Category: Phone Scam

The SIM Swap Scam

If you access a website and have forgotten the password, there is usually a link labelled ‘Forgot Your Password’ or similar and if you click the link they will send you a password reset request by email.  You click the button in the email message and reset your password.

Now, if scammers can get hold of such an email message, then they can reset your password and lock you out of your own account and you will have great difficulty getting your account back.

This situation is becoming more dangerous as many people and businesses rely on mobile phones for proof of identity. e.g. your bank may send you security numbers to type into your account to prove your ID but if scammers can access your phone and read your messages, they are in control.

The SIM Card Swap

Unless you have leave sufficient information openly online for scammers to break your password, then their usual approach is called social engineering.

This means to take advantage of people’s trust. So they will research your information online and use what they find to convince a mobile phone shop worker (or customer service worker) to cancel your current SIM card (I lost it) and activate a new one.

They will then have access to your messages, contacts list etc.

Then they try to access your bank account and shopping accounts.


To be safe, you need to limit the amount of personal information that is available about you online. Anything you make public can be read by criminals intent on defrauding you or stealing your identity.

Text messages are very useful but remember that they are not encrypted and can potentially be read by anyone.

You can use APPS that encrypt data such as iMessage, WhatsApp, Signal, etc. for anything that must be kept private.

If there is any suspicious activity on your account or you receive suspicious calls, then contact your bank or phone company.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

The Flubot Scam

The Flubot phone scam is prevalent in Australia and spreading elsewhere.

FluBot is a text message scam that is part of a large-scale attack on mobile phones . It only affects Android devices currently The messages can appear to be from a delivery service like DHL, or other companies like Amazon and tell you to click a link to track your delivery for example.

If you click the link in the message, this will then try to download the malware to your device. If the app is installed, the malware will try to take over your device, allowing more infected text messages to be sent to your contacts without your knowledge. The scammer could also gain access to your messages and online banking details.

It will also ask other infected phones to send Flubot messages to the numbers it steals from your phone, continuing and expanding the scam. So, if you called the person that sent you the message, it would be another victim of the scam whose device was infected.

How does Flubot work?

Flubot text messages are sent with a link which almost always contains a series of 5-9 random letters and numbers at the end. This is the process:

  1. Phone owner gets a text message containing a link
    2. Clicks link and is invited to install software
    3. Phone becomes infected with malware
    4. Infected phone’s contacts are added to central list of Flubot text messages
    5. Flubot tries to steal banking, contact and personal information from infected device

If you click or tap on the link you will usually be taken to a screen where you will be asked to download an app for a purpose that relates to the text message. Or it say you have been infected with Flubot and should click the link to download the antidote.

If Your Device is Infected

You need to do a factory reset of your phone or take it to a professional.

You can find instructions online for how to reset your brand of phone. It is a quick process but will result in loss of data and APPS on the phone.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Cancel Your Credit Card or Is It A Scam?

Stephanie Alderson tells her story:

So my husband had a bad experience with fraudsters a couple of nights ago. He got a call on his mobile from a woman who said she was calling from his credit card company (his actual credit card company). She quoted the last 4 digits of his credit card, his address and email address and was obviously calling his mobile number.

She said there had been several high value charges on his credit card that they thought were fraudulent : Selfridges and a few others.

My husband agreed he hadn’t spent money there. She then said she needed to cancel his credit card. She said she’d sent him a code on his phone and he should read the code back to confirm the cancellation.

He was a bit suspicious, but they hadn’t actually asked for any personal details. All they asked for was a code from his phone which did come as a text message from the phone number used by his usual credit card supplier. He asked if he could phone them back to confirm but she said their phone line was about to shut as it was nearly 6pm.

He was a bit hesitant so she then put my husband onto her supervisor who said it was important he authorise them to cancel his card with the code from his phone to avoid being liable for any future fraudulent charges.

Hubby was naturally suspicious but they hadn’t asked for any personal details at all, just this code from his phone. I’d heard him talking on the phone and so I rang his credit card company who confirmed their fraud lines were open and they were always happy for a customer to ring them back.

My husband hung up the phone without giving the code. It turned out someone had setup an Ocado account earlier that day and had used his card to preauthorise payment as a way to check his card worked. The fraudsters then setup a payment for £6,000 from his card to a website.

The code sent to his phone was genuinely from his credit card company to authorise the payment of £6,000 to that website. So they were never after his personal details. They already had all his credit card info. All they needed was for him to give the code his credit card company automatically sends out for new large transactions.

Pretty sophisticated scam especially as they weren’t fishing for personal details but already had them all from somewhere though we’ve never found out how.

His card was then thankfully cancelled by his genuine credit card company and so no money ever left his account but pretty scary that they had his full details and were so brazen about it.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Scam Survey Calls

This is a variation on the common scam survey phone call, as received by Bob.

The caller pretends to from an official body and is calling due to concern about dangerous dust caused by the rock wool or other insulation in Bob’s loft.

He wants to arrange to carry out a survey today as he is in the area.

Bob told him that he doesn’t have such insulation so the caller switched to concern about cavity wall insulation instead.

When Bob also said he doesn’t have cavity walls, the caller gave up and hung up.

Bob did check and there is no official body looking into such things in his area.

Just a scammer.

These scammers have two likely ways to steal from you

  1. They get into your house to ‘case the joint’ and see if they can grab anything
  2. They carry out a fake survey then demand cash payment of an exorbitant fee.

If you have any concerns over your cavity wall insulation or similar then contact the council or call an expert but never deal with cold callers or people who send unsolicited emails.

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

The Wangiri Phone Scam

This is the call back scam, which rose to epidemic levels in Ireland a few years ago but is still around now.

The calls, often have international prefixes including +231 (Liberia), +269 (The Comoros Islands), or +43 (Austria) and are intended to trick people into phoning back at premium rates.

The numbers are high cost international numbers and the fraudsters will get paid for each call back. The fraudsters will try to keep you on the line for as long as possible as they get paid by the minute.

The scam is known as a ‘wangiri’ call, (means one ring) because the mobile phone typically rings just once or twice.

The scammers hope that people will automatically call back without looking too closely at the number.

The telecoms watchdog admits there is no easy way to identify such calls but advise not calling back unless you know the number that called you and certainly do not call back if left a blank message.

Some mobile operators do block these scam numbers as they are identified and that stops them from calling their customers and blocks their customers from returning the call.

If you receive such calls, then notify your phone company of the calling numbers.

If you have any experiences with scammers, spammers or time-waster do let me know, by email.

Fightback Ninja Signature