Skip to content

VICTORIA BISCHOFF: How our phones are leaving us exposed to scammers

  • by

A few weeks ago, I left my mobile phone in the back of a taxi. I was loaded with bags and had briefly put it on the seat next to me while I paid. By the time I realized, the driver had disappeared around the corner.

Oh, the panic. Like so many people, I am lost without my phone. It has all my family and friends’ numbers, my personal and work emails and, most alarmingly, my many banking apps.

Fortunately, thanks to Apple’s miraculous app Find My iPhone, I was able to get my mobile back.

Risk: Many people keep their mobiles and bank cards in the same place, such as a handbag, but few would realize how vulnerable this makes them to fraud

This clever tool allows you to track on a map where your phone has gone and make it play a sound so someone (the taxi driver in this case) can find it and call a phone number which will flash up.

But the ordeal hammered home just how reliant we have become on these gadgets. It’s why I’m militant about backing up my phone so that even if it goes missing, my photos, files and contact details are safe.

I also wrote my husband’s number on a piece of paper which I keep in my purse, so I can call him in an emergency.

Then a story posted on Twitter last month really set my alarm bells ringing. Charlotte Morgan described how someone had broken into her gym locker, stolen her smartphone and bank card and gone on an £8,000 spending spree.

When her current account ran dry, the criminal even managed to transfer thousands of pounds from her savings to continue spending.

And the worst part was that her bank, Santander, had refused to refund a penny. It claimed she must have been negligent and kept her Pin with her debit card — which was, of course, nonsense.

As the Mail reported last Thursday, it has since emerged that she is not the only victim. Police are hunting a prolific thief suspected of stealing thousands of pounds from women in gyms across London. One claims to have lost close to £20,000 in an hour and a half.

But just how did this happen? We’ve always been told crooks can’t get into our mobile banking accounts. After all, the phone itself is protected by a passcode.

And the apps are secured by facial recognition or fingerprint technology. Well, an investigation by BBC Radio 4’s You And Yours claims to have worked it out.

In order to spend large sums of money using your card, fraudsters need your Pin — which is (somewhat unbelievably) available to view in your mobile banking app.

To access this, you would usually need to enter a passcode or unlock it using your face or thumbprint. But if the crook has your card, they can download your mobile banking app onto their phone.

The bank will want to check it’s really you doing this, so they will send a text message with a one-time authorization passcode.

But if the criminal also has your phone, they can see this (even if it is locked), get into your account, change the passwords and, crucially, get their hands on your Pin — all within a few minutes.

Banks need to jump on this glaring security flaw fast. Lots of people keep their mobiles and bank cards in the same place. Few would realize how vulnerable this makes them to fraud.

I also find it hard to believe that the banks — which regularly brag about their sophisticated fraud detection systems — didn’t freeze these victims’ cards sooner.

You might expect one unusual transaction to go unnoticed. Yet Charlotte says her card was used to make multiple purchases totaling thousands of pounds at one Apple store — where she has never shopped in her life.

Eventually, under pressure from the Press, Santander agreed to reimburse her. But it again raises serious concerns about why some banks are still so quick to blame the victim and deny refunds.

One lesson I’ve learned is to change your phone’s security settings so messages don’t flash up if the device is locked.

That way crooks won’t be able to see any verification texts sent by your bank. And ensure your phone’s sim card is protected by a password.

In the meantime, perhaps we need to rethink how much personal data we store on phones. As this tale shows, our mobiles have left us worryingly exposed to scammers.

[email protected]

Some links in this article may be affiliate links. If you click on them we may earn a small commission. That helps us fund This Is Money, and keep it free to use. We do not write articles to promote products. We do not allow any commercial relationship to affect our editorial independence.

.