This article is from the source 'bbc' and was first published or seen on . The next check for changes will be
You can find the current article at its original source at https://www.bbc.com/news/articles/ckg885lxd3jo
The article has changed 4 times. There is an RSS feed of changes available.
| Version 1 | Version 2 |
|---|---|
| Fraudsters stole £40k from Hertfordshire man via phone scam | Fraudsters stole £40k from Hertfordshire man via phone scam |
| (about 1 hour later) | |
| Stephen said dealing with the fraud had taken him seven hours a day to resolve since it first began three weeks ago | Stephen said dealing with the fraud had taken him seven hours a day to resolve since it first began three weeks ago |
| A man targeted by fraudsters who got his mobile phone number from an energy company said he often woke up in the night thinking "what next?". | A man targeted by fraudsters who got his mobile phone number from an energy company said he often woke up in the night thinking "what next?". |
| Stephen, from Hertfordshire, had more than £40,000 taken from a savings account after his name and email address was used to get the information from EDF. | |
| Within 48 hours of his mobile phone number being divulged, his accounts with O2, Nationwide Building Society and Virgin Media had all been compromised. | Within 48 hours of his mobile phone number being divulged, his accounts with O2, Nationwide Building Society and Virgin Media had all been compromised. |
| EDF said such incidents were rare but it took them seriously and added: "We are sorry for the difficulties this fraudulent caller has caused Stephen." | EDF said such incidents were rare but it took them seriously and added: "We are sorry for the difficulties this fraudulent caller has caused Stephen." |
| The energy company said its verification processes were followed but it was subsequently made aware the call had been fraudulent | The energy company said its verification processes were followed but it was subsequently made aware the call had been fraudulent |
| The man, who is being identified only as Stephen, told BBC Radio 4's You and Yours programme he was alerted to the criminal action on 3 February. | The man, who is being identified only as Stephen, told BBC Radio 4's You and Yours programme he was alerted to the criminal action on 3 February. |
| He received a text from O2 confirming he had changed his password. | He received a text from O2 confirming he had changed his password. |
| After telling O2 he had not changed his password, the firm said he must have been a victim of a Sim swap scam, which sees his mobile number used and transferred to a new Sim card. | After telling O2 he had not changed his password, the firm said he must have been a victim of a Sim swap scam, which sees his mobile number used and transferred to a new Sim card. |
| The next morning, EDF emailed him asking for feedback on his recent contact with the company, despite him not having made that call. | The next morning, EDF emailed him asking for feedback on his recent contact with the company, despite him not having made that call. |
| He was told its fraud department would get in touch but a week later had heard nothing. | He was told its fraud department would get in touch but a week later had heard nothing. |
| Accounts raided | Accounts raided |
| Meanwhile, O2 confirmed his new Sim card was on its way, but it was connected to a different mobile phone number. | |
| Its shop staff told him to check his emails and he discovered from his email provider Virgin Media that someone had changed his password. | Its shop staff told him to check his emails and he discovered from his email provider Virgin Media that someone had changed his password. |
| As he was trying to fix that, criminals raided his accounts. | As he was trying to fix that, criminals raided his accounts. |
| On 5 February, he could not access his Nationwide credit card. The building society then upped his security. | On 5 February, he could not access his Nationwide credit card. The building society then upped his security. |
| He became aware of the fraud when O2 sent him a text confirming he had changed his password, which he had not | He became aware of the fraud when O2 sent him a text confirming he had changed his password, which he had not |
| Worse news was to come, when he learned his National Savings and Investments password had been changed. | Worse news was to come, when he learned his National Savings and Investments password had been changed. |
| "After an hour of talking to different people there, they said, 'You've actually taken out a very large amount of premium bonds, over £40,000'," said Stephen. | "After an hour of talking to different people there, they said, 'You've actually taken out a very large amount of premium bonds, over £40,000'," said Stephen. |
| '£50 to close the case' | '£50 to close the case' |
| After more than a week, EDF finally responded about the call it thought Stephen made at 11:00 GMT on 3 February. | After more than a week, EDF finally responded about the call it thought Stephen made at 11:00 GMT on 3 February. |
