Latest news with #identityfraud
The Sun
3 days ago
- The Sun
I got spoofed and was forced to change my mobile number – it could happen to you too
IF you've ever been targeted by a scammer, you'll know it can be a scary and worrying experience. But has a fraudster ever pretended to be YOU, in order to trick people out of their hard-earned cash? 1 That's exactly what happened to me, when I discovered that my phone number had been "spoofed" and crooks were using it to try and scam people. It's a horrible form of identity fraud and a cunning way for fraudsters to attempt to steal cash or money from unsuspecting victims, as the number appears to be from a trusted source. It all started six months ago, when I started getting mysterious phone calls from strangers claiming that they'd has missed calls from me. But when I checked my call log each time, I could see that I never made the call to that number. I would tell the caller that they made a mistake, and hang up the phone. I was suspicious that these were scammers trying to lure me into handing over money in some way, so I made sure to block the numbers after I put the phone down. But the calls kept coming and each time I kept blocking the number. That was until last week, when I received a WhatsApp out of the blue from a lady I didn't know. "Hello, did you call me?" the text read. I usually don't message back when I get these sorts of WhatsApp messages, as I'm wary of scammers. But I was confused when the lady sent a screenshot of her call log - and surprisingly, my phone number was at the top of the list. I decided to message back, explaining that I didn't call her. I thanked her for flagging the missed call, and said I would look into what happened. After contacting my phone company, ID Mobile, I was told that the most likely explanation for what had happened was that my phone number had been spoofed. They said there wasn't much the company could do about my spoofed number, although I had the option to change my phone number, which would cost £25. I was also told to report the issue to Action Fraud. The thought of a scammer using my number and pretending to be me to con money out of innocent people made me sick to my stomach. So I decided to bite the bullet, swallow the £25 charge, and put the experience behind me. Even better, I've not had a single scam call or text since I switched my number - before, I used to get at least one a week. However, there's nothing to stop my new number from being spoofed too. It's also been a massive inconvenience contacting all my friends, family, and organisations to let them know about my change of number. iD Mobile said: "We understand how frustrating it is for customers to receive calls from people claiming they've been contacted by them. "In this instance, it appears the number was spoofed — a common industry issue where fraudsters fake caller IDs without needing access to the number itself." I've been told that if I report it to Action Fraud, the £25 fee will be waived - which I'm planning on doing soon. Spoofing on the rise The main reason why scammers will spoof numbers is in order to target more victims without being caught up in something called the Do Not Originate (DNO) list. Ofcom and UK Finance launched the DNO list in 2019. Companies and organisations add to the list when a rogue number is reported, and this list is shared with telecoms providers to help them identify and block calls from these numbers. It's an effective tool in filtering through scam callers - but tech and cyber security expert David McClelland said scammers are exploiting a loophole. "Perhaps because of this DNO list - although it's difficult to say for sure - scammers are now also making calls that spoof individuals' mobile numbers," he said. Spoofing is becoming a big problem. The telcoms regulator, Ofcom, is so concerned about the growing threat of spoofing that it launched a consultation in July last year on how to address the issue. It said it was "concerned" that scam calls are coming from scammers who are spoofing UK mobile numbers. It said a call from a spoofed number could appear more trustworthy, and "victims are more likely to share personal information or to make a payment, which can lead to significant financial and emotional harm". It can therefore make it much easier for fraudsters to hunt down victims and steal their money. Some 5.7million Brits have been targeted by a mobile phone scammer more than 10 times, according to research from comparison site Uswitch. And an eye-watering £1.17billion was swiped by scammers in 2024 - roughly level to what was stolen in 2023. What can you do about spoofing? Worryingly, phone companies can't do a lot about spoofing, says Jake Moore from the cybersecurity firm ESET. "There's no solid bulletproof way to stop this sort of spoofing," he says. "However, it's a good idea to report it to Action Fraud and at extreme lengths, you can change your number. "This may be challenging for some people - but it will eradicate the problem if your phone number appears on a list that hackers delve into." My spoofing experience has been sobering, and has reminded me of the importance of remaining vigilant against scammers. Set your privacy settings to the highest level on your social media and messaging accounts. This is so people can't contact you or collect personal information about you - it's surprising how much we share on our accounts. Be wary of who you share your number with. "Try to reduce the amount of companies you give your phone number to," Jake said. "Most website forms will ask for it but not all of them will require it for the service or product to work. "By limiting where your number is divulged, it reduces the chance it will be breached." If you get a cold call, never rely on just using the caller ID as a way to verify who they say they are. It's worryingly easy for scammers to spoof a number. If someone says they