Security Update - Phishing, smishing, and SIM swaps
on: 29/11/2018 | 10:22 - edited: 31/01/2019 | 16:40
Hi Folks,
Ben from Cyber Security here, checking in to give you the latest update.
As some of you might have noticed, we’ve had a few recent reports of fraudulent text messages being received by our members, inviting them to click on a link - this type of fraud is called “smishing” - phishing using text messages.
The content of the messages varies from claiming promotional credit, to the account being closed down unless you click the link provided.
The link included in the fraudulent text message takes the member to a fake website created by fraudsters, that looks just like giffgaff’s. The websites ask members for account details - giffgaff account password, bank account details, and lots of other information. This is called “phishing”.
Once they get hold of your giffgaff login details and gain access to your account, the fraudsters usually request a SIM swap. As soon as they’ve swapped your number over to a phone they control, they can request your bank to send an OTP (one time password - usually a 6 digit number) to gain access to your bank account.
It's important to bear in mind that any genuine giffgaff website link that asks you for your personal details will include .giffgaff.com in the URL in that specific order as this is our domain. Consequently any links which break this specific sequence will point to a fake website. For example, community.giffgaff.com is a genuine giffgaff website as the main domain name has been kept intact. Always check for the dot before and after the word giffgaff.
An example of giffgaff.com’s website - and it says www.giffgaff.com
An example of one of the dodgy websites we’ve had closed down recently - has ‘secures-’ before giffgaff.com
To better protect against SIM swaps that our members are unaware of, we’ve built upon the confirmation email we already send to advise that the SIM swap is in progress - you’ll now receive a SIM swap confirmation text message to your phone where you have the possibility to immediately raise a case with the agents if you were not the one that requested the SIM swap.
We’re always on the lookout for these phishing websites and we get them shut down as soon as we learn of them. So please, please let our Community folks know if you receive a dodgy text message or know of a fake website - but be careful of clicking on links, in some cases there may be malware or viruses waiting to infect your computer or your phone.
Should you receive a text message that looks like it was sent by giffgaff, which you were not expecting, get in touch with our agents on here. We’ll get it looked in to for you ASAP.
You can also post a thread and mention @report_phishing, this will ensure that educators get alerted straight away and get the operations team working on having these websites/fake operators shut down immediately.
Please keep in mind that this username is only used for reporting scammers which claim to be giffgaff. To avoid confusion, we have turned off PM’s on this account and members who report scammers using this method may not receive an acknowledgement reply from the educators. If this method proves to be a success, we will give our operations team control of this account for them to be able to pick this up immediately without having the educators as intermediaries.
Also check out my post from September here about keeping yourself safe online. If you have any questions - let our Community know.
Thanks everyone,
Ben
on: 29/11/2018 | 13:23
Good to know giffgaff are providing extra security against the sim swap procedure Ben, however like @ujo55 we'd all like to know how these scammers are getting ahold of so many giffgaff numbers? I'm presuming it'll be through 3rd party sites that members are putting their numbers in? I'd also urge members to run their email address(es) through this site and make sure any sites they've given their email address to hasn't also had a security breach, just incase they provided their phone number too -
https://haveibeenpwned.com/
on: 29/11/2018 | 18:06
navvy wrote:
Will the SIM Swap process take longer, now that the person with the old SIM needs to be able to use it to contact an agent?
@navvy Since captainben wrote "you’ll now receive a SIM swap confirmation text message to your phone where you have the possibility to immediately raise a case with the agents if you were not the one that requested the SIM swap."
The above quote implies the sim swap continues unless or until the member contacts the Agent or if the bogus sim swap was completed, it would be reversed.
Presumably by sending a replacement sim to the member's address.
For me it seems giffgaff are being targeted because of the vulnerable sim swap process. I don't quite agree with @captainben's theory.
This new wave of phishing could just be unsophisticated copycat fraudsters, seeing the potential and by jumping on the bandwagon of the original fraudsters.
