Do people here consciously think about this sort of fraud, and how do you secure yourself against it? (e.g. biometric locks on email accounts and notes?)
I would say pin lock on the device would render such an attack very unlikely until I read he claimed the device was pin locked?
Maybe it was simple to guess , or something else going on?
I should congratulate the thieves on accessing his Barclays account though. I was a customer of Barclays for many years but simply got fed up of constant technical errors preventing me from accessing my own funds.
From the article, it suggests that the thieves “shoulder surf” the victims until they see them type in their device pin, then after pickpocketing either use that same pin for the app, or search through notes for sensitive passwords and the like.
> I should congratulate the thieves on accessing his Barclays account though. I was a customer of Barclays for many years but simply got fed up of constant technical errors preventing me from accessing my own funds.
This is certainly one way to keep your money safe! Bravo, Barclays
Just a practical answer - I have 3 bank accounts - a spending account, a current account that just pays my mortgage and tax, and a savings account. Only the spending account has an app on my phone, and it only ever has a months spending in it so the amount that can be stolen is limited. In order to take my savings (quickly) a theif would also have to compromise the 'mortgage' current account as it is only set up to pay into that account.
If my phone gets stolen, I expect the current account to be cleaned out with a 5K loss (2K balance + 3K max overdraft), and I'll lose access to anything with 2fa set up for a few days. That would suck a lot.
9 comments
[ 0.22 ms ] story [ 31.1 ms ] threadMaybe it was simple to guess , or something else going on?
I should congratulate the thieves on accessing his Barclays account though. I was a customer of Barclays for many years but simply got fed up of constant technical errors preventing me from accessing my own funds.
I guess they got double lucky in this regard?
> I should congratulate the thieves on accessing his Barclays account though. I was a customer of Barclays for many years but simply got fed up of constant technical errors preventing me from accessing my own funds.
This is certainly one way to keep your money safe! Bravo, Barclays
If my phone gets stolen, I expect the current account to be cleaned out with a 5K loss (2K balance + 3K max overdraft), and I'll lose access to anything with 2fa set up for a few days. That would suck a lot.
The only email account is dedicated to mobile - alerts and notes to self. No Google profile set.
I don't regard this is particularly cautious.
In any case, this is a nice strategy to hedge.