A man has been left penniless and desperate for answers after a sophisticated scammer drained his bank account of his life savings in a bizarre online hacking scheme.
Mike Harriot*, a finance worker from Sydney, was sent an unusual text message from his phone provider Optus which he quickly brushed off as a simple error.
But that seemingly insignificant message was the final step in the process of hackers transferring $91,000 of his hard-earned life savings into an unknown bank account.
Mike Harriot*, a finance worker from Sydney, was sent an unusual text message from his phone provider Optus which he quickly brushed off as a simple error
Australian phone provider Optus (pictured) sent the 25-year-old a message which he was later told to ignore
Mr Harriot, 24, told Daily Mail Australia the mysterious text was finalising an order to port his phone number to a different device, along with all of his personal banking information.
Realising his personal details had been compromised, Mr Harriot quickly logged on to his mobile banking app only to discover his account balance was $0, and there were multiple foreign credit card transactions.
After desperately trying to contact Optus to recover his stolen funds, he realised the scammer had successfully duped online support staff into believing they were speaking to Mr Harriot simply by knowing his full name and date of birth.
When attempting to resolve the issue in-store, Mr Harriot noticed strange online chat conversations between Optus staff and someone posing as him.
‘She opened up my profile on her computer, and luckily I was sitting in front of it because I noticed a series of chat logs at times and dates which I did not recognise,’ he said.
When attempting to resolve the issue in-store, Mr Harriot noticed strange online chat conversations between Optus staff and someone posing as him (Pictured)
The scammer had Mr Harriot’s birth date and full name and used the information to change his number to a different device
Mr Harriot said the scammer only needed to know two important details – his name and birthday – in order to have full access to his Optus account.
He explained he is shocked and angry a national phone company could be so quickly fooled.
‘If knowing those two minor details is enough to gain access to a customer’s entire profile, what is the point of your security team and why should I have confidence in your company?’ he asked.
Weeks following the identity theft, Mr Harriot is still looking for answers.
Despite constant efforts to contact Optus and after reporting the incident to the police, the scammers have not yet been identified or prosecuted.
‘I feel alone, worried and vulnerable. The consequences of this now are huge for me. This means my hard work and savings for my entire working life (and earlier as my parents set up my account when I was born) – is now gone,’ he said.
‘I’m 24, I was saving to buy a property this year, and was meant to be seeing a property advisor this week. This is now not possible. I am extremely diligent and careful with my money, and to have such a negative effect on my ability to eventually access credit from lenders, is completely out of my hands.
Despite constant efforts to contact Optus and after reporting the incident to the police, the scammers have not yet been identified or prosecuted (Pictured is the conversation between Optus online and the real Mr Harriot)
Mr Harriot said the scammer only needed to know two important details – his name and birthday – in order to have full access to his Optus account (Stock photo picture)
‘I was in the middle of booking an overseas trip which I can no longer complete. My salary from work won’t be able to be paid to me while my banking profile is compromised, so I am living off nothing.’
Daily Mail Australia contacted Optus Australia and a spokesperson issued the following statement: ‘The protection of customers’ information is a critical priority for Optus and we apologise for our customer’s experience.’
‘When communicating with our online chat team, Optus customers must complete an identity check which requires a range of personal information to make some changes to their Optus account. However, certain changes cannot be made through online chat, this includes SIM swaps. It is also important to note that Optus does not have access to customers’ banking details.
‘In this unfortunate case it appears that the perpetrator had sufficient information to pass our verification procedures and make changes to the customer’s account through other channels.’
Mr Harriot has since been reimbursed his $91,000 savings – but not yet his credit card transactions – after reporting the issue to the Commonwealth Bank.
Commonwealth Bank is still investigating the issue.
*Names have been changed.