Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > uk.telecom.mobile > #45840 > unrolled thread
| Started by | Java Jive <java@evij.com.invalid> |
|---|---|
| First post | 2025-03-03 12:27 +0000 |
| Last post | 2025-03-15 08:48 -0400 |
| Articles | 20 on this page of 111 — 14 participants |
Back to article view | Back to uk.telecom.mobile
"'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-03 12:27 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-03 10:47 -0500
Re: "'Scammers stole £40k after EDF gave out my number" David Rance <david@SPAMOFF.invalid> - 2025-03-03 17:13 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-03 17:33 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Rance <david@SPAMOFF.invalid> - 2025-03-03 18:20 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-03 15:54 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 17:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-03 14:04 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 19:28 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:36 +0100
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:35 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-03 17:35 -0500
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-04 02:49 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-04 08:07 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-03 21:38 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-03 17:31 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-04 08:13 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-04 08:09 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-04 16:22 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-04 21:09 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-04 19:43 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-05 05:34 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 08:22 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-05 16:15 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 09:44 +0100
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-05 13:15 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 08:47 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 14:27 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 10:42 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 16:51 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 17:21 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 12:37 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-05 18:03 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 16:00 -0500
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 22:07 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-06 15:42 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-06 19:28 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 18:23 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 16:01 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 21:03 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 18:40 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 18:02 +0100
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-05 21:04 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-05 08:12 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 13:29 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 17:38 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Abandoned Trolley <that.bloke@microsoft.com> - 2025-03-05 17:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" David Wade <dave@g4ugm.invalid> - 2025-03-05 21:44 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 18:45 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 13:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 13:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-05 14:57 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-05 14:10 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-05 16:26 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-05 14:33 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-05 21:08 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-03 19:25 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 19:43 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:40 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 21:26 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:38 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-03 20:54 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-04 07:19 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-03 21:31 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Brian Gregory <void-invalid-dead-dontuse@email.invalid> - 2025-03-06 01:56 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-06 13:54 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Tweed <usenet.tweed@gmail.com> - 2025-03-06 14:57 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-06 11:09 -0500
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-06 11:17 -0700
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-07 09:12 -0500
Re: "'Scammers stole £40k after EDF gave out my number" AJL <noemail@none.com> - 2025-03-07 09:35 -0700
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-06 18:24 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-06 19:36 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-07 09:17 -0500
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-07 16:16 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-08 10:30 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Brian Gregory <void-invalid-dead-dontuse@email.invalid> - 2025-03-06 16:37 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-06 19:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Chris <ithinkiam@gmail.com> - 2025-03-07 07:37 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-07 10:46 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-07 13:24 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-07 09:38 -0500
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-07 15:35 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-07 15:46 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-14 18:49 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-15 09:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-15 11:46 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-15 08:35 -0400
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-15 17:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-15 19:27 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-15 23:30 -0400
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-16 13:47 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-16 15:13 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-16 16:04 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Theo <theom+news@chiark.greenend.org.uk> - 2025-03-16 18:00 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-17 08:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-17 13:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-17 14:53 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-17 18:44 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-20 10:42 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-20 12:48 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-20 13:18 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-20 13:27 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Nick Finnigan <nix@genie.co.uk> - 2025-03-20 14:28 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Andy Burns <usenet@andyburns.uk> - 2025-03-20 16:02 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-20 13:00 -0400
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-16 11:54 -0400
Re: "'Scammers stole £40k after EDF gave out my number" Java Jive <java@evij.com.invalid> - 2025-03-16 16:09 +0000
Re: "'Scammers stole £40k after EDF gave out my number" Frank Slootweg <this@ddress.is.invalid> - 2025-03-16 19:23 +0000
Re: "'Scammers stole £40k after EDF gave out my number" "Carlos E.R." <robin_listas@es.invalid> - 2025-03-16 23:10 +0100
Re: "'Scammers stole £40k after EDF gave out my number" Newyana2 <newyana@invalid.nospam> - 2025-03-15 08:48 -0400
Page 5 of 6 — ← Prev page 1 2 3 4 [5] 6 Next page →
| From | Java Jive <java@evij.com.invalid> |
|---|---|
| Date | 2025-03-07 13:24 +0000 |
| Message-ID | <vqes1l$3i7oj$1@dont-email.me> |
| In reply to | #45920 |
On 2025-03-06 19:53, Java Jive wrote:
>
> On 2025-03-06 16:37, Brian Gregory wrote:
>>
>> On 06/03/2025 13:54, Java Jive wrote:
>>>
>>> But how would they know which banks, savings accounts, etc, to target
>>> without additional information?
>>
>> They're hackers after money. They are not lazy. They try them one by
>> one. Why would you think they wouldn’t bother to do that?
>
> Doesn't sound likely to me, they want the money, but they wouldn't want
> to take unnecessary risks of getting caught, and randomly trying banks
> and financial organisations without the necessary identifying
> information such as account numbers would likely fail, and perhaps cause
> the police to be contacted.
