Re: My O2 account was hacked! - Page 8

Anonymous · ‎30-09-2011

A couple of weeks ago I received an odd text from O2 informing me that I can upgrade my handset in September 2013. Now, I have a sim-only contract and haven't had a new handset from O2 in a number of years but I knew my contract was due to expire some time in late September so I checked my O2 account online. It seems that I now have a new tariff of £36 a month, which I knew nothing about and checking on down the page I spotted a completed order which turned out to be for an iPhone 4. Naturally I hadn't placed this. The Yodel tracking number revealed that it had been delivered to an address that wasn't mine the previous day.
I called O2 and discovered that my security question had been changed along with my home address and e-mail address. Someone had clearly managed to access my O2 account online and ordered himself a phone at my expense. Since the user name and password are known only to me, either O2's site security is extremely poor or someone inside O2 has accessed my information. Either way, I'm not impressed.
The customer service adviser was very helpful and promised that the fraud department would investigate and call me. However, eight days later I have heard no word from them and in the meantime I can do nothing about changing my contract while there is an issue with my account. I was planning to get a new phone, possibly the new iPhone when it comes out, but now I'm very concerned about O2's security. I've been with them for over ten years but I'm seriously considering whether I want to continue with them now.
The only piece of good news is that the phone was delivered one day and blacklisted the next.
Has anyone else had this happen? If so, how did O2 handle it?

Anonymous · ‎19-06-2012

A couple of points on the above. 1. Rosie should not feel a fool for replying to an apparent text from 02. I was caught out the same way. The man I spoke to in the 02 fraud section told me that the sender's address looked completely identical to anything sent by O2 and so it was not my fault in any way. My solution to this is to delete all texts received from O2 without reading them. 2. I don't know if the criminals are are targetting only upgrades. I had been with 02 less than month when I was targetted - although, arguably, I am due an upgrade. My bigger worry, as noted here previously, is that this sort of scam can be done online without any reference back to the account holder until it is too late. That is a major failing by 02. Sadly it is not confined to 02. If you do a search you will see that other mobile phone companies are also affected. That said, my impression is that is is more prevalent at 02.

perksie · ‎19-06-2012

@Anonymous wrote:
My bigger worry, as noted here previously, is that this sort of scam can be done online without any reference back to the account holder until it is too late.

This is my main concern too, why in my case was a phone sent to an address 200 miles from where I live with no reference back to me, other than a text to say it had been despatched?

The odd thing was all the paperwork and an insurance policy were sent to me at my home address, which is what prompted me to get onto the fraud team.

If phones were only sent to the account holder's address it would go a long way to clearing many of these scams.

To support Disasters Emergency Committee: http://www.dec.org.uk/appeals text Nepal to 70000 to send £5

Sky Unlimited Broadband - Windows 10 - Nexus 4 Android 5.1.1

Abs · ‎02-07-2012

Security is the utmost priority and we consider it very seriously at O2.

We're constantly improving our systems and procedures so they offer piece of mind to our customers. We also want to ensure we can provide the most effective and efficient security information for our customers. There are a number of quick things that customers can do themselves to prevent mobile frauds like password protection and regular account checks.

Our fraud department is in place to provide help and support to our customers for any mobile fraud, identity theft or customer information being compromised. Any customer who has been a victim of mobile fraud, please do contact our Fraud & Security team so they can investigate and make the process even strict for the offenders. With regards to upgrades, I’ll forward the feedback that some of you have mentioned on this thread so we can limit the risk of any fraud in future.

Thanks

Abs

Anonymous · ‎02-07-2012

I thought O2 were moving away from the use of corporate-speak on the forum ?

http://community.o2.co.uk/t5/Community-Suggestions-and/The-one-forum-feature-that-is-still-annoying-...

However many times O2 state that security is important, it doesn't detract from the actuality.

sydsnake · ‎16-07-2012

my account was hacked 22 jun 2012 now i have problems getting an upgrade as according to my online info i cant upgrade until 2014, the only ones that can authorise an upgrade is the fraud department and getting in touch with them is unbelieveable, according to customer services the fraud department will contact me on my mobile but as i explained to them i dont have a signal in my home i would like to speak with them over my landline they informed me due to new security measures just put in place they were unable to speak to my over a landline???? anyone any ideas as to how i can contact them using a landline? your help would be much appreciated

Abs · ‎16-07-2012

@sydsnake wrote:
my account was hacked 22 jun 2012 now i have problems getting an upgrade as according to my online info i cant upgrade until 2014, the only ones that can authorise an upgrade is the fraud department and getting in touch with them is unbelieveable, according to customer services the fraud department will contact me on my mobile but as i explained to them i dont have a signal in my home i would like to speak with them over my landline they informed me due to new security measures just put in place they were unable to speak to my over a landline???? anyone any ideas as to how i can contact them using a landline? your help would be much appreciated

Hi there, can you please drop me a PM with all your details so I can get this investigated gor you.

Thanks, Abs

Anonymous · ‎06-08-2012

I just had an unauthorised upgrade done on my account. The first I knew was when I got a text to my current mobile number thanking me for staying with O2. I almost ignored it, but logging on to my account revealed that my address had been changed and an upgrade iPhone 4S ordered this morning.

I phoned O2 immediately and reported it. The helpful assistant blocked the IMEI of the new phone, and told me I would be contacted by the fraud department within 3 days.

Here's the interesting bit: apart from the address change, a new number being associated with my account for the new phone and a new email address, no other details had been changed. I'm convinced this was done by calling the O2 call centre. Also, why would you change your number on an upgrade? This implies that the security questions were not asked of the fradulent caller, as my security question answer is not known by anyone but me and my immediate family (in Australia). If this fraud was committed by accessing my account online, I would expect them to have changed my password, security question and other details that would lock me out of my account.

It seems to me there is a simple solution here: Any user requesting an upgrade should be called back on their current phone in order for the upgrade to proceed. The fact that a text was sent to my current phone is good, and alerted me to the issue, however a quick callback to my number would have prevented this upgrade from proceeding.

I've been with O2 since the original iPhone came out, and haven't had any problems untill now. I'm not looking forward to untangling this mess...

Anonymous · ‎06-08-2012

It is astounding that O2 have allowed this scam to continue unhindered.

It's almost as if they can't believe their security system is at fault.

And no doubt somebody representing O2 will post on here quoting the corporate stance that "your data security is of paramount importance to O2"

MI5 · ‎06-08-2012

This has to be an inside job, O2 need to look at their internal security policies. How else would the average scammer know that the account they targetted was due an upgrade ?? I don't believe they "get lucky" everytime they phone up and pretend to be someone else.......

I have no affiliation whatsoever with O2 or any subsidiary companies. Comments posted are entirely of my own opinion. This is not Customer Service so we are unable to help with account specific issues.
Please select the post that helped you best and mark as the solution. This helps other members in resolving their issues faster. Thank you.

perksie · ‎06-08-2012

That sounds very similar to mine above, my details were not changed at all, just the addtion of a new delivery address.

O2 handled it fairly well and removed the addtional charges, but it was 3 months before my account was fully back to normal.

It sounds as if O2 should be paying close attention to whoever put this order through.

To support Disasters Emergency Committee: http://www.dec.org.uk/appeals text Nepal to 70000 to send £5

Sky Unlimited Broadband - Windows 10 - Nexus 4 Android 5.1.1