are from your bank, then hang up and call the number on the back of your card, or through the mobile bank app. If someone says they are from an official organisation, like HMRC, hang up and look up the number to call back on the website. Being spoofed has made me realise the lengths that scammers will go to in order to trick you into handing over money. From now on, I'll be keeping a close eye on where I'm sharing my phone number. How to stop nuisance calls and texts FED up with scam texts and calls clogging up your phone? Take these steps to fight back. On iPhone, you can enable Silence Unknown Callers by going to Settings > Phone, scrolling down to Silence Unknown Callers, tapping the option, and turning on the feature. This will block phone numbers that are not in your contacts or that you have not contacted previously. On Android, open the Phone app, tap the three dots for more options, tap Settings then turn on Caller ID and spam protection. This uses a database of phone numbers to determine a caller's ID and filter out spam calls. Contact the Telephone Preference Service to add your landline or mobile number to the UK's official Do Not Call register and opt out of unsolicited communications. You can register your phone number on the TPS website or by phoning 0345 070 0707. Certain phone providers offer their own blocking services, some free and some paid for. Contact your provider to find out more.
Yahoo
20-07-2025
- Business
- Yahoo
Centrelink issues ATO alert as Aussies submit their tax returns: 'Steal your money'
Services Australia has warned Australians to have their wits about them as they submit their tax returns. More than 15 million people lodge their financial information with the Australian Taxation Office (ATO) after July 1, and it's the perfect time for scammers to pounce on unsuspecting Aussies. They often try to impersonate government bodies like myGov and Centrelink by sending out mass text messages and emails across the country. Services Australia said it can be dire if you let your guard down. "They pretend to be us so they can steal your personal information and money after you click a link or give them your details," it said. If they get access to your personal information, they can conduct identity fraud or log in to certain accounts like myGov and lodge fake tax returns on your behalf. RELATED ATO issues urgent tax return warning as Aussies risk losing over $1,500 Common neighbour problem plaguing Aussie houses Compensation sought for millions of Qantas customers How scammers are preying on Aussies during tax time Services Australia has noticed scammers have been trying to catch out certain Aussies with certain tactics this year. One is highlighting a one-time payment, tax rebate or other type of refund, as many will be hoping for a cost-of-living boost with their tax return. They also might try to convince you that there is a problem with your myGov account, tax return information, or that your account is about to be "frozen or suspended".These hackers will usually use urgent language in their messages to make you act quickly. Their correspondence to you will also typically include a link or URL, but Aussies have been urged to avoid this at all costs. "Don't click on the internet link," Services Australia said. "If you clicked on a suspicious link or gave personal information to a scammer, head to our website to find out what to do." The government body said it can help in the following ways if you've been hacked or scammed: offer support and advice about how to protect yourself and your personal information check your customer records for any suspicious activity make corrections to your records if needed add extra security measures to prevent unauthorised access. 150 per cent jump in scams as ATO adds better protection The ATO issued a similar warning about scammers ever since Aussies were able to submit their tax returns for the 2024-25 year. The tax office had seen a 150 per cent increase in impersonation scams over the last 12 months, with 90 per cent of these being conducted via email. 'This is the time of year when people are awaiting their tax returns or expecting to hear from the ATO, and scammers know it,' ATO assistant commissioner Rob Thomson said. The ATO has strengthened the security features on its app and Aussies can now monitor their accounts in real-time through alerts if changes have been made to their records. If certain details are changed without your permission, you can instantly lock down your account to ensure nothing else is affected. 'If you receive a notification and something doesn't feel right, lock your account immediately in our app, and verify and report the interaction on the ATO website or by calling 1800 467 033 during business hours to discuss any suspicious activity," Thomson in to access your portfolio
ABC News
17-07-2025
- ABC News
Experts say forcing companies to delete data would remove cybercrime 'honey pot '
Giving Australians the right to force the removal of their personal details from company databases would help combat the growing impact of mass data theft, experts say. More than 25 million customer accounts have been exposed in just three cyber attacks involving major companies in Qantas, Optus and Medibank. University of Queensland cyber security expert Ryan Ko says the number of Australians exposed to the risk of cybercrimes such as identity fraud or extortion is "increasing by the day". "There's no way you can tell how the leaked information is going to be used," he said. Professor Ko says there is no end in sight to these mass data heists. He says that is because highly-organised and opportunistic cybercriminal gangs — some of them state-backed — are well-placed to sniff out the weaknesses of most Australian companies whose "current practice and governance structures [are] not set up to be cyber-resilient". This is despite Australia ranking as the world's