It seems very likely that I was correct. Rereading the original BBC
report, there is a single sentence which most of us seem to have missed
on first reading ...
"O2 Virgin Media confirmed the scammer telephoned its call centre
requesting a new Sim and had hacked Stephen's emails."
... so, as I had supposed, they were reading the victim's emails, and
that is how they knew:
- His various account details;
- There was enough in them to be worth setting up the SIM swap scam.
--
Fake news kills!
I may be contacted via the contact address given on my website:
www.macfh.co.uk
[toc] | [prev] | [next] | [standalone]
| From | Newyana2 <newyana@invalid.nospam> |
|---|---|
| Date | 2025-03-07 09:38 -0500 |
| Message-ID | <vqf0ca$3j5oo$1@dont-email.me> |
| In reply to | #45926 |
On 3/7/2025 8:24 AM, Java Jive wrote: > It seems very likely that I was correct. Rereading the original BBC > report, there is a single sentence which most of us seem to have missed > on first reading ... > > "O2 Virgin Media confirmed the scammer telephoned its call centre > requesting a new Sim and had hacked Stephen's emails." > It's confusing, but that seems to be backward. The scammer called the phone company, giving email and name to get the cellphone number, then initiated a SIM swap. That, then, gave him the means to change the passwords. It would be interesting to see a security expert look at this in detail. There are many reports online, but they all seem to be reprints of one poorly researched article.
[toc] | [prev] | [next] | [standalone]
| From | Nick Finnigan <nix@genie.co.uk> |
|---|---|
| Date | 2025-03-07 15:35 +0000 |
| Message-ID | <vqf3oc$1aivq$4@dont-email.me> |
| In reply to | #45930 |
On 07/03/2025 14:38, Newyana2 wrote: > On 3/7/2025 8:24 AM, Java Jive wrote: > >> It seems very likely that I was correct. Rereading the original BBC >> report, there is a single sentence which most of us seem to have missed >> on first reading ... >> >> "O2 Virgin Media confirmed the scammer telephoned its call centre >> requesting a new Sim and had hacked Stephen's emails." >> > > It's confusing, but that seems to be backward. The scammer > called the phone company, giving email and name to get the > cellphone number, then initiated a SIM swap. That, then, gave him > the means to change the passwords. No, the scammer called EDF to get the mobile phone number.
[toc] | [prev] | [next] | [standalone]
| From | Andy Burns <usenet@andyburns.uk> |
|---|---|
| Date | 2025-03-07 15:46 +0000 |
| Message-ID | <m30imsFlmpmU1@mid.individual.net> |
| In reply to | #45930 |
Newyana2 wrote: > It would be interesting to see a security expert look at this > in detail. But they're not going to publish detail ... it'd be a scammer's text book.
[toc] | [prev] | [next] | [standalone]
| From | Theo <theom+news@chiark.greenend.org.uk> |
|---|---|
| Date | 2025-03-14 18:49 +0000 |
| Message-ID | <buh*n6r9z@news.chiark.greenend.org.uk> |
| In reply to | #45930 |
In comp.mobile.android Newyana2 <newyana@invalid.nospam> wrote: > On 3/7/2025 8:24 AM, Java Jive wrote: > > > It seems very likely that I was correct. Rereading the original BBC > > report, there is a single sentence which most of us seem to have missed > > on first reading ... > > > > "O2 Virgin Media confirmed the scammer telephoned its call centre > > requesting a new Sim and had hacked Stephen's emails." > > > > It's confusing, but that seems to be backward. The scammer > called the phone company, giving email and name to get the > cellphone number, then initiated a SIM swap. That, then, gave him > the means to change the passwords. > > It would be interesting to see a security expert look at this > in detail. There are many reports online, but they all seem to be > reprints of one poorly researched article. The radio programme is here and starts at 40m50s (not sure if BBC Sounds is geoblocked but I don't think so): https://www.bbc.co.uk/sounds/play/m0028bj1 In brief: - received a text from O2 (mobile operator) saying he'd changed his password - contacted O2 straightaway and told SIM had been swapped - told they'd stop that and send out a new SIM card, emailed to confirm - next morning, email from EDF (energy supplier) asking for feedback on recent contact with customer services - called EDF, told they'd pass it on to the fraud section and get back to him - nothing happened for over a week - called O2 again to make sure everything was stopped, put through to fraud department - just after received an email saying new SIM card had been sent out, connected to a different number. Queried with fraud department, said didn't know, need to go to an O2 shop - O2 shop couldn't do much as account had been stopped, couldn't look at it - told them to check his emails - contacted Virgin Media (ISP, merged with O2), told he'd changed his password, had to go through changing password back again, told they'd pass it to the fraud section - thus far not had a conversation with any fraud section - contacted various banks to check everything is ok, told they'd put in extra security - tried to make a payment on Nationwide card, couldn't go through because they couldn't use