. For this they needed to trick some > agency that duplicates SIMs into thinking it is really you who requests > the duplicate SIM. I only know the tabloid headline version of what's involved in a SIM swap, clearly the networks don't want to give out information about how it's actually done, but I wish I knew more about that e.g. to choose a network that protects their customers better ... I don't think any mobile network has ever invited me to setup TOTP/2FA on my account.
[toc] | [prev] | [next] | [standalone]
| From | "Carlos E.R." <robin_listas@es.invalid> |
|---|---|
| Date | 2025-03-03 21:38 +0100 |
| Message-ID | <1kgh9lxofo.ln2@Telcontar.valinor> |
| In reply to | #146924 |
On 2025-03-03 20:25, Chris wrote: > Andy Burns <usenet@andyburns.uk> wrote: >> Java Jive wrote: >> >>> "Scammers stole £40k after EDF gave out my number" >> >> Clearly EDF shouldn't go about giving out customer information, but I >> ought to be able to paint my mobile number in 1ft high letters on the >> side of my house and not have my SIM "swapped" > > You can. But if you /also/ add your full name and email address, then all > bets are off. It is quite normal for a person conducting business to publish all that, in order to be contacted by clients. You might have two phones, then. > >> All UK networks should take extra security measures, such as writing to >> customers at known address to confirm such a drastic action. > > I'd be stupendously annoyed at any company giving my phone number to anyone > including myself. Why would I legitimately ever need to be told my own > mobile number? To confirm that it is properly stored, because I claim I lost a phone call. -- Cheers, Carlos.
[toc] | [prev] | [next] | [standalone]
| From | Andy Burns <usenet@andyburns.uk> |
|---|---|
| Date | 2025-03-03 20:54 +0000 |
| Message-ID | <m2mj7sF68k5U1@mid.individual.net> |
| In reply to | #146924 |
Chris wrote: > I'd be stupendously annoyed at any company giving my phone number to anyone > including myself. Why would I legitimately ever need to be told my own > mobile number? True enough, but why should knowing anyone's phone number let the criminals take over the phone account? I must admit when I hear these stories, same as Newyana2 I tend to think there's something not being told about how it happens, like obvious passwords or identical passwords used for everything ...
[toc] | [prev] | [next] | [standalone]
| From | Chris <ithinkiam@gmail.com> |
|---|---|
| Date | 2025-03-04 07:19 +0000 |
| Message-ID | <vq69i7$1p77u$1@dont-email.me> |
| In reply to | #146934 |
Andy Burns <usenet@andyburns.uk> wrote: > Chris wrote: > >> I'd be stupendously annoyed at any company giving my phone number to anyone >> including myself. Why would I legitimately ever need to be told my own >> mobile number? > True enough, but why should knowing anyone's phone number let the > criminals take over the phone account? I don't know specifics, but from other accounts I've heard it's often a mixture of luck and guesswork on the side of the thief. Now that they know a few bits of information about you they can try and reuse that info to get access to your accounts. Email is the prize, but others can be useful. > I must admit when I hear these stories, same as Newyana2 I tend to think > there's something not being told about how it happens, like obvious > passwords or identical passwords used for everything ... I agree, although for many cases it won't be fully known.
[toc] | [prev] | [next] | [standalone]
| From | "Carlos E.R." <robin_listas@es.invalid> |
|---|---|
| Date | 2025-03-03 21:31 +0100 |
| Message-ID | <o6gh9lxofo.ln2@Telcontar.valinor> |
| In reply to | #146919 |
On 2025-03-03 18:25, Andy Burns wrote: > Java Jive wrote: > >> "Scammers stole £40k after EDF gave out my number" > > Clearly EDF shouldn't go about giving out customer information, but I > ought to be able to paint my mobile number in 1ft high letters on the > side of my house and not have my SIM "swapped" > > All UK networks should take extra security measures, such as writing to > customers at known address to confirm such a drastic action. Or start by phoning them. -- Cheers, Carlos.
[toc] | [prev] | [next] | [standalone]
| From | Brian Gregory <void-invalid-dead-dontuse@email.invalid> |
|---|---|
| Date | 2025-03-06 01:56 +0000 |
| Message-ID | <m2sdlgF2fjiU1@mid.individual.net> |
| In reply to | #146914 |
On 03/03/2025 12:27, Java Jive wrote: > So, EDF allowed them to go from his email address to obtaining his > mobile phone number for a SIM-swap scam, but I wonder how they managed > to go from either to all his savings accounts, unless they'd also > compromised his PC or phone as well; if the latter, why did they need to > go via EDF? Once you've got the email and done the SIM swap scam or hacked SS7 to read someone’s incoming SMS, that's enough, or almost enough, to get in to all sorts of things via the I've forgotten my password link on their websites. -- Brian Gregory (in England).
