Fraud & Identity Fraud & Identity


Fraud & Identity Featured Article


Data Breaches Put Customers at Risk of Identity Fraud

March 28, 2017

Imagine for a moment that, at the end of your mobile cycle month, you log onto your online account to access your billing information and see how much you owe your provider. However, when the screen comes up, it’s not your information you see, but that of another customer. All of that person’s mobile account details are there, except for the financial details, and you can easily go through all of it as if it were your own. Doesn’t that sound like an identity fraud nightmare waiting to happen?


Unfortunately, that nightmare is Three UK’s reality at the moment. The telecommunications and Internet service provider announced recently that it is “aware of a small number of customers who may have been able to view the mobile account details of other three users using My3.” This breach follows just months after another in November, when the data of six million customers was stolen.

Although this is scary, it’s important for customers to remember that Three UK is just as much of a victim in this scenario as well. In the previous breach, hackers used employee credentials to get into the company’s upgrade database. While it’s unclear how this latest incident occurred, it’s important to remember that hackers are determined criminals who will find any and all cracks in a security system, no matter how small.

While it’s good that no financial details are visible to those customers that are affected, Chris Hodson, EMEA CISO at Zscaler, pointed out the fraudulent possibilities to SC Media UK, saying, “Reassuring customers that no financial details were exposed is irrelevant. If users are able to see other customers' bills, then there's a totally feasible scenario where one user could ask for a replacement SIM based on the billing details, get a replacement phone and reset passwords for major accounts – including banking. This has real implications for identity fraud. ”

Thus, what was likely a small crack in Three UK’s security defenses opened users up to mobile identity fraud. We can hope that customers with this power choose not to exploit it, but there’s still a chance. That’s why it’s so important for service providers to be prepared for a breach like this. Three UK did everything right—it strengthened its security efforts after the first breach, has secure online accounts, etc.—and yet, hackers still found a way in.

So, service providers, take this unfortunate event as a warning. The potential for identity fraud—or any fraud, for that matter— is something everyone needs to be concerned about and prepared for. When it comes to customer data, there’s no such thing as being overprotective. Yes, customers may find extra verification measures somewhat annoying at first, but it’s almost a guarantee that they’d prefer added security to having their bank accounts drained. 



Article comments powered by Disqus






Industry Insights

(MobileID) Proactive Fraud Prevention

Interconnect-related fraud such as International Revenue Share Fraud (IRSF) and PBX hacking fraud continue to be a billion dollar problem to the telecom industry.

(Defender Shield) Defense solutions for the modern SMS ecosystem

SMS is a ubiquitous communication method for person-to-person (P2P) text messaging, which has been in use globally for nearly 20 years.

(Defender Shield) Preventing Grey Routes and the Multi-billion dollar Threat

The convenience of mobile messaging has brought communication efficiency to billions of consumers worldwide. As is often the case with widely accepted technologies; however, convenience can provide a vulnerable gateway to fraudulent activity.

Product Documents

Asset Protect

While unlimited or high-volume voice and SMS plans offer great value to subscribers, sometimes fraudsters exploit these plans to avoid paying termination and interconnect fees.

Defender Shield

In a world with ever-increasing Application-to-Person (A2P) messaging needs and competition, improving customer satisfaction and eliminating revenue leakage is key for protecting SMS profits.

MobileID

Accurate and cost-efficient routing of voice calls and SMS is critical. Unfortunately, gathering reliable routing data on ported numbers and keeping up with constant changes in number plans is expensive and time-consuming.

Fraud Solutions

Communications fraud is a $20B annual global problem and growing. Companies are looking for peace of mind so that their business and their customers are protected from the onslaught of technology crime that is damaging their reputations and their balance sheets.