the landline for the OTP. Told there was a problem with the card, need to go to a Nationwide branch. - told someone had attempted to use the credit card for £200 of voucher codes, had been stopped. Gave two extra passwords to enhanced security. - got an email from National Savings &I to say password had been changed - rang NS&I straight away to say it hadn't, went through very long procedure to verify who he was and get a new password - after an hour, told you'd taken out a large amount of premium bonds, over £40k - NS&I fraud rang the next day, explained they had suspicions but asked for the money to come back, could be 15 working days - only way to get anywhere with O2, VM, EDF is to pay for Linkedin Premium and have access to messaging the executives. - Senior EDF executive contacted, listened to the call with the fraudster, said like it didn't sound like him at all. Seemed to have name and email address, asked EDF for mobile number and was given out to them. - Told scammer had gone through security just with name and email address. Offered £50 goodwill gesture for closing the case. Since agreed it has been a data breach. NS&I say he will be refunded fully. EDF say security procedures were followed but subsequently recognised it was fraud. VMO2 says scammer had called them and passed security. Expert says this all started from Ofcom (regulator) making it easier to change mobile provider in under 2 mins. Some mobile operators thinking in that way and not thinking about scams - can switch within networks without even needing the code. ---- Speculating, I would guess they started with the SIM swap. I don't know the O2 procedure, but it's possible to have SIMs which are unregistered or only lightly registered (eg no online account). In that case there isn't much security information the operator has, or it could be easy to find out (pet's name, place of birth, etc). Scammer contacts the provider to say you broke your SIM card and need a new one and they don't have very much to authenticate you. If they can make that stick they can maybe then do a password reset on the email which uses SMS as a recovery mechanism, and then they're in. Theo
[toc] | [prev] | [next] | [standalone]
| From | Nick Finnigan <nix@genie.co.uk> |
|---|---|
| Date | 2025-03-15 09:53 +0000 |
| Message-ID | <vr3ind$34sjd$1@dont-email.me> |
| In reply to | #45968 |
On 14/03/2025 18:49, Theo wrote: > > Speculating, I would guess they started with the SIM swap. I don't know the > O2 procedure, but it's possible to have SIMs which are unregistered or only > lightly registered (eg no online account). In that case there isn't much > security information the operator has, or it could be easy to find out > (pet's name, place of birth, etc). Scammer contacts the provider to say you > broke your SIM card and need a new one and they don't have very much to > authenticate you. Is that SIM card in a phone which they can still see on their network? If they can make that stick they can maybe then do a > password reset on the email which uses SMS as a recovery mechanism, and then > they're in. > > Theo
[toc] | [prev] | [next] | [standalone]
| From | Java Jive <java@evij.com.invalid> |
|---|---|
| Date | 2025-03-15 11:46 +0000 |
| Message-ID | <vr3pav$3eto7$1@dont-email.me> |
| In reply to | #45968 |
On 2025-03-14 18:49, Theo wrote: > > Speculating, I would guess they started with the SIM swap. The original report suggests that they started with an email hack, and used that to facilitate the SIM swap. -- Fake news kills! I may be contacted via the contact address given on my website: www.macfh.co.uk
[toc] | [prev] | [next] | [standalone]
| From | Newyana2 <newyana@invalid.nospam> |
|---|---|
| Date | 2025-03-15 08:35 -0400 |
| Message-ID | <vr3s4m$3hdbg$1@dont-email.me> |
| In reply to | #45970 |
On 3/15/2025 7:46 AM, Java Jive wrote:
> On 2025-03-14 18:49, Theo wrote:
>>
>> Speculating, I would guess they started with the SIM swap.
>
> The original report suggests that they started with an email hack, and
> used that to facilitate the SIM swap.
>
That's not what it said. "Suggests" gets into speculation.
The reoprt does imply that conning the phone company
into a SIM swap was where it started. Which also makes
the most sense. The point being that if you have someone's
phone then you have their texts, email, etc. So the rest is fairly
simple. His email server then assumes 2FA is adequate to let
him change his email password, so the scammer doesn't
need answers to security questions. It all centers on the
cellphone being depended upon as the most secure identity.
In that scenario, the scammer only needs some public facts,
like the email addess, name, maybe street address, etc. A
casual friend could have those things, or they might be found
in a data dump online. So the weak points are 2FA and the
human factor. The phone company wants to help, doesn't want
to anger the customer, so they can sometimes be tricked.
Though it would be interesting if this story is ever clarified
officially. Maybe they avoided details in order not to give
other scammers ideas. Taking away all human factors is also
a problem.
