Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




BDFL - Memuneh
61784 posts

Uber Geek
+1 received by user: 12437

Administrator
Trusted
Geekzone
Lifetime subscriber

Topic # 94128 6-Dec-2011 19:35
Send private message

Be here a lesson: AU$45k stolen in phone porting scam.


George Craig*, a small business owner from Sydney’s Northern Beaches, received a call on his home phone from the Commonwealth Bank in mid-July.

He was told that his mortgage account had been accessed by fraudsters, who had funnelled out some $45,000. And his mobile phone – which hadn’t rang off the hook as it usually did during business hours – was used as a tool in the attack.

Craig cannot be 100 percent sure how his online bank account was compromised. He blames himself for conducting online banking sessions on a company laptop without adequate security software.

But he had assumed that money couldn’t be funnelled from his bank account to an account he had not transacted with before, thanks to a feature the Commonwealth Bank introduced in 2007: NetCode.

NetCode is a form of two-factor authentication that issues Commonwealth Bank’s online banking users with SMS messages before allowing them to transfer large amounts of money to unfamiliar accounts. When a new, large or unorthodox transaction is attempted online, the bank sends a verification code to the account holder’s mobile number. The code is then typed back into the online banking section as an additional authentication measure.

In the days leading up to the fraud being committed, he had received two strange phone calls. One came through to his office two-to-three days earlier, claiming to be a representative of the Australian Tax Office, asking if he worked at the company. Another went through to his home number when he was at work. The caller claimed to be a client seeking his mobile phone number for an urgent job; his daughter gave out the number without hesitation.

The fraudsters used this information to make a call to Craig’s mobile phone provider, Vodafone Australia, asking for his phone number to be “ported” to a new device.

As the port request was processed, the criminals sent an SMS to Craig purporting to be from Vodafone. The message said that Vodafone was experiencing network difficulties and that he would likely experience problems with reception for the next 24 hours. This bought the criminals time to commit the fraud.

 

 
 




Create new topic
3833 posts

Uber Geek
+1 received by user: 234

Trusted

  Reply # 554685 6-Dec-2011 20:58
Send private message

I suppose the fraudsters got his personal details from his facebook page which is open for everyone to see including his date of birth listed in his profile page.




Do whatever you want to do man.

  

453 posts

Ultimate Geek
+1 received by user: 27


  Reply # 554803 7-Dec-2011 07:58
Send private message

Top marks for ingenuity

Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.