cancel
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
The-V-Man
New Contributor
New Contributor

Sim Swap Security Hack Protection

Hi there,

There has been a number of reports in the media recently, about hackers taking control of a users phone (number) via the use of 'sim swapping' (the practice of migrating/porting a phone number to another sim).

 

Once the hackers get control of your phone number, they can reset all of the passwords of your accounts (banks, social media, utilities, etc). If two-factor authentication (TFA) is enabled on your accounts (as most services require this) the password reset verification sms is sent to your (hijacked) mobile phone number, allowing the hackers to log into your account and reset all of your passwords - locking you out.

 

I'm aware that Optus does provide the option of setting a pin number against your account (so that no changes can be made without the pin being entered by the staff member / user). Whilst this is better than nothing, it doesn't neccessarily stop your number being ported to a new sim (by a malicious/bad Optus staff member). 

 

Given the above, i'm curious to know what Optus are doing to stop malcious sim swapping? A simple solution would be to set up a rolling token (such as those used in Google Authenticator app).

7 Replies
Ray_YC
Online Community Manager
Online Community Manager

Re: Sim Swap Security Hack Protection

Hi,


Please see this thread which contains the answer by Paddylee describing the ACMA conditions that need to be followed.

------------------------------------------------------------------------------------------------------------------ I’m part of the Yes Crowd team, employed by Optus to help run our online community. This guide explains how everything works on here and you should also check out our Community Guidelines.

Did we answer your question? Please mark it as a Accepted Solution and be generous with that Kudos button Smiley Happy
njs91
New Contributor
New Contributor

Re: Sim Swap Security Hack Protection

Hi there,

I found this post useful.

I had an abusive, psychotic ex-partner. I think he has had my SIM cloned for years, and I am always noticing unusual activity on Facebook, Google, iCloud, etc. 

I feel as though he could even have access to "a malicious/bad Optus staff member”. What would I do in this case? Change my phone number to a lesser known provider and keep my number private? I have even changed phones and SIMs and the strange activity and unusual log-ins are continuing. I am 100% certain that he is accessing my two-factors codes in some way, and given that he may have access to a dodgy Optus staff member, what is my best course of action?

Many thanks in advance.

0 Kudos
Reply
Steven_YC
Moderator
Moderator

Re: Sim Swap Security Hack Protection

Hi @njs91 - We take these matters very seriously and would like to investigate this.

Can you please send our Facebook or Twitter team a private message? We'll take it from there.

----------------------------------------------------------------------------------------------------------------- I’m part of the Yes Crowd team, employed by Optus to help run our online community.

Did we answer your question? Please mark it as a Accepted Solution and if you see something that was helpful to you or the rest of the community, giving a Kudos is only a click away.

njs91
New Contributor
New Contributor

Re: Sim Swap Security Hack Protection

Can you put me in touch with someone who specialises in phone security and fraud and who will understand SIM cloning? I have not received any useful information to date by phone or chat. I need a solution so I can have some privacy. It really is a specialised, technical issue.
0 Kudos
Reply
Steven_YC
Moderator
Moderator

Re: Sim Swap Security Hack Protection

If you can get in touch with our team over the provided channels above, we can have this raised for you and investigated further.

----------------------------------------------------------------------------------------------------------------- I’m part of the Yes Crowd team, employed by Optus to help run our online community.

Did we answer your question? Please mark it as a Accepted Solution and if you see something that was helpful to you or the rest of the community, giving a Kudos is only a click away.

0 Kudos
Reply
njs91
New Contributor
New Contributor

Re: Sim Swap Security Hack Protection

Sending a message on Facebook or Twitter? This is why the security of telcos needs improving. Someone could just pretend to be me, with my DOB, name and address, and make changes to my account? In my view, proper ID checks should be conducted with any account changes (video for example, and match it with the ID on file).
0 Kudos
Reply
Steven_YC
Moderator
Moderator

Re: Sim Swap Security Hack Protection

The security and personal information of our customers is the utmost importance to us. We ensure that this is securely captured through the various ways. If you're unable to message us through the channels above though or don't feel comfortable, you're more than welcome to visit our store with 100 points of ID or call our team on 133 937 and they can also have this raised.

----------------------------------------------------------------------------------------------------------------- I’m part of the Yes Crowd team, employed by Optus to help run our online community.

Did we answer your question? Please mark it as a Accepted Solution and if you see something that was helpful to you or the rest of the community, giving a Kudos is only a click away.