Meanwhile, I look forward to seeing a Bill Murray movie,
where his cellphone dies and he begins a comedic odyssey,
trying to convince everyone from his employer to his family
that he exists. (His family haven't looked up from their cellphones
for 30 years, so naturally they assumed that poor Bill died
when he stopped answering texts... and they don't know what
he looks like. Maybe they could call it Brazil 2.0. :)
[toc] | [prev] | [next] | [standalone]
| From | Java Jive <java@evij.com.invalid> |
|---|---|
| Date | 2025-03-15 17:53 +0000 |
| Message-ID | <vr4ere$eqk$1@dont-email.me> |
| In reply to | #45971 |
On 2025-03-15 12:35, Newyana2 wrote: > On 3/15/2025 7:46 AM, Java Jive wrote: >> On 2025-03-14 18:49, Theo wrote: >>> >>> Speculating, I would guess they started with the SIM swap. >> >> The original report suggests that they started with an email hack, and >> used that to facilitate the SIM swap. > > That's not what it said. Look back directly up thread to my post of 2025-03-06 19:53, where I quote the single sentence in the original report that stated that an email hack had occurred before the SIM-swap scam was done. -- Fake news kills! I may be contacted via the contact address given on my website: www.macfh.co.uk
[toc] | [prev] | [next] | [standalone]
| From | Theo <theom+news@chiark.greenend.org.uk> |
|---|---|
| Date | 2025-03-15 19:27 +0000 |
| Message-ID | <cuh*Rux9z@news.chiark.greenend.org.uk> |
| In reply to | #45973 |
In comp.mobile.android Java Jive <java@evij.com.invalid> wrote: > On 2025-03-15 12:35, Newyana2 wrote: > > On 3/15/2025 7:46 AM, Java Jive wrote: > >> On 2025-03-14 18:49, Theo wrote: > >>> > >>> Speculating, I would guess they started with the SIM swap. > >> > >> The original report suggests that they started with an email hack, and > >> used that to facilitate the SIM swap. > > > > That's not what it said. > > Look back directly up thread to my post of 2025-03-06 19:53, where I > quote the single sentence in the original report that stated that an > email hack had occurred before the SIM-swap scam was done. What's a complicating factor is that Virgin Media O2 is both his mobile phone provider and his email provider. I don't know how integrated VM and O2 systems are since the merger, but it's possible one login allows access to both the emails and the mobile account. That is an unfortunate single point of failure. Theo
[toc] | [prev] | [next] | [standalone]
| From | Newyana2 <newyana@invalid.nospam> |
|---|---|
| Date | 2025-03-15 23:30 -0400 |
| Message-ID | <vr5git$t0ll$1@dont-email.me> |
| In reply to | #45973 |
On 3/15/2025 1:53 PM, Java Jive wrote:
> On 2025-03-15 12:35, Newyana2 wrote:
>> On 3/15/2025 7:46 AM, Java Jive wrote:
>>> On 2025-03-14 18:49, Theo wrote:
>>>>
>>>> Speculating, I would guess they started with the SIM swap.
>>>
>>> The original report suggests that they started with an email hack,
>>> and used that to facilitate the SIM swap.
>>
>> That's not what it said.
>
> Look back directly up thread to my post of 2025-03-06 19:53, where I
> quote the single sentence in the original report that stated that an
> email hack had occurred before the SIM-swap scam was done.
>
You read it wrong.
"O2 Virgin Media confirmed the scammer telephoned its call centre
requesting a new Sim and had hacked Stephen's emails."
Both things happened. Nowhere does it say or imply that
hacking the email preceded the SIM swap. That wouldn't
make sense.
"
EDF explained the fraudster had his name and email address and had asked
EDF to give them his mobile number, which the company did. ... The call
from the fraudster to EDF happened three hours before O2 received a
request to move his number in the Sim-swap scam. ...
"
So they called EDF with name and email, asking for their phone
number. With that they called O2 and asked to swap SIMs.
Once the SIM was swapped they could log in to email and say
the lost their password. They then have a password change
link sent via email or text... which they now control.
As the article then states: "Criminals do it to bypass two-factor
authentication to change passwords and access anything else
you need a code from a text message for."
Hacking his email wouldn't have got the scammers a way to
bypass 2FA via cellphone, but a SIM swap would. So if the man
had not been using 2FA it's unlikely that he could have been
scammed.
