Dear Resident

A Hertfordshire resident lost more than £40k after scammers managed to get the victim’s phone provider to transfer the service to a SIM in their possession.

This enables them to take control of your mobile phone number, meaning they can potentially hijack your calls and texts and access your online banking details, bypassing 2-step-verification codes/one-time passwords.

Fraudsters gather personal details about you, either by phishing emails, previous data breaches or reading your social media posts. Once they have enough information, they can convince companies that they are you. The fraudster can then instruct your phone provider to route your phone number to the fraudster’s SIM card.

The fraudster will then have access to any incoming phone calls and text messages, including one-time passwords to gain access to your financial and social media accounts.

Some useful tips from Police Scotland to help prevent SIM scams:

Things to look out for

• You’ve lost the ability to make calls or texts: You may notice that your mobile is no longer connecting, and you are unable to make calls or texts. This is one of the first signs that you could be a victim of SIM swapping.

• You receive a notification of activity elsewhere: Your mobile phone provider may notify you that your SIM card or phone number has been activated on a different device.

• You lose access to accounts: If your login credentials no longer work for things like online banking. If this happens contact your bank and other organisations immediately.

• Contacts receiving requests for money: Your contacts have started receiving requests for money from you that you have no knowledge of.

What to do if you think your SIM card has been swapped

• Call your network provider immediately: If you receive unsolicited text or email about your SIM being ported or a PAC request, or you unexpectedly lose phone service, you will need to notify your provider.

• Inform your banks as soon as possible: The fraudster may attempt to make a money transfer online or over the phone and therefore alert the bank so they can stop any unauthorised transactions.

• You can also record your details with cifas the fraud prevention service to apply for protective registration. Once you have registered you should be aware that CIFAS members will carry out extra checks to IDENTIFY when anyone, including you, applies for a financial service, such as a loan, using your address.

How to protect yourself in the future

• Contact your network provider to secure your mobile account and ask what protection they offer to stop this from happening again.

• Don’t respond to unsolicited emails, texts, phone calls or click on any unverified links (Phishing attempts). These may allow fraudsters to access personal data which can then be used to convince the mobile phone network or bank that they are you.

• Don’t overshare personal details on social media. Avoid sharing your birth date or that of children or other relatives or other common password recovery phrases such as the name of your first pet or school.

• Turn on two-step Verification (2SV) which is also known as two-factor authentication (2FA) or multi-factor authentication (MFA), helps to keep cyber criminals out of your accounts, even if they know your passwords.

• Use a password consisting of three random words that only you will know and which are unique. You could add uppercase letters, numbers and symbols to make It more secure.

• Always keep your device’s software up to date.

If you have been a victim of fraud, report to Action Fraud by calling 0300 123 2040. For all emergency calls, please dial 999.