[toc] | [prev] | [next] | [standalone]
| From | Java Jive <java@evij.com.invalid> |
|---|---|
| Date | 2025-03-06 13:54 +0000 |
| Message-ID | <vqc9e4$30gdm$1@dont-email.me> |
| In reply to | #147013 |
On 2025-03-06 01:56, Brian Gregory wrote: > > On 03/03/2025 12:27, Java Jive wrote: >> >> So, EDF allowed them to go from his email address to obtaining his >> mobile phone number for a SIM-swap scam, but I wonder how they managed >> to go from either to all his savings accounts, unless they'd also >> compromised his PC or phone as well; if the latter, why did they need >> to go via EDF? > > Once you've got the email and done the SIM swap scam or hacked SS7 to > read someone’s incoming SMS, that's enough, or almost enough, to get in > to all sorts of things via the I've forgotten my password link on their > websites. But how would they know which banks, savings accounts, etc, to target without additional information? Just knowing his email address on its own would not be enough for this, there must be hundreds of people who know my email address, because they send me emails via it, but that fact alone doesn't make me vulnerable to hacking. At very least, they would have had to be able to read his emails, which would imply that the original problem was not EDF giving out his mobile number - which certainly they should not have done, and without that second breach of confidentiality it is true that the scam could not have progressed further, so they are undeniably at fault - but something like his email password being hacked somehow or other beforehand. How the latter could happen would be pure speculation as the original report I linked gave no details, but most probably either he clicked on something in a phishing scam email, or installed some dodgy software, or a site he visits was hacked and he used the same password in too many places. -- Fake news kills! I may be contacted via the contact address given on my website: www.macfh.co.uk
[toc] | [prev] | [next] | [standalone]
| From | Tweed <usenet.tweed@gmail.com> |
|---|---|
| Date | 2025-03-06 14:57 +0000 |
| Message-ID | <vqcd5k$314au$1@dont-email.me> |
| In reply to | #147027 |
Java Jive <java@evij.com.invalid> wrote: > On 2025-03-06 01:56, Brian Gregory wrote: >> >> On 03/03/2025 12:27, Java Jive wrote: >>> >>> So, EDF allowed them to go from his email address to obtaining his >>> mobile phone number for a SIM-swap scam, but I wonder how they managed >>> to go from either to all his savings accounts, unless they'd also >>> compromised his PC or phone as well; if the latter, why did they need >>> to go via EDF? >> >> Once you've got the email and done the SIM swap scam or hacked SS7 to >> read someone’s incoming SMS, that's enough, or almost enough, to get in >> to all sorts of things via the I've forgotten my password link on their >> websites. > > But how would they know which banks, savings accounts, etc, to target > without additional information? Just knowing his email address on its > own would not be enough for this, there must be hundreds of people who > know my email address, because they send me emails via it, but that fact > alone doesn't make me vulnerable to hacking. > > At very least, they would have had to be able to read his emails, which > would imply that the original problem was not EDF giving out his mobile > number - which certainly they should not have done, and without that > second breach of confidentiality it is true that the scam could not have > progressed further, so they are undeniably at fault - but something > like his email password being hacked somehow or other beforehand. How > the latter could happen would be pure speculation as the original report > I linked gave no details, but most probably either he clicked on > something in a phishing scam email, or installed some dodgy software, or > a site he visits was hacked and he used the same password in too many > places. > If the scammer has passed EDF’s security, which seems to have happened, perhaps they have the login credentials to the account. That would allow them to obtain a pdf of the utility bill. Unfortunately a utility bill is often demanded as a proof of ID. So perhaps the utility bill allowed access to the mobile phone account.
[toc] | [prev] | [next] | [standalone]
| From | Newyana2 <newyana@invalid.nospam> |
|---|---|
| Date | 2025-03-06 11:09 -0500 |
| Message-ID | <vqchaq$31s6r$1@dont-email.me> |
| In reply to | #147027 |
On 3/6/2025 8:54 AM, Java Jive wrote:
> On 2025-03-06 01:56, Brian Gregory wrote:
>>
>> On 03/03/2025 12:27, Java Jive wrote:
>>>
>>> So, EDF allowed them to go from his email address to obtaining his
>>> mobile phone number for a SIM-swap scam, but I wonder how they
>>> managed to go from either to all his savings accounts, unless they'd
>>> also compromised his PC or phone as well; if the latter, why did they
>>> need to go via EDF?
>>
>> Once you've got the email and done the SIM swap scam or hacked SS7 to
>> read someone’s incoming SMS, that's enough, or almost enough, to get
>> in to all sorts of things via the I've forgotten my password link on
>> their websites.
>
> But how would they know which banks, savings accounts, etc, to target
> without additional information? Just knowing his email address on its
> own would not be enough for this, there must be hundreds of people who
> know my email address, because they send me emails via it, but that fact
> alone doesn't make me vulnerable to hacking.