[toc] | [prev] | [next] | [standalone]
| From | Java Jive <java@evij.com.invalid> |
|---|---|
| Date | 2025-03-16 13:47 +0000 |
| Message-ID | <vr6kqh$1t946$1@dont-email.me> |
| In reply to | #45978 |
On 2025-03-16 03:30, Newyana2 wrote: > On 3/15/2025 1:53 PM, Java Jive wrote: >> On 2025-03-15 12:35, Newyana2 wrote: >>> On 3/15/2025 7:46 AM, Java Jive wrote: >>>> On 2025-03-14 18:49, Theo wrote: >>>>> >>>>> Speculating, I would guess they started with the SIM swap. >>>> >>>> The original report suggests that they started with an email hack, >>>> and used that to facilitate the SIM swap. >>> >>> That's not what it said. >> >> Look back directly up thread to my post of 2025-03-06 19:53, where I >> quote the single sentence in the original report that stated that an >> email hack had occurred before the SIM-swap scam was done. >> > You read it wrong. > > "O2 Virgin Media confirmed the scammer telephoned its call centre > requesting a new Sim and had hacked Stephen's emails." > > Both things happened. Nowhere does it say or imply that > hacking the email preceded the SIM swap. That wouldn't > make sense. It makes perfect sense, what you are claiming makes no sense, and shows that you have lost the chronological sequence of events. For one thing, the use of the word 'had' implies that the hack was already in place at the time of scammer's phone call, otherwise they would have said something like "... and hacked ..." or "... used it to hack ..." or "... and went on to hack ...". Further, if you reread the original report in its entirety, how would he have persuaded EDF to give up the victim's mobile number without personal identifying information that came from access to his emails? Next, how would he have been able to confirm the request for a replacement SIM without being able to reply to the confirmatory email? -- Fake news kills! I may be contacted via the contact address given on my website: www.macfh.co.uk
[toc] | [prev] | [next] | [standalone]
| From | Theo <theom+news@chiark.greenend.org.uk> |
|---|---|
| Date | 2025-03-16 15:13 +0000 |
| Message-ID | <cuh*FQB9z@news.chiark.greenend.org.uk> |
| In reply to | #45982 |
In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: > It makes perfect sense, what you are claiming makes no sense, and shows > that you have lost the chronological sequence of events. For one thing, > the use of the word 'had' implies that the hack was already in place at > the time of scammer's phone call, otherwise they would have said > something like "... and hacked ..." or "... used it to hack ..." or "... > and went on to hack ...". Further, if you reread the original report in > its entirety, how would he have persuaded EDF to give up the victim's > mobile number without personal identifying information that came from > access to his emails? Next, how would he have been able to confirm the > request for a replacement SIM without being able to reply to the > confirmatory email? When I've had to do a SIM swap (some time ago) it was all done on security questions, there was no confirmatory email. I don't think the mobile networks required an email address, and if you're on PAYG they still don't. I think there is not enough information to be clear about the sequencing, especially since emails and mobile are provided by the same company. Theo
[toc] | [prev] | [next] | [standalone]
| From | Java Jive <java@evij.com.invalid> |
|---|---|
| Date | 2025-03-16 16:04 +0000 |
| Message-ID | <vr6src$23f7c$1@dont-email.me> |
| In reply to | #45983 |
On 2025-03-16 15:13, Theo wrote: > In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: >> >> It makes perfect sense, what you are claiming makes no sense, and shows >> that you have lost the chronological sequence of events. For one thing, >> the use of the word 'had' implies that the hack was already in place at >> the time of scammer's phone call, otherwise they would have said >> something like "... and hacked ..." or "... used it to hack ..." or "... >> and went on to hack ...". Further, if you reread the original report in >> its entirety, how would he have persuaded EDF to give up the victim's >> mobile number without personal identifying information that came from >> access to his emails? Next, how would he have been able to confirm the >> request for a replacement SIM without being able to reply to the >> confirmatory email? > > When I've had to do a SIM swap (some time ago) it was all done on security > questions, there was no confirmatory email. I don't think the mobile > networks required an email address, and if you're on PAYG they still > don't. > > I think there is not enough information to be clear about the sequencing, > especially since emails and mobile are provided by the same company. No, how would he have known the answers to the security questions to enable the SIM swap, and his emails were from Virgin Media, while the SIM was from O2. Although not initially, my reading of the original article is now unambiguously that the email hack preceded the SIM swap and provided the initial personal information necessary to accomplish everything that followed. -- Fake news kills! I may be contacted via the contact address given on my website: www.macfh.co.uk
[toc] | [prev] | [next] | [standalone]
| From | Theo <theom+news@chiark.greenend.org.uk> |
|---|---|
| Date | 2025-03-16 18:00 +0000 |
| Message-ID | <duh*2rC9z@news.chiark.greenend.org.uk> |
| In reply to | #45985 |