| EDF explained the fraudster had his name and email address and had asked EDF to give them his mobile number, which the company did. | EDF explained the fraudster had his name and email address and had asked EDF to give them his mobile number, which the company did. |
| "I said, 'Why would you do that?' They said the person had gone through security. 'With a name and email address', I asked?," he said. | "I said, 'Why would you do that?' They said the person had gone through security. 'With a name and email address', I asked?," he said. |
| "EDF said, 'Yes' - and then offered me a £50 goodwill gesture to close the case. | "EDF said, 'Yes' - and then offered me a £50 goodwill gesture to close the case. |
| "I was just amazed and I thought: 'How can they do this and does that mean all my other bank and building society accounts are compromised as well?'." | "I was just amazed and I thought: 'How can they do this and does that mean all my other bank and building society accounts are compromised as well?'." |
| The call from the fraudster to EDF happened three hours before O2 received a request to move his number in the Sim-swap scam. | |
| Criminals do it to bypass two-factor authentication to change passwords and access anything else you need a code from a text message for. | Criminals do it to bypass two-factor authentication to change passwords and access anything else you need a code from a text message for. |
| Stephen reported the fraud to Hertfordshire Police and it was passed it on to Action Fraud as the crime was believed to have been committed outside the county. | Stephen reported the fraud to Hertfordshire Police and it was passed it on to Action Fraud as the crime was believed to have been committed outside the county. |
| In 2021, Action Fraud, the UK's reporting centre for fraud and cyber crime, received about 500 reports - last year this had grown to more than 2,000. | In 2021, Action Fraud, the UK's reporting centre for fraud and cyber crime, received about 500 reports - last year this had grown to more than 2,000. |
| BBC One's Scam Interceptors host Nick Stapleton said this type of fraud was devastating because victims were unaware until it was too late | BBC One's Scam Interceptors host Nick Stapleton said this type of fraud was devastating because victims were unaware until it was too late |
| Cybersecurity expert and host of BBC One's Scam Interceptors, Nick Stapleton, advised people to think about what they shared on social media. | Cybersecurity expert and host of BBC One's Scam Interceptors, Nick Stapleton, advised people to think about what they shared on social media. |
| "If you've got a social media account that's not protected and has things like a picture of your dog with its name underneath, or of your family with their names tagged, scammers can use those to get past security questions," he said. | "If you've got a social media account that's not protected and has things like a picture of your dog with its name underneath, or of your family with their names tagged, scammers can use those to get past security questions," he said. |
| He also recommended adding a PIN number to the Sim card, which can be done in a phone's settings, and the use of authenticator apps to generate random codes, instead of ones sent by text. | |
| Stephen believed poor customer service helps criminals by giving them more time. | Stephen believed poor customer service helps criminals by giving them more time. |
| "Some nights I just wake up in the night thinking, what next? It's been very difficult really," he said. | "Some nights I just wake up in the night thinking, what next? It's been very difficult really," he said. |
| National Savings and Investments said it had refunded him the money taken from his account. | National Savings and Investments said it had refunded him the money taken from his account. |
| Nationwide Building Society said the fraudulent purchases were blocked, adding that as well as meeting its legal obligations, it needed to balance security with customer service. | Nationwide Building Society said the fraudulent purchases were blocked, adding that as well as meeting its legal obligations, it needed to balance security with customer service. |
| O2 Virgin Media confirmed the scammer telephoned its call centre requesting a new Sim and had hacked Stephen's emails. | |
| A spokesperson said he had been offered "£125 as a gesture of goodwill". | A spokesperson said he had been offered "£125 as a gesture of goodwill". |
| EDF, which has nearly six million UK customers, said: "The security procedures were followed. We subsequently recognise this was fraud. | EDF, which has nearly six million UK customers, said: "The security procedures were followed. We subsequently recognise this was fraud. |
| "These incidents are rare, but we take them seriously and are reviewing our processes. We have also discussed this incident with the Information Commissioner's Office." | "These incidents are rare, but we take them seriously and are reviewing our processes. We have also discussed this incident with the Information Commissioner's Office." |
| Listen to the full interview on BBC Sounds. | Listen to the full interview on BBC Sounds. |
| Follow Beds, Herts and Bucks news on BBC Sounds, Facebook, Instagram and X. | Follow Beds, Herts and Bucks news on BBC Sounds, Facebook, Instagram and X. |