News, Culture & Society

Optus data breach: Accused fraudster charged with using stolen data for an alleged SMS scam

Arrest after Optus data breach: Accused fraudster is charged with using stolen data for an alleged SMS scam

  • Man arrested for alleged SMS scam using information from Optus data breach

A Sydney man has been arrested over an alleged SMS scam where he used details obtained from the Optus data breach. 

Some Optus customers whose personal details were stolen in the cyber attack had ‘highly targeted’ scam text messages and emails sent to them. 

Cyber security consultancy Gridware told Daily Mail Australia the type of data stolen by hackers would be sold on the dark web to criminals who are likely to use it to create authentic-looking fraudulent phishing scams.

The personal data included names, passport and drivers’ licence numbers, addresses, email addresses, dates of birth and phone numbers. 

Nearly 10 million Optus customers had personal details taken in the cyber attack.

A Sydney man has been arrested over an alleged SMS scam where he used details obtained from the Optus data breach

Ahmed Khanji, Gridware's CEO and a professor of cybersecurity said criminals who buy the data are able to create convincing-looking scam SMS messages

Customers' account details, full names and addresses may be quoted back to customers as scammers try to get defraud them

Some Optus customers whose personal details were stolen in the cyber attack had ‘highly targeted’ scam text messages and emails sent to them 

Ahmed Khanji, Gridware’s CEO and professor of cybersecurity said criminals who buy the data are able to create convincing-looking SMS messages and emails because they already have so much personal information.

‘These messages will be advanced, targeted phishing attempts trying to get you click a link to pay a fee or a fraudulent invoice, or fill out more details,’ Prof. Khanji said.

‘They are far more believable than random messages saying “I’m from the ATO, you owe money.’

The messages could most obviously try to pressure existing Optus customers for money.

People unaware their details had been stolen could easily fall for the scams because any messages would quote their personal details back to them – including residential address and date of birth.

These messages will be advanced, targeted phishing attempts trying to get you click a link to pay a fee or a fraudulent invoice, or fill out more details,' Prof. Khanji said

Optus customers have been warned not to fall for the phishing scams that are likely to follow the massive data breach

These messages are ‘advanced, targeted phishing attempts trying to get you click a link to pay a fee or a fraudulent invoice, or fill out more details, Prof. Khanji said

More to come. 

***
Read more at DailyMail.co.uk