In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: > On 2025-03-16 15:13, Theo wrote: > > In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: > >> > >> It makes perfect sense, what you are claiming makes no sense, and shows > >> that you have lost the chronological sequence of events. For one thing, > >> the use of the word 'had' implies that the hack was already in place at > >> the time of scammer's phone call, otherwise they would have said > >> something like "... and hacked ..." or "... used it to hack ..." or "... > >> and went on to hack ...". Further, if you reread the original report in > >> its entirety, how would he have persuaded EDF to give up the victim's > >> mobile number without personal identifying information that came from > >> access to his emails? Next, how would he have been able to confirm the > >> request for a replacement SIM without being able to reply to the > >> confirmatory email? > > > > When I've had to do a SIM swap (some time ago) it was all done on security > > questions, there was no confirmatory email. I don't think the mobile > > networks required an email address, and if you're on PAYG they still > > don't. > > > > I think there is not enough information to be clear about the sequencing, > > especially since emails and mobile are provided by the same company. > > No, how would he have known the answers to the security questions to > enable the SIM swap, and his emails were from Virgin Media, while the > SIM was from O2. Although not initially, my reading of the original > article is now unambiguously that the email hack preceded the SIM swap > and provided the initial personal information necessary to accomplish > everything that followed. Virgin Media O2 are one company - VM and O2 merged June 2021. I don't know whether they have merged customer accounts such that the same security details are used for both. In which case it may be that one set of details gives access to both mobile and emails. Theo
[toc] | [prev] | [next] | [standalone]
| From | Nick Finnigan <nix@genie.co.uk> |
|---|---|
| Date | 2025-03-17 08:53 +0000 |
| Message-ID | <vr8nul$3mi0m$1@dont-email.me> |
| In reply to | #45988 |
On 16/03/2025 18:00, Theo wrote: > In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: >> >> No, how would he have known the answers to the security questions to >> enable the SIM swap, and his emails were from Virgin Media, while the >> SIM was from O2. Although not initially, my reading of the original >> article is now unambiguously that the email hack preceded the SIM swap >> and provided the initial personal information necessary to accomplish >> everything that followed. > > Virgin Media O2 are one company - VM and O2 merged June 2021. I don't know > whether they have merged customer accounts such that the same security > details are used for both. In which case it may be that one set of details > gives access to both mobile and emails. "If you've linked your Virgin Media and O2 details to create a new Virgin Media O2 ID, sign in with it here." https://accounts.o2.co.uk/signin
[toc] | [prev] | [next] | [standalone]
| From | Java Jive <java@evij.com.invalid> |
|---|---|
| Date | 2025-03-17 13:53 +0000 |
| Message-ID | <vr99gp$8osv$1@dont-email.me> |
| In reply to | #45996 |
On 2025-03-17 08:53, Nick Finnigan wrote: > On 16/03/2025 18:00, Theo wrote: >> In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: >>> >>> No, how would he have known the answers to the security questions to >>> enable the SIM swap, and his emails were from Virgin Media, while the >>> SIM was from O2. Although not initially, my reading of the original >>> article is now unambiguously that the email hack preceded the SIM swap >>> and provided the initial personal information necessary to accomplish >>> everything that followed. >> >> Virgin Media O2 are one company - VM and O2 merged June 2021. I don't >> know >> whether they have merged customer accounts such that the same security >> details are used for both. In which case it may be that one set of >> details >> gives access to both mobile and emails. > > "If you've linked your Virgin Media and O2 details to create a new > Virgin Media O2 ID, sign in with it here." > > https://accounts.o2.co.uk/signin But Theo's own transcription of events from the BBC Radio documentary makes clear that he had not done so (first and last entries from this excerpt): In brief: - received a text from O2 (mobile operator) saying he'd changed his password - contacted O2 straight away and told SIM had been swapped - told they'd stop that and send out a new SIM card, emailed to confirm - next morning, email from EDF (energy supplier) asking for feedback on recent contact with customer services - called EDF, told they'd pass it on to the fraud section and get back to him - nothing happened for over a week - called O2 again to make sure everything was stopped, put through to fraud department - just after received an email saying new SIM card had been sent out, connected to a different number. Queried with fraud department, said didn't know, need to go to an O2 shop - O2 shop couldn't do much as account had been stopped, couldn't look at it - told them to check his emails - contacted Virgin Media (ISP, merged with O2), told he'd changed his password, had to go through changing password back again, told they'd pass it to the fraud section It's difficult to deduce from this the exact ordering of events ... Because he had to contact VM to find out that he'd changed his email password, rather than them contacting him at the time he did so, we can't tell when his email password was actually changed. Further, the scammer could have been reading his emails for a while before actually deciding that, as unfolding events began to suggest that the scam was in danger of being closed down, that it was time to change the password in an attempt to prolong it. Most probably his email account would have been compromised around the same time as all the other stages of the scam, yet "nothing happened for over a week" before he discovered it, and, in between, he received emails from both EDF and O2. However, I still think that some identifying personal information would have been necessary to enable the SIM swap, and most probably this came from the email hack occurring earlier. A search for "what is the minimum personal information required to be a victim of a SIM swap scam" using both DuckDuckGo and Google didn't yield anything definitive or that probably most of us didn't know already, but did yield preventative advice ... From the Met: https://www.met.police.uk/SysSiteAssets/media/downloads/force-content/met/campaigns/fraud/cyber-protect_protect-yourself-from-sim-swap-fraud.pdf From Which: https://www.which.co.uk/news/article/sim-swap-fraud-doubles-year-on-year-how-scammers-steal-your-phone-number-aB0TF1O6hUrv -- Fake news kills! I may be contacted via the contact address given on my website: www.macfh.co.uk