number one state in cyber defence, according to a Harvard University report in September 2022. That same month, about 9.8 million Optus customers learned that hackers had accessed their sensitive data including names, birth dates, and in some cases home addresses and passport numbers. In Queensland alone, the state government had to replace more than 178,000 driver licences. The hackers exploited security flaws including a publicly available application programming interface. The next month, hackers targeted Medibank with a ransomware attack, threatening to release the medical records of 9.7 million people on the dark web. The hackers allegedly swiped an IT staffer's sign-in credentials from his private computer, exploiting Medibank's lack of safeguards such as multi-factor authentication, and its alleged failure to act on alerts and warnings from consultants about system weaknesses. The 2022 breaches exposed the details of not only current but also former customers of both Optus and Medibank. Qantas claimed to have learned from these earlier scandals by deleting old customer data. But last month it suffered an attack via its call centre in the Philippines, which exposed details of 5.7 million current Frequent Flyer customers. More than a million people came to learn these included their addresses, reportedly including a federal MP who criticised Qantas for not being "upfront about the extent of personal details accessed at the start". The airline yesterday said it had found no evidence yet of stolen data being released but was "actively monitoring". It took out an interim injunction in the New South Wales Supreme Court to "prevent the stolen data from being accessed, viewed, released, used, transmitted or published by anyone". Corporate accountability in Australia — and the prospect of people being compensated for harm by sharing in penalties on corporations that fail to protect their sensitive data — can be a long time coming. The federal government watchdog, the Office of the Australian Information Commissioner (OIAC) is still investigating the Optus breach almost three years on. The Australian Communications and Media Authority sued Optus in the Federal Court with the matter still ongoing. The OIAC's pursuit of penalties against Medibank also remains with the Federal Court. And there are several class actions by law firms against Medibank which remain on foot. The 2022 breaches did spur privacy reforms by the federal government in December, including greater powers for the OIAC, which can now hit companies with fines of up to $50 million for serious breaches (up from $2.2 million). With regulator crackdowns and legal battles taking years, some experts say there is another proposed reform to address public distrust of companies holding their personal information. This is the "right to erasure", which would allow people to force companies to explain what personal information they hold, what they do with it, and to delete or de-identify that information. Privacy experts such as University of New South Wales academic Katharine Kemp have argued that companies use a "self-serving" interpretation of current guidelines to collect as much customer information as they can, use it for more and hold it for longer. The right to erasure, which has been in place in Europe since 2018, would help stop damaging data hacks, they say. And it is a right that 90 per cent of Australians support, according a 2023 survey of about 1,600 people by the OIAC. James North, who heads the technology practice at law firm Corrs Chambers Westgarth, says there is "a growing sense in the community that … people want more control over their data". He says people have the right to "have the data about you corrected ... but you don't have an explicit right to say, 'Don't use my personal data'". "So that reform would give individuals more control over their data," Mr North says. "I'm obviously not a privacy advocate, I work for big clients and assist them to comply with laws. "But data minimisation, not collecting data that's not required for identity checks for example, and having these avenues for consumers to understand what information companies have about them and making sure that it's appropriate — and for companies to delete information when it's no longer required — it's much better than having a breach and then a class action. "That's in no-one's interests." Professor Ko says the reform would be "a great move, and a great direction, especially given the fact that individuals can hold companies or organisations to account". "In terms of implementation, if it's just within an organisation, the right to erasure is actually technically possible," he says. "It also gives the organisations an opportunity to look into how to communicate that with customers, like, 'If we collect your data, it's used for this, and when you're no longer a customer with us, we'll be deleting this, and you know you can call us'. The Albanese government agreed "in-principle" to the reform in 2023, subject to exceptions in the public interest, including for law enforcement and national security. A spokesman for Federal Attorney-General Michelle Rowland says the government is "aware of the significant impacts of data breaches on people whose personal information has been compromised, often without their knowledge, and is committed to protecting the privacy of all Australians". He says the government is "continuing work on a further tranche of reforms". But he declined to say when it planned to introduce them - or whether they would include a right to erasure. "The government is taking the time needed to get the balance right between protecting people's personal information and allowing it to be used in ways that benefit individuals, society and the economy," he says. "We know this is a complex policy area and engages a wide range of stakeholders with diverse perspectives and interests."