>
> At very least, they would have had to be able to read his emails
Think of the average person. First there was the SIM swap, so
now the scammer is getting all texts. They're also getting
2FA codes. With the email address they go to that and say they
forgot their password. Then there are two possiiblities. They may
need to know security questions, or they may have a password
reset link sent to their cellphone. If it's the latter then they have
email access. That's part of the lesson here. 2FA is not safer. It's
riskier. It's bringing an insecure, portable device into the mix and
trusting that device fully.
And most people use webmail, or at least IMAPwith email left
online so that they can read it from multiple devices. So all email
is there. It's not farfetched to think that they might find enough
data there to log into banking. No one has to bank online. No one
has to leave email on someone's server. Texts can be deleted. But
how many people follow such simple security guidelines? You can
see from the posts here that a lot of people will argue "'til the
cows come home" rather than admit that e-lifestyle is risky.
Another possible factor is online data hacks, which have become
very common. There was a case awhile back of a company in Florida
that was just a data wholesaler, buying and selling personal info.
They got hacked. So getting security question info that way is
possible.
The mystery here is why anyone thinks that dealing with
things like banking online, or putting important info in email left
indefinitely on servers, or leaving texts on one's phone, might be
safe. It's convenient. Period.
Anyone who assumes they're safe conducting their life online
is simply an ostrich who doesn't want to know the facts. In
their defense, the facts are well hidden. But it's still ostrich
mentality, driven by laziness.
[toc] | [prev] | [next] | [standalone]
| From | AJL <noemail@none.com> |
|---|---|
| Date | 2025-03-06 11:17 -0700 |
| Message-ID | <vqcorl$337fk$1@dont-email.me> |
| In reply to | #147033 |
On 3/6/2025 9:09 AM, Newyana2 wrote: > Anyone who assumes they're safe conducting their life online is > simply an ostrich who doesn't want to know the facts. In their > defense, the facts are well hidden. But it's still ostrich > mentality, driven by laziness. Perhaps the ostrich is anyone who thinks their life is not online these days. Go to the doctor? Your very personal info is online and available to the office staff, the computer service techs, the billing company, the insurance company, and of course hackers. Pay taxes? All online and available to many (honest?) government employees. Own a home? Here (AZ US) hackers are selling them without the owners knowledge using online government title info. Retired? My info is online for both my state and fed retirement accounts both of which are direct deposited into my online bank account. Likewise most of my investments. I could fill a couple of more paragraphs about folks living online these days but I think even an ostrich would get my point. So I don't think living on my phone as I do adds that much to the danger. My sensitive apps require 2 passwords (phone entry and app password) so I am not too worried about unauthorized access if lost. All I need is a couple of hours to get home and change things. Less if the wife is nearby with her phone. And of course if you think keeping your sensitive stuff only on your home computers keeps you safe then you should talk to my neighbor who lost all his electronics in a burglary...
[toc] | [prev] | [next] | [standalone]
| From | Newyana2 <newyana@invalid.nospam> |
|---|---|
| Date | 2025-03-07 09:12 -0500 |
| Message-ID | <vqeuq0$3ira8$1@dont-email.me> |
| In reply to | #147043 |
On 3/6/2025 1:17 PM, AJL wrote:
> On 3/6/2025 9:09 AM, Newyana2 wrote:
>
>> Anyone who assumes they're safe conducting their life online is
>> simply an ostrich who doesn't want to know the facts. In their
>> defense, the facts are well hidden. But it's still ostrich
>> mentality, driven by laziness.
>
> Perhaps the ostrich is anyone who thinks their life is not online these
> days.
>
My life is not online. Of course there's data online. What I
meant was living through a cellphone and all that entails.
> Go to the doctor? Your very personal info is online and available to the
> office staff, the computer service techs, the billing company, the
> insurance company, and of course hackers. Pay taxes? All online and
> available to many (honest?) government employees. Own a home? Here (AZ
> US) hackers are selling them without the owners knowledge using online
> government title info. Retired? My info is online for both my state and
> fed retirement accounts both of which are direct deposited into my
> online bank account. Likewise most of my investments. I could fill a
> couple of more paragraphs about folks living online these days but I
> think even an ostrich would get my point.
>
Which is what? That your laziness is justified because the world
has already gone to hell? That's a good example of ostrich logic.
Non-ostrich means simply relating to your life rather than looking
for excuses not to. It's not a black/white issue. The irony is that
ostriches always put a lot of effort into defending their ignorance:
"My doctor already knows my phone number, and my SS payment
is auto-deposited, so why should I care that Google tracks me
everywhere I go?"
> And of course if you think keeping your sensitive stuff only on your
> home computers keeps you safe then you should talk to my neighbor who
> lost all his electronics in a burglary...
>
You missed the whole point. But I know that you're in
a rush to go buy something you don't need so that you
can get some cash back on your credit card... And I
know that you're proud of such clever consumerism.
So I won't bore you with clarifications. :)
[toc] | [prev] | [next] | [standalone]
Page 4 of 7 — ← Prev page 1 2 3 [4] 5 6 7 Next page →
Back to top | Article view | comp.mobile.android
csiph-web