[toc] | [prev] | [next] | [standalone]
| From | Nick Finnigan <nix@genie.co.uk> |
|---|---|
| Date | 2025-03-17 14:53 +0000 |
| Message-ID | <vr9d22$3mi0m$3@dont-email.me> |
| In reply to | #46000 |
On 17/03/2025 13:53, Java Jive wrote: > On 2025-03-17 08:53, Nick Finnigan wrote: >> On 16/03/2025 18:00, Theo wrote: >>> In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: >>>> >>>> No, how would he have known the answers to the security questions to >>>> enable the SIM swap, and his emails were from Virgin Media, while the >>>> SIM was from O2. Although not initially, my reading of the original >>>> article is now unambiguously that the email hack preceded the SIM swap >>>> and provided the initial personal information necessary to accomplish >>>> everything that followed. >>> >>> Virgin Media O2 are one company - VM and O2 merged June 2021. I don't know >>> whether they have merged customer accounts such that the same security >>> details are used for both. In which case it may be that one set of details >>> gives access to both mobile and emails. >> >> "If you've linked your Virgin Media and O2 details to create a new Virgin >> Media O2 ID, sign in with it here." >> >> https://accounts.o2.co.uk/signin > > But Theo's own transcription of events from the BBC Radio documentary makes > clear that he had not done so (first and last entries from this excerpt): That does not make it clear to me (he would still have an O2 password as well as a VM/O2 password). > In brief: > - received a text from O2 (mobile operator) saying he'd changed his password > - contacted O2 straight away and told SIM had been swapped > - told they'd stop that and send out a new SIM card, emailed to confirm > - next morning, email from EDF (energy supplier) asking for feedback on > recent contact with customer services > - called EDF, told they'd pass it on to the fraud section and get back to him > - nothing happened for over a week > - called O2 again to make sure everything was stopped, put through to fraud > department > - just after received an email saying new SIM card had been sent out, > connected to a different number. Queried with fraud department, said > didn't know, need to go to an O2 shop > - O2 shop couldn't do much as account had been stopped, couldn't look at it > - told them to check his emails > - contacted Virgin Media (ISP, merged with O2), told he'd changed his > password, had to go through changing password back again, told they'd pass > it to the fraud section > > It's difficult to deduce from this the exact ordering of events ... > > Because he had to contact VM to find out that he'd changed his email 'his password' may be 'his account password' rather than 'his email app password'. > password, rather than them contacting him at the time he did so, we can't > tell when his email password was actually changed. Further, the scammer > could have been reading his emails for a while before actually deciding > that, as unfolding events began to suggest that the scam was in danger of > being closed down, that it was time to change the password in an attempt to > prolong it. Most probably his email account would have been compromised > around the same time as all the other stages of the scam, yet "nothing > happened for over a week" before he discovered it, and, in between, he > received emails from both EDF and O2. > > However, I still think that some identifying personal information would > have been necessary to enable the SIM swap, and most probably this came > from the email hack occurring earlier.
[toc] | [prev] | [next] | [standalone]
| From | Java Jive <java@evij.com.invalid> |
|---|---|
| Date | 2025-03-17 18:44 +0000 |
| Message-ID | <vr9qiq$nfdi$1@dont-email.me> |
| In reply to | #46002 |
On 2025-03-17 14:53, Nick Finnigan wrote: > On 17/03/2025 13:53, Java Jive wrote: >> On 2025-03-17 08:53, Nick Finnigan wrote: >>> On 16/03/2025 18:00, Theo wrote: >>>> In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: >>>>> >>>>> No, how would he have known the answers to the security questions to >>>>> enable the SIM swap, and his emails were from Virgin Media, while the >>>>> SIM was from O2. Although not initially, my reading of the original >>>>> article is now unambiguously that the email hack preceded the SIM swap >>>>> and provided the initial personal information necessary to accomplish >>>>> everything that followed. >>>> >>>> Virgin Media O2 are one company - VM and O2 merged June 2021. I >>>> don't know >>>> whether they have merged customer accounts such that the same security >>>> details are used for both. In which case it may be that one set of >>>> details >>>> gives access to both mobile and emails. >>> >>> "If you've linked your Virgin Media and O2 details to create a new >>> Virgin Media O2 ID, sign in with it here." >>> >>> https://accounts.o2.co.uk/signin >> >> But Theo's own transcription of events from the BBC Radio documentary >> makes clear that he had not done so (first and last entries from this >> excerpt): > > That does not make it clear to me (he would still have an O2 password > as well as a VM/O2 password). I disagree, your own quote shows that if it was a joint account for both, he'd only have needed the one password, whereas the Theo's transcription makes it plain that there were two. >> In brief: >> - received a text from O2 (mobile operator) saying he'd changed his >> password >> - contacted O2 straight away and told SIM had been swapped >> - told they'd stop that and send out a new SIM card, emailed to confirm >> - next morning, email from EDF (energy supplier) asking for feedback >> on recent