Yahoo
16-07-2025
- Business
- Yahoo
Trouble in Paradise? Consumers Don't Trust Travel Industry to Protect Them From AI-Powered Fraud
New research from Jumio reveals nearly half of global consumers lack confidence in travel industry's ability to protect against identity fraud SUNNYVALE, Calif., July 16, 2025--(BUSINESS WIRE)--Jumio, the leader in AI-powered identity intelligence anchored in biometric authentication, automation and data-driven insights, today released new findings from its 2025 Online Identity Study. As consumers worldwide set out for summer leisure, digital identity protection may be taking a more prominent spot on the packing checklist, with nearly half of global consumers (44%) lacking confidence in the travel industry's ability to protect them from AI-powered fraud including identity theft and account takeover fraud. This lack of confidence jumped to 55% for Americans. For the sharing economy (including vacation rentals and other travel-focused gig economy services), confidence falls even further, with 60% in the U.S. and 50% globally saying they don't feel adequately protected. Consumers share sensitive personal data in exchange for a simple vacation, notably turning over government-issued IDs like passports and drivers' licenses in order to book and check into flights, reserve accommodations and rental cars, and more. This exchange of data makes consumers vulnerable to fraud during the summer travel season — and they recognize the risk. These sentiments trend alongside broader global distrust in digital spaces, with 69% of respondents saying AI-powered fraud now poses a greater threat to personal security than traditional forms of identity theft. In response to this distrust, consumers worldwide are slightly more willing to invest more time in identity verification on these platforms than in 2024: In 2025, 74% of global consumers said they would willingly spend more time on identity verification when accessing travel and hospitality-related platforms if it improved their security — up from 71% in 2024. Global willingness to spend time verifying identity on sharing economy platforms also stayed high at 70% in 2025, only slightly down from 71% in 2024, but with a subtle shift from "a lot more time" to "a little more time." This suggests increased caution, with a remaining preference for low-friction, visible safeguards. Consumers' increasing willingness to spend time on identity verification for travel-related transactions follows a growing trend in traditionally higher-risk industries. For instance, 80% of consumers globally were willing to spend more time on security for digital platforms supporting banking and financial services. "Whether it's an evacuation plan or a safe in every hotel room, the travel and hospitality industry know how to build the structures and processes customers need to feel safe. Now customers expect the same level of care for their personal data," explained Bala Kumar, chief product and technology officer at Jumio. "But travel and hospitality businesses can't keep layering traditional protections on already complex processes — they need new solutions and technologies to balance convenience with protection, even as AI-powered scams evolve." Find additional data and insights here. About the Research The Jumio 2025 Online Identity Study surveyed 8,001 adult consumers evenly distributed across the United States, the United Kingdom, Singapore, and Mexico. Censuswide fielded the survey between April 9 and April 24, 2025. Censuswide abides by and employs members of the Market Research Society which is based on the ESOMAR principles and are members of The British Polling Council. About Jumio Jumio helps organizations to know and trust their customers online. From account opening to ongoing monitoring, the Jumio Platform provides AI-powered identity intelligence anchored in biometric authentication, automation and data-driven insights to accurately establish, maintain and reassert trust. Leveraging powerful automated technology including biometric screening, AI/machine learning, liveness detection and no-code orchestration with hundreds of data sources, Jumio helps to fight fraud and financial crime, onboard customers faster and meet regulatory compliance including KYC and AML. Jumio has processed more than 1 billion transactions spanning over 200 countries and territories from real-time web and mobile transactions. Based in Sunnyvale, California, Jumio operates globally with offices and representation in North America, Latin America, Europe, Asia Pacific, and the Middle East and has been the recipient of numerous awards for innovation. Jumio is backed by Centana Growth Partners, Great Hill Partners and Millennium Technology Value Partners. For more information, please visit View source version on Contacts Media Contacts U.S. Media Contact Haleigh Kent-Bryant10Fold Communicationsjumio@ 810-516-5486 APAC Media Contact Luke NazirFINN +65 8139 2504 LATAM Media Contact Lavinia MuñozSentidos Comunicacioneslavinia@ +52 5510124305 Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
National Post
16-07-2025
- Business
- National Post
Trouble in Paradise? Consumers Don't Trust Travel Industry to Protect Them From AI-Powered Fraud
