Sydney nurse loses savings in terrifying new hack
The Sydney man was confused about why he’d lost signal on his phone but never could have imagined the sinister reason behind it.
Costs
Don't miss out on the headlines from Costs. Followed categories will be added to My News.
A Sydney man is warning others what to look out for after hackers stole his life savings by taking control of his phone without him even noticing.
Mark Donnelly, 46, never could have imagined that his iPhone losing signal was actually an indication that hackers were cleaning out his bank accounts to the tune of $35,000.
Mr Donnelly, who works as a nurse at Westmead hospital in Sydney’s west, went to an Optus store earlier this month to check out why his phone had resorted to “SOS only” – which meant its connection was gone.
An Optus worker replaced the phone’s SIM card in an immediate fix of the problem.
However, that still didn’t explain what was wrong with his original SIM.
It turned out, Mr Donnelly had fallen victim to a “SIM swap” hack.
A scammer had remotely gained control of his SIM card and was able to steal his phone number. This meant that the nurse’s bank accounts could be redirected to the hacker’s phone rather than his own.
Mr Donnelly suspects the hacker got hold of his date of birth and other important pieces of information, which then allowed them to activate an eSIM card with Optus by proving their identity was his.
“I‘m devastated,” the nurse told 9 News.
“I‘ve completely lost my identity. Mark Donnelly is ruined.”
All the hacker’s records about Mr Donnelly matched the details that Optus had on file, so they granted the anonymous person a remote SIM card.
It became a vicious cycle; armed with control of Mr Donnelly’s phone, the hacker was able to access more personal information about him, including his immigration documents which contained his UK passport.
Mr Donnelly now fears that his private information will be sold on the dark web, making hacks in the future much more likely.
Optus said in a statement to news.com.au that in circumstances like these it was difficult because the person’s information was usually in the possession of a hacker.
“In the vast majority of instances, an individual’s personal information is often already compromised making it easier for fraudulent activity to occur,” a spokesperson said.
“In this particular case, an individual posing as the customer was able to access the Optus profile and change the contact details for the account, and then proceed to activate a new prepaid plan using the customers personal information (which all matched what Optus had on file).”
The hacker took $35,000 from Mr Donnelly’s three bank accounts and paid themselves the cash by transferring his savings into a cryptocurrency exchange platform where it was converted to bitcoin, which is impossible to trace.
They also milked him of even more money by increasing the spend cap on his ZipPay account and trying to do the same for his Afterpay account.
In another malicious move, the thief also tried to open a new bank account in his name, according to the publication.
The hacker even tried to regain control of his SIM card once he started using a new one.
Luckily Mr Donnelly has got back most of his money – $26,000 from ANZ, $4000 from ING and another $1700 from Bendigo Bank.
To date, Optus has only offered him $80 in compensation.
Optus said it had recently “strengthened its processes” for SIM swap hacks.
Originally published as Sydney nurse loses savings in terrifying new hack
Push to axe sneaky fee costing Aussies $4bn
A Sydney MP is pushing for an overhaul of 20-year-old regulations that cost Aussies billions of dollars every year.
Major bank’s huge move on cash
One of Australia’s major banks has cut against the grain in the age of digital wallets and will no longer offer a key service, claiming declining interest.