contact with customer services >> - called EDF, told they'd pass it on to the fraud section and get back >> to him >> - nothing happened for over a week >> - called O2 again to make sure everything was stopped, put through to >> fraud department >> - just after received an email saying new SIM card had been sent out, >> connected to a different number. Queried with fraud department, said >> didn't know, need to go to an O2 shop >> - O2 shop couldn't do much as account had been stopped, couldn't look >> at it >> - told them to check his emails >> - contacted Virgin Media (ISP, merged with O2), told he'd changed his >> password, had to go through changing password back again, told they'd >> pass it to the fraud section >> >> It's difficult to deduce from this the exact ordering of events ... >> >> Because he had to contact VM to find out that he'd changed his email > > 'his password' may be 'his account password' rather than 'his email > app password'. If it is 'his account password', then that completely supports my argument, not yours, and 'his email app password' doesn't make any sense, perhaps you mean 'his email password', but, unless he has multiple email addresses under a single account with VM, of which there is no mention, why would he need a separate email password? >> password, rather than them contacting him at the time he did so, we >> can't tell when his email password was actually changed. Further, the >> scammer could have been reading his emails for a while before actually >> deciding that, as unfolding events began to suggest that the scam was >> in danger of being closed down, that it was time to change the >> password in an attempt to prolong it. Most probably his email account >> would have been compromised around the same time as all the other >> stages of the scam, yet "nothing happened for over a week" before he >> discovered it, and, in between, he received emails from both EDF and O2. >> >> However, I still think that some identifying personal information >> would have been necessary to enable the SIM swap, and most probably >> this came from the email hack occurring earlier. > -- Fake news kills! I may be contacted via the contact address given on my website: www.macfh.co.uk
[toc] | [prev] | [next] | [standalone]
| From | Nick Finnigan <nix@genie.co.uk> |
|---|---|
| Date | 2025-03-20 10:42 +0000 |
| Message-ID | <vrgree$190g9$1@dont-email.me> |
| In reply to | #46011 |
On 17/03/2025 18:44, Java Jive wrote: > On 2025-03-17 14:53, Nick Finnigan wrote: >> On 17/03/2025 13:53, Java Jive wrote: >>> On 2025-03-17 08:53, Nick Finnigan wrote: >>>> On 16/03/2025 18:00, Theo wrote: >>>>> In uk.telecom.mobile Java Jive <java@evij.com.invalid> wrote: >>>>>> >>>>>> No, how would he have known the answers to the security questions to >>>>>> enable the SIM swap, and his emails were from Virgin Media, while the >>>>>> SIM was from O2. Although not initially, my reading of the original >>>>>> article is now unambiguously that the email hack preceded the SIM swap >>>>>> and provided the initial personal information necessary to accomplish >>>>>> everything that followed. >>>>> >>>>> Virgin Media O2 are one company - VM and O2 merged June 2021. I don't >>>>> know >>>>> whether they have merged customer accounts such that the same security >>>>> details are used for both. In which case it may be that one set of >>>>> details >>>>> gives access to both mobile and emails. >>>> >>>> "If you've linked your Virgin Media and O2 details to create a new >>>> Virgin Media O2 ID, sign in with it here." >>>> >>>> https://accounts.o2.co.uk/signin >>> >>> But Theo's own transcription of events from the BBC Radio documentary >>> makes clear that he had not done so (first and last entries from this >>> excerpt): >> >> That does not make it clear to me (he would still have an O2 password >> as well as a VM/O2 password). > > I disagree, your own quote shows that if it was a joint account for both, > he'd only have needed the one password, whereas the Theo's transcription > makes it plain that there were two. He would still have an O2 password, as well as a VM/02 password. (See the O2 website) >>> In brief: >>> - received a text from O2 (mobile operator) saying he'd changed his >>> password >>> - contacted O2 straight away and told SIM had been swapped >>> - told they'd stop that and send out a new SIM card, emailed to confirm >>> - next morning, email from EDF (energy supplier) asking for feedback on >>> recent contact with customer services >>> - called EDF, told they'd pass it on to the fraud section and get back >>> to him >>> - nothing happened for over a week >>> - called O2 again to make sure everything was stopped, put through to >>> fraud department >>> - just after received an email saying new SIM card had been sent out, >>> connected to a different number. Queried with fraud department, said >>> didn't know, need to go to an O2 shop >>> - O2 shop couldn't do much as account had been stopped, couldn't look at it >>> - told them to check his emails >>> - contacted Virgin Media (ISP, merged with O2), told he'd changed his >>> password, had to go through changing password back again, told they'd >>> pass it to the fraud section >>> >>> It's difficult to deduce from this the exact ordering of events ... >>> >>> Because he had to contact VM to find out that he'd changed his email >> >> 'his password' may be 'his account password' rather than 'his email app >> password'. > > If it is 'his account password', then that completely supports my argument, > not yours, and 'his email app password' doesn't make any sense, perhaps you > mean 'his email password', but, unless he has multiple email addresses > under a single account with VM, of which there is no mention, why would he > need a separate email password? VM use the term 'email app password' (see their website).
[toc] | [prev] | [next] | [standalone]
Page 5 of 6 — ← Prev page 1 2 3 4 [5] 6 Next page →
Back to top | Article view | uk.telecom.mobile
csiph-web