Article content New research from Jumio reveals nearly half of global consumers lack confidence in travel industry's ability to protect against identity fraud Article content SUNNYVALE, Calif. — Jumio, the leader in AI-powered identity intelligence anchored in biometric authentication, automation and data-driven insights, today released new findings from its 2025 Online Identity Study. As consumers worldwide set out for summer leisure, digital identity protection may be taking a more prominent spot on the packing checklist, with nearly half of global consumers (44%) lacking confidence in the travel industry's ability to protect them from AI-powered fraud including identity theft and account takeover fraud. This lack of confidence jumped to 55% for Americans. Article content For the sharing economy (including vacation rentals and other travel-focused gig economy services), confidence falls even further, with 60% in the U.S. and 50% globally saying they don't feel adequately protected. Article content Consumers share sensitive personal data in exchange for a simple vacation, notably turning over government-issued IDs like passports and drivers' licenses in order to book and check into flights, reserve accommodations and rental cars, and more. This exchange of data makes consumers vulnerable to fraud during the summer travel season — and they recognize the risk. Article content These sentiments trend alongside broader global distrust in digital spaces, with 69% of respondents saying AI-powered fraud now poses a greater threat to personal security than traditional forms of identity theft. Article content In response to this distrust, consumers worldwide are slightly more willing to invest more time in identity verification on these platforms than in 2024: Article content In 2025, 74% of global consumers said they would willingly spend more time on identity verification when accessing travel and hospitality-related platforms if it improved their security — up from 71% in 2024. Global willingness to spend time verifying identity on sharing economy platforms also stayed high at 70% in 2025, only slightly down from 71% in 2024, but with a subtle shift from 'a lot more time' to 'a little more time.' This suggests increased caution, with a remaining preference for low-friction, visible safeguards. Article content Consumers' increasing willingness to spend time on identity verification for travel-related transactions follows a growing trend in traditionally higher-risk industries. For instance, 80% of consumers globally were willing to spend more time on security for digital platforms supporting banking and financial services. Article content 'Whether it's an evacuation plan or a safe in every hotel room, the travel and hospitality industry know how to build the structures and processes customers need to feel safe. Now customers expect the same level of care for their personal data,' explained Bala Kumar, chief product and technology officer at Jumio. 'But travel and hospitality businesses can't keep layering traditional protections on already complex processes — they need new solutions and technologies to balance convenience with protection, even as AI-powered scams evolve.' Article content Find additional data and insights here. Article content About the Research Article content The Jumio 2025 Online Identity Study surveyed 8,001 adult consumers evenly distributed across the United States, the United Kingdom, Singapore, and Mexico. Censuswide fielded the survey between April 9 and April 24, 2025. Censuswide abides by and employs members of the Market Research Society which is based on the ESOMAR principles and are members of The British Polling Council. Article content About Jumio Article content Jumio helps organizations to know and trust their customers online. From account opening to ongoing monitoring, the Jumio Platform provides AI-powered identity intelligence anchored in biometric authentication, automation and data-driven insights to accurately establish, maintain and reassert trust. Article content Leveraging powerful automated technology including biometric screening, AI/machine learning, liveness detection and no-code orchestration with hundreds of data sources, Jumio helps to fight fraud and financial crime, onboard customers faster and meet regulatory compliance including KYC and AML. Jumio has processed more than 1 billion transactions spanning over 200 countries and territories from real-time web and mobile transactions. Article content Based in Sunnyvale, California, Jumio operates globally with offices and representation in North America, Latin America, Europe, Asia Pacific, and the Middle East and has been the recipient of numerous awards for innovation. Jumio is backed by Centana Growth Partners, Great Hill Partners and Millennium Technology Value Partners. Article content Article content Article content Article content Contacts Article content Media Contacts Article content U.S. Media Contact Article content Article content Haleigh Kent-Bryant Article content Article content Article content 810-516-5486 Article content APAC Media Contact Article content Article content Luke Nazir Article content Article content FINN Partners Article content Article content Article content Article content +65 8139 2504 Article content LATAM Media Contact Article content Article content Lavinia Muñoz Article content Article content Article content Article content
